org.wso2.carbon.CarbonConstants Java Examples

The following examples show how to use org.wso2.carbon.CarbonConstants. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: CompositeReportProcessor.java    From carbon-commons with Apache License 2.0 6 votes vote down vote up
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws
        Exception {
    String webContext = (String) request.getAttribute(CarbonConstants.WEB_CONTEXT);
    HttpSession session = request.getSession();
    String serverURL = CarbonUIUtil.getServerURL(getServletContext(), session);
    ConfigurationContext configContext =
            (ConfigurationContext) getServletContext().getAttribute(CarbonConstants.CONFIGURATION_CONTEXT);
    String cookie = (String) session.getAttribute(ServerConstants.ADMIN_SERVICE_COOKIE);

    ReportTemplateClient client;
    String errorString = "";

    client = new ReportTemplateClient(configContext, serverURL, cookie);
    String reportname = request.getParameter("reportName");
    String[] reports = getSubReportsName(request);

    if (reports != null) {
        client.addNewCompositeReport(reports, reportname);
        response.sendRedirect("../reporting_custom/list-reports.jsp?region=region5&item=reporting_list");
    } else {
        errorString = "No reports was sleected to form the composite report";
        request.setAttribute("errorString", errorString);
        response.sendRedirect("../reporting-template/add-composite-report.jsp");
    }
}
 
Example #2
Source File: UIBundleDeployer.java    From attic-stratos with Apache License 2.0 6 votes vote down vote up
private void processFileUploadExecutorDefinitions(Component component , String action) throws
        CarbonException{
    if (component.getFileUploadExecutorConfigs() != null
            && component.getFileUploadExecutorConfigs().length > 0) {
        FileUploadExecutorManager executorManager =
                (FileUploadExecutorManager) fileUploadExecManagerTracker.getService();
        if (executorManager == null) {
            log.error("FileUploadExecutorManager service is not available");
            return;
        }
        FileUploadExecutorConfig[] executorConfigs = component.getFileUploadExecutorConfigs();
        for (FileUploadExecutorConfig executorConfig : executorConfigs) {
            String[] mappingActions = executorConfig.getMappingActionList();
            for (String mappingAction : mappingActions) {
                if (CarbonConstants.ADD_UI_COMPONENT.equals(action)) {
                    executorManager.addExecutor(mappingAction,
                            executorConfig.getFUploadExecClass());
                } else if (CarbonConstants.REMOVE_UI_COMPONENT.equals(action)) {
                    executorManager.removeExecutor(mappingAction);
                }
            }
        }
    }
}
 
Example #3
Source File: STSUtil.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * Initializes STSUtil
 *
 * @param cookie Cookie string
 * @throws Exception
 */
public STSUtil(ServletConfig config, HttpSession session, String cookie) throws Exception {
    ServiceClient client = null;
    Options option = null;
    String serverUrl = null;

    // Obtaining the client-side ConfigurationContext instance.
    configContext = (ConfigurationContext) config.getServletContext().getAttribute(
            CarbonConstants.CONFIGURATION_CONTEXT);

    // Server URL which is defined in the server.xml
    serverUrl = CarbonUIUtil.getServerURL(config.getServletContext(), session);

    this.serviceEndPoint = serverUrl + "STSAdminService";
    try {
        this.stub = new STSAdminServiceStub(configContext, serviceEndPoint);
    } catch (AxisFault e) {
        log.error("Error while creating STSAdminServiceStub", e);
        throw new Exception(e);
    }
    client = stub._getServiceClient();
    option = client.getOptions();
    option.setManageSession(true);
    option.setProperty(org.apache.axis2.transport.http.HTTPConstants.COOKIE_STRING, cookie);
}
 
Example #4
Source File: UserProfileAdmin.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
private static boolean isUserAuthorizedToConfigureProfile(UserRealm realm, String currentUserName,
                                                          String targetUser, String permission)
        throws UserStoreException {
    boolean isAuthrized = false;
    if (currentUserName == null) {
        //do nothing
    } else if (currentUserName.equals(targetUser)) {
        isAuthrized = true;
    } else {
        AuthorizationManager authorizer = realm.getAuthorizationManager();
        isAuthrized = authorizer.isUserAuthorized(currentUserName,
                CarbonConstants.UI_ADMIN_PERMISSION_COLLECTION + permission,
                "ui.execute");
    }
    return isAuthrized;
}
 
Example #5
Source File: UserAdmin.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * @param roleName
 * @param realm
 * @return
 * @throws UserAdminException
 */
private boolean isAllowedRoleName(String roleName, UserRealm realm) throws UserAdminException {

    if (roleName == null) {
        return false;
    }

    int index;
    index = roleName.indexOf(CarbonConstants.DOMAIN_SEPARATOR);

    if (index > 0) {
        roleName = roleName.substring(index + 1);
    }

    try {
        return !realm.getRealmConfiguration().isReservedRoleName(roleName);
    } catch (UserStoreException e) {
        throw new UserAdminException(e.getMessage(), e);
    }
}
 
Example #6
Source File: FrameworkUtils.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
public static String prependUserStoreDomainToName(String authenticatedSubject) {

        if (authenticatedSubject == null || authenticatedSubject.trim().isEmpty()) {
            throw new IllegalArgumentException("Invalid argument. authenticatedSubject : "
                                               + authenticatedSubject);
        }
        if (!authenticatedSubject.contains(CarbonConstants.DOMAIN_SEPARATOR)) {
            if (UserCoreUtil.getDomainFromThreadLocal() != null
                && !UserCoreUtil.getDomainFromThreadLocal().isEmpty()) {
                authenticatedSubject = UserCoreUtil.getDomainFromThreadLocal()
                                       + CarbonConstants.DOMAIN_SEPARATOR + authenticatedSubject;
            }
        } else if (authenticatedSubject.indexOf(CarbonConstants.DOMAIN_SEPARATOR) == 0) {
            throw new IllegalArgumentException("Invalid argument. authenticatedSubject : "
                                               + authenticatedSubject + " begins with \'" + CarbonConstants.DOMAIN_SEPARATOR
                                               + "\'");
        }
        return authenticatedSubject;
    }
 
Example #7
Source File: WorkflowAuditLogger.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * Trigger after adding a workflow
 *
 * @param workflowDTO
 * @param parameterList
 * @param tenantId
 * @throws WorkflowException
 */
@Override
public void doPostAddWorkflow(Workflow workflowDTO, List<Parameter> parameterList, int tenantId) throws
        WorkflowException {
    String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
    if (StringUtils.isBlank(loggedInUser)) {
        loggedInUser = CarbonConstants.REGISTRY_SYSTEM_USERNAME;
    }

    String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
    loggedInUser = UserCoreUtil.addTenantDomainToEntry(loggedInUser, tenantDomain);

    String auditData = "\"" + "Workflow Name" + "\" : \"" + workflowDTO.getWorkflowName() + "\",\""
            + "Workflow  Impl ID" + "\" : \"" + workflowDTO.getWorkflowImplId() + "\",\""
            + "Workflow ID" + "\" : \"" + workflowDTO.getWorkflowId() + "\",\""
            + "Workflow Description" + "\" : \"" + workflowDTO.getWorkflowDescription() + "\",\""
            + "Template ID" + "\" : \"" + workflowDTO.getTemplateId() + "\"";
    AUDIT_LOG.info(String.format(AUDIT_MESSAGE, loggedInUser, "Add Workflow", auditData, AUDIT_SUCCESS));
}
 
Example #8
Source File: WorkflowAuditLogger.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * Trigger after adding a association
 *
 * @param associationName
 * @param workflowId
 * @param eventId
 * @param condition
 * @throws WorkflowException
 */
@Override
public void doPostAddAssociation(String associationName, String workflowId, String eventId, String condition)
        throws WorkflowException {
    String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
    if (StringUtils.isBlank(loggedInUser)) {
        loggedInUser = CarbonConstants.REGISTRY_SYSTEM_USERNAME;
    }

    String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
    loggedInUser = UserCoreUtil.addTenantDomainToEntry(loggedInUser, tenantDomain);

    String auditData = "\"" + "Association Name" + "\" : \"" + associationName+ "\",\""
            + "Workflow ID" + "\" : \"" + workflowId + "\",\""
            + "Event ID" + "\" : \"" + eventId + "\",\""
            + "Condition" + "\" : \"" + condition + "\"";
    AUDIT_LOG.info(String.format(AUDIT_MESSAGE, loggedInUser, "Add Association", auditData, AUDIT_SUCCESS));
}
 
Example #9
Source File: CarbonSecuredHttpContext.java    From attic-stratos with Apache License 2.0 6 votes vote down vote up
/**
 * 
 * @param indexPageURL
 * @return
 */
private String updateIndexPageWithHomePage(String indexPageURL) {
    // If the params in the servletcontext is null get them from the UTIL
    if (defaultHomePage == null) {
        defaultHomePage = (String) CarbonUIUtil
                .getProductParam(CarbonConstants.PRODUCT_XML_WSO2CARBON
                        + CarbonConstants.DEFAULT_HOME_PAGE);
    }

    if (defaultHomePage != null && defaultHomePage.trim().length() > 0
            && indexPageURL.contains("/carbon/admin/index.jsp")) {
        indexPageURL = defaultHomePage;
        if (!indexPageURL.startsWith("/")) {
            indexPageURL = "/" + indexPageURL;
        }
    }

    return indexPageURL;
}
 
Example #10
Source File: SignedJWTAuthenticatorServiceComponent.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
protected void activate(ComponentContext cxt) {
    try {
        SignedJWTAuthenticator authenticator = new SignedJWTAuthenticator();
        SignedJWTAuthenticatorServiceComponent.setBundleContext(cxt.getBundleContext());
        Hashtable<String, String> props = new Hashtable<String, String>();
        props.put(CarbonConstants.AUTHENTICATOR_TYPE, authenticator.getAuthenticatorName());
        cxt.getBundleContext().registerService(CarbonServerAuthenticator.class.getName(),
                authenticator, props);
    } catch (Exception e) {
        log.error(e.getMessage(), e);
        // throwing so that server will not start
        throw new RuntimeException("Failed to start the Signed JWT Authenticator Bundle" +
                e.getMessage(), e);
    }
    log.debug("Signed JWT Authenticator is activated");
}
 
Example #11
Source File: DeploymentSynchronizer.java    From carbon-commons with Apache License 2.0 6 votes vote down vote up
/**
 * This method is deprecated. Refer {@link ArtifactRepository#checkout(int, String, int)}
 * for more info.
 *
 */
@Deprecated
public boolean syncGhostMetaArtifacts() throws DeploymentSynchronizerException {
    log.info("Doing ghost meta artifacts sync up...");
    boolean hasFailed = false;
    if (autoCheckout && lastCheckoutTime == -1L) {
        log.info("Checking out...");
        // checkout with empty depth
        checkout(filePath, 2);
        // update modules and its metafiles
        update(filePath, filePath + File.separator +
                         CarbonConstants.MODULES_DEPLOYMENT_DIR, 3);
        update(filePath, filePath + File.separator +
                         CarbonConstants.MODULE_METAFILE_HOTDEPLOYMENT_DIR, 3);
        // then update only the ghost meta files
        hasFailed = update(filePath, filePath + File.separator +
                                     CarbonConstants.GHOST_METAFILE_DIR, 3);
    }
    return hasFailed;
}
 
Example #12
Source File: QpidJMSDeliveryManager.java    From carbon-commons with Apache License 2.0 6 votes vote down vote up
protected Properties getInitialContextProperties(String userName, String password) {

        Properties initialContextProperties = new Properties();
        QpidServerDetails qpidServerDetails = EventBrokerHolder.getInstance().getQpidServerDetails();
        initialContextProperties.put(Context.INITIAL_CONTEXT_FACTORY, QPID_ICF);
        initialContextProperties.put(CarbonConstants.REQUEST_BASE_CONTEXT, "true");
        String connectionURL = null;
        if (MB_TYPE_LOCAL.equals(this.type)) {
            connectionURL = qpidServerDetails.getTCPConnectionURL(userName, qpidServerDetails.getAccessKey());
        } else {
            connectionURL = "amqp://" + userName + ":" + this.accessKey
                    + "@" + clientID + "/" + this.virtualHostName
                    + "?brokerlist='tcp://" + this.hostName + ":" + this.qpidPort + "'";
        }
        initialContextProperties.put(CF_NAME_PREFIX + CF_NAME, connectionURL);
        return initialContextProperties;
    }
 
Example #13
Source File: CommonUtil.java    From carbon-commons with Apache License 2.0 6 votes vote down vote up
public static void setAnonAuthorization(String path, UserRealm userRealm)
        throws RegistryException {

    if (userRealm == null) {
        return;
    }

    try {
        AuthorizationManager accessControlAdmin = userRealm.getAuthorizationManager();
        String everyoneRole = CarbonConstants.REGISTRY_ANONNYMOUS_ROLE_NAME;

        accessControlAdmin.authorizeRole(everyoneRole, path, ActionConstants.GET);
        accessControlAdmin.denyRole(everyoneRole, path, ActionConstants.PUT);
        accessControlAdmin.denyRole(everyoneRole, path, ActionConstants.DELETE);
        accessControlAdmin.denyRole(everyoneRole, path, AccessControlConstants.AUTHORIZE);

    } catch (UserStoreException e) {
        String msg = "Could not set authorizations for the " + path + ".";
        log.error(msg, e);
        throw new RegistryException(msg);
    }
}
 
Example #14
Source File: DefaultProvisioningHandler.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * Check for internal roles and convert internal role domain names to camel case to match with predefined
 * internal role domains.
 *
 * @param roles roles to verify and update
 * @return updated role list
 */
private List<String> convertInternalRoleDomainsToCamelCase(List<String> roles) {

    List<String> updatedRoles = new ArrayList<>();

    if (roles != null) {
        // If internal roles exist, convert internal role domain names to case sensitive predefined domain names.
        for (String role : roles) {
            if (StringUtils.containsIgnoreCase(role, UserCoreConstants.INTERNAL_DOMAIN + CarbonConstants
                    .DOMAIN_SEPARATOR)) {
                updatedRoles.add(UserCoreConstants.INTERNAL_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR +
                        UserCoreUtil.removeDomainFromName(role));
            } else if (StringUtils.containsIgnoreCase(role, APPLICATION_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR)) {
                updatedRoles.add(APPLICATION_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR + UserCoreUtil
                        .removeDomainFromName(role));
            } else if (StringUtils.containsIgnoreCase(role, WORKFLOW_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR)) {
                updatedRoles.add(WORKFLOW_DOMAIN + CarbonConstants.DOMAIN_SEPARATOR + UserCoreUtil
                        .removeDomainFromName(role));
            } else {
                updatedRoles.add(role);
            }
        }
    }

    return updatedRoles;
}
 
Example #15
Source File: EmailVerificationServiceClient.java    From carbon-commons with Apache License 2.0 6 votes vote down vote up
public EmailVerificationServiceClient(ServletConfig config, HttpSession session)
        throws RegistryException {

    String cookie = (String)session.getAttribute(ServerConstants.ADMIN_SERVICE_COOKIE);
    String backendServerURL = CarbonUIUtil.getServerURL(config.getServletContext(), session);
    ConfigurationContext configContext = (ConfigurationContext) config.
            getServletContext().getAttribute(CarbonConstants.CONFIGURATION_CONTEXT);
    epr = backendServerURL + "EmailVerificationService";

    try {
        stub = new EmailVerificationServiceStub(configContext, epr);

        ServiceClient client = stub._getServiceClient();
        Options option = client.getOptions();
        option.setManageSession(true);
        option.setProperty(org.apache.axis2.transport.http.HTTPConstants.COOKIE_STRING, cookie);

    } catch (AxisFault axisFault) {
        String msg = "Failed to initiate Add Services service client. " + axisFault.getMessage();
        log.error(msg, axisFault);
        throw new RegistryException(msg, axisFault);
    }
}
 
Example #16
Source File: FrameworkUtils.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
public static String prependUserStoreDomainToName(String authenticatedSubject) {

        if (authenticatedSubject == null || authenticatedSubject.trim().isEmpty()) {
            throw new IllegalArgumentException("Invalid argument. authenticatedSubject : "
                                               + authenticatedSubject);
        }
        if (!authenticatedSubject.contains(CarbonConstants.DOMAIN_SEPARATOR)) {
            if (UserCoreUtil.getDomainFromThreadLocal() != null
                && !UserCoreUtil.getDomainFromThreadLocal().isEmpty()) {
                authenticatedSubject = UserCoreUtil.getDomainFromThreadLocal()
                                       + CarbonConstants.DOMAIN_SEPARATOR + authenticatedSubject;
            }
        } else if (authenticatedSubject.indexOf(CarbonConstants.DOMAIN_SEPARATOR) == 0) {
            throw new IllegalArgumentException("Invalid argument. authenticatedSubject : "
                                               + authenticatedSubject + " begins with \'" + CarbonConstants.DOMAIN_SEPARATOR
                                               + "\'");
        }
        return authenticatedSubject;
    }
 
Example #17
Source File: CaptchaUtil.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
public static void setAnonAuthorization(String path, UserRealm userRealm)
        throws RegistryException {

    if (userRealm == null) {
        return;
    }

    try {
        AuthorizationManager accessControlAdmin = userRealm.getAuthorizationManager();
        String everyoneRole = CarbonConstants.REGISTRY_ANONNYMOUS_ROLE_NAME;

        accessControlAdmin.authorizeRole(everyoneRole, path, ActionConstants.GET);
        accessControlAdmin.denyRole(everyoneRole, path, ActionConstants.PUT);
        accessControlAdmin.denyRole(everyoneRole, path, ActionConstants.DELETE);
        accessControlAdmin.denyRole(everyoneRole, path, AccessControlConstants.AUTHORIZE);

    } catch (UserStoreException e) {
        String msg = "Could not set authorizations for the " + path + ".";
        log.error(msg, e);
        throw new RegistryException(msg);
    }
}
 
Example #18
Source File: RegistryAdminServiceClient.java    From attic-stratos with Apache License 2.0 6 votes vote down vote up
public RegistryAdminServiceClient(String cookie, ServletConfig config, HttpSession session)
        throws AxisFault {
    String serverURL = CarbonUIUtil.getServerURL(config.getServletContext(),
                session);
    ConfigurationContext ctx = (ConfigurationContext) config.
                getServletContext().getAttribute(CarbonConstants.CONFIGURATION_CONTEXT);
    this.session = session;
    String serviceEPR = serverURL + "RegistryAdminService";
    stub = new RegistryAdminServiceStub(ctx, serviceEPR);
    ServiceClient client = stub._getServiceClient();
    Options options = client.getOptions();
    options.setManageSession(true);
    if (cookie != null) {
        options.setProperty(HTTPConstants.COOKIE_STRING, cookie);
    }
}
 
Example #19
Source File: WorkflowExecutorAuditLogger.java    From carbon-identity-framework with Apache License 2.0 6 votes vote down vote up
/**
 * Trigger after executing a workflow request
 *
 * @param workFlowRequest
 * @throws WorkflowException
 */
@Override
public void doPostExecuteWorkflow(WorkflowRequest workFlowRequest, WorkflowExecutorResult result) throws
        WorkflowException {
    String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
    if (StringUtils.isBlank(loggedInUser)) {
        loggedInUser = CarbonConstants.REGISTRY_SYSTEM_USERNAME;
    }

    String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
    loggedInUser = UserCoreUtil.addTenantDomainToEntry(loggedInUser, tenantDomain);

    String auditData = "\"" + "Operation Type" + "\" : \"" + workFlowRequest.getEventType()
            + "\",\"" + "Request parameters" + "\" : \"" + workFlowRequest.getRequestParameterAsString()
            + "\"";
    AUDIT_LOG.info(String.format(AUDIT_MESSAGE, loggedInUser, "Initiate Workflow", auditData,
            AUDIT_SUCCESS));
}
 
Example #20
Source File: IWAUIAuthenticator.java    From carbon-identity with Apache License 2.0 6 votes vote down vote up
/**
 * @param request
 * @return
 * @throws AxisFault
 */
private IWAAuthenticatorStub getIWAClient(HttpServletRequest request)
        throws AxisFault, IdentityException {

    HttpSession session = request.getSession();
    ServletContext servletContext = session.getServletContext();
    String backendServerURL = request.getParameter("backendURL");
    if (backendServerURL == null) {
        backendServerURL = CarbonUIUtil.getServerURL(servletContext, request.getSession());
    }

    ConfigurationContext configContext = (ConfigurationContext) servletContext
            .getAttribute(CarbonConstants.CONFIGURATION_CONTEXT);

    String serviceEPR = backendServerURL + "IWAAuthenticator";
    IWAAuthenticatorStub stub = new IWAAuthenticatorStub(configContext, serviceEPR);
    ServiceClient client = stub._getServiceClient();
    client.engageModule("rampart");
    Policy rampartConfig = IdentityBaseUtil.getDefaultRampartConfig();
    Policy signOnly = IdentityBaseUtil.getSignOnlyPolicy();
    Policy mergedPolicy = signOnly.merge(rampartConfig);
    Options options = client.getOptions();
    options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, mergedPolicy);
    options.setManageSession(true);
    return stub;
}
 
Example #21
Source File: DeviceAccessAuthorizationServiceTest.java    From carbon-device-mgt with Apache License 2.0 5 votes vote down vote up
private void initializeTestEnvironment() throws UserStoreException, GroupManagementException,
        RoleDoesNotExistException, DeviceNotFoundException {
    //creating UI permission
    Permission adminPermission = new Permission(ADMIN_PERMISSION, CarbonConstants.UI_PERMISSION_ACTION);
    Permission deviceViewPermission = new Permission(NON_ADMIN_PERMISSION, CarbonConstants.UI_PERMISSION_ACTION);
    UserStoreManager userStoreManager = DeviceManagementDataHolder.getInstance().getRealmService()
            .getTenantUserRealm(MultitenantConstants.SUPER_TENANT_ID).getUserStoreManager();
    //Adding a non Admin User
    userStoreManager.addUser(NON_ADMIN_ALLOWED_USER, PASSWORD, null, defaultUserClaims, null);
    //Adding a normal user
    userStoreManager.addUser(NORMAL_USER, PASSWORD, null, defaultUserClaims, null);
    //Adding role with permission to Admin user
    userStoreManager.addRole(ADMIN_ROLE, new String[]{ADMIN_USER}, new Permission[]{adminPermission});
    //Adding role with permission to non Admin user
    userStoreManager.addRole(NON_ADMIN_ROLE, new String[]{NON_ADMIN_ALLOWED_USER},
            new Permission[]{deviceViewPermission});
    //Creating default group
    GroupManagementProviderService groupManagementProviderService = DeviceManagementDataHolder.getInstance()
            .getGroupManagementProviderService();
    groupManagementProviderService.createDefaultGroup(DEFAULT_GROUP);
    int groupId = groupManagementProviderService.getGroup(DEFAULT_GROUP).getGroupId();
    //Sharing group with admin and non admin roles
    groupManagementProviderService.manageGroupSharing(groupId, new ArrayList<>(Arrays.asList(ADMIN_ROLE,
            NON_ADMIN_ROLE)));
    //Adding first 2 devices to the group
    groupDeviceIds.add(deviceIds.get(0));
    groupDeviceIds.add(deviceIds.get(1));
    groupManagementProviderService.addDevices(groupId, groupDeviceIds);
}
 
Example #22
Source File: AuthenticatedUser.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * Returns an AuthenticatedUser instance populated from the given subject identifier string.
 * It is assumed that this user is authenticated from a local authenticator thus extract user
 * store domain and tenant domain from the given string.
 *
 * @param authenticatedSubjectIdentifier a string in
 *                                       <userstore_domain>/<username>@<tenant_domain> format
 * @return populated AuthenticatedUser instance
 */
public static AuthenticatedUser createLocalAuthenticatedUserFromSubjectIdentifier(
        String authenticatedSubjectIdentifier) {

    if (authenticatedSubjectIdentifier == null || authenticatedSubjectIdentifier.trim().isEmpty()) {
        throw new IllegalArgumentException(
                "Failed to create Local Authenticated User from the given subject identifier." +
                " Invalid argument. authenticatedSubjectIdentifier : " + authenticatedSubjectIdentifier);
    }

    AuthenticatedUser authenticatedUser = new AuthenticatedUser();

    if (authenticatedSubjectIdentifier.indexOf(CarbonConstants.DOMAIN_SEPARATOR) > 0) {
        if (UserCoreUtil.getDomainFromThreadLocal() != null && !UserCoreUtil.getDomainFromThreadLocal().isEmpty()) {
            String[] subjectIdentifierSplits =
                    authenticatedSubjectIdentifier.split(CarbonConstants.DOMAIN_SEPARATOR, 2);
            authenticatedUser.setUserStoreDomain(subjectIdentifierSplits[0]);
            authenticatedUser.setUserName(MultitenantUtils.getTenantAwareUsername(subjectIdentifierSplits[1]));
        } else {
            authenticatedUser.setUserName(MultitenantUtils.getTenantAwareUsername(authenticatedSubjectIdentifier));
        }
    } else {
        authenticatedUser.setUserName(MultitenantUtils.getTenantAwareUsername(authenticatedSubjectIdentifier));
    }

    authenticatedUser.setTenantDomain(MultitenantUtils.getTenantDomain(authenticatedSubjectIdentifier));
    authenticatedUser.setAuthenticatedSubjectIdentifier(authenticatedSubjectIdentifier);

    return authenticatedUser;
}
 
Example #23
Source File: IDPMgtAuditLogger.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
private String getUser() {
    String user = CarbonContext.getThreadLocalCarbonContext().getUsername();
    if (user != null) {
        user = user + "@" + CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
    } else {
        user = CarbonConstants.REGISTRY_SYSTEM_USERNAME;
    }
    return user;
}
 
Example #24
Source File: WorkflowExecutorAuditLogger.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * Trigger after handling a callback
 *
 * @param uuid
 * @param status
 * @param additionalParams
 * @throws WorkflowException
 */
@Override
public void doPostHandleCallback(String uuid, String status, Map<String, Object> additionalParams) throws WorkflowException {
    String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
    if (StringUtils.isBlank(loggedInUser)) {
        loggedInUser = CarbonConstants.REGISTRY_SYSTEM_USERNAME;
    }
    String auditData = "\"" + "Request ID" + "\" : \"" + uuid
            + "\",\"" + "Callback Status" + "\" : \"" + status
            + "\"";
    AUDIT_LOG.info(String.format(AUDIT_MESSAGE, loggedInUser, "Callback for Workflow Request", auditData,
            AUDIT_SUCCESS));
}
 
Example #25
Source File: OpenIDUtil.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * Returns an instance of <code>OpenIDAdminClient</code>.
 * Only one instance of this will be created for a session.
 * This method is used to reuse the same client within a session.
 *
 * @param session
 * @return {@link OpenIDAdminClient}
 * @throws AxisFault
 */
public static OpenIDAdminClient getOpenIDAdminClient(HttpSession session) throws AxisFault {
    OpenIDAdminClient client =
            (OpenIDAdminClient) session.getAttribute(OpenIDConstants.SessionAttribute.OPENID_ADMIN_CLIENT);
    if (client == null) { // a session timeout or the fist request
        String serverURL = CarbonUIUtil.getServerURL(session.getServletContext(), session);
        ConfigurationContext configContext = (ConfigurationContext) session.getServletContext().getAttribute(
                CarbonConstants.CONFIGURATION_CONTEXT);
        String cookie = (String) session.getAttribute(ServerConstants.ADMIN_SERVICE_COOKIE);
        client = new OpenIDAdminClient(configContext, serverURL, cookie);
        session.setAttribute(OpenIDConstants.SessionAttribute.OPENID_ADMIN_CLIENT, client);
    }
    return client;
}
 
Example #26
Source File: OIDCAuthenticatorDSComponent.java    From carbon-apimgt with Apache License 2.0 5 votes vote down vote up
@Activate
protected void activate(ComponentContext ctxt) {
    OIDCAuthBEDataHolder.getInstance().setBundleContext(ctxt.getBundleContext());
    OIDCAuthenticator authenticator = new OIDCAuthenticator();
    Hashtable<String, String> props = new Hashtable<String, String>();
    props.put(CarbonConstants.AUTHENTICATOR_TYPE, authenticator.getAuthenticatorName());
    ctxt.getBundleContext().registerService(CarbonServerAuthenticator.class.getName(), authenticator, props);
    // configureIdPCertAlias();
    if (log.isDebugEnabled()) {
        log.debug("OIDC Authenticator BE Bundle activated successfuly.");
    }
}
 
Example #27
Source File: JrxmlFileUploaderClient.java    From carbon-commons with Apache License 2.0 5 votes vote down vote up
public static JrxmlFileUploaderClient getInstance(ServletConfig config, HttpSession session) throws AxisFault {
    String backendServerURL = CarbonUIUtil.getServerURL(config.getServletContext(), session);
    ConfigurationContext configContext =
            (ConfigurationContext) config.getServletContext().getAttribute(
                    CarbonConstants.CONFIGURATION_CONTEXT);

    String cookie = (String) session.getAttribute(ServerConstants.ADMIN_SERVICE_COOKIE);
    return new JrxmlFileUploaderClient(cookie,backendServerURL,configContext);
}
 
Example #28
Source File: OIDCAuthenticatorUIDSComponent.java    From carbon-apimgt with Apache License 2.0 5 votes vote down vote up
@Activate
protected void activate(ComponentContext ctxt) {
    if (Util.isAuthenticatorEnabled()) {
        // initialize the OIDC Config params during the start-up
        boolean initSuccess = Util.initOIDCConfigParams();
        if (initSuccess) {
            HttpServlet loginServlet = new HttpServlet() {

                @Override
                protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
                }
            };
            Filter loginPageFilter = new LoginPageFilter();
            Dictionary loginPageFilterProps = new Hashtable(2);
            Dictionary redirectionParams = new Hashtable(3);
            redirectionParams.put("url-pattern", Util.getLoginPage());
            redirectionParams.put("associated-filter", loginPageFilter);
            redirectionParams.put("servlet-attributes", loginPageFilterProps);
            ctxt.getBundleContext().registerService(Servlet.class.getName(), loginServlet, redirectionParams);
            // register the UI authenticator
            OIDCUIAuthenticator authenticator = new OIDCUIAuthenticator();
            Hashtable<String, String> props = new Hashtable<String, String>();
            props.put(CarbonConstants.AUTHENTICATOR_TYPE, authenticator.getAuthenticatorName());
            ctxt.getBundleContext().registerService(CarbonUIAuthenticator.class.getName(), authenticator, props);
            if (log.isDebugEnabled()) {
                log.debug("OIDC Authenticator FE Bundle activated successfully.");
            }
        } else {
            log.warn("Initialization failed for OIDC Authenticator. Starting with the default authenticator");
        }
    } else {
        if (log.isDebugEnabled()) {
            log.debug("OIDC Authenticator is disabled");
        }
    }
}
 
Example #29
Source File: WorkflowImplAuditLogger.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
/**
 * Trigger after removing a BPS profile
 *
 * @param profileName
 * @throws WorkflowImplException
 */
@Override
public void doPostRemoveBPSProfile(String profileName) throws WorkflowImplException {
    String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
    if (StringUtils.isBlank(loggedInUser)) {
        loggedInUser = CarbonConstants.REGISTRY_SYSTEM_USERNAME;
    }
    String auditData = "\"" + "Profile Name" + "\" : \"" + profileName + "\"";
    AUDIT_LOG.info(String.format(AUDIT_MESSAGE, loggedInUser, "Delete BPS Profile", auditData, AUDIT_SUCCESS));
}
 
Example #30
Source File: Utils.java    From carbon-identity with Apache License 2.0 5 votes vote down vote up
public static String getUserStoreDomainName(String userName) {
    int index;
    String userDomain;
    if ((index = userName.indexOf(CarbonConstants.DOMAIN_SEPARATOR)) >= 0) {
        // remove domain name if exist
        userDomain = userName.substring(0, index);
    } else {
        userDomain = UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME;
    }
    return userDomain;
}