List of usage examples for java.security.acl Group getName
public String getName();
From source file:org.betaconceptframework.astroboa.context.SecurityContext.java
private List<String> retrieveAuthorizedRepositoriesFromSubject(List<String> availableRepositories) { List<String> authorizedRepositories = new ArrayList<String>(); boolean foundAuthorizedRepositoriesPrincipal = false; if (subject != null) { Set<Group> subjectGroups = subject.getPrincipals(Group.class); if (subjectGroups != null) { for (Group group : subjectGroups) { if (group.getName() != null && AstroboaPrincipalName.AuthorizedRepositories.toString().equals(group.getName())) { foundAuthorizedRepositoriesPrincipal = true; Enumeration groupMembers = group.members(); while (groupMembers.hasMoreElements()) { Principal groupPrincipal = (Principal) groupMembers.nextElement(); authorizedRepositories.add(groupPrincipal.getName()); }/*from w w w.java 2s .c o m*/ break; } } } } //In cases where no information about authorized repositories //is provided in Subject, a PERMIT ALL policy is enforced, //thus available repositories must be known during initialization of this //context if (!foundAuthorizedRepositoriesPrincipal) { if (CollectionUtils.isNotEmpty(availableRepositories)) { authorizedRepositories.addAll(availableRepositories); } } return authorizedRepositories; }
From source file:org.betaconceptframework.astroboa.context.SecurityContext.java
private Set<String> retrieveRolesFromSubject() { Set<String> roles = new HashSet<String>(); if (subject != null) { Set<Group> groups = subject.getPrincipals(Group.class); if (groups != null) { for (Group group : groups) { if (group.getName() != null && AstroboaPrincipalName.Roles.toString().equals(group.getName())) { addGroupMembersToRoles(group, roles); break; }/*from w ww. j a v a 2 s . co m*/ } } } return roles; }
From source file:org.betaconceptframework.astroboa.context.SecurityContext.java
public boolean addRole(String role) { if (StringUtils.isBlank(role)) { return false; }//from ww w . java2 s. co m Set<Group> groups = subject.getPrincipals(Group.class); boolean roleGroupFound = false; boolean roleAdded = false; String nameOfGroupWhichContainsTheRoles = AstroboaPrincipalName.Roles.toString(); if (groups != null) { for (Group group : groups) { if (StringUtils.equals(nameOfGroupWhichContainsTheRoles, group.getName())) { roleGroupFound = true; final CmsPrincipal rolePrincipal = new CmsPrincipal(role); if (!group.isMember(rolePrincipal)) { group.addMember(rolePrincipal); roleAdded = true; } break; } } } if (!roleGroupFound) { Group rolesPrincipal = new CmsGroup(nameOfGroupWhichContainsTheRoles); rolesPrincipal.addMember(new CmsPrincipal(role)); subject.getPrincipals().add(rolesPrincipal); roleAdded = true; } if (roleAdded) { this.roles.add(role); } return roleAdded; }
From source file:org.betaconceptframework.astroboa.context.SecurityContext.java
public boolean removeRole(String role) { if (StringUtils.isBlank(role)) { return false; }/*from www . j a va 2 s . c o m*/ boolean roleHasBeenRemoved = false; Set<Group> groups = subject.getPrincipals(Group.class); if (groups != null) { String nameOfGroupWhichContainsTheRoles = AstroboaPrincipalName.Roles.toString(); for (Group group : groups) { if (StringUtils.equals(nameOfGroupWhichContainsTheRoles, group.getName())) { final CmsPrincipal rolePrincipal = new CmsPrincipal(role); if (group.isMember(rolePrincipal)) { roleHasBeenRemoved = group.removeMember(rolePrincipal); break; } } } } //remove role from the list as well if (roleHasBeenRemoved && this.roles.contains(role)) { this.roles.remove(role); } return roleHasBeenRemoved; }
From source file:org.collectionspace.authentication.realm.db.CSpaceDbRealm.java
/** * Execute the rolesQuery against the datasourceName to obtain the roles for * the authenticated user.//from w w w . java 2s .c om * @return collection containing the roles */ @Override public Collection<Group> getRoles(String username, String principalClassName, String groupClassName) throws LoginException { if (logger.isDebugEnabled()) { logger.debug("getRoleSets using rolesQuery: " + rolesQuery + ", username: " + username); } Connection conn = null; HashMap<String, Group> groupsMap = new HashMap<String, Group>(); PreparedStatement ps = null; ResultSet rs = null; try { conn = getConnection(); // Get the user role names if (logger.isDebugEnabled()) { logger.debug("Executing query: " + rolesQuery + ", with username: " + username); } ps = conn.prepareStatement(rolesQuery); try { ps.setString(1, username); } catch (ArrayIndexOutOfBoundsException ignore) { // The query may not have any parameters so just try it } rs = ps.executeQuery(); if (rs.next() == false) { if (logger.isDebugEnabled()) { logger.debug("No roles found"); } // if(aslm.getUnauthenticatedIdentity() == null){ // throw new FailedLoginException("No matching username found in Roles"); // } /* We are running with an unauthenticatedIdentity so create an empty Roles set and return. */ Group g = createGroup(groupClassName, "Roles"); groupsMap.put(g.getName(), g); return groupsMap.values(); } do { String roleName = rs.getString(1); String groupName = rs.getString(2); if (groupName == null || groupName.length() == 0) { groupName = "Roles"; } Group group = (Group) groupsMap.get(groupName); if (group == null) { group = createGroup(groupClassName, groupName); groupsMap.put(groupName, group); } try { Principal p = createPrincipal(principalClassName, roleName); if (logger.isDebugEnabled()) { logger.debug("Assign user to role " + roleName); } group.addMember(p); } catch (Exception e) { logger.error("Failed to create principal: " + roleName + " " + e.toString()); } } while (rs.next()); } catch (SQLException ex) { LoginException le = new LoginException("Query failed"); le.initCause(ex); throw le; } catch (Exception e) { LoginException le = new LoginException("unknown exception"); le.initCause(e); throw le; } finally { if (rs != null) { try { rs.close(); } catch (SQLException e) { } } if (ps != null) { try { ps.close(); } catch (SQLException e) { } } if (conn != null) { try { conn.close(); } catch (Exception ex) { } } } return groupsMap.values(); }
From source file:org.collectionspace.authentication.realm.db.CSpaceDbRealm.java
/** * Execute the tenantsQuery against the datasourceName to obtain the tenants for * the authenticated user./*from w w w .j a va2 s . co m*/ * @return collection containing the roles */ @Override public Collection<Group> getTenants(String username, String groupClassName) throws LoginException { if (logger.isDebugEnabled()) { logger.debug("getTenants using tenantsQuery: " + tenantsQuery + ", username: " + username); } Connection conn = null; HashMap<String, Group> groupsMap = new HashMap<String, Group>(); PreparedStatement ps = null; ResultSet rs = null; try { conn = getConnection(); // Get the user role names if (logger.isDebugEnabled()) { logger.debug("Executing query: " + tenantsQuery + ", with username: " + username); } ps = conn.prepareStatement(tenantsQuery); try { ps.setString(1, username); } catch (ArrayIndexOutOfBoundsException ignore) { // The query may not have any parameters so just try it } rs = ps.executeQuery(); if (rs.next() == false) { if (logger.isDebugEnabled()) { logger.debug("No tenants found"); } // We are running with an unauthenticatedIdentity so create an // empty Tenants set and return. // FIXME should this be allowed? Group g = createGroup(groupClassName, "Tenants"); groupsMap.put(g.getName(), g); return groupsMap.values(); } do { String tenantId = rs.getString(1); String tenantName = rs.getString(2); String groupName = rs.getString(3); if (groupName == null || groupName.length() == 0) { groupName = "Tenants"; } Group group = (Group) groupsMap.get(groupName); if (group == null) { group = createGroup(groupClassName, groupName); groupsMap.put(groupName, group); } try { Principal p = createTenant(tenantName, tenantId); if (logger.isDebugEnabled()) { logger.debug("Assign user to tenant " + tenantName); } group.addMember(p); } catch (Exception e) { logger.error("Failed to create tenant: " + tenantName + " " + e.toString()); } } while (rs.next()); } catch (SQLException ex) { LoginException le = new LoginException("Query failed"); le.initCause(ex); throw le; } catch (Exception e) { LoginException le = new LoginException("unknown exception"); le.initCause(e); throw le; } finally { if (rs != null) { try { rs.close(); } catch (SQLException e) { } } if (ps != null) { try { ps.close(); } catch (SQLException e) { } } if (conn != null) { try { conn.close(); } catch (Exception ex) { } } } return groupsMap.values(); }
From source file:org.gluu.oxtrust.action.Authenticator.java
/** * Set session variables after user login * //from w w w. j a v a 2s.co m * @throws Exception */ private void postLogin(User user) { log.debug("Configuring application after user '{0}' login", user.getUid()); GluuCustomPerson person = findPersonByDn(user.getDn()); Contexts.getSessionContext().set(OxTrustConstants.CURRENT_PERSON, person); // Set user roles GluuUserRole[] userRoles = securityService.getUserRoles(user); if (ArrayHelper.isNotEmpty(userRoles)) { log.debug("Get '{0}' user roles", Arrays.toString(userRoles)); } else { log.debug("Get 0 user roles"); } for (GluuUserRole userRole : userRoles) { identity.addRole(userRole.getRoleName()); } if (log.isDebugEnabled()) { for (Group sg : identity.getSubject().getPrincipals(java.security.acl.Group.class)) { if ("Roles".equals(sg.getName())) { log.debug("Using next user roles: '{0}'", sg.members()); break; } } } }
From source file:org.nuxeo.ecm.platform.login.NuxeoAbstractServerLoginModule.java
public boolean commit() throws LoginException { log.trace("commit, loginOk=" + loginOk); if (!loginOk) { return false; }/*from w w w. j a va 2 s. c om*/ Set<Principal> principals = subject.getPrincipals(); Principal identity = getIdentity(); principals.add(identity); Group[] roleSets = getRoleSets(); for (Group group : roleSets) { String name = group.getName(); Group subjectGroup = createGroup(name, principals); /* * if( subjectGroup instanceof NestableGroup ) { SimpleGroup tmp = new SimpleGroup("Roles"); * subjectGroup.addMember(tmp); subjectGroup = tmp; } */ // Copy the group members to the Subject group Enumeration<? extends Principal> members = group.members(); while (members.hasMoreElements()) { Principal role = members.nextElement(); subjectGroup.addMember(role); } } return true; }
From source file:org.nuxeo.ecm.platform.login.NuxeoAbstractServerLoginModule.java
/** * Finds or creates a Group with the given name. Subclasses should use this method to locate the 'Roles' group or * create additional types of groups./*from w w w . j a v a2s. c o m*/ * * @return A named Group from the principals set. */ protected Group createGroup(String name, Set<Principal> principals) { Group roles = null; for (Principal principal : principals) { if (!(principal instanceof Group)) { continue; } Group grp = (Group) principal; if (grp.getName().equals(name)) { roles = grp; break; } } // If we did not find a group, create one if (roles == null) { roles = new GroupImpl(name); principals.add(roles); } return roles; }