@Override public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { if (config != null) this.name = config.getName(); }
public void validateRemoveNamedService( Class<?> extensionPoint, SecurityNamedServiceConfig config) throws SecurityConfigException { checkServiceName(extensionPoint, config.getName()); }
public void validateAddNamedService(Class<?> extensionPoint, SecurityNamedServiceConfig config) throws SecurityConfigException { checkExtensionPont(extensionPoint, config.getClassName()); checkServiceName(extensionPoint, config.getName()); SortedSet<String> names = getNamesFor(extensionPoint); if (names.contains(config.getName())) throw createSecurityException(alreadyExistsErrorCode(extensionPoint), config.getName()); }
public void validateModifiedNamedService( Class<?> extensionPoint, SecurityNamedServiceConfig config) throws SecurityConfigException { checkExtensionPont(extensionPoint, config.getClassName()); checkServiceName(extensionPoint, config.getName()); SortedSet<String> names = getNamesFor(extensionPoint); if (names.contains(config.getName()) == false) throw createSecurityException(notFoundErrorCode(extensionPoint), config.getName()); }
@Override public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { this.name = config.getName(); adminRoleName = ((SecurityRoleServiceConfig) config).getAdminRoleName(); groupAdminRoleName = ((SecurityRoleServiceConfig) config).getGroupAdminRoleName(); }
public void removeFilter(SecurityNamedServiceConfig config) throws IOException, SecurityConfigException { SecurityConfigValidator validator = SecurityConfigValidator.getConfigurationValiator( GeoServerSecurityFilter.class, config.getClassName()); validator.validateRemoveFilter(config); getAuthenticationCache().removeAll(config.getName()); filterHelper.removeConfig(config.getName()); }
public void validateRemoveFilter(SecurityNamedServiceConfig config) throws SecurityConfigException { validateRemoveNamedService(GeoServerSecurityFilter.class, config); List<String> patterns = manager.getSecurityConfig() .getFilterChain() .patternsForFilter(config.getClassName(), false); if (patterns.isEmpty() == false) { throw createSecurityException( SecurityConfigException.FILTER_STILL_USED, config.getName(), StringUtils.arrayToCommaDelimitedString(patterns.toArray())); } }
public void saveFilter(SecurityNamedServiceConfig config, MigrationHelper migrationHelper) throws IOException, SecurityConfigException { SecurityConfigValidator validator = SecurityConfigValidator.getConfigurationValiator( GeoServerSecurityFilter.class, config.getClassName()); boolean fireChanged = false; if (config.getId() == null) { config.initBeforeSave(); validator.validateAddFilter(config); } else { validator.validateModifiedFilter( config, filterHelper.loadConfig(config.getName(), migrationHelper)); // remove all cached authentications for this filter getAuthenticationCache().removeAll(config.getName()); if (!securityConfig .getFilterChain() .patternsForFilter(config.getName(), true) .isEmpty()) { fireChanged = true; } } filterHelper.saveConfig(config); if (fireChanged) { fireChanged(); } }
/** saves the user group service config to persistence */ public void saveConfig(SecurityNamedServiceConfig config) throws IOException { Resource dir = getRoot().get(config.getName()); boolean isNew = config.getId() == null; if (isNew) { config.setId(newId()); } try { saveConfigFile(config, dir, persister()); } catch (Exception e) { // catch exception, if the config was new, clear out the id since it was not added if (isNew) { config.setId(null); } if (e instanceof IOException) { throw (IOException) e; } throw new IOException(e); } }
@Override public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { this.name = config.getName(); validatingXMLSchema = false; passwordEncoderName = ((SecurityUserGroupServiceConfig) config).getPasswordEncoderName();
@Override public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { super.initializeFromConfig(config); DigestAuthenticationFilterConfig authConfig = (DigestAuthenticationFilterConfig) config; aep = new DigestAuthenticationEntryPoint(); aep.setKey(config.getName()); aep.setNonceValiditySeconds( authConfig.getNonceValiditySeconds() <= 0 ? 300 : authConfig.getNonceValiditySeconds()); aep.setRealmName(GeoServerSecurityManager.REALM); try { aep.afterPropertiesSet(); } catch (Exception e) { throw new IOException(e); } DigestAuthenticationFilter filter = new DigestAuthenticationFilter(); filter.setCreateAuthenticatedToken(true); filter.setPasswordAlreadyEncoded(true); filter.setAuthenticationEntryPoint(aep); HttpDigestUserDetailsServiceWrapper wrapper = new HttpDigestUserDetailsServiceWrapper( getSecurityManager() .loadUserGroupService(authConfig.getUserGroupServiceName()), Charset.defaultCharset()); filter.setUserDetailsService(wrapper); filter.afterPropertiesSet(); getNestedFilters().add(filter); }
@Override public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { this.name = config.getName(); SecurityUserGroupServiceConfig ugConfig = (SecurityUserGroupServiceConfig) config; passwordEncoderName = ugConfig.getPasswordEncoderName(); GeoServerPasswordEncoder enc = getSecurityManager().loadPasswordEncoder(passwordEncoderName); if (enc.getEncodingType() == PasswordEncodingType.ENCRYPT) { KeyStoreProvider prov = getSecurityManager().getKeyStoreProvider(); String alias = prov.aliasForGroupService(name); if (prov.containsAlias(alias) == false) { prov.setUserGroupKey( name, getSecurityManager() .getRandomPassworddProvider() .getRandomPasswordWithDefaultLength()); prov.storeKeyStore(); } } enc.initializeFor(this); passwordValidatorName = ugConfig.getPasswordPolicyName(); toBeEncrypted = (((MemoryUserGroupServiceConfigImpl) config).getToBeEncrypted()); } }
public SecurityNamedServiceEditPage(IModel<T> config) { // create the specific panel panelInfo = lookupPanelInfo(config); panel = createPanel("dummy", panelInfo, config); // set page title and description from the panel title and description add(new Label("name", config.getObject().getName())); add(new Label("title", createTitleModel(panelInfo))); add(new Label("description", createDescriptionModel(panelInfo))); if (SecurityNamedServiceTabbedPanel.class.isAssignableFrom(panelInfo.getComponentClass())) { // this panel supports tabs, layout in tabbed mode add(new TabbedLayoutPanel("panel", config)); } else { // else layout in basic mode add(new BasicLayoutPanel("panel", config)); } }
public SecurityNamedServiceEditPage(IModel<T> config) { //create the specific panel panelInfo = lookupPanelInfo(config); panel = createPanel("dummy", panelInfo, config); //set page title and description from the panel title and description add(new Label("name", config.getObject().getName())); add(new Label("title", createTitleModel(panelInfo))); add(new Label("description", createDescriptionModel(panelInfo))); if (SecurityNamedServiceTabbedPanel.class.isAssignableFrom(panelInfo.getComponentClass())) { //this panel supports tabs, layout in tabbed mode add(new TabbedLayoutPanel("panel", config)); } else { //else layout in basic mode add(new BasicLayoutPanel("panel", config)); } }
public SecurityNamedServiceEditPage(IModel<T> config) { //create the specific panel panelInfo = lookupPanelInfo(config); panel = createPanel("dummy", panelInfo, config); //set page title and description from the panel title and description add(new Label("name", config.getObject().getName())); add(new Label("title", createTitleModel(panelInfo))); add(new Label("description", createDescriptionModel(panelInfo))); if (SecurityNamedServiceTabbedPanel.class.isAssignableFrom(panelInfo.getComponentClass())) { //this panel supports tabs, layout in tabbed mode add(new TabbedLayoutPanel("panel", config)); } else { //else layout in basic mode add(new BasicLayoutPanel("panel", config)); } }
/** * Uses {@link #initializeDSFromConfig(SecurityNamedServiceConfig)} * and {@link #checkORCreateJDBCPropertyFile(String, File, String)} * * @see org.geoserver.security.GeoServerRoleService#initializeFromConfig(org.geoserver.security.config.SecurityNamedServiceConfig) */ @Override public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { this.name=config.getName(); initializeDSFromConfig(config); if (config instanceof JDBCSecurityServiceConfig) { JDBCSecurityServiceConfig jdbcConfig = (JDBCSecurityServiceConfig) config; String fileNameDML =jdbcConfig.getPropertyFileNameDML(); File file = checkORCreateJDBCPropertyFile(fileNameDML,getConfigRoot(),DEFAULT_DML_FILE); dmlProps = Util.loadUniversal(new FileInputStream(file)); String fileNameDDL =jdbcConfig.getPropertyFileNameDDL(); if (fileNameDDL!=null && fileNameDDL.length()> 0 ) { file = checkORCreateJDBCPropertyFile(fileNameDDL, getConfigRoot(), DEFAULT_DDL_FILE); ddlProps = Util.loadUniversal(new FileInputStream(file)); createTablesIfRequired((JDBCSecurityServiceConfig)config); } } this.adminRoleName=((SecurityRoleServiceConfig)config).getAdminRoleName(); this.groupAdminRoleName=((SecurityRoleServiceConfig)config).getGroupAdminRoleName(); }
@Override protected void onSetUp(SystemTestData testData) throws Exception { SecurityNamedServiceConfig filterCfg = new BaseSecurityNamedServiceConfig(); filterCfg.setName("custom"); filterCfg.setClassName(AuthCapturingFilter.class.getName()); GeoServerSecurityManager secMgr = getSecurityManager(); secMgr.saveFilter(filterCfg); SecurityManagerConfig cfg = secMgr.getSecurityConfig(); cfg.getFilterChain() .insertAfter( "/web/**", filterCfg.getName(), GeoServerSecurityFilterChain.REMEMBER_ME_FILTER); // cfg.getFilterChain().put("/web/**", Arrays.asList( // new FilterChainEntry(filterCfg.getName(), Position.AFTER, // GeoServerSecurityFilterChain.REMEMBER_ME_FILTER))); secMgr.saveSecurityConfig(cfg); }
public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { this.name=config.getName(); passwordEncoderName=((SecurityUserGroupServiceConfig)config).getPasswordEncoderName(); passwordValidatorName=((SecurityUserGroupServiceConfig)config).getPasswordPolicyName();