public static ConnectionEnvironment create(String channel) { return new ConnectionEnvironment(channel, SecurityUtil.getCurrentConnectionInformation()); }
private Authorization createAuthorization(AuthorizationType authorizationType, String sourceDesc) { Authorization authorization = new Authorization(authorizationType); authorization.setSourceDescription(sourceDesc); return authorization; }
public String getSessionId() { if (sessionIdOverride != null) { return sessionIdOverride; } else if (connectionInformation != null) { return connectionInformation.getSessionId(); } else { return null; } } }
@Override public MidPointPrincipal dropPowerOfAttorney(Task task, OperationResult result) throws SchemaException, SecurityViolationException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException { MidPointPrincipal donorPrincipal = securityContextManager.getPrincipal(); if (donorPrincipal.getAttorney() == null) { throw new IllegalStateException("Attempt to drop attorney powers using non-donor principal "+donorPrincipal); } MidPointPrincipal previousPrincipal = donorPrincipal.getPreviousPrincipal(); if (previousPrincipal == null) { throw new IllegalStateException("Attempt to drop attorney powers, but no previous principal in "+donorPrincipal); } // TODO: audit switch // TODO: maybe refresh previous principal using userProfileService? securityContextManager.setupPreAuthenticatedSecurityContext(previousPrincipal); return previousPrincipal; }
public boolean isAuthorizedToClaim(String taskId) { MidPointPrincipal principal; try { principal = securityContextManager.getPrincipal(); } catch (SecurityViolationException e) { return false; } String currentUserOid = principal.getOid(); if (currentUserOid == null) { return false; } return isAmongCandidates(principal, taskId); }
private boolean hasAnyAuthorization(MidPointPrincipal principal) { Collection<Authorization> authorizations = principal.getAuthorities(); if (authorizations == null || authorizations.isEmpty()){ return false; } for (Authorization auth : authorizations){ if (auth.getAction() != null && !auth.getAction().isEmpty()){ return true; } } return false; }
private void storeConnectionEnvironment(AuditEventRecord record, ConnectionEnvironment connEnv) { record.setChannel(connEnv.getChannel()); record.setSessionIdentifier(connEnv.getSessionId()); HttpConnectionInformation connInfo = connEnv.getConnectionInformation(); if (connInfo != null) { record.setRemoteHostAddress(connInfo.getRemoteHostAddress()); record.setHostIdentifier(connInfo.getLocalHostName()); } }
/** * Semi-shallow clone. */ public MidPointPrincipal clone() { MidPointPrincipal clone = new MidPointPrincipal(this.user); copyValues(clone); return clone; }
public MidPointPrincipal getPrincipal() throws SecurityViolationException { return securityContextManager.getPrincipal(); }
private String getQuotedUsername(MidPointPrincipal principal) { if (principal == null) { return "(none)"; } return "'"+ principal.getUsername()+"'"; }
@Override public MidPointPrincipal getPrincipal() throws SecurityViolationException { return SecurityUtil.getPrincipal(); }
private ConnectionEnvironment createConnectionEnvironment() { HttpConnectionInformation connInfo = new HttpConnectionInformation(); connInfo.setRemoteHostAddress("remote.example.com"); return new ConnectionEnvironment(null, connInfo); }
public String getRemoteHostAddress() { return connectionInformation != null ? connectionInformation.getRemoteHostAddress() : null; }
@Override protected CredentialPolicyType getEffectiveCredentialPolicy(SecurityPolicyType securityPolicy, PasswordAuthenticationContext authnCtx) throws SchemaException { return SecurityUtil.getEffectivePasswordCredentialsPolicy(securityPolicy); }
protected void copyValues(MidPointUserProfilePrincipal clone) { super.copyValues(clone); // No need to clone user profile here. It is essentially read-only. clone.compiledUserProfile = this.compiledUserProfile; }
private int getHistoryLength() { return SecurityUtil.getCredentialHistoryLength(credentialPolicy); }
protected <T> T runPrivileged(Producer<T> producer) { return securityContextManager.runPrivileged(producer); }
@Override public boolean isAuthenticated() { return SecurityUtil.isAuthenticated(); }
public boolean maySkipOnSearch() { return getEnforcementStrategy() == AuthorizationEnforcementStrategyType.MAY_SKIP_ON_SEARCH; }
private String getUsername(MidPointPrincipal principal) { return principal==null?null:principal.getUsername(); }