All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.glassfish.admingui.common.handlers.SecurityHandler Maven / Gradle / Ivy

There is a newer version: 4.1.2.181
Show newest version
/*
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 *
 * Copyright (c) 2009-2012 Oracle and/or its affiliates. All rights reserved.
 *
 * The contents of this file are subject to the terms of either the GNU
 * General Public License Version 2 only ("GPL") or the Common Development
 * and Distribution License("CDDL") (collectively, the "License").  You
 * may not use this file except in compliance with the License.  You can
 * obtain a copy of the License at
 * https://glassfish.dev.java.net/public/CDDL+GPL_1_1.html
 * or packager/legal/LICENSE.txt.  See the License for the specific
 * language governing permissions and limitations under the License.
 *
 * When distributing the software, include this License Header Notice in each
 * file and include the License file at packager/legal/LICENSE.txt.
 *
 * GPL Classpath Exception:
 * Oracle designates this particular file as subject to the "Classpath"
 * exception as provided by Oracle in the GPL Version 2 section of the License
 * file that accompanied this code.
 *
 * Modifications:
 * If applicable, add the following below the License Header, with the fields
 * enclosed by brackets [] replaced by your own identifying information:
 * "Portions Copyright [year] [name of copyright owner]"
 *
 * Contributor(s):
 * If you wish your version of this file to be governed by only the CDDL or
 * only the GPL Version 2, indicate your decision by adding "[Contributor]
 * elects to include this software in this distribution under the [CDDL or GPL
 * Version 2] license."  If you don't indicate a single choice of license, a
 * recipient has the option to distribute your version of this file under
 * either the CDDL, the GPL Version 2 or to extend the choice of license to
 * its licensees as provided above.  However, if you add GPL Version 2 code
 * and therefore, elected the GPL Version 2 license, then the option applies
 * only if the new code is made subject to such option by the copyright
 * holder.
 */

package org.glassfish.admingui.common.handlers;

import com.sun.jsftemplating.annotation.Handler;  
import com.sun.jsftemplating.annotation.HandlerInput; 
import com.sun.jsftemplating.annotation.HandlerOutput;
import com.sun.jsftemplating.layout.descriptors.handler.HandlerContext;  
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;

import org.glassfish.admingui.common.util.GuiUtil;
import org.glassfish.admingui.common.util.RestResponse;
import org.glassfish.admingui.common.util.RestUtil;


/**
 *
 * @author anilam
 */
public class SecurityHandler {
    

    /**
     *	

This handler returns the a Map for storing the attributes for realm creation. * @param handlerCtx The HandlerContext. */ @Handler(id="getRealmAttrForCreate", output={ @HandlerOutput(name="attrMap", type=Map.class), @HandlerOutput(name="classnameOption", type=String.class), @HandlerOutput(name="realmClasses", type=List.class), @HandlerOutput(name="properties", type=List.class)}) public static void getRealmAttrForCreate(HandlerContext handlerCtx) { handlerCtx.setOutputValue("realmClasses", realmClassList); handlerCtx.setOutputValue("classnameOption", "predefine"); Map attrMap = new HashMap(); attrMap.put("predefinedClassname", Boolean.TRUE); handlerCtx.setOutputValue("attrMap", attrMap); handlerCtx.setOutputValue("properties", new ArrayList()); } /** *

This handler returns the a Map for storing the attributes for editing a realm. * This can be used by either the node agent realm or the realm in configuration-Security-realm * @param handlerCtx The HandlerContext. */ @Handler(id="getRealmAttrForEdit", input={ @HandlerInput(name="endpoint", type=String.class)}, output={ @HandlerOutput(name="attrMap", type=Map.class), @HandlerOutput(name="classnameOption", type=String.class), @HandlerOutput(name="realmClasses", type=List.class), @HandlerOutput(name="properties", type=List.class)}) public static void getRealmAttrForEdit(HandlerContext handlerCtx) { String endpoint = (String) handlerCtx.getInputValue("endpoint"); HashMap realmMap = (HashMap) RestUtil.getEntityAttrs(endpoint, "entity"); HashMap responseMap = (HashMap) RestUtil.restRequest(endpoint + "/property.json", null, "GET", null, false); HashMap propsMap = (HashMap) ((Map) responseMap.get("data")).get("extraProperties"); ArrayList propList = (ArrayList) propsMap.get("properties"); HashMap origProps = new HashMap(); for (HashMap prop : propList) { origProps.put(prop.get("name"), prop.get("value")); } Map attrMap = new HashMap(); attrMap.put("Name", (String) realmMap.get("name")); attrMap.put("fileJaax", "fileRealm"); attrMap.put("ldapJaax", "ldapRealm" ); attrMap.put("solarisJaax", "solarisRealm"); attrMap.put("jdbcJaax", "jdbcRealm"); String classname = (String) realmMap.get("classname"); if (realmClassList.contains(classname)){ handlerCtx.setOutputValue("classnameOption", "predefine"); attrMap.put("predefinedClassname", Boolean.TRUE); attrMap.put("classname", classname); List props = getChildrenMapForTableList(propList, "property", skipRealmPropsList); handlerCtx.setOutputValue("properties", props); if(classname.indexOf("FileRealm")!= -1){ attrMap.put("file", origProps.get("file")); attrMap.put("fileJaax", origProps.get("jaas-context")); attrMap.put("fileAsGroups", origProps.get("assign-groups")); }else if(classname.indexOf("LDAPRealm")!= -1){ attrMap.put("ldapJaax", origProps.get("jaas-context")); attrMap.put("ldapAsGroups", origProps.get("assign-groups")); attrMap.put("directory", origProps.get("directory")); attrMap.put("baseDn", origProps.get("base-dn")); }else if(classname.indexOf("SolarisRealm")!= -1){ attrMap.put("solarisJaax", origProps.get("jaas-context")); attrMap.put("solarisAsGroups", origProps.get("assign-groups")); }else if(classname.indexOf("PamRealm")!= -1){ attrMap.put("pamJaax", origProps.get("jaas-context")); }else if(classname.indexOf("JDBCRealm")!= -1){ attrMap.put("jdbcJaax", origProps.get("jaas-context")); attrMap.put("jdbcAsGroups", origProps.get("assign-groups")); attrMap.put("datasourceJndi", origProps.get("datasource-jndi")); attrMap.put("userTable", origProps.get("user-table")); attrMap.put("userNameColumn", origProps.get("user-name-column")); attrMap.put("passwordColumn", origProps.get("password-column")); attrMap.put("groupTable", origProps.get("group-table")); attrMap.put("groupTableUserName", origProps.get("group-table-user-name-column")); attrMap.put("groupNameColumn", origProps.get("group-name-column")); attrMap.put("dbUser", origProps.get("db-user")); attrMap.put("dbPassword", origProps.get("db-password")); attrMap.put("digestAlgorithm", origProps.get("digest-algorithm")); attrMap.put("pswdEncAlgorithm", origProps.get("digestrealm-password-enc-algorithm")); attrMap.put("encoding", origProps.get("encoding")); attrMap.put("charset", origProps.get("charset")); }else if(classname.indexOf("CertificateRealm")!= -1){ attrMap.put("certAsGroups", origProps.get("assign-groups")); } }else{ //Custom realm class handlerCtx.setOutputValue("classnameOption", "input"); attrMap.put("predefinedClassname", Boolean.FALSE); attrMap.put("classnameInput", classname); attrMap.put("classname", classname); List props = getChildrenMapForTableList(propList, "property", null); handlerCtx.setOutputValue("properties", props); } handlerCtx.setOutputValue("attrMap", attrMap); handlerCtx.setOutputValue("realmClasses", realmClassList); } public static List getChildrenMapForTableList(List propList, String childType, List skipList){ boolean hasSkip = true; if (skipList == null ){ hasSkip = false; } List result = new ArrayList(); if (propList != null) { for(HashMap oneMap: propList){ HashMap oneRow = new HashMap(); String name = (String) oneMap.get("name"); if (hasSkip && skipList.contains(name)){ continue; } oneRow.put("selected", false); oneRow.put("name", name); oneRow.put("value", oneMap.get("value")); oneRow.put("description", oneMap.get("description")); result.add(oneRow); } } return result; } public static List getListfromMap(HashMap props) { List result = new ArrayList(); Iterator it = props.entrySet().iterator(); while(it.hasNext()) { Map.Entry m =(Map.Entry)it.next(); HashMap oneRow = new HashMap(); oneRow.put("selected", false); oneRow.put("Name", m.getKey()); oneRow.put("Value", m.getValue()); oneRow.put("Description", ""); result.add(oneRow); } return result; } @Handler(id="saveRealm", input={ @HandlerInput(name="endpoint", type=String.class), @HandlerInput(name="classnameOption", type=String.class), @HandlerInput(name="attrMap", type=Map.class), @HandlerInput(name="edit", type=Boolean.class, required=true), @HandlerInput(name="contentType", type=String.class, required=false), @HandlerInput(name="propList", type=List.class) }, output={ @HandlerOutput(name="newPropList", type=List.class) }) public static void saveRealm(HandlerContext handlerCtx) { String option = (String) handlerCtx.getInputValue("classnameOption"); List> propListOrig = (List)handlerCtx.getInputValue("propList"); List> propList = new ArrayList(propListOrig); Map attrMap = (Map)handlerCtx.getInputValue("attrMap"); Boolean edit = (Boolean) handlerCtx.getInputValue("edit"); if (attrMap == null) { attrMap = new HashMap(); } String classname; try{ if(option.equals("predefine")){ classname = attrMap.get("classname"); if(classname.indexOf("FileRealm")!= -1){ putOptional(attrMap, propList, "file", "file"); putOptional(attrMap, propList, "jaas-context", "fileJaax"); putOptional(attrMap, propList, "assign-groups", "fileAsGroups"); }else if(classname.indexOf("LDAPRealm")!= -1){ putOptional(attrMap, propList, "jaas-context", "ldapJaax"); putOptional(attrMap, propList, "base-dn", "baseDn"); putOptional(attrMap, propList, "directory", "directory"); putOptional(attrMap, propList, "assign-groups", "ldapAsGroups"); }else if(classname.indexOf("SolarisRealm")!= -1){ putOptional(attrMap, propList, "jaas-context", "solarisJaax"); putOptional(attrMap, propList, "assign-groups", "solarisAsGroups"); }else if(classname.indexOf("PamRealm")!= -1){ putOptional(attrMap, propList, "jaas-context", "pamJaax"); }else if(classname.indexOf("JDBCRealm")!= -1){ putOptional(attrMap, propList, "jaas-context", "jdbcJaax"); putOptional(attrMap, propList, "datasource-jndi", "datasourceJndi"); putOptional(attrMap, propList, "user-table", "userTable"); putOptional(attrMap, propList, "user-name-column", "userNameColumn"); putOptional(attrMap, propList, "password-column", "passwordColumn"); putOptional(attrMap, propList, "group-table", "groupTable"); putOptional(attrMap, propList, "group-table-user-name-column", "groupTableUserName"); putOptional(attrMap, propList, "group-name-column", "groupNameColumn"); putOptional(attrMap, propList, "db-user", "dbUser"); putOptional(attrMap, propList, "db-password", "dbPassword"); putOptional(attrMap, propList, "digest-algorithm", "digestAlgorithm"); putOptional(attrMap, propList, "digestrealm-password-enc-algorithm", "pswdEncAlgorithm"); putOptional(attrMap, propList, "encoding", "encoding"); putOptional(attrMap, propList, "charset", "charset"); putOptional(attrMap, propList, "assign-groups", "jdbcAsGroups"); }else { if(classname.indexOf("CertificateRealm")!= -1){ putOptional(attrMap, propList, "assign-groups", "certAsGroups"); } } } else { classname = attrMap.get("classnameInput"); } String endpoint = (String) handlerCtx.getInputValue("endpoint"); //for edit case, only properties will be changed since we don't allow classname change. //return the prop list so it can continue processing in the .jsf if (edit){ handlerCtx.setOutputValue("newPropList", propList); return; } Map cMap = new HashMap(); cMap.put("name", attrMap.get("Name")); cMap.put("classname", classname); StringBuilder sb = new StringBuilder(); for(Map oneProp: propList) { if (GuiUtil.isEmpty( (String)oneProp.get("name")) || GuiUtil.isEmpty((String)oneProp.get("value"))){ continue; } sb.append(oneProp.get("name")).append("="); String value = ((String) oneProp.get("value")).replaceAll("\\\\", "\\\\\\\\"); value = UtilHandlers.escapePropertyValue(value); sb.append(value).append(":"); } endpoint = endpoint + "/auth-realm"; cMap.put("target", attrMap.get("target")); cMap.put("property", sb.toString()); RestUtil.restRequest(endpoint, cMap, "post", handlerCtx, false); }catch(Exception ex){ GuiUtil.handleException(handlerCtx, ex); } } static public void putOptional(Map attrMap, List propList, String propName, String key) { Map oneProp = new HashMap(); oneProp.put("name", propName); String value = attrMap.get(key); if (GuiUtil.isEmpty(value)) return; oneProp.put("value", attrMap.get(key)); propList.add(oneProp); } /* Handler for Group/User managemenet */ /** *

This handler update's user info.

*

Input value: "Realm" -- Type: java.lang.String

*

Output value: "UserId" -- Type: java.lang.String

*

Output value: "GroupList" -- Type: java.lang.String

*

Output value: "Password" -- Type: java.lang.String

* @param handlerCtx The HandlerContext. */ @Handler(id="saveUser", input={ @HandlerInput(name="Realm", type=String.class, required=true), @HandlerInput(name="configName", type=String.class, required=true), @HandlerInput(name="UserId", type=String.class, required=true), @HandlerInput(name="GroupList", type=String.class, required=true), @HandlerInput(name="Password", type=String.class, required=true), @HandlerInput(name="CreateNew", type=String.class, required=true)}) public static void saveUser(HandlerContext handlerCtx) { try { String realmName = (String) handlerCtx.getInputValue("Realm"); String configName = (String) handlerCtx.getInputValue("configName"); String grouplist = (String)handlerCtx.getInputValue("GroupList"); String password = (String)handlerCtx.getInputValue("Password"); String userid = (String)handlerCtx.getInputValue("UserId"); String createNew = (String)handlerCtx.getInputValue("CreateNew"); if (password == null) { password = ""; } // before save user synchronize realm, for the case if keyfile is changed String tmpEP = GuiUtil.getSessionValue("REST_URL") + "/configs/config/" + configName + "/synchronize-realm-from-config"; HashMap attrs = new HashMap(); attrs.put("id", configName); attrs.put("realmName", realmName); RestUtil.restRequest(tmpEP, attrs, "POST", handlerCtx, false); String endpoint = GuiUtil.getSessionValue("REST_URL") + "/configs/config/" + configName + "/security-service/auth-realm/" + realmName ; if (Boolean.valueOf(createNew)) { endpoint = endpoint + "/create-user?target=" + configName; }else{ endpoint = endpoint + "/update-user?target=" + configName; } attrs = new HashMap(); attrs.put("id", userid); attrs.put("userpassword", password); attrs.put("target", configName); if (grouplist != null && grouplist.contains(",")) grouplist = grouplist.replace(',', ':'); List grpList = new ArrayList(); if (grouplist != null && !grouplist.equals("")) grpList.add(grouplist); attrs.put("groups", grpList); RestUtil.restRequest(endpoint, attrs, "POST", null, true, true ); } catch(Exception ex) { GuiUtil.handleException(handlerCtx, ex); } } /** *

This handler returns the attribute values in the * Edit Manage User Password Page.

*

Input value: "Realm" -- Type: java.lang.String

*

Output value: "UserId" -- Type: java.lang.String

*

Output value: "GroupList" -- Type: java.lang.String

* @param handlerCtx The HandlerContext. */ @Handler(id="getUserInfo", input={ @HandlerInput(name="Realm", type=String.class, required=true), @HandlerInput(name="configName", type=String.class, required=true), @HandlerInput(name="User", type=String.class, required=true)}, output={ @HandlerOutput(name="GroupList", type=String.class)}) public static void getUserInfo(HandlerContext handlerCtx) { String realmName = (String) handlerCtx.getInputValue("Realm"); String userName = (String) handlerCtx.getInputValue("User"); String configName = (String) handlerCtx.getInputValue("configName"); handlerCtx.setOutputValue("GroupList", getGroupNames(realmName, userName, configName, handlerCtx) ); } /** *

This handler returns the list of file users for specified realm. * @param handlerCtx The HandlerContext. */ @Handler(id="getFileUsers", input={ @HandlerInput(name="Realm", type=String.class, required=true), @HandlerInput(name="configName", type=String.class, required=true)}, output={ @HandlerOutput(name="result", type=java.util.List.class)} ) public static void getFileUsers(HandlerContext handlerCtx){ String realmName = (String) handlerCtx.getInputValue("Realm"); String configName = (String) handlerCtx.getInputValue("configName"); List result = new ArrayList(); try{ String endpoint = GuiUtil.getSessionValue("REST_URL") + "/configs/config/" + configName + "/security-service/auth-realm/" + realmName + "/list-users.json?target=" + configName; Map responseMap = RestUtil.restRequest(endpoint, null, "get", handlerCtx, false); responseMap = (Map) responseMap.get("data"); List children = (List) responseMap.get("children"); if(children != null) { Map map = null; for (HashMap child : children) { map = new HashMap(); String name = (String) child.get("message"); map.put("users", name); map.put("groups", getGroupNames( realmName, name, configName, handlerCtx)); map.put("selected", false); result.add(map); } } }catch(Exception ex){ GuiUtil.handleException(handlerCtx, ex); } handlerCtx.setOutputValue("result", result); } /** *

This handler removes users for specified realm. * @param handlerCtx The HandlerContext. */ @Handler(id="removeUser", input={ @HandlerInput(name="Realm", type=String.class, required=true), @HandlerInput(name="configName", type=String.class, required=true), @HandlerInput(name="selectedRows", type=List.class, required=true)}, output={ @HandlerOutput(name="result", type=java.util.List.class)} ) public static void removeUser(HandlerContext handlerCtx){ String error = null; String realmName = (String) handlerCtx.getInputValue("Realm"); String configName = (String) handlerCtx.getInputValue("configName"); try{ List obj = (List) handlerCtx.getInputValue("selectedRows"); List selectedRows = (List) obj; for(Map oneRow : selectedRows){ String user = (String)oneRow.get("name"); String endpoint = GuiUtil.getSessionValue("REST_URL") + "/configs/config/" + configName + "/admin-service/jmx-connector/system.json"; Map responseMap = RestUtil.restRequest(endpoint, null, "get", handlerCtx, false); Map valueMap = (Map) responseMap.get("data"); valueMap = (Map) ((Map) valueMap.get("extraProperties")).get("entity"); String authRealm = (String) valueMap.get("authRealmName"); if (realmName.equals(authRealm) && user.equals(GuiUtil.getSessionValue("userName"))){ error = GuiUtil.getMessage(COMMON_BUNDLE, "msg.error.cannotDeleteCurrent"); continue; }else{ HashMap attrs = new HashMap(); endpoint = GuiUtil.getSessionValue("REST_URL") + "/configs/config/" + configName + "/security-service/auth-realm/" + realmName + "/delete-user?target=" + configName; attrs.put("name", user); RestResponse response = RestUtil.delete(endpoint, attrs); if (!response.isSuccess()) { GuiUtil.getLogger().severe("Remove user failed. parent=" + endpoint + "; attrs =" + attrs); error = GuiUtil.getMessage("msg.error.checkLog"); } } } if (error != null){ GuiUtil.prepareAlert("error", error, null); } }catch(Exception ex){ GuiUtil.handleException(handlerCtx, ex); } } private static String getGroupNames(String realmName, String userName, String configName, HandlerContext handlerCtx){ try{ String endpoint = GuiUtil.getSessionValue("REST_URL") + "/configs/config/" + configName + "/security-service/auth-realm/" + realmName + "/list-group-names?username=" + userName + "&target=" + configName; Map responseMap = RestUtil.restRequest(endpoint, null, "get", handlerCtx, false); HashMap children = (HashMap)((Map) responseMap.get("data")).get("extraProperties"); List groupList= (List)children.get("groups"); StringBuilder groups = new StringBuilder(); String sepHolder = ""; if (groupList != null){ for(String oneGroup : groupList){ groups.append(sepHolder).append(oneGroup); sepHolder=":"; } } return groups.toString(); }catch(Exception ex){ GuiUtil.getLogger().info(GuiUtil.getCommonMessage("log.error.getGroupNames") + ex.getLocalizedMessage()); if (GuiUtil.getLogger().isLoggable(Level.FINE)){ ex.printStackTrace(); } return ""; } } private static List skipRealmPropsList = new ArrayList(); private static List realmClassList = new ArrayList(); static { String endpoint = GuiUtil.getSessionValue("REST_URL") + "/list-predefined-authrealm-classnames"; //+ "/configs/config/server-config/security-service/auth-realm/list-predefined-authrealm-classnames"; Map responseMap = RestUtil.restRequest(endpoint, null, "GET", null, false); Map valueMap = (Map) responseMap.get("data"); ArrayList classNames = (ArrayList) ((ArrayList) valueMap.get("children")); for (HashMap className : classNames) { realmClassList.add(className.get("message")); } skipRealmPropsList.add("jaas-context"); skipRealmPropsList.add("file"); skipRealmPropsList.add("assign-groups"); skipRealmPropsList.add("base-dn"); skipRealmPropsList.add("directory"); skipRealmPropsList.add("datasource-jndi"); skipRealmPropsList.add("user-table"); skipRealmPropsList.add("user-name-column"); skipRealmPropsList.add("password-column"); skipRealmPropsList.add("group-table"); skipRealmPropsList.add("group-name-column"); skipRealmPropsList.add("group-table-user-name-column"); skipRealmPropsList.add("db-user"); skipRealmPropsList.add("db-password"); skipRealmPropsList.add("digest-algorithm"); skipRealmPropsList.add("digestrealm-password-enc-algorithm"); skipRealmPropsList.add("encoding"); skipRealmPropsList.add("charset"); } private static final String PROPERTY_NAME = "Name"; private static final String PROPERTY_VALUE = "Value"; private static final String COMMON_BUNDLE = "org.glassfish.common.admingui.Strings"; @Handler(id="addDefaultProviderInfo", input={ @HandlerInput(name="providerList", type=List.class, required=true), @HandlerInput(name="configName", type=String.class, required=true), @HandlerInput(name="msgSecurityName", type=String.class, required=true) }) public static void addDefaultProviderInfo(HandlerContext handlerCtx){ List providerList = (ArrayList) handlerCtx.getInputValue("providerList"); String configName = (String) handlerCtx.getInputValue("configName"); String msgSecurityName = (String) handlerCtx.getInputValue("msgSecurityName"); String endpoint = GuiUtil.getSessionValue("REST_URL") + "/configs/config/" + configName + "/security-service/message-security-config/" + msgSecurityName; Map valueMap = (Map) RestUtil.getEntityAttrs(endpoint, "entity"); String defaultProvider = (String) valueMap.get("defaultProvider"); String defaultClientProvider = (String) valueMap.get("defaultClientProvider"); String trueStr = GuiUtil.getMessage("common.true"); String falseStr = GuiUtil.getMessage("common.false"); for(Map oneRow : providerList){ if ( oneRow.get("name").equals(defaultProvider) || oneRow.get("name").equals(defaultClientProvider)){ oneRow.put("default", trueStr); }else{ oneRow.put("default", falseStr); } } } @Handler(id="getMessageSecurityAuthLayersForCreate", input={ @HandlerInput(name="attrMap", type=Map.class, required=true), @HandlerInput(name="configName", type=String.class, required=true), @HandlerInput(name="propList", type=List.class, required=true)}, output={ @HandlerOutput(name="layers", type=List.class)} ) public static void getMessageSecurityAuthLayersForCreate(HandlerContext handlerCtx) throws Exception { List layers = new ArrayList(); String configName = (String) handlerCtx.getInputValue("configName"); layers.add("SOAP"); layers.add("HttpServlet"); String endpoint = GuiUtil.getSessionValue("REST_URL") + "/configs/config/" + configName + "/security-service/message-security-config"; Set msgSecurityCfgs = (Set) (RestUtil.getChildMap(endpoint)).keySet(); for(String name : msgSecurityCfgs){ if (layers.contains(name)) { layers.remove(name); } } handlerCtx.setOutputValue("layers", layers); } @Handler(id="getProvidersByType", input={ @HandlerInput(name="msgSecurityName", type=String.class, required=true), @HandlerInput(name="configName", type=String.class, required=true), @HandlerInput(name="type", type=List.class, required=true)}, output={ @HandlerOutput(name="result", type=List.class)}) public static void getProvidersByType(HandlerContext handlerCtx) throws Exception { List type = (List) handlerCtx.getInputValue("type"); List result = new ArrayList(); String configName = (String) handlerCtx.getInputValue("configName"); String msgSecurityName = (String) handlerCtx.getInputValue("msgSecurityName"); String endpoint = GuiUtil.getSessionValue("REST_URL") + "/configs/config/" + configName + "/security-service/message-security-config/" + msgSecurityName + "/provider-config"; List providers = (List) RestUtil.getChildList(endpoint); for(String providerEndpoint : providers){ Map providerAttrs = (HashMap) RestUtil.getAttributesMap(providerEndpoint); String providerType = (String) providerAttrs.get("providerType"); if (type.contains(providerType)) { result.add(com.sun.jsftemplating.util.Util.htmlEscape((String)providerAttrs.get("providerId"))); } } result.add(0, ""); handlerCtx.setOutputValue("result", result); } @Handler(id="saveMsgProviderInfo", input={ @HandlerInput(name="attrMap", type=Map.class, required=true), @HandlerInput(name="configName", type=String.class, required=true), @HandlerInput(name="edit", type=String.class, required=true) } ) public static void saveMsgProviderInfo(HandlerContext handlerCtx){ Map attrMap = (Map) handlerCtx.getInputValue("attrMap"); String edit = (String)handlerCtx.getInputValue("edit"); String msgSecurityName = attrMap.get("msgSecurityName"); String configName = (String)handlerCtx.getInputValue("configName"); try{ String providerName = URLEncoder.encode((String)attrMap.get("Name"), "UTF-8"); String providerEndpoint = GuiUtil.getSessionValue("REST_URL") + "/configs/config/" + configName + "/security-service/message-security-config/" + msgSecurityName + "/provider-config/" + providerName; if (edit.equals("true")){ boolean providerExist = RestUtil.get(providerEndpoint).isSuccess(); if (!providerExist){ GuiUtil.handleError(handlerCtx, GuiUtil.getMessage(COMMON_BUNDLE, "msg.error.noSuchProvider")); //normally won't happen. return; }else{ Map providerMap = (Map)RestUtil.getEntityAttrs(providerEndpoint, "entity"); providerMap.put("className", attrMap.get("ClassName")); providerMap.put("providerType", attrMap.get("ProviderType")); RestUtil.restRequest(providerEndpoint, providerMap, "POST", null, false); Map attrs = new HashMap(); String endpoint = GuiUtil.getSessionValue("REST_URL") + "/configs/config/" + configName + "/security-service/message-security-config/" + attrMap.get("msgSecurityName"); attrs.put("authLayer", attrMap.get("msgSecurityName")); if (attrMap.get("defaultProvider") != null && attrMap.get("defaultProvider").equals("true")){ if (providerMap.get("providerType").equals("client")) { attrs.put("defaultClientProvider", providerName); } else if (providerMap.get("providerType").equals("server")) { attrs.put("defaultProvider", providerName); } else if (providerMap.get("providerType").equals("client-server")) { attrs.put("defaultProvider", providerName); attrs.put("defaultClientProvider", providerName); } } if (attrMap.get("defaultProvider") == null){ if ( providerMap.get("providerType").equals("client") && providerName.equals(attrMap.get("defaultClientProvider"))) { attrs.put("defaultClientProvider", ""); } else if (providerMap.get("providerType").equals("server") && providerName.equals(attrMap.get("defaultProvider"))) { attrs.put("defaultProvider", ""); } else if (providerMap.get("providerType").equals("client-server")) { if ( providerName.equals(attrMap.get("defaultServerProvider")) && providerName.equals(attrMap.get("defaultClientProvider"))) { attrs.put("defaultProvider", ""); attrs.put("defaultClientProvider", ""); } } } RestUtil.sendUpdateRequest(endpoint, attrs, null, null, null); } }else{ String endpoint = GuiUtil.getSessionValue("REST_URL") + "/configs/config/" + configName + "/security-service/message-security-config"; Map attrs = new HashMap(); if (attrMap.get("defaultProvider") == null){ attrMap.put("defaultProvider", "false"); } attrs.put("isdefaultprovider", attrMap.get("defaultProvider")); attrs.put("id", attrMap.get("Name")); attrs.put("classname", attrMap.get("ClassName")); attrs.put("providertype", attrMap.get("ProviderType")); attrs.put("layer", attrMap.get("msgSecurityName")); attrs.put("target", configName); RestUtil.restRequest(endpoint, attrs, "POST", null, false); } //if we pass in "", backend will throw bean violation, since it only accepts certain values. String[] attrList= new String[] {"Request-AuthSource","Request-AuthRecipient", "Response-AuthSource", "Response-AuthRecipient"}; for(int i=0; i< attrList.length; i++){ if ("".equals(attrMap.get(attrList[i]))){ attrMap.put( attrList[i], null); } } Map reqPolicyMap = new HashMap(); reqPolicyMap.put("authSource", attrMap.get("Request-AuthSource")); reqPolicyMap.put("authRecipient", attrMap.get("Request-AuthRecipient")); String reqPolicyEP = providerEndpoint + "/request-policy"; RestUtil.restRequest(reqPolicyEP, reqPolicyMap, "POST", null, false); Map respPolicyMap = new HashMap(); respPolicyMap.put("authSource", attrMap.get("Response-AuthSource")); respPolicyMap.put("authRecipient", attrMap.get("Response-AuthRecipient")); String respPolicyEP = providerEndpoint + "/response-policy"; RestUtil.restRequest(respPolicyEP, respPolicyMap, "POST", null, false); }catch(Exception ex){ GuiUtil.handleException(handlerCtx, ex); } } @Handler(id="saveSecurityManagerValue", input={ @HandlerInput(name="configName", type=String.class), @HandlerInput(name="value", type=String.class, required=true) }) public static void saveSecurityManagerValue(HandlerContext handlerCtx){ try { String configName = (String) handlerCtx.getInputValue("configName"); if (GuiUtil.isEmpty(configName)) configName = "server-config"; String endpoint = GuiUtil.getSessionValue("REST_URL") + "/configs/config/" + configName + "/java-config/jvm-options.json"; ArrayList list; Map result = (HashMap) RestUtil.restRequest(endpoint, null, "GET", null, false).get("data"); list = (ArrayList) ((Map) result.get("extraProperties")).get("leafList"); if (list == null) list = new ArrayList(); Boolean status = isSecurityManagerEnabled(list); String value= (String) handlerCtx.getInputValue("value"); Boolean userValue = Boolean.valueOf(value); if (status.equals(userValue)){ //no need to change return; } ArrayList newOptions = new ArrayList(); Object [] origOptions = list.toArray(); if (userValue){ for(int i=0; i payload = new HashMap(); payload.put("target", configName); for (String option : newOptions) { ArrayList kv = InstanceHandler.getKeyValuePair(option); payload.put((String)kv.get(0), kv.get(1)); } RestUtil.restRequest(endpoint, payload, "POST", handlerCtx, false); }catch(Exception ex){ GuiUtil.handleException(handlerCtx, ex); } } @Handler(id="getSecurityManagerValue", input={ @HandlerInput(name="endpoint", type=String.class), @HandlerInput(name="attrs", type=Map.class, required=false)}, output={ @HandlerOutput(name="value", type=String.class)} ) public static void getSecurityManagerValue(HandlerContext handlerCtx){ ArrayList list = InstanceHandler.getJvmOptions(handlerCtx); handlerCtx.setOutputValue("value", isSecurityManagerEnabled(list).toString()); } private static Boolean isSecurityManagerEnabled(List jvmOptions){ for(String jvmOption : jvmOptions){ if (jvmOption.trim().equals(JVM_OPTION_SECURITY_MANAGER) || jvmOption.trim().startsWith(JVM_OPTION_SECURITY_MANAGER_WITH_EQUAL)){ return Boolean.TRUE; } } return Boolean.FALSE; } private static final String JVM_OPTION_SECURITY_MANAGER = "-Djava.security.manager"; private static final String JVM_OPTION_SECURITY_MANAGER_WITH_EQUAL = "-Djava.security.manager="; }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy