Examples of org.apache.jetspeed.security.om.InternalCredential

org.apache.jetspeed.security.om.InternalCredential
Interface representing a security credential.

The credential value represents the value of the credential such as a password.

For now, we do not have custom credentials classes and credentials support only 1 credential (i.e. 1 password).

The credential type represents whether a credential is private or public:
- Private credential: type == 0
- Public credential: type == 1
The credential classname represent the class of credential.
TODO Add multiple credentials support. @author David Le Strat @version $Id: InternalCredential.java 516448 2007-03-09 16:25:47Z ate $

    public void setPasswordUpdateRequired(String userName, boolean updateRequired) throws SecurityException
    {
        InternalUserPrincipal internalUser = securityAccess.getInternalUserPrincipal(userName, false);
        if (null != internalUser)
        {
            InternalCredential credential = getPasswordCredential(internalUser, userName );
            if ( credential != null && !credential.isExpired() && credential.isUpdateRequired() != updateRequired )
            {
                // only allow setting updateRequired off if (non-Encoded) password is valid
                if ( !updateRequired && !credential.isEncoded() && pcProvider.getValidator() != null )
                {
                    pcProvider.getValidator().validate(credential.getValue());
                }
                credential.setUpdateRequired(updateRequired);
                long time = new Date().getTime();
                credential.setModifiedDate(new Timestamp(time));
                // temporary hack for now to support setting passwordUpdateRequired = false
                // for users never authenticated yet.
                // The current InternalPasswordCredentialStateHandlingInterceptor.afterLoad()
                // logic will only set it (back) to true if both prev and last auth. date is null
                credential.setPreviousAuthenticationDate(new Timestamp(time));
                credential.setModifiedDate(new Timestamp(time));
                internalUser.setModifiedDate(new Timestamp(time));
                securityAccess.setInternalUserPrincipal(internalUser, false);
            }
        }
        else

View Full Code Here

    public void setPasswordExpiration(String userName, java.sql.Date expirationDate) throws SecurityException
    {
        InternalUserPrincipal internalUser = securityAccess.getInternalUserPrincipal(userName, false);
        if (null != internalUser)
        {
            InternalCredential credential = getPasswordCredential(internalUser, userName );
            if ( credential != null )
            {
                long time = new Date().getTime();
                if ( expirationDate != null && new java.sql.Date(time).after(expirationDate))
                {
                    credential.setExpired(true);
                }
                else
                {
                    credential.setExpired(false);
                }
                credential.setExpirationDate(expirationDate);
                
                credential.setModifiedDate(new Timestamp(time));
                internalUser.setModifiedDate(new Timestamp(time));
                securityAccess.setInternalUserPrincipal(internalUser, false);
            }
        }
        else

View Full Code Here

    {
        boolean authenticated = false;
        InternalUserPrincipal internalUser = securityAccess.getInternalUserPrincipal(userName, false);
        if (null != internalUser)
        {
            InternalCredential credential = getPasswordCredential(internalUser, userName );
            if ( credential != null && credential.isEnabled() && !credential.isExpired())
            {
                String encodedPassword = password;
                if ( pcProvider.getEncoder() != null && credential.isEncoded())
                {
                    if ( pcProvider.getEncoder() instanceof AlgorithmUpgradeCredentialPasswordEncoder )
                    {
                        encodedPassword = ((AlgorithmUpgradeCredentialPasswordEncoder)pcProvider.getEncoder()).encode(userName,password, credential);
                    }
                    else
                    {
                        encodedPassword = pcProvider.getEncoder().encode(userName,password);
                    }
                }


                authenticated = credential.getValue().equals(encodedPassword);
                boolean update = false;


                if ( ipcInterceptor != null )
                {
                    update = ipcInterceptor.afterAuthenticated(internalUser, userName, credential, authenticated);
                    if ( update && (!credential.isEnabled() || credential.isExpired()))
                    {
                        authenticated = false;
                    }
                }
                long time = new Date().getTime();
                
                if ( authenticated )
                {
                    credential.setAuthenticationFailures(0);


                    if ( pcProvider.getEncoder() != null && pcProvider.getEncoder() instanceof AlgorithmUpgradeCredentialPasswordEncoder)
                    {
                        ((AlgorithmUpgradeCredentialPasswordEncoder)pcProvider.getEncoder()).recodeIfNeeded(userName,password,credential);
                    }
                    
                    credential.setPreviousAuthenticationDate(credential.getLastAuthenticationDate());
                    credential.setLastAuthenticationDate(new Timestamp(time));
                    update = true;
                }
                
                if ( update )
                {
                    credential.setModifiedDate(new Timestamp(time));
                    internalUser.setModifiedDate(new Timestamp(time));
                    securityAccess.setInternalUserPrincipal(internalUser, false);
                }
            }
        }

View Full Code Here

    {
        Collection internalCredentials = internalUser.getCredentials();
        ArrayList historicalPasswordCredentials = new ArrayList();
        if ( internalCredentials != null )
        {
            InternalCredential currCredential;
            Iterator iter = internalCredentials.iterator();
            
            while (iter.hasNext())
            {
                currCredential = (InternalCredential) iter.next();
                if (currCredential.getType() == InternalCredential.PRIVATE )
                {
                    if ((null != currCredential.getClassname())
                            && (currCredential.getClassname().equals(HISTORICAL_PASSWORD_CREDENTIAL)))
                    {
                        historicalPasswordCredentials.add(currCredential);
                    }
                }
            }
        }
        if (historicalPasswordCredentials.size() > 1)
        {
            Collections.sort(historicalPasswordCredentials,internalCredentialCreationDateComparator);
        }
        
        int historyCount = historicalPasswordCredentials.size();
        InternalCredential historicalPasswordCredential;
        if ( authenticated )
        {
            // check password already used
            for ( int i = 0; i < historyCount && i < historySize; i++ )
            {
                historicalPasswordCredential = (InternalCredential)historicalPasswordCredentials.get(i);
                if ( historicalPasswordCredential.getValue() != null &&
                        historicalPasswordCredential.getValue().equals(password) )
                {
                    throw new PasswordAlreadyUsedException();
                }
            }
        }

View Full Code Here

      }
            
      // Update principal information
      //remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId() + "/user/"+ principalName + "/" + remoteUser);
      
      InternalCredential credential = (InternalCredential)remotePrincipal.getCredentials().iterator().next();
          
      // New credential object
       if ( credential != null) 
        // Remove credential and principal from mapping
         credential.setValue(this.scramble(pwd));
      
      // Update database and reset cache
       try
       {
           getPersistenceBrokerTemplate().store(credential);

View Full Code Here

   * getCredential
   * returns the credentials for a given user
   */
  private SSOContext  getCredential(SSOSite ssoSite, String fullPath)
  {
    InternalCredential credential = null;
    InternalUserPrincipal remotePrincipal = null;
    //  Get remotePrincipals for Site and match them with the Remote Principal for the Principal attached to site
    Collection principalsForSite = ssoSite.getPrincipals();
    Collection remoteForSite = ssoSite.getRemotePrincipals();
    
    // If any of them don't exist just return
    if ( principalsForSite == null  || remoteForSite== null )
        return null;  // no entry
    
    Collection remoteForPrincipals = getRemotePrincipalsForPrincipal(principalsForSite, fullPath);
        
    if ( remoteForPrincipals == null)
        return null;  // no entry
    
    // Get remote Principal that matches the site and the principal
    if ((remotePrincipal = findRemoteMatch(remoteForPrincipals, remoteForSite)) == null )
    {
        return null;  // No entry
    }
    else
    {
        // Has an entry
      if ( remotePrincipal.getCredentials() != null)
        credential = (InternalCredential)remotePrincipal.getCredentials().iterator().next();
      
      // Error checking  -- should have a credential at this point
      if ( credential == null)
      {
//        System.out.println("Warning: Remote User " + remotePrincipal.getFullPath() + " doesn't have a credential");
        return null; 
      }
    }
    
    //  Create new context
    String name = stripPrincipalName(remotePrincipal.getFullPath());
    
    SSOContext context = new SSOContextImpl(credential.getPrincipalId(), name, this.unscramble(credential.getValue()));
    
    return context;
  }

View Full Code Here

        {
            InternalUserPrincipal remotePrincipal = (InternalUserPrincipal)principals.next();
            Iterator creds = remotePrincipal.getCredentials().iterator();
            while (creds.hasNext())
            {
                InternalCredential cred = (InternalCredential) creds.next();
                SSOContext context = new SSOContextImpl(remotePrincipal.getPrincipalId(), 
                                                stripPrincipalName(remotePrincipal.getFullPath()), 
                                                cred.getValue(), 
                                                stripPortalPrincipalName(remotePrincipal.getFullPath()));
                list.add(context);
            }
        }
        return list;

View Full Code Here

            while (itRemotePrincipals.hasNext() )
            {
              InternalUserPrincipal remotePrincipal = (InternalUserPrincipal)itRemotePrincipals.next();
                  if (remotePrincipal != null)
                  {
                    InternalCredential credential = null;
                    if ( remotePrincipal.getCredentials() != null)
                      credential = (InternalCredential)remotePrincipal.getCredentials().iterator().next();
                    
                    if (credential != null)
                    {
                      if (log.isInfoEnabled())
                        log.info("SSOComponent -- Remote Principal ["+stripPrincipalName(remotePrincipal.getFullPath())+"] has credential ["+this.unscramble(credential.getValue())+ "]");
                      
                      client.getState().setCredentials(
                            site.getRealm(),
                                  urlObj.getHost(),
                                  new UsernamePasswordCredentials(stripPrincipalName(remotePrincipal.getFullPath()),  this.unscramble(credential.getValue()))
                              );
                      
                      // Build URL if it's Form authentication
                      StringBuffer siteURL = new StringBuffer(site.getSiteURL());
                     
                    // Check if it's form based or ChallengeResponse
                    if (site.isFormAuthentication())
                    {
                      siteURL.append("?").append(site.getFormUserField()).append("=").append(stripPrincipalName(remotePrincipal.getFullPath())).append("&").append(site.getFormPwdField()).append("=").append(this.unscramble(credential.getValue()));
                    }
                      
                      get = new GetMethod(siteURL.toString());
  
                            // Tell the GET method to automatically handle authentication. The

View Full Code Here

      }
            
      // Update principal information
      //remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId() + "/user/"+ principalName + "/" + remoteUser);
      
      InternalCredential credential = (InternalCredential)remotePrincipal.getCredentials().iterator().next();
          
      // New credential object
       if ( credential != null) 
        // Remove credential and principal from mapping
         credential.setValue(this.scramble(pwd));
      
      // Update database and reset cache
       try
       {
           getPersistenceBrokerTemplate().store(credential);

View Full Code Here

   * getCredential
   * returns the credentials for a given user
   */
  private SSOContext  getCredential(SSOSite ssoSite, String fullPath)
  {
    InternalCredential credential = null;
    InternalUserPrincipal remotePrincipal = null;
    //  Get remotePrincipals for Site and match them with the Remote Principal for the Principal attached to site
    Collection principalsForSite = ssoSite.getPrincipals();
    Collection remoteForSite = ssoSite.getRemotePrincipals();
    
    // If any of them don't exist just return
    if ( principalsForSite == null  || remoteForSite== null )
        return null;  // no entry
    
    Collection remoteForPrincipals = getRemotePrincipalsForPrincipal(principalsForSite, fullPath);
        
    if ( remoteForPrincipals == null)
        return null;  // no entry
    
    // Get remote Principal that matches the site and the principal
    if ((remotePrincipal = findRemoteMatch(remoteForPrincipals, remoteForSite)) == null )
    {
        return null;  // No entry
    }
    else
    {
        // Has an entry
      if ( remotePrincipal.getCredentials() != null)
        credential = (InternalCredential)remotePrincipal.getCredentials().iterator().next();
      
      // Error checking  -- should have a credential at this point
      if ( credential == null)
      {
//        System.out.println("Warning: Remote User " + remotePrincipal.getFullPath() + " doesn't have a credential");
        return null; 
      }
    }
    
    //  Create new context
    String name = stripPrincipalName(remotePrincipal.getFullPath());
    
    SSOContext context = new SSOContextImpl(credential.getPrincipalId(), name, this.unscramble(credential.getValue()));
    
    return context;
  }

View Full Code Here

0 1 2 3 4 5 6 7

TOP

Related Classes of org.apache.jetspeed.security.om.InternalCredential

org.apache.jetspeed.security.om.impl.InternalCredentialImpl

org.apache.jetspeed.security.spi.impl.DefaultCredentialHandler

org.apache.jetspeed.security.spi.impl.InternalPasswordCredentialHistoryHandlingInterceptor

org.apache.jetspeed.security.spi.impl.PasswordHistoryInterceptor

org.apache.jetspeed.serializer.JetspeedSerializerImpl

org.apache.jetspeed.sso.impl.PersistenceBrokerSSOProvider

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.