Package org.ejbca.core.model.authorization

Examples of org.ejbca.core.model.authorization.AdminEntity


        if (result.isEmpty()) {    
            // Authorization table is empty, fill with default and special
            // admingroups.
            addAdminGroup(admin, AdminGroup.TEMPSUPERADMINGROUP);
            final ArrayList<AdminEntity> adminentities = new ArrayList<AdminEntity>();
            adminentities.add(new AdminEntity(AdminEntity.WITH_COMMONNAME, AdminEntity.TYPE_EQUALCASEINS, superAdminCN, caid));
            admEntitySession.addAdminEntities(admin, AdminGroup.TEMPSUPERADMINGROUP, adminentities);
            final ArrayList<AccessRule> accessrules = new ArrayList<AccessRule>();
            accessrules.add(new AccessRule(AccessRulesConstants.ROLE_SUPERADMINISTRATOR, AccessRule.RULE_ACCEPT, false));
            addAccessRules(admin, AdminGroup.TEMPSUPERADMINGROUP, accessrules);
    
        }
        // Add Special Admin Group
        // Special admin group is a group that is not authenticated with client
        // certificate, such as batch tool etc
        if (AdminGroupData.findByGroupName(entityManager, AdminGroup.DEFAULTGROUPNAME) == null) {
            LOG.debug("initialize: FinderEx, add default group.");
            // Add Default Special Admin Group
            try {
                final AdminGroupData agdl = new AdminGroupData(Integer.valueOf(findFreeAdminGroupId()), AdminGroup.DEFAULTGROUPNAME);
                entityManager.persist(agdl);

                final ArrayList<AdminEntity> adminentities = new ArrayList<AdminEntity>();
                adminentities.add(new AdminEntity(AdminEntity.SPECIALADMIN_BATCHCOMMANDLINEADMIN));
                adminentities.add(new AdminEntity(AdminEntity.SPECIALADMIN_CACOMMANDLINEADMIN));
                adminentities.add(new AdminEntity(AdminEntity.SPECIALADMIN_RAADMIN));
                adminentities.add(new AdminEntity(AdminEntity.SPECIALADMIN_INTERNALUSER));
                agdl.addAdminEntities(entityManager, adminentities);

                final ArrayList<AccessRule> accessrules = new ArrayList<AccessRule>();
                accessrules.add(new AccessRule(AccessRulesConstants.ROLE_ADMINISTRATOR, AccessRule.RULE_ACCEPT, true));
                accessrules.add(new AccessRule(AccessRulesConstants.ROLE_SUPERADMINISTRATOR, AccessRule.RULE_ACCEPT, false));
View Full Code Here


                // is authorized to all CAs used by the different admins.
                final Collection<AdminEntity> admins = agdl.getAdminEntityObjects();
                final Iterator<AdminEntity> adminsIterator = admins.iterator();
                boolean onlyAuthCAIds = true;
                while (adminsIterator.hasNext()) {
                    final AdminEntity adminEntity = adminsIterator.next();
                    if (!authorizedcaids.contains(adminEntity.getCaId())) {
                        onlyAuthCAIds = false;
                        break;
                    }
                }
                if (onlyAuthCAIds) {
View Full Code Here

    }
   
    private void addDefaultPublicWebGroupRules(final AdminGroupData agdl) {
        LOG.debug("create public web group");
        final ArrayList<AdminEntity> adminentities = new ArrayList<AdminEntity>();
        adminentities.add(new AdminEntity(AdminEntity.SPECIALADMIN_PUBLICWEBUSER));
        agdl.addAdminEntities(entityManager, adminentities);

        final ArrayList<AccessRule> accessrules = new ArrayList<AccessRule>();
        accessrules.add(new AccessRule(AccessRulesConstants.ROLE_PUBLICWEBUSER, AccessRule.RULE_ACCEPT, false));
View Full Code Here

     *
     * @throws Exception
     */
    private void addSuperAdminTokenUserToTemporarySuperAdminGroup(int caid) throws Exception {
        List<AdminEntity> adminentities = new ArrayList<AdminEntity>();
        adminentities.add(new AdminEntity(AdminEntity.WITH_COMMONNAME, AdminEntity.TYPE_EQUALCASEINS, SUPERADMINTOKENNAME, caid));
        ejb.getAdminEntitySession().addAdminEntities(getAdmin(), "Temporary Super Administrator Group", adminentities);
    }
View Full Code Here

        BatchMakeP12 makep12 = new BatchMakeP12();
        File tmpfile = File.createTempFile("ejbca", "p12");
        makep12.setMainStoreDir(tmpfile.getParent());
        makep12.createAllNew();
        adminentities = new ArrayList<AdminEntity>();
        adminentities.add(new AdminEntity(AdminEntity.WITH_COMMONNAME, AdminEntity.TYPE_EQUALCASEINS, adminUsername, caid));
        adminentities.add(new AdminEntity(AdminEntity.WITH_COMMONNAME, AdminEntity.TYPE_EQUALCASEINS, requestingAdminUsername, caid));
        adminEntitySession.addAdminEntities(internalAdmin, AdminGroup.TEMPSUPERADMINGROUP, adminentities);
        authorizationSession.forceRuleUpdate(internalAdmin);
        X509Certificate admincert = (X509Certificate) certificateStoreSession.findCertificatesByUsername(internalAdmin, adminUsername).iterator().next();
        X509Certificate reqadmincert = (X509Certificate) certificateStoreSession.findCertificatesByUsername(internalAdmin, requestingAdminUsername).iterator()
                .next();
View Full Code Here

                getLogger().error("No such type to match with as \"" + args[4] + "\" .");
                return;
            }
            String matchValue = args[5];
            int caid = ejb.getCAAdminSession().getCAInfo(getAdmin(), caName).getCAId();
            AdminEntity adminEntity = new AdminEntity(matchWith, matchType, matchValue, caid);

            Collection<AdminEntity> list = adminGroup.getAdminEntities();
            for (AdminEntity currentAdminEntity : list) {
                if (currentAdminEntity.getMatchValue().equals(adminEntity.getMatchValue()) && currentAdminEntity.getMatchWith() == adminEntity.getMatchWith()
                        && currentAdminEntity.getMatchType() == adminEntity.getMatchType() && currentAdminEntity.getCaId() == adminEntity.getCaId()) {
                    Collection<AdminEntity> adminEntities = new ArrayList<AdminEntity>();
                    adminEntities.add(adminEntity);
                    ejb.getAdminEntitySession().removeAdminEntities(getAdmin(), groupName, adminEntities);
                    return;
                }
View Full Code Here

            if (matchType == (-1 + 1000)) {
                getLogger().error("No such type to match with as \"" + args[4] + "\" .");
                return;
            }
            String matchValue = args[5];
            AdminEntity adminEntity = new AdminEntity(matchWith, matchType, matchValue, caid);
            Collection<AdminEntity> adminEntities = new ArrayList<AdminEntity>();
            adminEntities.add(adminEntity);
            ejb.getAdminEntitySession().addAdminEntities(getAdmin(), groupName, adminEntities);
        } catch (Exception e) {
            throw new ErrorAdminCommandException(e);
View Full Code Here

  public String getRowProtection() { return rowProtection; }
  public void setRowProtection(final String rowProtection) { this.rowProtection = rowProtection; }

  @Transient
  public AdminEntity getAdminEntity() {
    return new AdminEntity(getMatchWith(), getMatchType(), getMatchValue(), getCaId());
  }
View Full Code Here

   * Removes a Collection if AdminEntity from the database.
   */
  public void removeAdminEntities(final EntityManager entityManager, final Collection<AdminEntity> adminentities) {
    final Iterator<AdminEntity> iter = adminentities.iterator();
    while (iter.hasNext()) {
      final AdminEntity adminentity = iter.next();
      final AdminEntityDataPK dataAdminEntityDataPK = new AdminEntityDataPK(getAdminGroupName(), adminentity.getCaId(), adminentity.getMatchWith(), adminentity.getMatchType(), adminentity.getMatchValue());
      final Iterator<AdminEntityData> i = getAdminEntities().iterator();
      while (i.hasNext()) {
        final AdminEntityData ue = i.next();
        final AdminEntityDataPK uepk = new AdminEntityDataPK(getAdminGroupName(), ue.getCaId(), ue.getMatchWith(), ue.getMatchType(), ue.getMatchValue());
        if (uepk.equals(dataAdminEntityDataPK)) {
View Full Code Here

            boolean adminExists = false;
            AdminGroup admingroup = adminGroupSession.getAdminGroup(intAdmin, AdminGroup.TEMPSUPERADMINGROUP);
            Iterator<AdminEntity> iter = admingroup.getAdminEntities().iterator();
            while (iter.hasNext()) {
                AdminEntity adminEntity = iter.next();
                if (adminEntity.getMatchValue().equals(TEST_ADMIN_USERNAME)) {
                    adminExists = true;
                }
            }

            if (!adminExists) {
                List<AdminEntity> list = new ArrayList<AdminEntity>();
                list.add(new AdminEntity(AdminEntity.WITH_COMMONNAME, AdminEntity.TYPE_EQUALCASE, TEST_ADMIN_USERNAME, cainfo.getCAId()));
                adminEntitySession.addAdminEntities(intAdmin, AdminGroup.TEMPSUPERADMINGROUP, list);
                authorizationSession.forceRuleUpdate(intAdmin);
            }

        }
View Full Code Here

TOP

Related Classes of org.ejbca.core.model.authorization.AdminEntity

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.