• Home
• org.glassfish.main.admin
• config-api
• 7.0.16
• source code
• SecureAdminHelper.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.sun.enterprise.config.serverbeans.SecureAdminHelper Maven / Gradle / Ivy

/*
 * Copyright (c) 2023 Contributors to the Eclipse Foundation
 * Copyright (c) 2011, 2018 Oracle and/or its affiliates. All rights reserved.
 *
 * This program and the accompanying materials are made available under the
 * terms of the Eclipse Public License v. 2.0, which is available at
 * http://www.eclipse.org/legal/epl-2.0.
 *
 * This Source Code may also be made available under the following Secondary
 * Licenses when the conditions for such availability set forth in the
 * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
 * version 2 with the GNU Classpath Exception, which is available at
 * https://www.gnu.org/software/classpath/license.html.
 *
 * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
 */

package com.sun.enterprise.config.serverbeans;

import java.io.IOException;
import java.security.KeyStoreException;

import org.jvnet.hk2.annotations.Contract;

/**
 * Definition of some utility behavior that needs to be invoked from config classes in admin/config-api but
 * implemented elsewhere (in a module with dependencies that we do not want to add to admin/config-api).
 *
 * @author Tim Quinn
 */
@Contract()
public interface SecureAdminHelper {

    /**
     * Returns the DN for the given DN or alias value.
     *
     * @param value the user-specified value
     * @param isAlias whether the value is an alias or the DN itself
     * @return the DN
     */
    String getDN(String value, boolean isAlias) throws IOException, KeyStoreException;

    /**
     * Makes sure that the specified username is an admin user and that the specified password
     * alias exists. Note that implementations of this method should not make sure that
     * the username and the password pointed to by the alias actually match a valid
     * admin user in the admin realm. That check is done by the normal authorization logic
     * when the username and the actual password are used.
     *
     * @param username the username
     * @param passwordAlias a password alias
     */
    void validateInternalUsernameAndPasswordAlias(String username, String passwordAlias);

    /**
     * Reports whether any admin user exists which has an empty password.
     *
     * @return {@code true} if any admin user exists with an empty password; {@code false} otherwise
     * @throws Exception if an error occurred
     */
    boolean isAnyAdminUserWithoutPassword() throws Exception;

    /**
     * An exception indicating a user-correctable error that occurred as a secure admin command executed.
     *
     * 
The secure admin commands can detect such errors and report just the exception's message
     * and not the exception as well (which would clutter the report back to the admin client).
     */
    class SecureAdminCommandException extends RuntimeException {

        public SecureAdminCommandException(String message) {
            super(message);
        }
    }
}