Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
/*
************************************************************************
******************* CANADIAN ASTRONOMY DATA CENTRE *******************
************** CENTRE CANADIEN DE DONNÉES ASTRONOMIQUES **************
*
* (c) 2014. (c) 2014.
* Government of Canada Gouvernement du Canada
* National Research Council Conseil national de recherches
* Ottawa, Canada, K1A 0R6 Ottawa, Canada, K1A 0R6
* All rights reserved Tous droits réservés
*
* NRC disclaims any warranties, Le CNRC dénie toute garantie
* expressed, implied, or énoncée, implicite ou légale,
* statutory, of any kind with de quelque nature que ce
* respect to the software, soit, concernant le logiciel,
* including without limitation y compris sans restriction
* any warranty of merchantability toute garantie de valeur
* or fitness for a particular marchande ou de pertinence
* purpose. NRC shall not be pour un usage particulier.
* liable in any event for any Le CNRC ne pourra en aucun cas
* damages, whether direct or être tenu responsable de tout
* indirect, special or general, dommage, direct ou indirect,
* consequential or incidental, particulier ou général,
* arising from the use of the accessoire ou fortuit, résultant
* software. Neither the name de l'utilisation du logiciel. Ni
* of the National Research le nom du Conseil National de
* Council of Canada nor the Recherches du Canada ni les noms
* names of its contributors may de ses participants ne peuvent
* be used to endorse or promote être utilisés pour approuver ou
* products derived from this promouvoir les produits dérivés
* software without specific prior de ce logiciel sans autorisation
* written permission. préalable et particulière
* par écrit.
*
* This file is part of the Ce fichier fait partie du projet
* OpenCADC project. OpenCADC.
*
* OpenCADC is free software: OpenCADC est un logiciel libre ;
* you can redistribute it and/or vous pouvez le redistribuer ou le
* modify it under the terms of modifier suivant les termes de
* the GNU Affero General Public la “GNU Affero General Public
* License as published by the License” telle que publiée
* Free Software Foundation, par la Free Software Foundation
* either version 3 of the : soit la version 3 de cette
* License, or (at your option) licence, soit (à votre gré)
* any later version. toute version ultérieure.
*
* OpenCADC is distributed in the OpenCADC est distribué
* hope that it will be useful, dans l’espoir qu’il vous
* but WITHOUT ANY WARRANTY; sera utile, mais SANS AUCUNE
* without even the implied GARANTIE : sans même la garantie
* warranty of MERCHANTABILITY implicite de COMMERCIALISABILITÉ
* or FITNESS FOR A PARTICULAR ni d’ADÉQUATION À UN OBJECTIF
* PURPOSE. See the GNU Affero PARTICULIER. Consultez la Licence
* General Public License for Générale Publique GNU Affero
* more details. pour plus de détails.
*
* You should have received Vous devriez avoir reçu une
* a copy of the GNU Affero copie de la Licence Générale
* General Public License along Publique GNU Affero avec
* with OpenCADC. If not, see OpenCADC ; si ce n’est
* <http://www.gnu.org/licenses/>. pas le cas, consultez :
* <http://www.gnu.org/licenses/>.
*
* $Revision: 4 $
*
************************************************************************
*/
package ca.nrc.cadc.ac.server.web;
import java.io.IOException;
import java.net.URI;
import java.security.AccessControlException;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
Alinga Yeung
committed
import java.util.ArrayList;
import java.util.Calendar;
import java.util.GregorianCalendar;
Alinga Yeung
committed
import java.util.List;
import java.util.Set;
import java.util.TimeZone;
import javax.security.auth.Subject;
import javax.security.auth.x500.X500Principal;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import ca.nrc.cadc.ac.User;
import ca.nrc.cadc.ac.UserAlreadyExistsException;
import ca.nrc.cadc.ac.UserNotFoundException;
import ca.nrc.cadc.ac.server.ACScopeValidator;
import ca.nrc.cadc.ac.server.PluginFactory;
import ca.nrc.cadc.ac.server.UserPersistence;
import ca.nrc.cadc.auth.AuthenticationUtil;
import ca.nrc.cadc.auth.DelegationToken;
import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.auth.ServletPrincipalExtractor;
import ca.nrc.cadc.log.ServletLogInfo;
import ca.nrc.cadc.net.TransientException;
import ca.nrc.cadc.util.StringUtil;
/**
* Servlet to handle password resets. Passwords are an integral part of the
* access control system and are handled differently to accommodate stricter
* guidelines.
* <p/>
* This servlet handles GET and POST only. It relies on the Subject being set higher
* up by the AccessControlFilter as configured in the web descriptor.
*/
public class ResetPasswordServlet extends HttpServlet
{
private static final Logger log = Logger.getLogger(ResetPasswordServlet.class);
Alinga Yeung
committed
List<Subject> privilegedSubjects;
UserPersistence<Principal> userPersistence;
@Override
public void init(final ServletConfig config) throws ServletException
{
super.init(config);
Alinga Yeung
committed
try
{
String x500Users = config.getInitParameter(ResetPasswordServlet.class.getName() + ".PrivilegedX500Principals");
log.debug("privilegedX500Users: " + x500Users);
String httpUsers = config.getInitParameter(ResetPasswordServlet.class.getName() + ".PrivilegedHttpPrincipals");
log.debug("privilegedHttpUsers: " + httpUsers);
String[] x500List = new String[0];
String[] httpList = new String[0];
if (x500Users != null && httpUsers != null)
{
x500List = x500Users.split(" ");
httpList = httpUsers.split(" ");
if (x500List.length != httpList.length)
{
throw new RuntimeException("Init exception: Lists of augment subject principals not equivalent in length");
}
privilegedSubjects = new ArrayList<Subject>(x500Users.length());
for (int i=0; i<x500List.length; i++)
{
Subject s = new Subject();
s.getPrincipals().add(new X500Principal(x500List[i]));
s.getPrincipals().add(new HttpPrincipal(httpList[i]));
privilegedSubjects.add(s);
}
Alinga Yeung
committed
}
PluginFactory pluginFactory = new PluginFactory();
userPersistence = pluginFactory.createUserPersistence();
}
catch (Throwable t)
{
log.fatal("Error initializing group persistence", t);
throw new ExceptionInInitializerError(t);
}
}
Alinga Yeung
committed
protected boolean isPrivilegedSubject(final HttpServletRequest request)
{
Alinga Yeung
committed
if (privilegedSubjects == null || privilegedSubjects.isEmpty())
{
return false;
}
Alinga Yeung
committed
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
ServletPrincipalExtractor extractor = new ServletPrincipalExtractor(request);
Set<Principal> principals = extractor.getPrincipals();
for (Principal principal : principals)
{
if (principal instanceof X500Principal)
{
for (Subject s : privilegedSubjects)
{
Set<X500Principal> x500Principals = s.getPrincipals(X500Principal.class);
for (X500Principal p2 : x500Principals)
{
if (p2.getName().equalsIgnoreCase(principal.getName()))
{
return true;
}
}
}
}
if (principal instanceof HttpPrincipal)
{
for (Subject s : privilegedSubjects)
{
Set<HttpPrincipal> httpPrincipals = s.getPrincipals(HttpPrincipal.class);
for (HttpPrincipal p2 : httpPrincipals)
{
if (p2.getName().equalsIgnoreCase(principal.getName()))
{
return true;
}
}
}
}
}
return false;
Alinga Yeung
committed
* Handle a /ac GET operation. The subject provided is expected to be a privileged user.
*
* @param request The HTTP Request.
* @param response The HTTP Response.
* @throws ServletException Anything goes wrong at the Servlet level.
* @throws IOException Any reading/writing errors.
*/
@Override
protected void doGet(final HttpServletRequest request,
final HttpServletResponse response)
throws ServletException, IOException
{
final long start = System.currentTimeMillis();
final ServletLogInfo logInfo = new ServletLogInfo(request);
log.info(logInfo.start());
try
{
final Subject subject = getSubject(request);
Alinga Yeung
committed
logInfo.setSubject(subject);
if ((subject == null) || (subject.getPrincipals().isEmpty()))
Alinga Yeung
committed
logInfo.setMessage("Unauthorized subject");
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}
else
{
Alinga Yeung
committed
if (isPrivilegedSubject(request))
Alinga Yeung
committed
String token = (String) Subject.doAs(subject, new PrivilegedExceptionAction<Object>()
Alinga Yeung
committed
public Object run() throws Exception
Alinga Yeung
committed
String emailAddress = request.getParameter("emailAddress");
if (StringUtil.hasText(emailAddress))
{
User<Principal> user = userPersistence.getUserByEmailAddress(emailAddress);
HttpPrincipal userID = (HttpPrincipal) user.getUserID();
URI scopeURI = new URI(ACScopeValidator.RESET_PASSWORD_SCOPE);
int duration = 24; // hours
Calendar expiry = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
expiry.add(Calendar.HOUR, duration);
DelegationToken dt = new DelegationToken(userID, scopeURI, expiry.getTime());
Alinga Yeung
committed
return DelegationToken.format(dt);
}
else
{
throw new IllegalArgumentException("Missing email address");
}
Alinga Yeung
committed
});
Alinga Yeung
committed
response.setContentType("text/plain");
response.setContentLength(token.length());
response.getWriter().write(token);
}
else
{
logInfo.setMessage("Permission denied subject");
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
}
Alinga Yeung
committed
catch (Throwable t)
Alinga Yeung
committed
try
Alinga Yeung
committed
if (t instanceof PrivilegedActionException)
{
Exception e = ((PrivilegedActionException) t).getException();
if (e != null)
Alinga Yeung
committed
{
Alinga Yeung
committed
throw e;
Alinga Yeung
committed
}
Alinga Yeung
committed
throw t;
}
catch (UserAlreadyExistsException e)
{
log.debug(e.getMessage(), e);
logInfo.setMessage(e.getMessage());
response.setStatus(HttpServletResponse.SC_CONFLICT);
}
Alinga Yeung
committed
catch (UserNotFoundException e)
{
log.debug(e.getMessage(), e);
logInfo.setMessage(e.getMessage());
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
Alinga Yeung
committed
catch (IllegalArgumentException e)
{
log.debug(e.getMessage(), e);
logInfo.setMessage(e.getMessage());
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
}
catch (TransientException e)
{
log.debug(e.getMessage(), e);
String message = e.getMessage();
logInfo.setMessage(message);
logInfo.setSuccess(false);
response.setContentType("text/plain");
if (e.getRetryDelay() > 0)
response.setHeader("Retry-After", Integer.toString(e.getRetryDelay()));
response.getWriter().write("Transient Error: " + message);
response.setStatus(503);
}
Alinga Yeung
committed
catch (AccessControlException e)
{
log.debug(e.getMessage(), e);
logInfo.setMessage(e.getMessage());
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}
catch (Throwable t1)
{
String message = "Internal Server Error: " + t.getMessage();
log.error(message, t);
logInfo.setSuccess(false);
logInfo.setMessage(message);
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
}
finally
{
logInfo.setElapsedTime(System.currentTimeMillis() - start);
log.info(logInfo.end());
}
}
/**
* Attempt to change password.
*
* @param request The HTTP Request.
* @param response The HTTP Response.
* @throws IOException Any errors that are not expected.
Alinga Yeung
committed
*/
public void doPost(final HttpServletRequest request,
final HttpServletResponse response)
throws IOException
{
final long start = System.currentTimeMillis();
final ServletLogInfo logInfo = new ServletLogInfo(request);
log.info(logInfo.start());
try
{
final Subject subject = getSubject(request);
logInfo.setSubject(subject);
if ((subject == null) || (subject.getPrincipals().isEmpty()))
{
logInfo.setMessage("Unauthorized subject");
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}
else
{
Subject.doAs(subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
Set<HttpPrincipal> pset = subject.getPrincipals(HttpPrincipal.class);
if (pset.isEmpty())
Alinga Yeung
committed
{
throw new IllegalStateException("no HttpPrincipal in subject");
Alinga Yeung
committed
}
HttpPrincipal userID = pset.iterator().next();
Alinga Yeung
committed
String newPassword = request.getParameter("password");
if (StringUtil.hasText(newPassword))
Alinga Yeung
committed
userPersistence.resetPassword(userID, newPassword);
Alinga Yeung
committed
throw new IllegalArgumentException("Missing password");
return null;
}
});
}
}
catch (Throwable t)
{
Alinga Yeung
committed
try
{
if (t instanceof PrivilegedActionException)
{
Exception e = ((PrivilegedActionException) t).getException();
if (e != null)
{
throw e;
}
}
Alinga Yeung
committed
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
throw t;
}
catch (UserNotFoundException e)
{
log.debug(e.getMessage(), e);
logInfo.setMessage(e.getMessage());
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
}
catch (IllegalArgumentException e)
{
log.debug(e.getMessage(), e);
logInfo.setMessage(e.getMessage());
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
}
catch (AccessControlException e)
{
log.debug(e.getMessage(), e);
logInfo.setMessage(e.getMessage());
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
}
catch (Throwable t1)
{
String message = "Internal Server Error: " + t.getMessage();
log.error(message, t);
logInfo.setSuccess(false);
logInfo.setMessage(message);
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
}
finally
{
logInfo.setElapsedTime(System.currentTimeMillis() - start);
log.info(logInfo.end());
}
Alinga Yeung
committed
}
/**
* Get and augment the Subject. Tests can override this method.
*
* @param request Servlet request
* @return augmented Subject
*/
Subject getSubject(final HttpServletRequest request)
{
return AuthenticationUtil.getSubject(request);
}
}