private void checkReadOnly(String methodName) throws SecurityException { if (readOnly) { throw new SecurityException(SecurityException.UNEXPECTED.create("DefaultLDAPEntityManager", methodName, "ReadOnly LDAP")); } }
public String decode(String userName, String encodedPassword) throws SecurityException { try { // prevent dictionary attacks as well as copying of encoded passwords by using the userName as salt PBEParameterSpec cipherSpec = new PBEParameterSpec(createSalt(userName.getBytes("UTF-8")), PKCS_5_ITERATIONCOUNT); Cipher cipher = Cipher.getInstance(CIPHER_ALGORITM); cipher.init(Cipher.DECRYPT_MODE,pbeKey,cipherSpec); return new String(cipher.doFinal(Base64.decodeBase64(encodedPassword.getBytes("UTF-8"))), "UTF-8"); } catch (Exception e) { throw new SecurityException(SecurityException.UNEXPECTED.create("PBEPasswordTool","decode",e.getMessage()), e); } }
public String encode(String userName, String clearTextPassword) throws SecurityException { try { // prevent dictionary attacks as well as copying of encoded passwords by using the userName as salt PBEParameterSpec cipherSpec = new PBEParameterSpec(createSalt(userName.getBytes("UTF-8")), PKCS_5_ITERATIONCOUNT); Cipher cipher = Cipher.getInstance(CIPHER_ALGORITM); cipher.init(Cipher.ENCRYPT_MODE,pbeKey,cipherSpec); return new String(Base64.encodeBase64(cipher.doFinal(clearTextPassword.getBytes("UTF-8"))), "UTF-8"); } catch (Exception e) { throw new SecurityException(SecurityException.UNEXPECTED.create("PBEPasswordTool","encode",e.getMessage()), e); } }
/** * @see org.apache.jetspeed.security.RoleManager#getRole(java.lang.String) */ public Role getRole(String roleName) throws SecurityException { Role role = (Role) super.getPrincipal(roleName); if (null == role) { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.ROLE, roleName)); } return role; }
public User getUser(String username) throws SecurityException { User user = (User)getPrincipal(username); if (null == user) { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.USER, username)); } return user; }
/** * @see org.apache.jetspeed.security.GroupManager#getGroup(java.lang.String) */ public Group getGroup(String groupName) throws SecurityException { Group group = (Group) super.getPrincipal(groupName); if (null == group) { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.GROUP, groupName)); } return group; }
public SSOUser getUser(String userName, Long domainId) throws SecurityException { SSOUser user = (SSOUser)domainPrincipalAccess.getPrincipal(userName, getPrincipalType(), domainId); if (null == user) { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.SSO_USER, userName)); } return user; }
/** * @see org.apache.jetspeed.security.RoleManager#removeRoleFromGroup(java.lang.String, * java.lang.String) */ public void removeRoleFromGroup(String roleName, String groupName) throws SecurityException { checkInitialized(); Group group = groupManager.getGroup(groupName); if (group == null) { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.GROUP, groupName)); } Role role = getRole(roleName); if (role == null) { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.ROLE, roleName)); } super.removeAssociation(group, role, JetspeedPrincipalAssociationType.IS_MEMBER_OF); }
protected JetspeedPrincipal getJetspeedPrincipal(String principalType, String principalName) throws SecurityException { JetspeedPrincipalManager principalManager = principalManagerProvider.getManager(principalManagerProvider.getPrincipalType(principalType)); if (principalManager != null) { return principalManager.getPrincipal(principalName); } throw new SecurityException(SecurityException.UNKNOWN_PRINCIPAL_TYPE.create(principalType)); }
/** * @see org.apache.jetspeed.security.RoleManager#addRoleToGroup(java.lang.String, * java.lang.String) */ public void addRoleToGroup(String roleName, String groupName) throws SecurityException { checkInitialized(); Group group = groupManager.getGroup(groupName); if (group == null) { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.GROUP, groupName)); } Role role = getRole(roleName); if (role == null) { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.ROLE, roleName)); } super.addAssociation(group, role, JetspeedPrincipalAssociationType.IS_MEMBER_OF); }
public void removePrincipal(String name) throws SecurityException { JetspeedPrincipal principal = jpam.getPrincipal(name, principalType); if (principal == null) { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(principalType.getName(),name)); } removePrincipal(principal); }
public void removePrincipal(JetspeedPrincipal principal) throws SecurityException { validatePrincipal(principal); if (principal.getName().equals(getAnonymousUser())) { throw new SecurityException(SecurityException.ANONYMOUS_USER_PROTECTED.create(principal.getName())); } super.removePrincipal(principal); }
public AuthenticatedUser authenticate(String userName, String password) throws SecurityException { AuthenticatedUser authUser = null; if (StringUtils.isEmpty(userName)) { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.USER, userName)); } if (password == null) { throw new SecurityException(SecurityException.PASSWORD_REQUIRED); } authenticateUser(userName, password); if (synchronizer != null) { synchronizer.synchronizeUserPrincipal(userName); } User user = manager.getUser(userName); authUser = new AuthenticatedUserImpl(user, new UserCredentialImpl(upcm.getPasswordCredential(user))); return authUser; }
public void add(Entity entity, Entity parentEntity) throws SecurityException { if (parentEntity == null || parentEntity.getInternalId() == null) { throw new SecurityException(SecurityException.UNEXPECTED.create(getClass().getName(), "add(Entity entity, Entity parentEntity)", "Provided parent entity is null or has no internal ID.")); } DistinguishedName parentDn = new DistinguishedName(parentEntity.getInternalId()); parentDn.removeFirst(new DistinguishedName(configuration.getBaseDN())); internalAdd(entity, parentDn); }
public void removeUser(String username) throws SecurityException { if (username != null && username.equals(getAnonymousUser())) { throw new SecurityException(SecurityException.ANONYMOUS_USER_PROTECTED.create(username)); } JetspeedPrincipal user; user = getUser(username); super.removePrincipal(user); // Since 2.3.0 PortletPreferencesProvider provider = getPreferencesProvider(); if (provider != null) { provider.removeUserPreferences(username); } }
public void setEnabled(boolean enabled) throws SecurityException { if (isReadOnly() && !isSynchronizing()) { throw new SecurityException(SecurityException.PRINCIPAL_IS_READ_ONLY.createScoped(getType().getName(), getName())); } this.enabled = enabled; }
public void updatePrincipal(JetspeedPrincipal principal) throws SecurityException { validatePrincipal(principal); if (principal.isReadOnly() && !isSynchronizing()) { throw new SecurityException(SecurityException.PRINCIPAL_IS_READ_ONLY.createScoped(principal.getType().getName(), principal.getName())); } jpsm.updatePrincipal(principal); notifyUpdatedPrincipal(principal); }
public void addEntity(Entity entity, Entity parentEntity) throws SecurityException { checkReadOnly("addEntity"); EntityDAO parentEntityDao = getDAOForEntity(parentEntity); EntityDAO dao = getDAOForEntity(entity); Entity liveParentEntity = null; if (parentEntityDao != null && dao != null) { // fetch "live" entity from LDAP to // 1) check whether entity exists and // 2) fetch all LDAP attributes (mapped and not mapped) + fill the internal ID liveParentEntity = parentEntityDao.getEntity(parentEntity.getId()); if (liveParentEntity == null) { throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(parentEntity.getType(), parentEntity.getId())); } dao.add(entity, liveParentEntity); } }
public void grantPermission(PersistentJetspeedPermission permission, JetspeedPrincipal principal) throws SecurityException { if (permission.getId() == null) { Criteria criteria = new Criteria(); criteria.addEqualTo("type", permission.getType()); criteria.addEqualTo("name", permission.getName()); Query query = QueryFactory.newQuery(PersistentJetspeedPermissionImpl.class, criteria); PersistentJetspeedPermission p = (PersistentJetspeedPermission)getPersistenceBrokerTemplate().getObjectByQuery(query); if (p == null) { throw new SecurityException(SecurityException.PERMISSION_DOES_NOT_EXIST.create(permission.getName())); } permission = p; } grantPermission(permission, principal, true); }
@SuppressWarnings("unchecked") public void beforeRemoveTo(JetspeedPrincipal to) throws SecurityException { if (associationType.isDependent()) { List<JetspeedPrincipal> fromList = (List<JetspeedPrincipal>)getManagerTo().getAssociatedTo(to.getName(), to.getType(), associationType.getAssociationName()); for (JetspeedPrincipal from : fromList) { getManagerFrom().removePrincipal(from); } } else if (associationType.isRequired() && !isSynchronizing()) { if (!getManagerTo().getAssociatedTo(to.getName(), to.getType(), associationType.getAssociationName()).isEmpty()) { throw new SecurityException(SecurityException.PRINCIPAL_ASSOCIATION_REQUIRED.createScoped(to.getType().getName(), to.getName(), associationType.getFromPrincipalType().getName(), associationType.getAssociationName())); } } }