Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/AbstractUserAction.java +11 −0 Original line number Diff line number Diff line Loading @@ -103,6 +103,7 @@ public abstract class AbstractUserAction implements PrivilegedExceptionAction<Ob static final String DEFAULT_CONTENT_TYPE = "text/xml"; static final String JSON_CONTENT_TYPE = "application/json"; protected String augmentUserDN; protected UserLogInfo logInfo; protected HttpServletResponse response; protected String acceptedContentType = DEFAULT_CONTENT_TYPE; Loading @@ -113,6 +114,16 @@ public abstract class AbstractUserAction implements PrivilegedExceptionAction<Ob public abstract void doAction() throws Exception; public void setAugmentUserDN(final String dn) { this.augmentUserDN = dn; } public String getAugmentUserDN() { return this.augmentUserDN; } public void setLogInfo(UserLogInfo logInfo) { this.logInfo = logInfo; Loading projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/GetUserAction.java +58 −8 Original line number Diff line number Diff line Loading @@ -71,11 +71,19 @@ import ca.nrc.cadc.ac.User; import ca.nrc.cadc.ac.UserNotFoundException; import ca.nrc.cadc.ac.server.UserPersistence; import java.security.AccessControlContext; import java.security.AccessController; import java.security.Principal; import java.security.PrivilegedExceptionAction; import javax.security.auth.Subject; import org.apache.log4j.Logger; public class GetUserAction extends AbstractUserAction { private static final Logger log = Logger.getLogger(GetUserAction.class); private final Principal userID; GetUserAction(Principal userID) Loading @@ -86,20 +94,62 @@ public class GetUserAction extends AbstractUserAction public void doAction() throws Exception { final UserPersistence<Principal> userPersistence = getUserPersistence(); User<Principal> user; if (isServops()) { Subject subject = new Subject(); subject.getPrincipals().add(this.userID); user = (User<Principal>) Subject.doAs(subject, new PrivilegedExceptionAction<Object>() { @Override public Object run() throws Exception { return getUser(userID); } }); } else { user = getUser(this.userID); } writeUser(user); } protected User<Principal> getUser(Principal principal) throws Exception { final UserPersistence<Principal> userPersistence = getUserPersistence(); User<Principal> user; try { user = userPersistence.getUser(userID); user = userPersistence.getUser(principal); } catch (UserNotFoundException e) { user = userPersistence.getPendingUser(userID); user = userPersistence.getPendingUser(principal); } writeUser(user); return user; } protected boolean isServops() { log.debug("alinga-- isServops(): augmentUserDN = " + this.augmentUserDN); boolean isServops = false; AccessControlContext acc = AccessController.getContext(); Subject subject = Subject.getSubject(acc); for (Principal principal : subject.getPrincipals()) { if (principal.getName().equals(this.getAugmentUserDN())) { isServops = true; break; } } return isServops; } } projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UserServlet.java +21 −0 Original line number Diff line number Diff line Loading @@ -72,11 +72,14 @@ import java.io.IOException; import java.security.PrivilegedActionException; import javax.security.auth.Subject; import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import ca.nrc.cadc.util.StringUtil; import org.apache.log4j.Logger; import ca.nrc.cadc.auth.AuthenticationUtil; Loading @@ -86,6 +89,23 @@ public class UserServlet extends HttpServlet private static final long serialVersionUID = 5289130885807305288L; private static final Logger log = Logger.getLogger(UserServlet.class); private String augmentUserDN; @Override public void init(final ServletConfig config) throws ServletException { super.init(config); try { this.augmentUserDN = config.getInitParameter(UserServlet.class.getName() + ".augmentUserDN"); log.info("augmentUserDN: " + augmentUserDN); } catch(Exception ex) { log.error("failed to init: " + ex); } } /** * Create a UserAction and run the action safely. Loading @@ -104,6 +124,7 @@ public class UserServlet extends HttpServlet AbstractUserAction action = factory.createAction(request); action.setAugmentUserDN(this.augmentUserDN); action.setLogInfo(logInfo); action.setResponse(response); action.setAcceptedContentType(getAcceptedContentType(request)); Loading Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/AbstractUserAction.java +11 −0 Original line number Diff line number Diff line Loading @@ -103,6 +103,7 @@ public abstract class AbstractUserAction implements PrivilegedExceptionAction<Ob static final String DEFAULT_CONTENT_TYPE = "text/xml"; static final String JSON_CONTENT_TYPE = "application/json"; protected String augmentUserDN; protected UserLogInfo logInfo; protected HttpServletResponse response; protected String acceptedContentType = DEFAULT_CONTENT_TYPE; Loading @@ -113,6 +114,16 @@ public abstract class AbstractUserAction implements PrivilegedExceptionAction<Ob public abstract void doAction() throws Exception; public void setAugmentUserDN(final String dn) { this.augmentUserDN = dn; } public String getAugmentUserDN() { return this.augmentUserDN; } public void setLogInfo(UserLogInfo logInfo) { this.logInfo = logInfo; Loading
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/GetUserAction.java +58 −8 Original line number Diff line number Diff line Loading @@ -71,11 +71,19 @@ import ca.nrc.cadc.ac.User; import ca.nrc.cadc.ac.UserNotFoundException; import ca.nrc.cadc.ac.server.UserPersistence; import java.security.AccessControlContext; import java.security.AccessController; import java.security.Principal; import java.security.PrivilegedExceptionAction; import javax.security.auth.Subject; import org.apache.log4j.Logger; public class GetUserAction extends AbstractUserAction { private static final Logger log = Logger.getLogger(GetUserAction.class); private final Principal userID; GetUserAction(Principal userID) Loading @@ -86,20 +94,62 @@ public class GetUserAction extends AbstractUserAction public void doAction() throws Exception { final UserPersistence<Principal> userPersistence = getUserPersistence(); User<Principal> user; if (isServops()) { Subject subject = new Subject(); subject.getPrincipals().add(this.userID); user = (User<Principal>) Subject.doAs(subject, new PrivilegedExceptionAction<Object>() { @Override public Object run() throws Exception { return getUser(userID); } }); } else { user = getUser(this.userID); } writeUser(user); } protected User<Principal> getUser(Principal principal) throws Exception { final UserPersistence<Principal> userPersistence = getUserPersistence(); User<Principal> user; try { user = userPersistence.getUser(userID); user = userPersistence.getUser(principal); } catch (UserNotFoundException e) { user = userPersistence.getPendingUser(userID); user = userPersistence.getPendingUser(principal); } writeUser(user); return user; } protected boolean isServops() { log.debug("alinga-- isServops(): augmentUserDN = " + this.augmentUserDN); boolean isServops = false; AccessControlContext acc = AccessController.getContext(); Subject subject = Subject.getSubject(acc); for (Principal principal : subject.getPrincipals()) { if (principal.getName().equals(this.getAugmentUserDN())) { isServops = true; break; } } return isServops; } }
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UserServlet.java +21 −0 Original line number Diff line number Diff line Loading @@ -72,11 +72,14 @@ import java.io.IOException; import java.security.PrivilegedActionException; import javax.security.auth.Subject; import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import ca.nrc.cadc.util.StringUtil; import org.apache.log4j.Logger; import ca.nrc.cadc.auth.AuthenticationUtil; Loading @@ -86,6 +89,23 @@ public class UserServlet extends HttpServlet private static final long serialVersionUID = 5289130885807305288L; private static final Logger log = Logger.getLogger(UserServlet.class); private String augmentUserDN; @Override public void init(final ServletConfig config) throws ServletException { super.init(config); try { this.augmentUserDN = config.getInitParameter(UserServlet.class.getName() + ".augmentUserDN"); log.info("augmentUserDN: " + augmentUserDN); } catch(Exception ex) { log.error("failed to init: " + ex); } } /** * Create a UserAction and run the action safely. Loading @@ -104,6 +124,7 @@ public class UserServlet extends HttpServlet AbstractUserAction action = factory.createAction(request); action.setAugmentUserDN(this.augmentUserDN); action.setLogInfo(logInfo); action.setResponse(response); action.setAcceptedContentType(getAcceptedContentType(request)); Loading
