Guest User

Untitled

a guest
Jan 22nd, 2018
114
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 19.86 KB | None | 0 0
  1. /**
  2. *This class can be used to perform operation on OID using OPSS API
  3. * @author Ramandeep Nanda
  4. */
  5.  
  6. public class OIDOperations {
  7. public static final ADFLogger OIDLogger=ADFLogger.createADFLogger(OIDOperations.class);
  8. /**
  9. *
  10. * @return The store instance for OID store
  11. */
  12. public static IdentityStore getStoreInstance(){
  13. return IdentityStoreConfigurator.initializeDefaultStore();
  14. }
  15. public static IdentityStoreFactory getIdentityStoreFactory(){
  16. return IdentityStoreConfigurator.idStoreFactory;
  17. }
  18. /**
  19. * Returns the logged in User if using ADF security
  20. * @return The logged in User
  21. */
  22. public static String getLoggedInUser(){
  23. ADFContext ctxt=ADFContext.getCurrent();
  24. SecurityContext sctxt=ctxt.getSecurityContext();
  25. return sctxt.getUserName();
  26. }
  27. /**
  28. * This method returns the user profile of currently logged in user if using ADF security
  29. * @return oracle.adf.share.security.identitymanagement.UserProfile;
  30. */
  31. public static UserProfile getLoggedInUserProfile(){
  32. ADFContext ctxt=ADFContext.getCurrent();
  33. SecurityContext sctxt=ctxt.getSecurityContext();
  34. return sctxt.getUserProfile();
  35. }
  36. /**
  37. * Assigns the specified role to the user
  38. * @param roleName the role to assign
  39. * @param userName the user to assign role to
  40. */
  41. public static void assignRoleToUser(String roleName,String userName){
  42. String methodName=Thread.currentThread().getStackTrace()[1].getMethodName();
  43. IdentityStore store=OIDOperations.getStoreInstance();
  44. try {
  45. Role role= store.searchRole(IdentityStore.SEARCH_BY_NAME,roleName);
  46. User user= store.searchUser(userName);
  47. RoleManager rm=store.getRoleManager();
  48. if(!rm.isGranted(role, user.getPrincipal())){
  49. rm.grantRole(role, user.getPrincipal());
  50. }
  51.  
  52. } catch (IMException e) {
  53. OIDLogger.severe("Exception in "+methodName + "Could not assign role ["+roleName+"] to the user ["+userName +"] because of " +e.getMessage() +" ", e);
  54. throw new SahajException("Could not assign role ["+roleName+"] to the user ["+userName +"] due to "+e.getMessage());
  55.  
  56. }
  57. finally {
  58. try{
  59. store.close();
  60. }
  61. catch (IMException e) {
  62. OIDLogger.severe("Exception occured in closing store");
  63. }
  64. }
  65. }
  66. /**
  67. * Assigns the specified role to the user
  68. * @param roleNames the roles to assign
  69. * @param userName the user to assign role to
  70. * @return the set of users who are assigned roles
  71. */
  72. public static Set assignRolesToUser(Set roleNames,String userName){
  73. Set rolesAssigned=new HashSet();
  74.  
  75. String methodName=Thread.currentThread().getStackTrace()[1].getMethodName();
  76. IdentityStore store=OIDOperations.getStoreInstance();
  77. String roleName=null;
  78. try {
  79. User user= store.searchUser(userName);
  80. Principal userPrincipal=user.getPrincipal();
  81. RoleManager rm=store.getRoleManager();
  82. Iterator it=roleNames.iterator();
  83. while(it.hasNext()){
  84. roleName=(String)it.next();
  85. Role role= store.searchRole(IdentityStore.SEARCH_BY_NAME,roleName);
  86. if(!rm.isGranted(role, user.getPrincipal())){
  87. rm.grantRole(role,userPrincipal);
  88. rolesAssigned.add(roleName);
  89. }
  90. }
  91. } catch (IMException e) {
  92.  
  93. OIDLogger.severe("Exception in "+methodName + "Could not assign role ["+roleName+"] to the user ["+userName +"] because of " +e.getMessage() +" ", e);
  94. throw new SahajException("Could not assign role ["+roleName+"] to the user ["+userName +"] due to "+e.getMessage());
  95.  
  96.  
  97. }
  98. finally {
  99. try{
  100. store.close();
  101. }
  102. catch (IMException e) {
  103. OIDLogger.severe("Exception occured in closing store");
  104. }
  105. }
  106.  
  107. return rolesAssigned;
  108. }
  109. /**
  110. * Assigns the specified role to the user
  111. * @param roleName the role to assign
  112. * @param users the users to assign role to
  113. * @return The users who are assigned the role
  114. */
  115. public static Set assignRoleToUsers(String roleName,Map users){
  116. Set usersAssigned=new HashSet();
  117. String methodName=Thread.currentThread().getStackTrace()[1].getMethodName();
  118. IdentityStore store=OIDOperations.getStoreInstance();
  119. Set entrySet = users.entrySet();
  120. Iterator it=entrySet.iterator();
  121. String userName=null;
  122.  
  123. try {
  124. Role role= store.searchRole(IdentityStore.SEARCH_BY_NAME,roleName);
  125. RoleManager rm=store.getRoleManager();
  126. while(it.hasNext()){
  127. Map.Entry entry=(Map.Entry)it.next();
  128. userName=(String)entry.getKey();
  129. User user= store.searchUser(userName);
  130. if(!rm.isGranted(role, user.getPrincipal())){
  131. rm.grantRole(role, user.getPrincipal());
  132. usersAssigned.add(user);
  133. }
  134. }
  135. } catch (IMException e) {
  136. OIDLogger.severe("Exception in "+methodName + "Could not assign role ["+roleName+"] to the user ["+userName +"] because of " +e.getMessage() +" ", e);
  137. }
  138. finally {
  139. try{
  140. store.close();
  141. }
  142. catch (IMException e) {
  143. OIDLogger.severe("Exception occured in closing store");
  144. }
  145. }
  146. return usersAssigned;
  147. }
  148.  
  149. //revoke sample below It is similar to the above mentioned assign case so mentioning a sample operation
  150.  
  151. /**
  152. * To remove the role from user
  153. * @param roleName the role to remove/ revoke
  154. * @param userName the user from which to revoke role
  155. */
  156. public static void removeRoleFromUser(String roleName,String userName){
  157. String methodName=Thread.currentThread().getStackTrace()[1].getMethodName();
  158. IdentityStore store=OIDOperations.getStoreInstance();
  159. try {
  160. Role role= store.searchRole(IdentityStore.SEARCH_BY_NAME,roleName);
  161.  
  162. User user= store.searchUser(userName);
  163. RoleManager rm=store.getRoleManager();
  164. if(rm.isGranted(role, user.getPrincipal())){
  165. rm.revokeRole(role, user.getPrincipal());
  166. }
  167. } catch (IMException e) {
  168. OIDLogger.severe("Exception in "+methodName + "Could not revoke role ["+roleName+"] from the user ["+userName +"] because of " +e.getMessage() +" ", e);
  169. throw new SahajException("Could not remove role ["+roleName+"] from the user ["+userName +"] due to "+e.getMessage());
  170.  
  171. }
  172. finally {
  173. try{
  174. store.close();
  175. }
  176. catch (IMException e) {
  177. OIDLogger.severe("Exception occured in closing store");
  178. }
  179. }
  180. }
  181. public static void dropUserWithRoles(String userId){
  182. UserManager um = null;
  183. IdentityStore store=null;
  184. User newUser = null;
  185. try {
  186. store=OIDOperations.getStoreInstance();
  187. User user = store.searchUser(IdentityStore.SEARCH_BY_NAME, userId);
  188. um=store.getUserManager();
  189. if (user != null) {
  190. //drop user if already present
  191. um.dropUser(user);
  192. RoleManager rm = store.getRoleManager();
  193. Principal userPrincipal= user.getPrincipal();
  194. SearchResponse resp=rm.getGrantedRoles(userPrincipal, true);
  195. while(resp.hasNext()){
  196. rm.revokeRole((Role)resp.next(), user.getPrincipal());
  197. }
  198. }
  199. }
  200. catch (IMException e) {
  201. OIDLogger.info("[dropUser]" +
  202.  
  203. e);
  204.  
  205. }
  206. finally {
  207. try{
  208. store.close();
  209. }
  210. catch (IMException e) {
  211. OIDLogger.severe("Exception occured in closing store");
  212. }
  213. }
  214. }
  215. public static void dropUser(String userId){
  216. UserManager um = null;
  217. User newUser = null;
  218. IdentityStore store=null;
  219.  
  220. try {
  221. store =OIDOperations.getStoreInstance();
  222. User user = store.searchUser(IdentityStore.SEARCH_BY_NAME, userId);
  223. um=store.getUserManager();
  224. if (user != null) {
  225. //drop user if already present
  226. um.dropUser(user);
  227. }
  228. }
  229. catch (IMException e) {
  230. OIDLogger.info("[dropUser]" +
  231. e);
  232.  
  233. }
  234. finally {
  235. try{
  236. store.close();
  237. }
  238. catch (IMException e) {
  239. OIDLogger.severe("Exception occured in closing store");
  240. }
  241. }
  242. }
  243.  
  244. /**
  245. * Gets the userProfile of the logged in user if using ADF security
  246. * @param approverUser
  247. * @return
  248. */
  249. public static oracle.security.idm.UserProfile getUserProfile(String approverUser) {
  250. IdentityStore store=OIDOperations.getStoreInstance();
  251. oracle.security.idm.UserProfile profile=null;
  252. try {
  253. User user= store.searchUser(approverUser);
  254. profile=user.getUserProfile();
  255.  
  256. } catch (IMException e) {
  257. OIDLogger.info("Could not find user in OID with supplied Id"+approverUser);
  258. throw new SahajException(e.getMessage());
  259. }
  260. finally {
  261. try{
  262. store.close();
  263. }
  264. catch (IMException e) {
  265. OIDLogger.severe("Exception occured in closing store");
  266. }
  267. }
  268. return profile;
  269. }
  270. /**
  271. * Gets all the roles
  272. * @return
  273. */
  274. public static List getAllRoles(){
  275. String methodName = Thread.currentThread().getStackTrace()[1].getMethodName();
  276. List returnList=new ArrayList();
  277. IdentityStore store=OIDOperations.getStoreInstance();
  278.  
  279. try{
  280. SimpleSearchFilter filter=store.getSimpleSearchFilter(RoleProfile.NAME,SimpleSearchFilter.TYPE_EQUAL,null);
  281. String wildCardChar=filter.getWildCardChar();
  282. // Here the default_role is a property this is just a placeholder can be any pattern you want to search
  283. filter.setValue(wildCardChar+rb.getString("DEFAULT_ROLE")+wildCardChar);
  284. SearchParameters parameters=new SearchParameters(filter,SearchParameters.SEARCH_ROLES_ONLY) ;
  285. SearchResponse resp=store.searchRoles(Role.SCOPE_ANY,parameters);
  286. while(resp.hasNext()){
  287. Role role=(Role)resp.next();
  288. String tempRole=role.getPrincipal().getName();
  289. returnList.add(tempRole);
  290. }
  291. store.close();
  292. }catch(IMException e){
  293. OIDLogger.severe("Exception in "+methodName + " " +e.getMessage() +" ", e);
  294. throw new SahajException(e.getMessage());
  295. }
  296. finally {
  297. try{
  298. store.close();
  299. }
  300. catch (IMException e) {
  301. OIDLogger.severe("Exception occured in closing store");
  302. }
  303. }
  304.  
  305. return returnList;
  306. }
  307. /**
  308. * Fetches all the roles assigned to the user
  309. * @param userName
  310. * @return
  311. */
  312. public static List getAllUserRoles(String userName, String searchPath) {
  313. String methodName = Thread.currentThread().getStackTrace()[1].getMethodName();
  314. List returnList=new ArrayList();
  315. IdentityStoreFactory storeFactory = OIDOperations.getIdentityStoreFactory();
  316. IdentityStore store=null;
  317. String[] userSearchBases= {rb.getString(searchPath)};
  318. String[] groupSearchBases= {rb.getString("group.search.bases")};
  319. Hashtable storeEnv=new Hashtable();
  320. storeEnv.put(OIDIdentityStoreFactory.ADF_IM_SUBSCRIBER_NAME,rb.getString("oidsubscribername"));
  321. storeEnv.put(OIDIdentityStoreFactory.RT_USER_SEARCH_BASES,userSearchBases);
  322. storeEnv.put(OIDIdentityStoreFactory.RT_GROUP_SEARCH_BASES,groupSearchBases);
  323.  
  324. try{
  325. store = storeFactory.getIdentityStoreInstance(storeEnv);
  326. User user= store.searchUser(IdentityStore.SEARCH_BY_NAME,userName);
  327. RoleManager mgr=store.getRoleManager();
  328. SearchResponse resp= mgr.getGrantedRoles(user.getPrincipal(), false);
  329. while(resp.hasNext()){
  330. String name= resp.next().getName();
  331. returnList.add(name);
  332. }
  333.  
  334. }catch(IMException e){
  335. OIDLogger.severe("Exception in "+methodName + " " +e.getMessage() +" ", e);
  336. throw new SahajException(e.getMessage());
  337. }
  338. finally {
  339. try{
  340. store.close();
  341. }
  342. catch (IMException e) {
  343. OIDLogger.severe("Exception occured in closing store");
  344. }
  345. }
  346.  
  347. return returnList;
  348. }
  349.  
  350. /**
  351. *Use to change the passoword for logged in user It uses ADF Security Context to get logged in user
  352. *
  353. **/
  354. public static void changePasswordForUser(String oldPassword,String newPassword, String userName){
  355. String methodName =
  356. java.lang.Thread.currentThread().getStackTrace()[1].getMethodName();
  357. SecurityContext securityContext =
  358. ADFContext.getCurrent().getSecurityContext();
  359. String user = securityContext.getUserName();
  360. oidStore= OIDOperations.getStoreInstance();
  361. try {
  362. UserManager uMgr = oidStore.getUserManager();
  363. User authUser =
  364. uMgr.authenticateUser(user, oldPassword.toCharArray());
  365.  
  366. if (authUser != null) {
  367. UserProfile profile = authUser.getUserProfile();
  368.  
  369. profile.setPassword( oldPassword.toCharArray(),
  370. newPasswordtoCharArray());
  371. }
  372. } catch (IMException e) {
  373. if (amLogger.isLoggable(Level.SEVERE)) {
  374. amLogger.severe("[" + methodName +
  375. "] Exception occured due to " + e.getCause(),
  376. e);
  377. }
  378. throw new Exception(e.getMessage());
  379. }
  380. finally {
  381. try{
  382. oidStore.close();
  383. }
  384. catch (IMException e) {
  385. amLogger.severe("Exception occured in closing store");
  386. }
  387. }
  388.  
  389.  
  390. }
  391.  
  392. /**
  393. * Resets the password for user
  394. *
  395. **/
  396. public static void resetPasswordForUser(String userId)
  397. {
  398. String methodName =
  399. java.lang.Thread.currentThread().getStackTrace()[1].getMethodName();
  400. IdentityStore oidStore = OIDOperations.getStoreInstance();
  401. User user = null;
  402. try {
  403. user = oidStore.searchUser(userId);
  404. if (user != null) {
  405. UserProfile userProfile = user.getUserProfile();
  406. List passwordValues =
  407. userProfile.getProperty("userpassword").getValues();
  408. ModProperty prop =
  409. new ModProperty("PASSWORD", passwordValues.get(0),
  410. ModProperty.REMOVE);
  411. userProfile.setProperty(prop);
  412. String randomPassword = generateRandomPassword();
  413. userProfile.setPassword(null, randomPassword.toCharArray());
  414. }
  415. } catch (IMException e) {
  416. amLogger.severe("[" + methodName + "]" +
  417. "Exception occured due to ", e);
  418.  
  419. }
  420. finally {
  421. try{
  422. oidStore.close();
  423. }
  424. catch (IMException e) {
  425. amLogger.severe("Exception occured in closing store");
  426. }
  427. }
  428.  
  429. }
  430.  
  431.  
  432. /**
  433. * This nested private class is used for configuring and initializing a store instance
  434. * @author Ramandeep Nanda
  435. */
  436. private static final class IdentityStoreConfigurator {
  437. private static final IdentityStoreFactory idStoreFactory=initializeFactory();
  438.  
  439.  
  440. private static IdentityStoreFactory initializeFactory(){
  441. String methodName = Thread.currentThread().getStackTrace()[1].getMethodName();
  442. IdentityStoreFactoryBuilder builder = new
  443. IdentityStoreFactoryBuilder();
  444. IdentityStoreFactory oidFactory = null;
  445. try {
  446. Hashtable factEnv = new Hashtable();
  447. factEnv.put(OIDIdentityStoreFactory.ST_SECURITY_PRINCIPAL,rb.getString("oidusername"));
  448. factEnv.put(OIDIdentityStoreFactory.ST_SECURITY_CREDENTIALS, rb.getString("oiduserpassword"));
  449. factEnv.put(OIDIdentityStoreFactory.ST_SUBSCRIBER_NAME,rb.getString("oidsubscribername"));
  450. factEnv.put(OIDIdentityStoreFactory.ST_LDAP_URL,rb.getString("ldap.url"));
  451. factEnv.put(OIDIdentityStoreFactory.ST_USER_NAME_ATTR,rb.getString("username.attr"));
  452. oidFactory = builder.getIdentityStoreFactory("oracle.security.idm.providers.oid.OIDIdentityStoreFactory", factEnv);
  453. }
  454. catch (IMException e) {
  455. OIDLogger.severe("Exception in "+methodName + " " +e.getMessage() +" ", e);
  456. throw new SahajException(e.getMessage());
  457. }
  458. return oidFactory;
  459. }
  460. private static IdentityStore initializeDefaultStore(){
  461. IdentityStore store=null;
  462. String methodName = Thread.currentThread().getStackTrace()[1].getMethodName();
  463. String[] userSearchBases= {rb.getString("user.search.bases")};
  464. String[] groupCreateBases= {rb.getString("group.search.bases")};
  465. String []usercreate={rb.getString("user.create.bases")};
  466. String [] groupClass={rb.getString("GROUP_CLASSES")};
  467. Hashtable storeEnv=new Hashtable();
  468. storeEnv.put(OIDIdentityStoreFactory.ADF_IM_SUBSCRIBER_NAME,rb.getString("oidsubscribername"));
  469. storeEnv.put(OIDIdentityStoreFactory.RT_USER_SEARCH_BASES,userSearchBases);
  470. storeEnv.put(OIDIdentityStoreFactory.RT_GROUP_SEARCH_BASES,groupCreateBases);
  471. storeEnv.put(OIDIdentityStoreFactory.RT_USER_CREATE_BASES,usercreate);
  472. storeEnv.put(OIDIdentityStoreFactory.RT_USER_SELECTED_CREATEBASE,rb.getString("user.create.bases"));
  473. storeEnv.put(OIDIdentityStoreFactory.RT_GROUP_OBJECT_CLASSES,groupClass);
  474. try{
  475. store = IdentityStoreConfigurator.idStoreFactory.getIdentityStoreInstance(storeEnv);
  476. }
  477. catch (IMException e) {
  478. OIDLogger.severe("Exception in "+methodName + " " +e.getMessage() +" ", e);
  479. throw new SahajException(e.getMessage());
  480. }
  481. return store;
  482.  
  483. }
  484.  
  485.  
  486. }
Add Comment
Please, Sign In to add comment