Examples of org.wso2.carbon.user.api.UserRealm

org.wso2.carbon.user.api.UserRealm
The Realm of the WSO2 user Kernel. The realm represents a user store. This is a collection of interfaces. To enable WSO2 platform with a clustom realm, implement this interface and add the class to the class path. Provide the class name in the configuration file and the framework will pick the new realm code.

            }


            String username = principal.getName();


            // Get User Realm
            UserRealm userRealm = getUserRealm(username);


            // Get username from tenant username
            int domainNameSeparatorIndex = username.indexOf(DOMAIN_NAME_SEPARATOR);
            if (-1 != domainNameSeparatorIndex) {
                username = username.substring(0, domainNameSeparatorIndex);

View Full Code Here

    private String getRawQueueName(String queueName) {
        return queueName.substring(queueName.indexOf(":") + 1, queueName.length());
    }


    private static UserRealm getUserRealm(String username) {
        UserRealm userRealm = null;


        RealmService realmService = AuthorizationServiceDataHolder.getInstance().getRealmService();
        if (null != realmService) {
            try {
                // Get tenant ID

View Full Code Here

                collection.setProperty(MessageBoxConstants.MB_PROPERYY_OWNER, ownerName);


                userRegistry.put(resourcePath, collection);


                //assign the permissions for the queue to user
                UserRealm userRealm =
                        MessageBoxServiceValueHolder.getInstance().getRealmService().getTenantUserRealm(0);
                String userName = CarbonContext.getCurrentContext().getUsername();
                userRealm.getAuthorizationManager().authorizeUser(
                        userName, resourcePath, MessageBoxConstants.MB_PERMISSION_CONSUME);
                userRealm.getAuthorizationManager().authorizeUser(
                        userName, resourcePath, MessageBoxConstants.MB_PERMISSION_PUBLISH);
                userRealm.getAuthorizationManager().authorizeUser(
                        userName, resourcePath, MessageBoxConstants.MB_PERMISSION_CHANGE_PERMISSION);


            }
        } catch (RegistryException e) {
            throw new MessageBoxException("Can not access the config registry");

View Full Code Here

    public List<QueueUserPermission> getQueueUserPermissions(String queueName)
            throws MessageBoxException {


        String queueResoucePath = MessageBoxConstants.MB_QUEUE_STORAGE_PATH + "/" + queueName;
        List<QueueUserPermission> queueUserPermissions = new ArrayList<QueueUserPermission>();
        UserRealm userRealm = CarbonContext.getCurrentContext().getUserRealm();
        QueueUserPermission queueUserPermission;
        try {
            for (String user : userRealm.getUserStoreManager().listUsers("*", 10)) {
                queueUserPermission = new QueueUserPermission();
                queueUserPermission.setUserName(user);
                queueUserPermission.setAllowedToConsume(
                        userRealm.getAuthorizationManager().isUserAuthorized(
                                user, queueResoucePath, MessageBoxConstants.MB_PERMISSION_CONSUME));
                queueUserPermission.setAllowedToPublish(
                        userRealm.getAuthorizationManager().isUserAuthorized(
                                user, queueResoucePath, MessageBoxConstants.MB_PERMISSION_PUBLISH));
                queueUserPermissions.add(queueUserPermission);
            }
            return queueUserPermissions;
        } catch (UserStoreException e) {

View Full Code Here


    public List<QueueRolePermission> getQueueRolePermissions(String queueName)
            throws MessageBoxException {
        String queueResourcePath = MessageBoxConstants.MB_QUEUE_STORAGE_PATH + "/" + queueName;
        List<QueueRolePermission> queueRolePermissions = new ArrayList<QueueRolePermission>();
        UserRealm userRealm = CarbonContext.getCurrentContext().getUserRealm();
        QueueRolePermission queueRolePermission;
        try {
            for (String roleName : userRealm.getUserStoreManager().getRoleNames()) {
                queueRolePermission = new QueueRolePermission();
                queueRolePermission.setRoleName(roleName);
                queueRolePermission.setAllowedToConsume(
                        userRealm.getAuthorizationManager().isRoleAuthorized(
                                roleName, queueResourcePath, MessageBoxConstants.MB_PERMISSION_CONSUME));
                queueRolePermission.setAllowedToPublish(
                        userRealm.getAuthorizationManager().isRoleAuthorized(
                                roleName, queueResourcePath, MessageBoxConstants.MB_PERMISSION_PUBLISH));
                queueRolePermissions.add(queueRolePermission);
            }
            return queueRolePermissions;
        } catch (UserStoreException e) {

View Full Code Here

        }
        path = path.trim();


        try {
            CassandraAdminComponentManager adminComponentManager = CassandraAdminComponentManager.getInstance();
            UserRealm userRealm = adminComponentManager.getRealmForCurrentTenant();
            //TODO ask the best way from security team
            AuthorizationManager authorizationManager = userRealm.getAuthorizationManager();
            authorizationManager.clearRoleAuthorization(role, path, ACTION_WRITE);
            authorizationManager.clearRoleAuthorization(role, path, ACTION_READ);
            authorizationManager.authorizeRole(role, path, ACTION_WRITE);
            authorizationManager.authorizeRole(role, path, ACTION_READ);
            return true;

View Full Code Here




    public void updateRolePermission(List<QueueRolePermission> queueRolePermissions,
                                     String queueName) throws MessageBoxException {
        String queueResourcePath = MessageBoxConstants.MB_QUEUE_STORAGE_PATH + "/" + queueName;
        UserRealm userRealm = CarbonContext.getCurrentContext().getUserRealm();
        String role;


        try {
            String loggedInUser = CarbonContext.getCurrentContext().getUsername();
            if (!userRealm.getAuthorizationManager().isUserAuthorized(
                    loggedInUser, queueResourcePath,
                    MessageBoxConstants.MB_PERMISSION_CHANGE_PERMISSION)) {
                if (!Utils.isAdmin(loggedInUser)) {
                    throw new MessageBoxException(" User " + loggedInUser + " can not change" +
                                                  " the permissions of " + queueName);
                }
            }


            for (QueueRolePermission queueRolePermission : queueRolePermissions) {
                role = queueRolePermission.getRoleName();
                if (queueRolePermission.isAllowedToConsume()) {
                    if (!userRealm.getAuthorizationManager().isRoleAuthorized(
                            role, queueResourcePath, MessageBoxConstants.MB_PERMISSION_CONSUME)) {
                        userRealm.getAuthorizationManager().authorizeRole(
                                role, queueResourcePath, MessageBoxConstants.MB_PERMISSION_CONSUME);
                    }
                } else {
                    if (userRealm.getAuthorizationManager().isRoleAuthorized(
                            role, queueResourcePath, MessageBoxConstants.MB_PERMISSION_CONSUME)) {
                        userRealm.getAuthorizationManager().denyRole(
                                role, queueResourcePath, MessageBoxConstants.MB_PERMISSION_CONSUME);
                    }
                }


                if (queueRolePermission.isAllowedToPublish()) {
                    if (!userRealm.getAuthorizationManager().isRoleAuthorized(
                            role, queueResourcePath, MessageBoxConstants.MB_PERMISSION_PUBLISH)) {
                        userRealm.getAuthorizationManager().authorizeRole(
                                role, queueResourcePath, MessageBoxConstants.MB_PERMISSION_PUBLISH);
                    }
                } else {
                    if (userRealm.getAuthorizationManager().isRoleAuthorized(
                            role, queueResourcePath, MessageBoxConstants.MB_PERMISSION_PUBLISH)) {
                        userRealm.getAuthorizationManager().denyRole(
                                role, queueResourcePath, MessageBoxConstants.MB_PERMISSION_PUBLISH);
                    }
                }
            }
            setQueueUpdatedTime(queueName);

View Full Code Here

        }
        path = path.trim();


        try {
            CassandraAdminComponentManager adminComponentManager = CassandraAdminComponentManager.getInstance();
            UserRealm userRealm = adminComponentManager.getRealmForCurrentTenant();
            //TODO ask the best way from security team
            AuthorizationManager authorizationManager = userRealm.getAuthorizationManager();
            authorizationManager.clearRoleAuthorization(role, path, ACTION_WRITE);
            authorizationManager.clearRoleAuthorization(role, path, ACTION_READ);
            return true;
        } catch (UserStoreException e) {
            throw new CassandraServerManagementException("Error during clear sharing a resource at path :" + path + " and" +

View Full Code Here


    public void updateUserPermission(List<QueueUserPermission> queueUserPermissions,
                                     String queueName)
            throws MessageBoxException {
        String queueResourcePath = MessageBoxConstants.MB_QUEUE_STORAGE_PATH + "/" + queueName;
        UserRealm userRealm = CarbonContext.getCurrentContext().getUserRealm();
        String user;


        try {
            String loggedInUser = CarbonContext.getCurrentContext().getUsername();
            if (!userRealm.getAuthorizationManager().isUserAuthorized(
                    loggedInUser, queueResourcePath,
                    MessageBoxConstants.MB_PERMISSION_CHANGE_PERMISSION)) {
                if (!Utils.isAdmin(loggedInUser)) {
                    throw new MessageBoxException(" User " + loggedInUser + " can not change" +
                                                  " the permissions of " + queueName);
                }
            }


            for (QueueUserPermission queueUserPermission : queueUserPermissions) {
                user = queueUserPermission.getUserName();
                if (queueUserPermission.isAllowedToConsume()) {
                    if (!userRealm.getAuthorizationManager().isUserAuthorized(
                            user, queueResourcePath, MessageBoxConstants.MB_PERMISSION_CONSUME)) {
                        userRealm.getAuthorizationManager().authorizeUser(
                                user, queueResourcePath, MessageBoxConstants.MB_PERMISSION_CONSUME);
                    }
                } else {
                    if (userRealm.getAuthorizationManager().isUserAuthorized(
                            user, queueResourcePath, MessageBoxConstants.MB_PERMISSION_CONSUME)) {
                        userRealm.getAuthorizationManager().denyUser(
                                user, queueResourcePath, MessageBoxConstants.MB_PERMISSION_CONSUME);
                    }
                }


                if (queueUserPermission.isAllowedToPublish()) {
                    if (!userRealm.getAuthorizationManager().isUserAuthorized(
                            user, queueResourcePath, MessageBoxConstants.MB_PERMISSION_PUBLISH)) {
                        userRealm.getAuthorizationManager().authorizeUser(
                                user, queueResourcePath, MessageBoxConstants.MB_PERMISSION_PUBLISH);
                    }
                } else {
                    if (userRealm.getAuthorizationManager().isUserAuthorized(
                            user, queueResourcePath, MessageBoxConstants.MB_PERMISSION_PUBLISH)) {
                        userRealm.getAuthorizationManager().denyUser(
                                user, queueResourcePath, MessageBoxConstants.MB_PERMISSION_PUBLISH);
                    }
                }
            }
            setQueueUpdatedTime(queueName);

View Full Code Here

            if (!userRegistry.resourceExists(resourcePath)) {
                Collection collection = userRegistry.newCollection();
                userRegistry.put(resourcePath, collection);


                // Grant this user (owner) rights to update permission on newly created topic
                UserRealm userRealm = CarbonContext.getCurrentContext().getUserRealm();


                userRealm.getAuthorizationManager().authorizeUser(
                        loggedInUser, resourcePath, EventBrokerConstants.EB_PERMISSION_CHANGE_PERMISSION);
            }
        } catch (RegistryException e) {
            throw new EventBrokerException("Can not access the config registry");
        } catch (UserStoreException e) {

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.wso2.carbon.user.api.UserRealm

com.hazelcast.config.Config

com.hazelcast.config.GroupConfig

com.hazelcast.config.NetworkConfig

com.icegreen.greenmail.util.GreenMail

org.apache.axiom.om.OMElement

org.apache.axis2.client.Options

org.apache.axis2.client.ServiceClient

org.apache.axis2.clustering.ClusteringFault

org.apache.axis2.description.Parameter

org.apache.commons.collections.bidimap.TreeBidiMap

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.