Package com.esri.gpt.framework.security.principal

Examples of com.esri.gpt.framework.security.principal.Role

275
276
277
278
279
280
281
282
283
284
285
286
  // add user to general user group
  Roles configuredRoles = getConfiguration().getIdentityConfiguration().getConfiguredRoles();
  if (configuredRoles.getAuthenticatedUserRequiresRole()) {
    String sRoleRegistered = configuredRoles.getRegisteredUserRoleKey();
    Role roleRegistered = configuredRoles.get(sRoleRegistered);
    String sGeneralDN = roleRegistered.getDistinguishedName();
    String sGroupAttribute = groupProps.getGroupMemberAttribute();
    BasicAttribute groupAttribute = new BasicAttribute(sGroupAttribute);
    BasicAttributes groupAttributes = new BasicAttributes();
    groupAttribute.add(user.getDistinguishedName());
    groupAttributes.put(groupAttribute);
View Full Code Here
302
303
304
305
306
307
308
309
310
   
//TODO: need to check if the user is already in role.

  // add user to general user group
  Roles configuredRoles = getConfiguration().getIdentityConfiguration().getConfiguredRoles();    
  Role roleRegistered = configuredRoles.get(role);   
  String sGeneralDN = roleRegistered.getDistinguishedName();
  addUserToGroup(dirContext, user, sGeneralDN);
}
View Full Code Here
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
  Roles roles = buildSelectableRoles(context);
  ArrayList<String> sortedKeys=new ArrayList<String>(roles.keySet());
  Collections.sort(sortedKeys);
  boolean firstRole = true;
  for(int i=0; i <sortedKeys.size(); i++){
    Role role = roles.get(sortedKeys.get(i));
    String roleDn = Val.chkStr(role.getDistinguishedName());
    String roleKey = Val.chkStr(role.getKey());
    String roleName = msgBroker.retrieveMessage(Val.chkStr(role.getResKey()));
    if(!role.isManage()) continue;
    if(!firstRole) {
      rolesJson += ",";
    }else{
      firstRole = false;
    }
View Full Code Here
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
  Roles roles = buildSelectableRoles(context);
  sortedKeys=new ArrayList<String>(roles.keySet());
  Collections.sort(sortedKeys);
  boolean firstRole = true;
  for(int i=0; i <sortedKeys.size(); i++){
    Role role = roles.get(sortedKeys.get(i));
    String roleDn = Val.chkStr(role.getDistinguishedName());
    String roleKey = Val.chkStr(role.getKey());
    String roleName = msgBroker.retrieveMessage(Val.chkStr(role.getResKey()));
    if(!role.isManage()) continue;
    boolean hasRole = false;
    for (Group group : groups.values()){
      String groupDn = Val.chkStr(group.getDistinguishedName());
      if(roleDn.equals(groupDn)){
        hasRole = true;
View Full Code Here
498
499
500
501
502
503
504
505
506
507
508
509
    if(parts.length > 0) {
    String groupIdentifier = URLDecoder.decode(parts[5].trim(),"UTF-8");
    if(!groupIdentifier.endsWith(groupDIT)){
        IdentityConfiguration idConfig = context.getIdentityConfiguration();  
        Roles configuredRoles = idConfig.getConfiguredRoles();    
      Role roleRegistered = configuredRoles.get(groupIdentifier);   
      groupIdentifier = roleRegistered.getDistinguishedName();
    }
      boolean isSelf = checkSelf(context,member);
      if((isSelf && attempt.equals("2")) || !isSelf){
       
        boolean checkGroupConfigured = true;
View Full Code Here
667
668
669
670
671
672
673
674
675
676
677
678
    HashMap<String,Object> resultsMap = buildUsersList(context, filter,null);
    users = (Users) resultsMap.get("topUserMatches");
    totalMatches = (Integer) resultsMap.get("totalMatches");
  }else if(isMemberSearch && attributeName != null){
    Roles configuredRoles = context.getIdentityConfiguration().getConfiguredRoles();
    Role role = configuredRoles.get(attributeName);
    String sDn = role.getDistinguishedName();
    IdentityAdapter idAdapter = context.newIdentityAdapter();
    users = idAdapter.readGroupMembers(sDn);
    totalMatches = users.size();
    users.sort();
  }else{
View Full Code Here
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
    if (ndRoles != null) {
      Roles roles = idConfig.getConfiguredRoles();
      NodeList nlRoles = (NodeList) xpath.evaluate("role", ndRoles, XPathConstants.NODESET);
      for (int i = 0; i < nlRoles.getLength(); i++) {
        Node ndRole = nlRoles.item(i);
        Role role = new Role();
        role.setKey(xpath.evaluate("@key", ndRole));
        roles.add(role);
      }
      for (Role role : roles.values()) {
        role.buildFullRoleSet(roles);
      }
    }

  }

  // LDAP adapter configuration
  if (ndLdap != null) {

    // connection properties & service account
    Node ndCon = (Node) xpath.evaluate("ldapConnectionProperties", ndLdap,
        XPathConstants.NODE);
    if (ndCon != null) {
      LdapConnectionProperties props = ldapConfig.getConnectionProperties();
      props.setProviderUrl(xpath.evaluate("@providerURL", ndCon));
      props.setInitialContextFactoryName(xpath.evaluate(
          "@initialContextFactoryName", ndCon));
      props.setSecurityAuthenticationLevel(xpath.evaluate(
          "@securityAuthentication", ndCon));
      props.setSecurityProtocol(xpath.evaluate("@securityProtocol", ndCon));

      Node ndService = (Node) xpath.evaluate("ldapServiceAccount", ndCon, XPathConstants.NODE);
      if (ndService != null) {
        String sUser = xpath.evaluate("@securityPrincipal", ndService);
        String sPwd = xpath.evaluate("@securityCredentials", ndService);
        boolean bEncrypted = Val.chkBool(xpath.evaluate("@encrypted", ndService), false);
        if (bEncrypted) {
          try {
            String sDecrypted = PC1_Encryptor.decrypt(sPwd);
            sPwd = sDecrypted;
          } catch (Exception e) {
            this.getLogger().log(Level.SEVERE, "The securityCredentials failed to decrypt.", e);
          }
        }
        UsernamePasswordCredentials creds = new UsernamePasswordCredentials(sUser, sPwd);
        props.setServiceAccountCredentials(creds);
        idConfig.setCatalogAdminDN(xpath.evaluate("@catalogAdminDN", ndService));
      }
    }

    // single sign-on mechanism
    Node ndSSO = (Node) xpath.evaluate("singleSignOn", ndLdap,
        XPathConstants.NODE);
    if (ndSSO != null) {
      SingleSignOnMechanism sso = idConfig.getSingleSignOnMechanism();
      sso.setActive(Val.chkBool(xpath.evaluate("@active", ndSSO), false));
      sso.setCredentialLocation(xpath.evaluate("@credentialLocation", ndSSO));
      sso.setAnonymousValue(xpath.evaluate("@anonymousValue", ndSSO));
    }

    // self care support
    Node ndSupport = (Node) xpath.evaluate("selfCareSupport", ndLdap,
        XPathConstants.NODE);
    if (ndSupport != null) {
      IdentitySupport support = idConfig.getSupportedFunctions();
      support.setSupportsLogin(Val.chkBool(xpath.evaluate("@supportsLogin",
          ndSupport), true));
      support.setSupportsLogout(Val.chkBool(xpath.evaluate("@supportsLogout",
          ndSupport), true));
      support.setSupportsUserRegistration(Val.chkBool(xpath.evaluate(
          "@supportsUserRegistration", ndSupport), false));
      support.setSupportsUserProfileManagement(Val.chkBool(xpath.evaluate(
          "@supportsUserProfileManagement", ndSupport), false));
      support.setSupportsPasswordChange(Val.chkBool(xpath.evaluate(
          "@supportsPasswordChange", ndSupport), false));
      support.setSupportsPasswordRecovery(Val.chkBool(xpath.evaluate(
          "@supportsPasswordRecovery", ndSupport), false));
    }

    // roles
    Node ndRoles = (Node) xpath.evaluate("roles", ndLdap, XPathConstants.NODE);
    if (ndRoles != null) {
      Roles roles = idConfig.getConfiguredRoles();
      String sRegUserKey = Val.chkStr(xpath.evaluate("@registeredUserRoleKey",
          ndRoles));
      if (sRegUserKey.length() == 0) {
        sRegUserKey = "gptRegisteredUser";
      }
      roles.setAuthenticatedUserRequiresRole(Val.chkBool(xpath.evaluate(
          "@authenticatedUserRequiresRole", ndRoles), true));
      roles.setRegisteredUserRoleKey(sRegUserKey);
                
      NodeList nlRoles = (NodeList) xpath.evaluate("role", ndRoles,
          XPathConstants.NODESET);
      for (int i = 0; i < nlRoles.getLength(); i++) {
        Node ndRole = nlRoles.item(i);
        Role role = new Role();
        role.setKey(xpath.evaluate("@key", ndRole));
        role.setInherits(xpath.evaluate("@inherits", ndRole));
        role.setResKey(xpath.evaluate("@resKey", ndRole));
        role.setManage(Val.chkBool(xpath.evaluate("@manage", ndRole),true));
        role.setForbidden(Val.chkBool(xpath.evaluate("@forbidden", ndRole),false));
        role.setDistinguishedName(xpath.evaluate("@groupDN", ndRole));
        roles.add(role);
      }
      for (Role role : roles.values()) {
        role.buildFullRoleSet(roles);
      }
    }

    // user properties
    Node ndUser = (Node) xpath.evaluate("users", ndLdap, XPathConstants.NODE);
View Full Code Here
TOP

Related Classes of com.esri.gpt.framework.security.principal.Role

  • com.esri.gpt.framework.context.ApplicationConfigurationLoader
  • com.esri.gpt.framework.security.identity.ldap.LdapEditFunctions
  • com.esri.gpt.server.identity.ManageUserServlet
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.