[New] added a new PrivilegeHandler.queryUser(UserRep) to query users
- The querying is done by passing a UserRep with all the fields set which need to be equal to select the user. Null fields are understood as not required - Performed further clean up in that all password variables have been changed to type byte[]. - Cleaned up copyright notices in files - fixed version of Privilege 0.1.0-SNAPSHOT in pom.xml
This commit is contained in:
parent
f471be1ea7
commit
b78e9bb064
|
@ -1,7 +0,0 @@
|
|||
Manifest-Version: 1.0
|
||||
Implementation-Vendor: eitchnet.ch
|
||||
Implementation-Title: eitchnet Java Privilege implementation
|
||||
Implementation-Version: 0.0.3
|
||||
Specification-Vendor: eitchnet.ch
|
||||
Specification-Title: eitchnet Java Privilege implementation
|
||||
Specification-Version: 0.1
|
20
README
20
README
|
@ -17,7 +17,7 @@ a LDAP repository with only the Privilege JAR.
|
|||
Privilege is distributed under the GNU Lesser General Public License on
|
||||
Github.com and can be downloaded at
|
||||
|
||||
https://github.com/eitch/Privilege
|
||||
https://github.com/eitch/ch.eitchnet.privilege
|
||||
|
||||
The main developer is Robert von Burg <eitch@eitchnet.ch> who also maintains the
|
||||
Github repository. He is available for all questions regarding Privilege
|
||||
|
@ -72,20 +72,10 @@ directory of the Repository
|
|||
Compiling
|
||||
################################
|
||||
|
||||
Since Privilege is a Java library, it is built using Apache Ant. The build.xml
|
||||
file is configured to build Privilege directly from the root directory by simply
|
||||
calling ant at the command line:
|
||||
Privilege is a Maven3 project and can be built by simply performing the
|
||||
following command:
|
||||
|
||||
$ ant
|
||||
Buildfile: /data/src/apixxo_WS/Privilege/build.xml
|
||||
|
||||
dist:
|
||||
[mkdir] Created dir: /data/src/apixxo_WS/Privilege/dist
|
||||
[copy] Copying 28 files to /data/src/apixxo_WS/Privilege/bin
|
||||
[jar] Building jar: /data/src/apixxo_WS/Privilege/dist/Privilege.jar
|
||||
|
||||
BUILD SUCCESSFUL
|
||||
Total time: 0 seconds
|
||||
$ mvn compile
|
||||
|
||||
Using
|
||||
################################
|
||||
|
@ -96,7 +86,7 @@ which contains a few test cases including showing how to load Privilege.
|
|||
This documentation is still in need of more work, but for any questions please
|
||||
don't hesitate to write an e-mail to the developer and we'll find a solution.
|
||||
|
||||
Switzerland, the 7. August 2011
|
||||
Switzerland, the 29. July 2012
|
||||
Robert von Burg
|
||||
|
||||
|
||||
|
|
77
build.xml
77
build.xml
|
@ -1,77 +0,0 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<!--
|
||||
|
||||
Copyright (c) 2010, 2011
|
||||
|
||||
Robert von Burg <eitch@eitchnet.ch>
|
||||
|
||||
This file is part of Privilege.
|
||||
|
||||
Privilege is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Lesser General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
Privilege is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Lesser General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Lesser General Public License
|
||||
along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
-->
|
||||
|
||||
<project name="Build Jar" default="dist">
|
||||
|
||||
<!-- define export names -->
|
||||
<property name="projectName" value="Privilege" />
|
||||
<property name="jar" value="${projectName}.jar" />
|
||||
|
||||
<!-- define locations -->
|
||||
<property name="buildFolder" location="${basedir}/bin" />
|
||||
<property name="distFolder" location="${basedir}/dist" />
|
||||
<property name="distJar" location="${distFolder}/${jar}" />
|
||||
|
||||
<!-- define class path with eclipse plugins -->
|
||||
<path id="project.class.path">
|
||||
<pathelement path="${java.class.path}" />
|
||||
<fileset dir="${basedir}/lib" includes="*.jar" />
|
||||
</path>
|
||||
|
||||
<target name="dist" description="generate the distribution">
|
||||
|
||||
<!-- create dist directory if it does not exist -->
|
||||
<mkdir dir="${distFolder}" />
|
||||
|
||||
<!-- compile classes -->
|
||||
<javac srcdir="${basedir}/src" destdir="${buildFolder}" classpathref="project.class.path" debug="yes" source="1.6" target="1.6" />
|
||||
|
||||
<!-- copy resources -->
|
||||
<copy todir="${buildFolder}">
|
||||
<fileset dir="${basedir}/src" defaultexcludes="true" />
|
||||
<!--fileset dir="${basedir}/i18n" defaultexcludes="true" /-->
|
||||
</copy>
|
||||
|
||||
<!-- create the jar -->
|
||||
<jar jarfile="${distJar}" basedir="${buildFolder}" manifest="${basedir}/MANIFEST.MF">
|
||||
<fileset dir="${basedir}" defaultexcludes="true" includes="docs/" />
|
||||
<fileset dir="${basedir}" defaultexcludes="true" includes="config/" />
|
||||
<fileset dir="${basedir}" defaultexcludes="true" includes="COPYING*" />
|
||||
<fileset dir="${basedir}" defaultexcludes="true" includes="README" />
|
||||
</jar>
|
||||
|
||||
</target>
|
||||
|
||||
<target name="clean" description="generate the distribution">
|
||||
|
||||
<!-- clean up old data -->
|
||||
<delete includeemptydirs="true" verbose="true">
|
||||
<fileset dir="${distFolder}" includes="**/*" />
|
||||
<fileset dir="${buildFolder}" includes="**/*" />
|
||||
</delete>
|
||||
|
||||
</target>
|
||||
|
||||
</project>
|
17
pom.xml
17
pom.xml
|
@ -4,7 +4,7 @@
|
|||
<groupId>ch.eitchnet</groupId>
|
||||
<artifactId>ch.eitchnet.privilege</artifactId>
|
||||
<packaging>jar</packaging>
|
||||
<version>1.0-SNAPSHOT</version>
|
||||
<version>0.1.0-SNAPSHOT</version>
|
||||
<name>ch.eitchnet.privilege</name>
|
||||
<url>https://github.com/eitch/ch.eitchnet.privilege</url>
|
||||
|
||||
|
@ -157,6 +157,21 @@
|
|||
</configuration>
|
||||
</plugin>
|
||||
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-source-plugin</artifactId>
|
||||
<version>2.1.2</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>attach-sources</id>
|
||||
<phase>verify</phase>
|
||||
<goals>
|
||||
<goal>jar-no-fork</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-jar-plugin</artifactId>
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.handler;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
|
@ -84,6 +78,22 @@ public class DefaultEncryptionHandler implements EncryptionHandler {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.EncryptionHandler#convertToHash(java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public String convertToHash(byte[] bytes) {
|
||||
try {
|
||||
|
||||
return HashHelper.stringToHash(this.hashAlgorithm, bytes);
|
||||
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
throw new PrivilegeException("Algorithm " + this.hashAlgorithm + " was not found!", e);
|
||||
} catch (UnsupportedEncodingException e) {
|
||||
throw new PrivilegeException("Charset ASCII is not supported!", e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.EncryptionHandler#nextToken()
|
||||
*/
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,12 +17,13 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.handler;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
@ -112,7 +108,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
public RoleRep getRole(String roleName) {
|
||||
Role role = this.persistenceHandler.getRole(roleName);
|
||||
if (role == null)
|
||||
throw new PrivilegeException("Role " + roleName + " does not exist!");
|
||||
return null;
|
||||
return role.asRoleRep();
|
||||
}
|
||||
|
||||
|
@ -123,7 +119,7 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
public UserRep getUser(String username) {
|
||||
User user = this.persistenceHandler.getUser(username);
|
||||
if (user == null)
|
||||
throw new PrivilegeException("User " + username + " does not exist!");
|
||||
return null;
|
||||
return user.asUserRep();
|
||||
}
|
||||
|
||||
|
@ -162,6 +158,135 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
return policy;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PrivilegeHandler#queryUsers(ch.eitchnet.privilege.model.UserRep)
|
||||
*/
|
||||
@Override
|
||||
public List<UserRep> queryUsers(UserRep selectorRep) {
|
||||
|
||||
String selUserId = selectorRep.getUserId();
|
||||
String selUsername = selectorRep.getUsername();
|
||||
String selFirstname = selectorRep.getFirstname();
|
||||
String selSurname = selectorRep.getSurname();
|
||||
UserState selUserState = selectorRep.getUserState();
|
||||
Locale selLocale = selectorRep.getLocale();
|
||||
Set<String> selRoles = selectorRep.getRoles();
|
||||
Map<String, String> selPropertyMap = selectorRep.getProperties();
|
||||
|
||||
List<UserRep> result = new ArrayList<UserRep>();
|
||||
List<User> allUsers = this.persistenceHandler.getAllUsers();
|
||||
for (User user : allUsers) {
|
||||
|
||||
// selections
|
||||
boolean userIdSelected;
|
||||
boolean usernameSelected;
|
||||
boolean firstnameSelected;
|
||||
boolean surnameSelected;
|
||||
boolean userStateSelected;
|
||||
boolean localeSelected;
|
||||
boolean roleSelected;
|
||||
boolean propertySelected;
|
||||
|
||||
// userId
|
||||
if (selUserId == null)
|
||||
userIdSelected = true;
|
||||
else if (selUserId.equals(user.getUserId()))
|
||||
userIdSelected = true;
|
||||
else
|
||||
userIdSelected = false;
|
||||
|
||||
// username
|
||||
if (selUsername == null)
|
||||
usernameSelected = true;
|
||||
else if (selUsername.equals(user.getUsername()))
|
||||
usernameSelected = true;
|
||||
else
|
||||
usernameSelected = false;
|
||||
|
||||
// firstname
|
||||
if (selFirstname == null)
|
||||
firstnameSelected = true;
|
||||
else if (selFirstname.equals(user.getFirstname()))
|
||||
firstnameSelected = true;
|
||||
else
|
||||
firstnameSelected = false;
|
||||
|
||||
// surname
|
||||
if (selSurname == null)
|
||||
surnameSelected = true;
|
||||
else if (selSurname.equals(user.getSurname()))
|
||||
surnameSelected = true;
|
||||
else
|
||||
surnameSelected = false;
|
||||
|
||||
// user state
|
||||
if (selUserState == null)
|
||||
userStateSelected = true;
|
||||
else if (selUserState.equals(user.getUserState()))
|
||||
userStateSelected = true;
|
||||
else
|
||||
userStateSelected = false;
|
||||
|
||||
// locale
|
||||
if (selLocale == null)
|
||||
localeSelected = true;
|
||||
else if (selLocale.equals(user.getLocale()))
|
||||
localeSelected = true;
|
||||
else
|
||||
localeSelected = false;
|
||||
|
||||
// roles
|
||||
roleSelected = isSelectedByRole(selRoles, user.getRoles());
|
||||
|
||||
// properties
|
||||
propertySelected = isSelectedByProperty(selPropertyMap, user.getProperties());
|
||||
|
||||
boolean selected = userIdSelected && usernameSelected && firstnameSelected && surnameSelected
|
||||
&& userStateSelected && localeSelected && roleSelected && propertySelected;
|
||||
|
||||
if (selected)
|
||||
result.add(user.asUserRep());
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param selPropertyMap
|
||||
* @param properties
|
||||
* @return
|
||||
*/
|
||||
private boolean isSelectedByProperty(Map<String, String> selPropertyMap, Map<String, String> properties) {
|
||||
|
||||
if (selPropertyMap == null)
|
||||
return true;
|
||||
|
||||
if (selPropertyMap.isEmpty() && properties.isEmpty())
|
||||
return true;
|
||||
|
||||
for (String selKey : selPropertyMap.keySet()) {
|
||||
|
||||
String value = properties.get(selKey);
|
||||
if (value == null || !value.equals(selPropertyMap.get(selKey)))
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param selRoles
|
||||
* @param roles
|
||||
* @return
|
||||
*/
|
||||
private boolean isSelectedByRole(Set<String> selRoles, Set<String> roles) {
|
||||
|
||||
if (selRoles == null)
|
||||
return true;
|
||||
|
||||
return roles.containsAll(selRoles);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PrivilegeHandler#addOrReplaceRole(ch.eitchnet.privilege.model.Certificate,
|
||||
* ch.eitchnet.privilege.model.RoleRep)
|
||||
|
@ -187,29 +312,34 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
* ch.eitchnet.privilege.model.UserRep, java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public void addOrReplaceUser(Certificate certificate, UserRep userRep, String password) {
|
||||
public void addOrReplaceUser(Certificate certificate, UserRep userRep, byte[] password) {
|
||||
try {
|
||||
|
||||
// validate who is doing this
|
||||
validateIsPrivilegeAdmin(certificate);
|
||||
// validate who is doing this
|
||||
validateIsPrivilegeAdmin(certificate);
|
||||
|
||||
String passwordHash = null;
|
||||
if (password != null) {
|
||||
String passwordHash = null;
|
||||
if (password != null) {
|
||||
|
||||
// validate password meets basic requirements
|
||||
validatePassword(password);
|
||||
// validate password meets basic requirements
|
||||
validatePassword(password);
|
||||
|
||||
// hash password
|
||||
passwordHash = this.encryptionHandler.convertToHash(password);
|
||||
// hash password
|
||||
passwordHash = this.encryptionHandler.convertToHash(password);
|
||||
}
|
||||
|
||||
// create new user
|
||||
// XXX should the collections be recreated and the getRoles() and getProperties() methods be removed?
|
||||
User user = new User(userRep.getUserId(), userRep.getUsername(), passwordHash, userRep.getFirstname(),
|
||||
userRep.getSurname(), userRep.getUserState(), userRep.getRoles(), userRep.getLocale(),
|
||||
userRep.getProperties());
|
||||
|
||||
// delegate to persistence handler
|
||||
this.persistenceHandler.addOrReplaceUser(user);
|
||||
|
||||
} finally {
|
||||
clearPassword(password);
|
||||
}
|
||||
|
||||
// create new user
|
||||
// XXX should the collections be recreated and the getRoles() and getProperties() methods be removed?
|
||||
User user = new User(userRep.getUserId(), userRep.getUsername(), passwordHash, userRep.getFirstname(),
|
||||
userRep.getSurname(), userRep.getUserState(), userRep.getRoles(), userRep.getLocale(),
|
||||
userRep.getProperties());
|
||||
|
||||
// delegate to persistence handler
|
||||
this.persistenceHandler.addOrReplaceUser(user);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -450,42 +580,47 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
* java.lang.String, java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public void setUserPassword(Certificate certificate, String username, String password) {
|
||||
public void setUserPassword(Certificate certificate, String username, byte[] password) {
|
||||
try {
|
||||
|
||||
// check if certificate is for same user, in which case user is changing their own password
|
||||
if (certificate.getUsername().equals(username)) {
|
||||
// check if certificate is for same user, in which case user is changing their own password
|
||||
if (certificate.getUsername().equals(username)) {
|
||||
|
||||
// validate the certificate
|
||||
isCertificateValid(certificate);
|
||||
// validate the certificate
|
||||
isCertificateValid(certificate);
|
||||
|
||||
} else {
|
||||
} else {
|
||||
|
||||
// otherwise validate the the certificate is for a privilege admin
|
||||
validateIsPrivilegeAdmin(certificate);
|
||||
// otherwise validate the the certificate is for a privilege admin
|
||||
validateIsPrivilegeAdmin(certificate);
|
||||
}
|
||||
|
||||
// get User
|
||||
User user = this.persistenceHandler.getUser(username);
|
||||
if (user == null) {
|
||||
throw new PrivilegeException("User " + username + " does not exist!");
|
||||
}
|
||||
|
||||
String passwordHash = null;
|
||||
if (password != null) {
|
||||
|
||||
// validate password meets basic requirements
|
||||
validatePassword(password);
|
||||
|
||||
// hash password
|
||||
passwordHash = this.encryptionHandler.convertToHash(password);
|
||||
}
|
||||
|
||||
// create new user
|
||||
User newUser = new User(user.getUserId(), user.getUsername(), passwordHash, user.getFirstname(),
|
||||
user.getSurname(), user.getUserState(), user.getRoles(), user.getLocale(), user.getProperties());
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
this.persistenceHandler.addOrReplaceUser(newUser);
|
||||
|
||||
} finally {
|
||||
clearPassword(password);
|
||||
}
|
||||
|
||||
// get User
|
||||
User user = this.persistenceHandler.getUser(username);
|
||||
if (user == null) {
|
||||
throw new PrivilegeException("User " + username + " does not exist!");
|
||||
}
|
||||
|
||||
String passwordHash = null;
|
||||
if (password != null) {
|
||||
|
||||
// validate password meets basic requirements
|
||||
validatePassword(password);
|
||||
|
||||
// hash password
|
||||
passwordHash = this.encryptionHandler.convertToHash(password);
|
||||
}
|
||||
|
||||
// create new user
|
||||
User newUser = new User(user.getUserId(), user.getUsername(), passwordHash, user.getFirstname(),
|
||||
user.getSurname(), user.getUserState(), user.getRoles(), user.getLocale(), user.getProperties());
|
||||
|
||||
// delegate user replacement to persistence handler
|
||||
this.persistenceHandler.addOrReplaceUser(newUser);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -519,16 +654,17 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
* if the user credentials are not valid
|
||||
*/
|
||||
@Override
|
||||
public Certificate authenticate(String username, String password) {
|
||||
public Certificate authenticate(String username, byte[] password) {
|
||||
|
||||
// create certificate
|
||||
Certificate certificate;
|
||||
try {
|
||||
// both username and password must at least have 3 characters in length
|
||||
// username must be at least 3 characters in length
|
||||
if (username == null || username.length() < 3)
|
||||
throw new PrivilegeException("The given username is shorter than 3 characters");
|
||||
else if (password == null || password.length() < 3)
|
||||
throw new PrivilegeException("The given password is shorter than 3 characters");
|
||||
|
||||
// and validate the password
|
||||
validatePassword(password);
|
||||
|
||||
// we only work with hashed passwords
|
||||
String passwordHash = this.encryptionHandler.convertToHash(password);
|
||||
|
@ -578,6 +714,8 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
} catch (RuntimeException e) {
|
||||
logger.error("User " + username + " Failed to authenticate: " + e.getLocalizedMessage());
|
||||
throw e;
|
||||
} finally {
|
||||
clearPassword(password);
|
||||
}
|
||||
|
||||
// return the certificate
|
||||
|
@ -801,11 +939,15 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
* @see ch.eitchnet.privilege.handler.PrivilegeHandler#validatePassword(java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public void validatePassword(String password) throws PrivilegeException {
|
||||
public void validatePassword(byte[] password) throws PrivilegeException {
|
||||
|
||||
if (password == null || password.isEmpty()) {
|
||||
if (password == null || password.length == 0) {
|
||||
throw new PrivilegeException("A password may not be empty!");
|
||||
}
|
||||
|
||||
if (password.length < 3) {
|
||||
throw new PrivilegeException("The given password is shorter than 3 characters");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -909,4 +1051,14 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param password
|
||||
*/
|
||||
private void clearPassword(byte[] password) {
|
||||
if (password != null) {
|
||||
for (int i = 0; i < password.length; i++) {
|
||||
password[i] = 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.handler;
|
||||
|
||||
import java.util.Map;
|
||||
|
@ -52,6 +46,15 @@ public interface EncryptionHandler {
|
|||
*/
|
||||
public String convertToHash(String string);
|
||||
|
||||
/**
|
||||
* Converts a given byte array, e.g. a password to a hash which is defined by the concrete implementation
|
||||
*
|
||||
* @param bytes
|
||||
* the bytes to convert
|
||||
* @return the hash of the string after converting
|
||||
*/
|
||||
public String convertToHash(byte[] bytes);
|
||||
|
||||
/**
|
||||
* Initialize the concrete {@link EncryptionHandler}. The passed parameter map contains any configuration the
|
||||
* concrete {@link EncryptionHandler} might need
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.handler;
|
||||
|
||||
import java.util.List;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,9 +17,9 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.handler;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
|
||||
import ch.eitchnet.privilege.i18n.AccessDeniedException;
|
||||
|
@ -75,6 +70,17 @@ public interface PrivilegeHandler {
|
|||
*/
|
||||
public RoleRep getRole(String roleName);
|
||||
|
||||
/**
|
||||
* Method to query {@link UserRep} which meet the criteria set in the given {@link UserRep}. Null fields mean the
|
||||
* fields are not relevant.
|
||||
*
|
||||
* @param selectorRep
|
||||
* the {@link UserRep} to use as criteria selection
|
||||
*
|
||||
* @return a list of {@link UserRep}s which fit the given criteria
|
||||
*/
|
||||
public List<UserRep> queryUsers(UserRep selectorRep);
|
||||
|
||||
/**
|
||||
* Removes the user with the given username
|
||||
*
|
||||
|
@ -171,7 +177,7 @@ public interface PrivilegeHandler {
|
|||
* @throws PrivilegeException
|
||||
* if there is anything wrong with this certificate
|
||||
*/
|
||||
public void addOrReplaceUser(Certificate certificate, UserRep userRep, String password)
|
||||
public void addOrReplaceUser(Certificate certificate, UserRep userRep, byte[] password)
|
||||
throws AccessDeniedException, PrivilegeException;
|
||||
|
||||
/**
|
||||
|
@ -251,7 +257,7 @@ public interface PrivilegeHandler {
|
|||
* @throws PrivilegeException
|
||||
* if there is anything wrong with this certificate
|
||||
*/
|
||||
public void setUserPassword(Certificate certificate, String username, String password)
|
||||
public void setUserPassword(Certificate certificate, String username, byte[] password)
|
||||
throws AccessDeniedException, PrivilegeException;
|
||||
|
||||
/**
|
||||
|
@ -326,7 +332,7 @@ public interface PrivilegeHandler {
|
|||
* @throws AccessDeniedException
|
||||
* if the user credentials are not valid
|
||||
*/
|
||||
public Certificate authenticate(String username, String password) throws AccessDeniedException;
|
||||
public Certificate authenticate(String username, byte[] password) throws AccessDeniedException;
|
||||
|
||||
/**
|
||||
* Invalidates the {@link Session} for the given {@link Certificate}, effectively logging out the user who was
|
||||
|
@ -416,7 +422,7 @@ public interface PrivilegeHandler {
|
|||
* @throws PrivilegeException
|
||||
* if the password does not implement the requirement of the concrete implementation
|
||||
*/
|
||||
public void validatePassword(String password) throws PrivilegeException;
|
||||
public void validatePassword(byte[] password) throws PrivilegeException;
|
||||
|
||||
/**
|
||||
* Persists any changes to the privilege data model. Changes are thus not persisted immediately, but must be
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.handler;
|
||||
|
||||
import java.io.File;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.helper;
|
||||
|
||||
import java.io.File;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.helper;
|
||||
|
||||
import ch.eitchnet.privilege.i18n.PrivilegeException;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.helper;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.helper;
|
||||
|
||||
import java.io.File;
|
||||
|
@ -40,6 +34,8 @@ import ch.eitchnet.privilege.handler.PersistenceHandler;
|
|||
import ch.eitchnet.privilege.handler.PrivilegeHandler;
|
||||
import ch.eitchnet.privilege.i18n.PrivilegeException;
|
||||
import ch.eitchnet.privilege.policy.PrivilegePolicy;
|
||||
import ch.eitchnet.utils.helper.StringHelper;
|
||||
import ch.eitchnet.utils.helper.SystemHelper;
|
||||
|
||||
/**
|
||||
* This class implements the initializing of the {@link PrivilegeHandler} by loading an XML file containing the
|
||||
|
@ -163,6 +159,10 @@ public class InitializationHelper {
|
|||
for (Element parameter : elements) {
|
||||
String name = parameter.attributeValue(XmlConstants.XML_ATTR_NAME);
|
||||
String value = parameter.attributeValue(XmlConstants.XML_ATTR_VALUE);
|
||||
|
||||
// replace any defined system properties
|
||||
value = StringHelper.replaceSystemPropertiesIn(value);
|
||||
|
||||
parameterMap.put(name, value);
|
||||
}
|
||||
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.helper;
|
||||
|
||||
import java.awt.Dimension;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.helper;
|
||||
|
||||
import java.io.BufferedReader;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.helper;
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.helper;
|
||||
|
||||
import java.io.File;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.i18n;
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.i18n;
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.model;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.model;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.model;
|
||||
|
||||
import ch.eitchnet.privilege.model.internal.Privilege;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.model;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.model;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.model;
|
||||
|
||||
import ch.eitchnet.privilege.model.internal.User;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.model.internal;
|
||||
|
||||
import java.util.Collections;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.model.internal;
|
||||
|
||||
import java.util.Collections;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.model.internal;
|
||||
|
||||
import ch.eitchnet.privilege.handler.PrivilegeHandler;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.model.internal;
|
||||
|
||||
import java.util.Collections;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.policy;
|
||||
|
||||
import ch.eitchnet.privilege.i18n.AccessDeniedException;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.policy;
|
||||
|
||||
import ch.eitchnet.privilege.i18n.AccessDeniedException;
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.test;
|
||||
|
||||
import java.io.File;
|
||||
|
@ -58,15 +52,15 @@ import ch.eitchnet.privilege.model.UserState;
|
|||
public class PrivilegeTest {
|
||||
|
||||
private static final String ADMIN = "admin";
|
||||
private static final String PASS_ADMIN = "admin";
|
||||
private static final byte[] PASS_ADMIN = "admin".getBytes();
|
||||
private static final String BOB = "bob";
|
||||
private static final String TED = "ted";
|
||||
private static final String PASS_BOB = "admin1";
|
||||
private static final byte[] PASS_BOB = "admin1".getBytes();
|
||||
private static final String ROLE_FEATHERLITE_USER = "FeatherliteUser";
|
||||
private static final String ROLE_USER = "user";
|
||||
private static final String PASS_DEF = "def";
|
||||
private static final String PASS_BAD = "123";
|
||||
private static final String PASS_TED = "12345";
|
||||
private static final byte[] PASS_DEF = "def".getBytes();
|
||||
private static final byte[] PASS_BAD = "123".getBytes();
|
||||
private static final byte[] PASS_TED = "12345".getBytes();
|
||||
|
||||
private static final Logger logger = Logger.getLogger(PrivilegeTest.class);
|
||||
|
||||
|
@ -103,11 +97,17 @@ public class PrivilegeTest {
|
|||
@Test
|
||||
public void testAuthenticationOk() throws Exception {
|
||||
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, PASS_ADMIN);
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, copyBytes(PASS_ADMIN));
|
||||
org.junit.Assert.assertTrue("Certificate is null!", certificate != null);
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
||||
private byte[] copyBytes(byte[] bytes) {
|
||||
byte[] copy = new byte[bytes.length];
|
||||
System.arraycopy(bytes, 0, copy, 0, bytes.length);
|
||||
return copy;
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws Exception
|
||||
* if something goes wrong
|
||||
|
@ -115,7 +115,7 @@ public class PrivilegeTest {
|
|||
@Test(expected = AccessDeniedException.class)
|
||||
public void testFailAuthenticationNOk() throws Exception {
|
||||
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, PASS_BAD);
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, copyBytes(PASS_BAD));
|
||||
org.junit.Assert.assertTrue("Certificate is null!", certificate != null);
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
@ -139,7 +139,7 @@ public class PrivilegeTest {
|
|||
@Test
|
||||
public void testAddUserBobAsAdmin() throws Exception {
|
||||
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, PASS_ADMIN);
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, copyBytes(PASS_ADMIN));
|
||||
|
||||
// let's add a new user bob
|
||||
UserRep userRep = new UserRep("1", BOB, "Bob", "Newman", UserState.NEW, new HashSet<String>(), null,
|
||||
|
@ -148,7 +148,7 @@ public class PrivilegeTest {
|
|||
logger.info("Added user " + BOB);
|
||||
|
||||
// set bob's password
|
||||
privilegeHandler.setUserPassword(certificate, BOB, PASS_BOB);
|
||||
privilegeHandler.setUserPassword(certificate, BOB, copyBytes(PASS_BOB));
|
||||
logger.info("Set Bob's password");
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
@ -161,7 +161,7 @@ public class PrivilegeTest {
|
|||
*/
|
||||
@Test(expected = AccessDeniedException.class)
|
||||
public void testFailAuthAsBob() throws Exception {
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, PASS_BOB);
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, copyBytes(PASS_BOB));
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
||||
|
@ -171,7 +171,7 @@ public class PrivilegeTest {
|
|||
*/
|
||||
@Test
|
||||
public void testEnableUserBob() throws Exception {
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, PASS_ADMIN);
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, copyBytes(PASS_ADMIN));
|
||||
privilegeHandler.setUserState(certificate, BOB, UserState.ENABLED);
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
@ -185,7 +185,7 @@ public class PrivilegeTest {
|
|||
@Test(expected = PrivilegeException.class)
|
||||
public void testFailAuthUserBob() throws Exception {
|
||||
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, PASS_BOB);
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, copyBytes(PASS_BOB));
|
||||
org.junit.Assert.assertTrue("Certificate is null!", certificate != null);
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
@ -196,7 +196,7 @@ public class PrivilegeTest {
|
|||
*/
|
||||
@Test
|
||||
public void testAddRole() throws Exception {
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, PASS_ADMIN);
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, copyBytes(PASS_ADMIN));
|
||||
|
||||
Map<String, PrivilegeRep> privilegeMap = new HashMap<String, PrivilegeRep>();
|
||||
RoleRep roleRep = new RoleRep(ROLE_USER, privilegeMap);
|
||||
|
@ -211,7 +211,7 @@ public class PrivilegeTest {
|
|||
*/
|
||||
@Test
|
||||
public void testAddRoleToBob() throws Exception {
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, PASS_ADMIN);
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, copyBytes(PASS_ADMIN));
|
||||
privilegeHandler.addRoleToUser(certificate, BOB, ROLE_USER);
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
@ -222,7 +222,7 @@ public class PrivilegeTest {
|
|||
*/
|
||||
@Test
|
||||
public void testAuthAsBob() throws Exception {
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, PASS_BOB);
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, copyBytes(PASS_BOB));
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
||||
|
@ -236,7 +236,7 @@ public class PrivilegeTest {
|
|||
public void testFailAddUserTedAsBob() throws Exception {
|
||||
|
||||
// auth as Bog
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, PASS_BOB);
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, copyBytes(PASS_BOB));
|
||||
org.junit.Assert.assertTrue("Certificate is null!", certificate != null);
|
||||
|
||||
// let's add a new user Ted
|
||||
|
@ -254,7 +254,7 @@ public class PrivilegeTest {
|
|||
@Test
|
||||
public void testAddAdminRoleToBob() throws Exception {
|
||||
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, PASS_ADMIN);
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, copyBytes(PASS_ADMIN));
|
||||
privilegeHandler.addRoleToUser(certificate, BOB, PrivilegeHandler.PRIVILEGE_ADMIN_ROLE);
|
||||
logger.info("Added " + PrivilegeHandler.PRIVILEGE_ADMIN_ROLE + " to " + ADMIN);
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
|
@ -267,7 +267,7 @@ public class PrivilegeTest {
|
|||
@Test
|
||||
public void testAddUserTedAsBob() throws Exception {
|
||||
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, PASS_BOB);
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, copyBytes(PASS_BOB));
|
||||
org.junit.Assert.assertTrue("Certificate is null!", certificate != null);
|
||||
|
||||
// let's add a new user ted
|
||||
|
@ -288,11 +288,11 @@ public class PrivilegeTest {
|
|||
@Test
|
||||
public void testSetTedPwdAsBob() throws Exception {
|
||||
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, PASS_BOB);
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, copyBytes(PASS_BOB));
|
||||
org.junit.Assert.assertTrue("Certificate is null!", certificate != null);
|
||||
|
||||
// set ted's password to default
|
||||
privilegeHandler.setUserPassword(certificate, TED, PASS_DEF);
|
||||
privilegeHandler.setUserPassword(certificate, TED, copyBytes(PASS_DEF));
|
||||
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
@ -303,8 +303,8 @@ public class PrivilegeTest {
|
|||
*/
|
||||
@Test
|
||||
public void testTedChangesOwnPwd() throws Exception {
|
||||
Certificate certificate = privilegeHandler.authenticate(TED, PASS_DEF);
|
||||
privilegeHandler.setUserPassword(certificate, TED, PASS_TED);
|
||||
Certificate certificate = privilegeHandler.authenticate(TED, copyBytes(PASS_DEF));
|
||||
privilegeHandler.setUserPassword(certificate, TED, copyBytes(PASS_TED));
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
||||
|
@ -314,7 +314,7 @@ public class PrivilegeTest {
|
|||
*/
|
||||
@Test
|
||||
public void testAuthAsTed() throws Exception {
|
||||
Certificate certificate = privilegeHandler.authenticate(TED, PASS_TED);
|
||||
Certificate certificate = privilegeHandler.authenticate(TED, copyBytes(PASS_TED));
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
||||
|
@ -325,7 +325,7 @@ public class PrivilegeTest {
|
|||
@Test
|
||||
public void testPerformRestrictableAsAdmin() throws Exception {
|
||||
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, PASS_ADMIN);
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, copyBytes(PASS_ADMIN));
|
||||
org.junit.Assert.assertTrue("Certificate is null!", certificate != null);
|
||||
|
||||
// see if eitch can perform restrictable
|
||||
|
@ -342,7 +342,7 @@ public class PrivilegeTest {
|
|||
*/
|
||||
@Test(expected = AccessDeniedException.class)
|
||||
public void testFailPerformRestrictableAsBob() throws Exception {
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, PASS_BOB);
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, copyBytes(PASS_BOB));
|
||||
org.junit.Assert.assertTrue("Certificate is null!", certificate != null);
|
||||
|
||||
// see if bob can perform restrictable
|
||||
|
@ -361,7 +361,7 @@ public class PrivilegeTest {
|
|||
@Test
|
||||
public void testAddFeatherliteRoleToBob() throws Exception {
|
||||
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, PASS_ADMIN);
|
||||
Certificate certificate = privilegeHandler.authenticate(ADMIN, copyBytes(PASS_ADMIN));
|
||||
privilegeHandler.addRoleToUser(certificate, BOB, ROLE_FEATHERLITE_USER);
|
||||
logger.info("Added " + ROLE_FEATHERLITE_USER + " to " + BOB);
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
|
@ -375,7 +375,7 @@ public class PrivilegeTest {
|
|||
*/
|
||||
@Test
|
||||
public void testPerformRestrictableAsBob() throws Exception {
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, PASS_BOB);
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, copyBytes(PASS_BOB));
|
||||
org.junit.Assert.assertTrue("Certificate is null!", certificate != null);
|
||||
|
||||
// see if bob can perform restrictable
|
||||
|
|
|
@ -1,11 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2010, 2011
|
||||
* Copyright (c) 2010 - 2012
|
||||
*
|
||||
* Robert von Burg <eitch@eitchnet.ch>
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file is part of Privilege.
|
||||
*
|
||||
* Privilege is free software: you can redistribute it and/or modify
|
||||
|
@ -22,7 +17,6 @@
|
|||
* along with Privilege. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.test;
|
||||
|
||||
import ch.eitchnet.privilege.model.Restrictable;
|
||||
|
|
Loading…
Reference in New Issue