Skip to content
Permalink
Browse files
FC-265 - Delegated Administration Enhancements to Apache Fortress REST
  • Loading branch information
shawnmckinney committed Mar 8, 2019
1 parent b402d8c commit 839c5ddee886500d33f5f2de5d53d70146404d35
Show file tree
Hide file tree
Showing 2 changed files with 78 additions and 4 deletions.
@@ -26,12 +26,12 @@
import javax.ws.rs.core.Context;

import org.apache.directory.fortress.core.GlobalErrIds;
import org.apache.directory.fortress.core.model.FortRequest;
import org.apache.directory.fortress.core.model.FortResponse;
import org.apache.directory.fortress.core.model.*;
import org.apache.directory.fortress.core.rest.HttpIds;
import org.apache.log4j.Logger;
import org.springframework.stereotype.Service;


/**
* Implementation for Fortress Rest Service methods forwards to delegate. This class is thread safe.
*
@@ -74,6 +74,7 @@ public class FortressServiceImpl implements FortressService
* **************************************************************************************************************************************
*/


/**
* {@inheritDoc}
*/
@@ -83,10 +84,13 @@ public class FortressServiceImpl implements FortressService
@Override
public FortResponse addUser( FortRequest request )
{
return adminMgrImpl.addUser( request );
FortResponse response = SecUtils.initializeSession(request, httpRequest);
if( response == null )
response = adminMgrImpl.addUser( request );
return response;
}


/**
* {@inheritDoc}
*/
@@ -0,0 +1,70 @@
//
// Source code recreated from a .class file by IntelliJ IDEA
// (powered by Fernflower decompiler)
//

package org.apache.directory.fortress.rest;

import javax.servlet.http.HttpServletRequest;

import org.apache.directory.fortress.core.GlobalErrIds;
import org.apache.directory.fortress.core.SecurityException;
import org.apache.directory.fortress.core.model.FortRequest;
import org.apache.directory.fortress.core.model.FortResponse;
import org.apache.directory.fortress.core.model.Session;
import org.apache.directory.fortress.realm.J2eePolicyMgr;
import org.apache.directory.fortress.realm.J2eePolicyMgrFactory;
import org.apache.log4j.Logger;

public class SecUtils
{
private static final Logger LOG = Logger.getLogger(SecUtils.class.getName());

static FortResponse initializeSession(FortRequest fortRequest, HttpServletRequest httpRequest)
{
Session realmSession;
FortResponse fortResponse = null;

// If the session is not contained in the request, use the service caller:
if( fortRequest.getSession() == null)
{
if( httpRequest == null)
{
fortResponse = new FortResponse();
fortResponse.setErrorCode(GlobalErrIds.REST_NULL_HTTP_REQ_ERR );
fortResponse.setErrorMessage( "HTTP Requst is NULL");
}
else
{
try
{
J2eePolicyMgr j2eePolicyMgr = J2eePolicyMgrFactory.createInstance();
String szPrincipal = httpRequest.getUserPrincipal().toString();
realmSession = j2eePolicyMgr.deserialize(szPrincipal);
if(realmSession != null)
{
fortRequest.setSession( realmSession );
}
}
catch (SecurityException se)
{
String error = "intializeSession caught SecurityException=" + se;
fortResponse = new FortResponse();
createError(fortResponse, se);
}
}
}
return fortResponse;
}

private static void createError(FortResponse response, SecurityException se )
{
LOG.info( "Caught " + se );
response.setErrorCode( se.getErrorId() );
response.setErrorMessage( se.getMessage() );
response.setHttpStatus(se.getHttpStatus());
}



}

0 comments on commit 839c5dd

Please sign in to comment.