/** * @see org.apache.jetspeed.security.CredentialPasswordValidator#validate(java.lang.String) */ public void validate(String clearTextPassword) throws SecurityException { if (strictPassword) { Pattern p = Pattern.compile(passwordPattern); //Match the given string with the pattern Matcher m = p.matcher(clearTextPassword); if(!m.matches()) throw new SecurityException(SecurityException.INVALID_PASSWORD); } else { if ( clearTextPassword == null || clearTextPassword.length() == 0) throw new SecurityException(SecurityException.INVALID_PASSWORD); } } }
private String getEncryptionString() { if (cpe == null) { System.err.println("Error!!! CredentialPasswordEncoder not available"); return ENCODING_STRING; } try { return cpe.encode(JETSPEED, ENCODING_STRING); } catch (SecurityException e) { e.printStackTrace(); return ENCODING_STRING; } }
builder.entity(e.getKeyedMessage().getKey()); throw new WebApplicationException(builder.build());
throw new AJAXException(e.toString(), e);
log.warn("Failed to autoCreate roles for portlet application " + paName+": "+sex.getMessage(), sex);
protected int removePermission(RequestContext requestContext, Map<String,Object> resultMap) throws AJAXException { try { String type = getActionParameter(requestContext, "type"); if (type == null) throw new AJAXException("Missing 'type' parameter"); String resource = getActionParameter(requestContext, "resource"); if (resource == null) throw new AJAXException("Missing 'resource' parameter"); String actions = getActionParameter(requestContext, "actions"); if (actions == null) throw new AJAXException("Missing 'actions' parameter"); JetspeedPermission permission = pm.newPermission(type, resource, actions); if (pm.permissionExists(permission)) { pm.removePermission(permission); return 1; } return 0; } catch (SecurityException e) { throw new AJAXException(e.toString(), e); } } }
throw new SecurityException(SecurityException.INVALID_PASSWORD); throw new SecurityException(SecurityException.INVALID_PASSWORD);
protected int addPermission(RequestContext requestContext, Map<String,Object> resultMap) throws AJAXException { try { String type = getActionParameter(requestContext, "type"); if (type == null) throw new AJAXException("Missing 'type' parameter"); String resource = getActionParameter(requestContext, "resource"); if (resource == null) throw new AJAXException("Missing 'resource' parameter"); String actions = getActionParameter(requestContext, "actions"); if (actions == null) throw new AJAXException("Missing 'actions' parameter"); JetspeedPermission permission = pm.newPermission(type, resource, actions); if (pm.permissionExists(permission)) { throw new AJAXException("Permission " + resource + " already exists"); } pm.addPermission(permission); String roleNames = getActionParameter(requestContext, "roles"); return updateRoles(permission, roleNames); } catch (SecurityException e) { throw new AJAXException(e.toString(), e); } }
builder.entity(e.getKeyedMessage().getKey());
private void checkReadOnly(String methodName) throws SecurityException { if (readOnly) { throw new SecurityException(SecurityException.UNEXPECTED.create("DefaultLDAPEntityManager", methodName, "ReadOnly LDAP")); } }
builder.entity(e.getKeyedMessage().getKey());
public String decode(String userName, String encodedPassword) throws SecurityException { try { // prevent dictionary attacks as well as copying of encoded passwords by using the userName as salt PBEParameterSpec cipherSpec = new PBEParameterSpec(createSalt(userName.getBytes("UTF-8")), PKCS_5_ITERATIONCOUNT); Cipher cipher = Cipher.getInstance(CIPHER_ALGORITM); cipher.init(Cipher.DECRYPT_MODE,pbeKey,cipherSpec); return new String(cipher.doFinal(Base64.decodeBase64(encodedPassword.getBytes("UTF-8"))), "UTF-8"); } catch (Exception e) { throw new SecurityException(SecurityException.UNEXPECTED.create("PBEPasswordTool","decode",e.getMessage()), e); } }
public String encode(String userName, String clearTextPassword) throws SecurityException { try { // prevent dictionary attacks as well as copying of encoded passwords by using the userName as salt PBEParameterSpec cipherSpec = new PBEParameterSpec(createSalt(userName.getBytes("UTF-8")), PKCS_5_ITERATIONCOUNT); Cipher cipher = Cipher.getInstance(CIPHER_ALGORITM); cipher.init(Cipher.ENCRYPT_MODE,pbeKey,cipherSpec); return new String(Base64.encodeBase64(cipher.doFinal(clearTextPassword.getBytes("UTF-8"))), "UTF-8"); } catch (Exception e) { throw new SecurityException(SecurityException.UNEXPECTED.create("PBEPasswordTool","encode",e.getMessage()), e); } }
/** * @see org.apache.jetspeed.security.RoleManager#getRole(java.lang.String) */ public Role getRole(String roleName) throws SecurityException { Role role = (Role) super.getPrincipal(roleName); if (null == role) { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.ROLE, roleName)); } return role; }
public User getUser(String username) throws SecurityException { User user = (User)getPrincipal(username); if (null == user) { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.USER, username)); } return user; }
/** * @see org.apache.jetspeed.security.GroupManager#getGroup(java.lang.String) */ public Group getGroup(String groupName) throws SecurityException { Group group = (Group) super.getPrincipal(groupName); if (null == group) { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.GROUP, groupName)); } return group; }
public void remove(Entity entity) throws SecurityException { String internalId = getInternalId(entity, false); if (internalId == null) { // not found return; } ClassLoader currentClassLoader = Thread.currentThread().getContextClassLoader(); try { Thread.currentThread().setContextClassLoader(this.getClass().getClassLoader()); ldapTemplate.unbind(getRelativeDN(internalId)); } catch (NameNotFoundException e) { // ignore } catch (NamingException e) { throw new SecurityException(SecurityException.UNEXPECTED.create(getClass().getName(), "remove", e.getMessage()), e); } finally { Thread.currentThread().setContextClassLoader(currentClassLoader); } }
public SSOUser getUser(String userName, Long domainId) throws SecurityException { SSOUser user = (SSOUser)domainPrincipalAccess.getPrincipal(userName, getPrincipalType(), domainId); if (null == user) { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.SSO_USER, userName)); } return user; }
public synchronized void synchronizeUserPrincipal(String name) throws SecurityException { setSynchronizing(true); try { feedbackLogger.debug("Synchronizing UserPrincipal({})", name); Entity userEntity = securityEntityManager.getEntity(JetspeedPrincipalType.USER, name); if (userEntity != null) { synchronizeEntity(userEntity, new HashMap<String,Set<String>>(), new HashMap<String,Map<String,String>>()); } else { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.USER, name)); } } finally { setSynchronizing(false); } }