Examples of org.apache.jetspeed.security.om.InternalCredential

org.apache.jetspeed.security.om.InternalCredential
Interface representing a security credential.

The credential value represents the value of the credential such as a password.

For now, we do not have custom credentials classes and credentials support only 1 credential (i.e. 1 password).

The credential type represents whether a credential is private or public:
- Private credential: type == 0
- Public credential: type == 1
The credential classname represent the class of credential.
TODO Add multiple credentials support. @author David Le Strat @version $Id: InternalCredential.java 516448 2007-03-09 16:25:47Z ate $

    public boolean equals(Object object)
    {  
        if (!(object instanceof InternalCredential))
            return false;


        InternalCredential c = (InternalCredential) object;
        boolean isEqual = (((null == c.getClassname()) || (c.getClassname().equals(this.getClassname()))) &&
                            (c.getValue().equals(this.getValue())) && 
                            (c.getType() == this.getType()));
        return isEqual;
    }

View Full Code Here

    public boolean equals(Object object)
    {  
        if (!(object instanceof InternalCredential))
            return false;


        InternalCredential c = (InternalCredential) object;
        boolean isEqual = (((null == c.getClassname()) || (c.getClassname().equals(this.getClassname()))) &&
                            (c.getValue().equals(this.getValue())) && 
                            (c.getType() == this.getType()));
        return isEqual;
    }

View Full Code Here

    {
        Collection internalCredentials = internalUser.getCredentials();
        ArrayList historicalPasswordCredentials = new ArrayList();
        if ( internalCredentials != null )
        {
            InternalCredential currCredential;
            Iterator iter = internalCredentials.iterator();
            
            while (iter.hasNext())
            {
                currCredential = (InternalCredential) iter.next();
                if (currCredential.getType() == InternalCredential.PRIVATE )
                {
                    if ((null != currCredential.getClassname())
                            && (currCredential.getClassname().equals(HISTORICAL_PASSWORD_CREDENTIAL)))
                    {
                        historicalPasswordCredentials.add(currCredential);
                    }
                }
            }
        }
        if (historicalPasswordCredentials.size() > 1)
        {
            Collections.sort(historicalPasswordCredentials,internalCredentialCreationDateComparator);
        }
        
        int historyCount = historyCount = historicalPasswordCredentials.size();
        InternalCredential historicalPasswordCredential;
        if ( authenticated )
        {
            // check password already used
            for ( int i = 0; i < historyCount && i < historySize; i++ )
            {
                historicalPasswordCredential = (InternalCredential)historicalPasswordCredentials.get(i);
                if ( historicalPasswordCredential.getValue() != null &&
                        historicalPasswordCredential.getValue().equals(password) )
                {
                    throw new SecurityException(SecurityException.PASSWORD_ALREADY_USED);
                }
            }
        }

View Full Code Here

    {
        Set credentials = new HashSet();
        InternalUserPrincipal internalUser = securityAccess.getInternalUserPrincipal(username, false);
        if (null != internalUser)
        {
            InternalCredential credential = getPasswordCredential(internalUser, username );
            if ( credential != null )
            {
                try
                {
                    credentials.add(pcProvider.create(username,credential));

View Full Code Here

        return new HashSet();
    }
    
    private InternalCredential getPasswordCredential(InternalUserPrincipal internalUser, String username)
    {
        InternalCredential credential = null;
        
        Collection internalCredentials = internalUser.getCredentials();
        if ( internalCredentials != null )
        {
            Iterator iter = internalCredentials.iterator();
            
            while (iter.hasNext())
            {
                credential = (InternalCredential) iter.next();
                if (credential.getType() == InternalCredential.PRIVATE )
                {
                    if ((null != credential.getClassname())
                            && (credential.getClassname().equals(pcProvider.getPasswordCredentialClass().getName())))
                    {
                        try
                        {
                            if ( ipcInterceptor != null && ipcInterceptor.afterLoad(pcProvider, username, credential) )
                            {

View Full Code Here

            {
                oldPassword = pcProvider.getEncoder().encode(userName, oldPassword);
            }
        }
        
        InternalCredential credential = getPasswordCredential(internalUser, userName );
        
        if (oldPassword != null && (credential == null || credential.getValue() == null || !credential.getValue().equals(oldPassword)))
        {
            // supplied PasswordCredential not defined for this user
            throw new SecurityException(SecurityException.INVALID_PASSWORD);
        }
        
        if ( pcProvider.getValidator() != null )
        {
            pcProvider.getValidator().validate(newPassword);
        }
        
        boolean encoded = false;
        if ( pcProvider.getEncoder() != null )
        {
            newPassword = pcProvider.getEncoder().encode(userName, newPassword);
            encoded = true;
        }


        boolean create = credential == null;


        if ( create )
        {
            credential = new InternalCredentialImpl(internalUser.getPrincipalId(), newPassword, InternalCredential.PRIVATE,
                            pcProvider.getPasswordCredentialClass().getName());
            credential.setEncoded(encoded);
            credentials.add(credential);
        }
        else if ( oldPassword == null )
        {
/* TODO: should only be allowed for admin                     
            // User *has* an PasswordCredential: setting a new Credential without supplying
            // its current one is not allowed
            throw new SecurityException(SecurityException.PASSWORD_REQUIRED);
*/            
        }
        else if ( oldPassword.equals(newPassword) )
        {
            throw new SecurityException(SecurityException.INVALID_PASSWORD);
        }


        if ( ipcInterceptor != null )
        {
            if ( create )
            {
                ipcInterceptor.beforeCreate(internalUser, credentials, userName, credential, newPassword );
            }
            else
            {
                ipcInterceptor.beforeSetPassword(internalUser, credentials, userName, credential, newPassword, oldPassword != null );
            }
        }
        if (!create)
        {
            credential.setValue(newPassword);
            credential.setEncoded(encoded);
        }
                
        internalUser.setModifiedDate(new Timestamp(new Date().getTime()));
        internalUser.setCredentials(credentials);
        // Set the user with the new credentials.

View Full Code Here

    public void setPasswordEnabled(String userName, boolean enabled) throws SecurityException
    {
        InternalUserPrincipal internalUser = securityAccess.getInternalUserPrincipal(userName, false);
        if (null != internalUser)
        {
            InternalCredential credential = getPasswordCredential(internalUser, userName );
            if ( credential != null && !credential.isExpired() && credential.isEnabled() != enabled )
            {
                credential.setEnabled(enabled);
                internalUser.setModifiedDate(new Timestamp(new Date().getTime()));
                securityAccess.setInternalUserPrincipal(internalUser, false);
            }
        }
        else

View Full Code Here

    public void setPasswordUpdateRequired(String userName, boolean updateRequired) throws SecurityException
    {
        InternalUserPrincipal internalUser = securityAccess.getInternalUserPrincipal(userName, false);
        if (null != internalUser)
        {
            InternalCredential credential = getPasswordCredential(internalUser, userName );
            if ( credential != null && !credential.isExpired() && credential.isUpdateRequired() != updateRequired )
            {
                credential.setUpdateRequired(updateRequired);
                long time = new Date().getTime();
                credential.setModifiedDate(new Timestamp(time));
                // temporary hack for now to support setting passwordUpdateRequired = false
                // for users never authenticated yet.
                // The current InternalPasswordCredentialStateHandlingInterceptor.afterLoad()
                // logic will only set it (back) to true if both prev and last auth. date is null
                credential.setPreviousAuthenticationDate(new Timestamp(time));
                internalUser.setModifiedDate(new Timestamp(time));
                securityAccess.setInternalUserPrincipal(internalUser, false);
            }
        }
        else

View Full Code Here

    {
        boolean authenticated = false;
        InternalUserPrincipal internalUser = securityAccess.getInternalUserPrincipal(userName, false);
        if (null != internalUser)
        {
            InternalCredential credential = getPasswordCredential(internalUser, userName );
            if ( credential != null && credential.isEnabled() && !credential.isExpired())
            {
                if ( pcProvider.getEncoder() != null && credential.isEncoded())
                {
                    password = pcProvider.getEncoder().encode(userName,password);
                }


                authenticated = credential.getValue().equals(password);
                boolean update = false;


                if ( ipcInterceptor != null )
                {
                    update = ipcInterceptor.afterAuthenticated(internalUser, userName, credential, authenticated);
                    if ( update && (!credential.isEnabled() || credential.isExpired()))
                    {
                        authenticated = false;
                    }
                }
                if ( authenticated )
                {
                    credential.setAuthenticationFailures(0);
                    credential.setPreviousAuthenticationDate(credential.getLastAuthenticationDate());
                    credential.setLastAuthenticationDate(new Timestamp(System.currentTimeMillis()));
                    update = true;
                }
                
                if ( update )
                {

View Full Code Here

          throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE);
      }
            
      // Update principal information
      remotePrincipal.setFullPath("/sso/user/"+ principalName + "/" + remoteUser);
      InternalCredential credential = (InternalCredential)remotePrincipal.getCredentials().iterator().next();
          
      // New credential object
       if ( credential != null) 
        // Remove credential and principal from mapping
         credential.setValue(pwd);
      
      // Update database and reset cache
       try
       {
           getPersistenceBrokerTemplate().store(ssoSite);

View Full Code Here

0 1 2 3 4 5 6 7

TOP

Related Classes of org.apache.jetspeed.security.om.InternalCredential

org.apache.jetspeed.security.om.impl.InternalCredentialImpl

org.apache.jetspeed.security.spi.impl.DefaultCredentialHandler

org.apache.jetspeed.security.spi.impl.InternalPasswordCredentialHistoryHandlingInterceptor

org.apache.jetspeed.security.spi.impl.PasswordHistoryInterceptor

org.apache.jetspeed.serializer.JetspeedSerializerImpl

org.apache.jetspeed.sso.impl.PersistenceBrokerSSOProvider

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.