Révision bf9c3717
Ajouté par Remy Menard il y a environ 11 ans
ETa/EpcisPHI/src/main/java/fr/unicaen/iota/epcisphi/xacml/servlet/Services.java | ||
---|---|---|
import com.sun.xacml.ctx.Result;
|
||
import fr.unicaen.iota.epcisphi.utils.*;
|
||
import fr.unicaen.iota.epcisphi.xacml.ihm.Module;
|
||
import fr.unicaen.iota.eta.user.client.UserClient;
|
||
import fr.unicaen.iota.eta.user.userservice_wsdl.ImplementationExceptionResponse;
|
||
import fr.unicaen.iota.eta.user.userservice_wsdl.SecurityExceptionResponse;
|
||
import fr.unicaen.iota.ypsilon.client.YPSilonClient;
|
||
import fr.unicaen.iota.xacml.pep.MethodNamesAdmin;
|
||
import fr.unicaen.iota.xacml.policy.GroupPolicy;
|
||
import fr.unicaen.iota.xacml.policy.OwnerPolicies;
|
||
import fr.unicaen.iota.ypsilon.client.soap.ImplementationExceptionResponse;
|
||
import fr.unicaen.iota.ypsilon.client.soap.SecurityExceptionResponse;
|
||
import java.lang.reflect.Method;
|
||
import java.security.NoSuchAlgorithmException;
|
||
import java.util.ArrayList;
|
||
import java.util.Calendar;
|
||
import java.util.Date;
|
||
... | ... | |
}
|
||
}
|
||
|
||
/*
|
||
* TODO: methods implementing public void updatePartner(String sessionId,
|
||
* User user, int partnerUID, String partnerID, String serviceID, String
|
||
* serviceAddress, String serviceType, Session session) throws
|
||
* ServiceException { if (PEPRequester.checkAccess(user, "partnerUpdate") ==
|
||
* Result.DECISION_DENY) { throw new ServiceException("partnerUpdate: not
|
||
* allowed for user " + user.getUserID() + " in module: " +
|
||
* Module.adminModule, ServiceErrorType.xacml); } DsClient gatewayClient =
|
||
* new DsClient(CONFIGURATION.DS_ADDRESS); Service service; try { service =
|
||
* new Service(serviceID, serviceType, new URI(serviceAddress)); } catch
|
||
* (MalformedURIException ex) { throw new ServiceException("service URL
|
||
* malformed !", ServiceErrorType.Unknown); } List<Service> lService = new
|
||
* ArrayList<Service>(); lService.add(service); try {
|
||
* gatewayClient.partnerUpdate(sessionId, partnerUID, partnerID, lService);
|
||
* } catch (RemoteException ex) { throw new ServiceException("DS
|
||
* Communication Failure: internal protocol error !",
|
||
* ServiceErrorType.Unknown); } catch (EnancedProtocolException ex) { throw
|
||
* new ServiceException(ex.getMessage(), ServiceErrorType.Unknown); } }
|
||
*/
|
||
public void createUser(String sessionId, User user, String login, String pass) throws ServiceException {
|
||
public void createUser(String sessionId, User user, String login, String userName) throws ServiceException {
|
||
checkAccess(user, Module.adminModule, "userCreate");
|
||
try {
|
||
String partner = user.getPartnerID();
|
||
String hashPass = SHA1.makeSHA1Hash(pass);
|
||
UserClient client = new UserClient(Constants.USERSERVICE_ADDRESS, Constants.PKS_FILENAME,
|
||
YPSilonClient client = new YPSilonClient(Constants.YPSILON_ADDRESS, Constants.PKS_FILENAME,
|
||
Constants.PKS_PASSWORD, Constants.TRUST_PKS_FILENAME, Constants.TRUST_PKS_PASSWORD);
|
||
client.userCreate(sessionId, login, hashPass, partner, 30);
|
||
} catch (NoSuchAlgorithmException ex) {
|
||
log.error("Algorithm error", ex);
|
||
throw new ServiceException(ex.getMessage(), ServiceErrorType.epcis);
|
||
if (userName != null && !userName.isEmpty()) {
|
||
client.userCreate(sessionId, login, partner, userName, 30);
|
||
}
|
||
else {
|
||
client.userCreate(sessionId, login, partner, 30);
|
||
}
|
||
} catch (ImplementationExceptionResponse ex) {
|
||
log.error("Internal error", ex);
|
||
throw new ServiceException(ex.getMessage(), ServiceErrorType.Unknown);
|
||
... | ... | |
public void deleteUser(String sessionId, User user, String login) throws ServiceException {
|
||
checkAccess(user, Module.adminModule, "userDelete");
|
||
try {
|
||
UserClient client = new UserClient(Constants.USERSERVICE_ADDRESS, Constants.PKS_FILENAME,
|
||
YPSilonClient client = new YPSilonClient(Constants.YPSILON_ADDRESS, Constants.PKS_FILENAME,
|
||
Constants.PKS_PASSWORD, Constants.TRUST_PKS_FILENAME, Constants.TRUST_PKS_PASSWORD);
|
||
client.userDelete(sessionId, login);
|
||
} catch (ImplementationExceptionResponse ex) {
|
||
... | ... | |
log.debug(MapSessions.AdminAPMtoString());
|
||
}
|
||
|
||
public boolean createAccount(String sessionId, User user, String partnerId, String login, String pass) throws ServiceException {
|
||
public boolean createAccount(String sessionId, User user, String partnerId, String userDN, String userName) throws ServiceException {
|
||
checkAccess(user, Module.adminModule, "superadmin");
|
||
try {
|
||
UserClient client = new UserClient(Constants.USERSERVICE_ADDRESS, Constants.PKS_FILENAME,
|
||
String userId = (userName != null && !userName.isEmpty())? userName : userDN;
|
||
YPSilonClient client = new YPSilonClient(Constants.YPSILON_ADDRESS, Constants.PKS_FILENAME,
|
||
Constants.PKS_PASSWORD, Constants.TRUST_PKS_FILENAME, Constants.TRUST_PKS_PASSWORD);
|
||
boolean found = false;
|
||
try {
|
||
client.userInfo(sessionId, login);
|
||
client.userInfo(sessionId, userId);
|
||
found = true;
|
||
} catch (ImplementationExceptionResponse ex) {
|
||
log.warn(null, ex);
|
||
log.trace(null, ex);
|
||
} catch (SecurityExceptionResponse ex) {
|
||
log.warn(null, ex);
|
||
log.trace(null, ex);
|
||
}
|
||
if (found) {
|
||
throw new ServiceException("User exists", ServiceErrorType.Unknown);
|
||
}
|
||
String hashPass = SHA1.makeSHA1Hash(pass);
|
||
client.userCreate(sessionId, login, hashPass, partnerId, 30);
|
||
createRootPartnerPolicy(sessionId, login, partnerId);
|
||
} catch (NoSuchAlgorithmException ex) {
|
||
log.error("Algorithm error", ex);
|
||
throw new ServiceException(ex.getMessage(), ServiceErrorType.Unknown);
|
||
if (userName != null && !userName.isEmpty()) {
|
||
client.userCreate(sessionId, userDN, partnerId, userName, 30);
|
||
createRootPartnerPolicy(sessionId, userDN, partnerId);
|
||
}
|
||
else {
|
||
client.userCreate(sessionId, userDN, partnerId, 30);
|
||
createRootPartnerPolicy(sessionId, userDN, partnerId);
|
||
}
|
||
} catch (ImplementationExceptionResponse ex) {
|
||
log.error("Internal error", ex);
|
||
throw new ServiceException(ex.getMessage(), ServiceErrorType.Unknown);
|
Formats disponibles : Unified diff
Version 1.99
- a few bugs fixed!
- new testing application to capture events
- new options to the command line to configure the public/private keys
for TLS and for signature
- new method more accurate than "traceEPC": the events are sorted by
EPCIS
- New options added to the command line
- user can be identified by alias, if the DN of his certificate is
incompatible with the LDAP directory
- new shell script to configure the LDAP directory (same
functionnalities as IoTa-Installer)
- installs and configures LaMBDa
- finer certificate mangagement
- EpcILoN correctly subscribe with TLS to ETa
- new figure for LaMBDa
- shows data flows between PHI and YPSilon
- sets DS and DSeTa in different schemas