Révision bf9c3717
Ajouté par Remy Menard il y a environ 11 ans
| ETa/EpcisPHI/src/main/java/fr/unicaen/iota/epcisphi/xacml/servlet/Services.java | ||
|---|---|---|
|
import com.sun.xacml.ctx.Result;
|
||
|
import fr.unicaen.iota.epcisphi.utils.*;
|
||
|
import fr.unicaen.iota.epcisphi.xacml.ihm.Module;
|
||
|
import fr.unicaen.iota.eta.user.client.UserClient;
|
||
|
import fr.unicaen.iota.eta.user.userservice_wsdl.ImplementationExceptionResponse;
|
||
|
import fr.unicaen.iota.eta.user.userservice_wsdl.SecurityExceptionResponse;
|
||
|
import fr.unicaen.iota.ypsilon.client.YPSilonClient;
|
||
|
import fr.unicaen.iota.xacml.pep.MethodNamesAdmin;
|
||
|
import fr.unicaen.iota.xacml.policy.GroupPolicy;
|
||
|
import fr.unicaen.iota.xacml.policy.OwnerPolicies;
|
||
|
import fr.unicaen.iota.ypsilon.client.soap.ImplementationExceptionResponse;
|
||
|
import fr.unicaen.iota.ypsilon.client.soap.SecurityExceptionResponse;
|
||
|
import java.lang.reflect.Method;
|
||
|
import java.security.NoSuchAlgorithmException;
|
||
|
import java.util.ArrayList;
|
||
|
import java.util.Calendar;
|
||
|
import java.util.Date;
|
||
| ... | ... | |
|
}
|
||
|
}
|
||
|
|
||
|
/*
|
||
|
* TODO: methods implementing public void updatePartner(String sessionId,
|
||
|
* User user, int partnerUID, String partnerID, String serviceID, String
|
||
|
* serviceAddress, String serviceType, Session session) throws
|
||
|
* ServiceException { if (PEPRequester.checkAccess(user, "partnerUpdate") ==
|
||
|
* Result.DECISION_DENY) { throw new ServiceException("partnerUpdate: not
|
||
|
* allowed for user " + user.getUserID() + " in module: " +
|
||
|
* Module.adminModule, ServiceErrorType.xacml); } DsClient gatewayClient =
|
||
|
* new DsClient(CONFIGURATION.DS_ADDRESS); Service service; try { service =
|
||
|
* new Service(serviceID, serviceType, new URI(serviceAddress)); } catch
|
||
|
* (MalformedURIException ex) { throw new ServiceException("service URL
|
||
|
* malformed !", ServiceErrorType.Unknown); } List<Service> lService = new
|
||
|
* ArrayList<Service>(); lService.add(service); try {
|
||
|
* gatewayClient.partnerUpdate(sessionId, partnerUID, partnerID, lService);
|
||
|
* } catch (RemoteException ex) { throw new ServiceException("DS
|
||
|
* Communication Failure: internal protocol error !",
|
||
|
* ServiceErrorType.Unknown); } catch (EnancedProtocolException ex) { throw
|
||
|
* new ServiceException(ex.getMessage(), ServiceErrorType.Unknown); } }
|
||
|
*/
|
||
|
public void createUser(String sessionId, User user, String login, String pass) throws ServiceException {
|
||
|
public void createUser(String sessionId, User user, String login, String userName) throws ServiceException {
|
||
|
checkAccess(user, Module.adminModule, "userCreate");
|
||
|
try {
|
||
|
String partner = user.getPartnerID();
|
||
|
String hashPass = SHA1.makeSHA1Hash(pass);
|
||
|
UserClient client = new UserClient(Constants.USERSERVICE_ADDRESS, Constants.PKS_FILENAME,
|
||
|
YPSilonClient client = new YPSilonClient(Constants.YPSILON_ADDRESS, Constants.PKS_FILENAME,
|
||
|
Constants.PKS_PASSWORD, Constants.TRUST_PKS_FILENAME, Constants.TRUST_PKS_PASSWORD);
|
||
|
client.userCreate(sessionId, login, hashPass, partner, 30);
|
||
|
} catch (NoSuchAlgorithmException ex) {
|
||
|
log.error("Algorithm error", ex);
|
||
|
throw new ServiceException(ex.getMessage(), ServiceErrorType.epcis);
|
||
|
if (userName != null && !userName.isEmpty()) {
|
||
|
client.userCreate(sessionId, login, partner, userName, 30);
|
||
|
}
|
||
|
else {
|
||
|
client.userCreate(sessionId, login, partner, 30);
|
||
|
}
|
||
|
} catch (ImplementationExceptionResponse ex) {
|
||
|
log.error("Internal error", ex);
|
||
|
throw new ServiceException(ex.getMessage(), ServiceErrorType.Unknown);
|
||
| ... | ... | |
|
public void deleteUser(String sessionId, User user, String login) throws ServiceException {
|
||
|
checkAccess(user, Module.adminModule, "userDelete");
|
||
|
try {
|
||
|
UserClient client = new UserClient(Constants.USERSERVICE_ADDRESS, Constants.PKS_FILENAME,
|
||
|
YPSilonClient client = new YPSilonClient(Constants.YPSILON_ADDRESS, Constants.PKS_FILENAME,
|
||
|
Constants.PKS_PASSWORD, Constants.TRUST_PKS_FILENAME, Constants.TRUST_PKS_PASSWORD);
|
||
|
client.userDelete(sessionId, login);
|
||
|
} catch (ImplementationExceptionResponse ex) {
|
||
| ... | ... | |
|
log.debug(MapSessions.AdminAPMtoString());
|
||
|
}
|
||
|
|
||
|
public boolean createAccount(String sessionId, User user, String partnerId, String login, String pass) throws ServiceException {
|
||
|
public boolean createAccount(String sessionId, User user, String partnerId, String userDN, String userName) throws ServiceException {
|
||
|
checkAccess(user, Module.adminModule, "superadmin");
|
||
|
try {
|
||
|
UserClient client = new UserClient(Constants.USERSERVICE_ADDRESS, Constants.PKS_FILENAME,
|
||
|
String userId = (userName != null && !userName.isEmpty())? userName : userDN;
|
||
|
YPSilonClient client = new YPSilonClient(Constants.YPSILON_ADDRESS, Constants.PKS_FILENAME,
|
||
|
Constants.PKS_PASSWORD, Constants.TRUST_PKS_FILENAME, Constants.TRUST_PKS_PASSWORD);
|
||
|
boolean found = false;
|
||
|
try {
|
||
|
client.userInfo(sessionId, login);
|
||
|
client.userInfo(sessionId, userId);
|
||
|
found = true;
|
||
|
} catch (ImplementationExceptionResponse ex) {
|
||
|
log.warn(null, ex);
|
||
|
log.trace(null, ex);
|
||
|
} catch (SecurityExceptionResponse ex) {
|
||
|
log.warn(null, ex);
|
||
|
log.trace(null, ex);
|
||
|
}
|
||
|
if (found) {
|
||
|
throw new ServiceException("User exists", ServiceErrorType.Unknown);
|
||
|
}
|
||
|
String hashPass = SHA1.makeSHA1Hash(pass);
|
||
|
client.userCreate(sessionId, login, hashPass, partnerId, 30);
|
||
|
createRootPartnerPolicy(sessionId, login, partnerId);
|
||
|
} catch (NoSuchAlgorithmException ex) {
|
||
|
log.error("Algorithm error", ex);
|
||
|
throw new ServiceException(ex.getMessage(), ServiceErrorType.Unknown);
|
||
|
if (userName != null && !userName.isEmpty()) {
|
||
|
client.userCreate(sessionId, userDN, partnerId, userName, 30);
|
||
|
createRootPartnerPolicy(sessionId, userDN, partnerId);
|
||
|
}
|
||
|
else {
|
||
|
client.userCreate(sessionId, userDN, partnerId, 30);
|
||
|
createRootPartnerPolicy(sessionId, userDN, partnerId);
|
||
|
}
|
||
|
} catch (ImplementationExceptionResponse ex) {
|
||
|
log.error("Internal error", ex);
|
||
|
throw new ServiceException(ex.getMessage(), ServiceErrorType.Unknown);
|
||
Formats disponibles : Unified diff
Version 1.99
- a few bugs fixed!
- new testing application to capture events
- new options to the command line to configure the public/private keys
for TLS and for signature
- new method more accurate than "traceEPC": the events are sorted by
EPCIS
- New options added to the command line
- user can be identified by alias, if the DN of his certificate is
incompatible with the LDAP directory
- new shell script to configure the LDAP directory (same
functionnalities as IoTa-Installer)
- installs and configures LaMBDa
- finer certificate mangagement
- EpcILoN correctly subscribe with TLS to ETa
- new figure for LaMBDa
- shows data flows between PHI and YPSilon
- sets DS and DSeTa in different schemas