Package com.adito.security

Examples of com.adito.security.AuthenticationScheme

149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
    public ActionForward disable(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
                    throws Exception {
        PolicyUtil.checkPermission(PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE, PolicyConstants.PERM_EDIT_AND_ASSIGN, request);
        AuthenticationSchemesForm schemesForm = (AuthenticationSchemesForm) form;
        int id = schemesForm.getSelectedResource();
        AuthenticationScheme scheme = getAuthenticationScheme(form);

        List resourceIds = PolicyDatabaseFactory.getInstance().getGrantedResourcesOfType(getSessionInfo(request).getUser(),
            PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE);
        // remove the WebDav and Embedded Client as they are not sign-on-able.
        resourceIds.remove(new Integer(3));
        resourceIds.remove(new Integer(4));
        resourceIds.remove(new Integer(id));

        if (resourceIds.size() == 0) {
            saveError(request, "authenticationSchemes.error.mustHavePolicySuperUserAssociation", scheme);
            return list(mapping, form, request, response);
        }

        List<AuthenticationScheme> authSchemes = SystemDatabaseFactory.getInstance().getAuthenticationSchemeSequences();
        int enabled = 0;
        for (Iterator i = authSchemes.iterator(); i.hasNext();) {
            AuthenticationScheme oseq = (DefaultAuthenticationScheme) i.next();
            if (oseq.getResourceId() == id && !oseq.getEnabled()) {
                throw new Exception("Scheme already disabled.");
            }
            if (oseq.getEnabled() && !oseq.isSystemScheme()) {
                enabled++;
            }
        }
        if (enabled == 1) {
            saveError(request, "authenticationSchemes.error.cantDisableLastEnabledScheme", scheme);
View Full Code Here
196
197
198
199
200
201
202
203
204
205
206
207
208
209
     * @throws Exception on any error
     */
    public ActionForward enable(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
                    throws Exception {
        PolicyUtil.checkPermission(PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE, PolicyConstants.PERM_EDIT_AND_ASSIGN, request);
        AuthenticationScheme scheme = getAuthenticationScheme(form);
        if (scheme.getEnabled()) {
            throw new Exception("Alreadty enabled.");
        }
        scheme.setEnabled(true);
        SystemDatabaseFactory.getInstance().updateAuthenticationSchemeSequence(scheme);
        saveMessage(request, "authenticationSchemes.message.schemeEnabled", scheme);
        return getRedirectWithMessages(mapping, request);
    }
View Full Code Here
220
221
222
223
224
225
226
227
228
    public ActionForward edit(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
                    throws Exception {
        PolicyUtil.checkPermissions(PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE, new Permission[] {
                        PolicyConstants.PERM_EDIT_AND_ASSIGN, PolicyConstants.PERM_CREATE_EDIT_AND_ASSIGN,
                        PolicyConstants.PERM_ASSIGN }, request);
        AuthenticationScheme seq = getAuthenticationScheme(form);
        ResourceStack.pushToEditingStack(request.getSession(), seq);
        return mapping.findForward("edit");
    }
View Full Code Here
235
236
237
238
239
240
241
242
243
244
245
246
     * @return ActionForward
     * @throws Exception
     */
    public ActionForward moveUp(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
                    throws Exception {
        AuthenticationScheme scheme = getAuthenticationScheme(form);
        if (scheme.getPriorityInt() == 1) {
            saveError(request, "authenticationSchemes.error.moveup.top", scheme);
            return unspecified(mapping, form, request, response);
        }
       
        PolicyUtil.checkPermission(PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE, PolicyConstants.PERM_EDIT_AND_ASSIGN, request);
View Full Code Here
257
258
259
260
261
262
263
264
265
266
267
     * @param response
     * @return ActionForward
     * @throws Exception
     */
    public ActionForward moveDown(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
        AuthenticationScheme scheme = getAuthenticationScheme(form);
        List<AuthenticationScheme> schemes = SystemDatabaseFactory.getInstance().getAuthenticationSchemeSequences();
        if (schemes.indexOf(scheme) == schemes.size() - 1) {
            saveError(request, "authenticationSchemes.error.movedown.bottom", scheme);
            return unspecified(mapping, form, request, response);
        }
View Full Code Here
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
     * @return forward
     * @throws Exception on any error
     */
    public static ActionForward checkAuthSession(LogonForm form, boolean reset, ActionMapping mapping, HttpServletRequest request,
                    HttpServletResponse response, LogonStateAndCache logonStateMachine) throws Exception{
        AuthenticationScheme authScheme = (AuthenticationScheme) request.getSession().getAttribute(Constants.AUTH_SESSION);
        if (authScheme == null || reset || authScheme.getResourceId() != logonStateMachine.getHighestPriorityScheme().getResourceId()) {

            if (log.isDebugEnabled())
                log.debug("Creating new authentication session using scheme '" + "THE SCHEME NAME" + "'");

            // Try to initalise the highest priority scheme,
            if (request.getSession().getAttribute(Constants.SESSION_LOCKED) != null) {
                // If session locked then only display password

                SessionInfo info = LogonControllerFactory.getInstance().getSessionInfo(request);
                Calendar now = new GregorianCalendar();
                authScheme = new DefaultAuthenticationScheme(info.getRealmId(), Integer.MAX_VALUE, "Fake sheme", "Fake scheme",
                                now, now, true, 0);
                authScheme.addModule(PasswordAuthenticationModule.MODULE_NAME);
            } else {
                authScheme = logonStateMachine.getHighestPriorityScheme();
            }

            if (authScheme == null) {
                log.info("There are no authenticated schemes.");
                return null;
            } else {
               
                authScheme.setUser(logonStateMachine.getUser());
                authScheme.init(request.getSession());
               
                if (authScheme.nextAuthenticationModule() == null) {
                    throw new Exception("No authentication modules have been configured.");
                }
                request.getSession().setAttribute(Constants.AUTH_SESSION, authScheme);
                if (log.isDebugEnabled())
                    log.debug("Scheme " + authScheme.getSchemeName() + " initialised OK");
            }
        }

        while (true) {
            AuthenticationModule module = authScheme.currentAuthenticationModule();
            if (form != null) {
                form.setCurrentModuleIndex(authScheme.getCurrentModuleIndex());
            }

            // The module may wish to forward somewhere other than to the
            // default login page
            ActionForward forward = module.startAuthentication(mapping, request, response);

            if (module.isRequired()) {
                return forward;
            } else {
                // Are we at the end of the sequence
                if (authScheme.nextAuthenticationModule() == null) {
                    return LogonAction.finishAuthentication(authScheme, request, response);
                }
            }
        }
    }
View Full Code Here
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
            /*
             * If we wern't expecting authentication, but we got it anyway, the
             * client probably doesn't support cookies.
             */
            AuthenticationScheme authScheme = (DefaultAuthenticationScheme) req.getSession().getAttribute(Constants.AUTH_SESSION);
            if (authScheme != null) {
                throw new IOException("Not expecting a realm, yet an authentication session is available. This is unexpected!");
            }

            doAuth(expectingRealm, username, DAVServlet.configureAuthenticationScheme(req, res));

            /*
             * We now can get the sessionInfo object for this session and make
             * it temporary this will ensure it is destroyed once the request is
             * complete.
             */
            sessionInfo = LogonControllerFactory.getInstance().getSessionInfo(req);
            sessionInfo.setTemporary(true);

        } else if (expectingRealm.equals(WebDAVAuthenticationModule.DEFAULT_REALM)) {
            AuthenticationScheme authScheme = (DefaultAuthenticationScheme) req.getSession().getAttribute(Constants.AUTH_SESSION);
            if (authScheme == null) {
                throw new IOException("No authentication scheme initialised.");
            }

            doAuth(expectingRealm, username, authScheme);
View Full Code Here
275
276
277
278
279
280
281
282
283
284
285
286
                List nowAttached = this.getSelectedAccountsList();
                // only do this if the super user has been removed.
                if (wasAttached.contains(getUser()) && !nowAttached.contains(getUser().getPrincipalName())) {
                    List authSchemes = ResourceUtil.getGrantedResource(info, PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE);
                    for (Iterator iter = authSchemes.iterator(); iter.hasNext();) {
                        AuthenticationScheme element = (DefaultAuthenticationScheme) iter.next();
                        if (!element.isSystemScheme() && element.getEnabled()) {
                            List attachedPolicies = PolicyDatabaseFactory.getInstance().getPoliciesAttachedToResource(element,
                                info.getUser().getRealm());
                            for (Iterator iterator = attachedPolicies.iterator(); iterator.hasNext();) {
                                Policy policy = (Policy) iterator.next();
                                if (!this.getResource().equals(policy)
View Full Code Here
86
87
88
89
90
91
92
93
94
95
96
                /**
                 * LDP - This is broken, I'm guessing that the VPN
                 * client session is different from the browser
                 * session so the scheme is not being found
                 */
                AuthenticationScheme scheme = (AuthenticationScheme) sessionInfo.getHttpSession()
                                .getAttribute(Constants.AUTH_SESSION);
                if (scheme != null) {
                    char[] pw = LogonControllerFactory.getInstance().getPasswordFromCredentials(scheme);
                    return pw == null ? "" : new String(pw);
                } else {
View Full Code Here
58
59
60
61
62
63
64
65
66
67
68
69
            boolean found = false;

            try {
                List authSchemes = ResourceUtil.getGrantedResource(info, PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE);
                for (Iterator iter = authSchemes.iterator(); iter.hasNext();) {
                    AuthenticationScheme element = (DefaultAuthenticationScheme) iter.next();
                    if (!element.isSystemScheme() && element.getEnabled()) {
                        List attachedPolicies = PolicyDatabaseFactory.getInstance().getPoliciesAttachedToResource(
                                        element, info.getUser().getRealm());
                        for (Iterator iterator = attachedPolicies.iterator(); iterator.hasNext();) {
                            Policy policy = (Policy) iterator.next();
                            // we don't check the current policy as it is about to be deleted.
View Full Code Here
TOP

Related Classes of com.adito.security.AuthenticationScheme

  • com.adito.core.CoreUtil
  • com.adito.core.stringreplacement.SessionInfoReplacer
  • com.adito.jdbc.JDBCSystemDatabase
  • com.adito.networkplaces.itemactions.OpenWebFolderAction
  • com.adito.policyframework.AbstractResource
  • com.adito.policyframework.forms.PoliciesForm
  • com.adito.policyframework.forms.PolicyForm
  • com.adito.policyframework.PolicyUtil
  • com.adito.policyframework.ResourceUtil
  • com.adito.security.actions.EditAuthenticationSchemeDispatchAction
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.