directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From smckin...@apache.org
Subject directory-fortress-realm git commit: FC-194 - pw2string on admin & access mgr method sigs
Date Tue, 11 Oct 2016 03:24:34 GMT
Repository: directory-fortress-realm
Updated Branches:
  refs/heads/master 55198c447 -> 5dcc3c06e


 FC-194 - pw2string on admin & access mgr method sigs


Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-realm/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-realm/commit/5dcc3c06
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-realm/tree/5dcc3c06
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-realm/diff/5dcc3c06

Branch: refs/heads/master
Commit: 5dcc3c06e7b49bc83150721da24360ec5f2ff84f
Parents: 55198c4
Author: Shawn McKinney <smckinney@apache.org>
Authored: Mon Oct 10 22:03:08 2016 -0500
Committer: Shawn McKinney <smckinney@apache.org>
Committed: Mon Oct 10 22:03:08 2016 -0500

----------------------------------------------------------------------
 .../directory/fortress/realm/J2eePolicyMgr.java | 26 ++++++++++----------
 .../fortress/realm/J2eePolicyMgrImpl.java       |  6 ++---
 .../fortress/realm/tomcat/TcAccessMgrImpl.java  |  2 +-
 3 files changed, 17 insertions(+), 17 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-fortress-realm/blob/5dcc3c06/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgr.java
----------------------------------------------------------------------
diff --git a/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgr.java b/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgr.java
index 379edec..f53993c 100644
--- a/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgr.java
+++ b/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgr.java
@@ -45,7 +45,7 @@ public interface J2eePolicyMgr
      * @throws org.apache.directory.fortress.core.SecurityException
      *          in the event of data validation failure, security policy violation or DAO
error.
      */
-    boolean authenticate( String userId, char[] password ) throws SecurityException;
+    boolean authenticate( String userId, String password ) throws SecurityException;
 
     /**
      * Perform user authentication {@link User#password} and role activations.<br />
@@ -58,9 +58,9 @@ public interface J2eePolicyMgr
      * <li> authenticate user password if trusted == false.
      * <li> perform <a href="http://www.openldap.org/">OpenLDAP</a> <a
href="http://tools.ietf.org/html/draft-behera-ldap-password-policy-10/">password policy
evaluation</a>.
      * <li> fail for any user who is locked by OpenLDAP's policies {@link org.apache.directory.fortress.core.model.User#isLocked()},
regardless of trusted flag being set as parm on API.
-     * <li> evaluate temporal {@link org.apache.directory.fortress.core.util.time.Constraint}(s)
on {@link User}, {@link org.apache.directory.fortress.core.model.UserRole} and {@link org.apache.directory.fortress.core.model.UserAdminRole}
entities.
+     * <li> evaluate temporal {@link org.apache.directory.fortress.core.model.Constraint}(s)
on {@link User}, {@link org.apache.directory.fortress.core.model.UserRole} and {@link org.apache.directory.fortress.core.model.UserAdminRole}
entities.
      * <li> process selective role activations into User RBAC Session {@link User#roles}.
-     * <li> check Dynamic Separation of Duties {@link org.apache.directory.fortress.core.model.DSDChecker#validate(org.apache.directory.fortress.core.model.Session,
org.apache.directory.fortress.core.util.time.Constraint, org.apache.directory.fortress.core.util.time.Time)}
on {@link org.apache.directory.fortress.core.model.User#roles}.
+     * <li> check Dynamic Separation of Duties {@link org.apache.directory.fortress.core.impl.DSDChecker#validate(org.apache.directory.fortress.core.model.Session,
org.apache.directory.fortress.core.model.Constraint, org.apache.directory.fortress.core.util.time.Time),
org.apache.directory.fortress.core.util.VUtil#ConstraintType} on {@link org.apache.directory.fortress.core.model.User#roles}.
      * <li> process selective administrative role activations {@link User#adminRoles}.
      * <li> return a {@link org.apache.directory.fortress.core.model.Session} containing
{@link org.apache.directory.fortress.core.model.Session#getUser()}, {@link org.apache.directory.fortress.core.model.Session#getRoles()}
and {@link org.apache.directory.fortress.core.model.Session#getAdminRoles()} if everything
checks out good.
      * <li> throw a checked exception that will be {@link org.apache.directory.fortress.core.SecurityException}
or its derivation.
@@ -92,7 +92,7 @@ public interface J2eePolicyMgr
      * </h4>
      * <ul>
      * <li> roles that violate Dynamic Separation of Duty Relationships will not be
activated into session.
-     * <li> role activations will proceed in same order as supplied to User entity
setter, see {@link User#setRole(String)}.
+     * <li> role activations will proceed in same order as supplied to User entity
setter, see {@link User#setRoleName(String)}.
      * </ul>
      * </p>
      *
@@ -102,7 +102,7 @@ public interface J2eePolicyMgr
      * @throws org.apache.directory.fortress.core.SecurityException
      *          in the event of data validation failure, security policy violation or DAO
error.
      */
-    TcPrincipal createSession( String userId, char[] password ) throws SecurityException;
+    TcPrincipal createSession( String userId, String password ) throws SecurityException;
 
     /**
      * Perform user authentication {@link User#password} and role activations.<br />
@@ -115,9 +115,9 @@ public interface J2eePolicyMgr
      * <li> authenticate user password if trusted == false.
      * <li> perform <a href="http://www.openldap.org/">OpenLDAP</a> <a
href="http://tools.ietf.org/html/draft-behera-ldap-password-policy-10/">password policy
evaluation</a>.
      * <li> fail for any user who is locked by OpenLDAP's policies {@link org.apache.directory.fortress.core.model.User#isLocked()},
regardless of trusted flag being set as parm on API.
-     * <li> evaluate temporal {@link org.apache.directory.fortress.core.util.time.Constraint}(s)
on {@link User}, {@link org.apache.directory.fortress.core.model.UserRole} and {@link org.apache.directory.fortress.core.model.UserAdminRole}
entities.
+     * <li> evaluate temporal {@link org.apache.directory.fortress.core.model.Constraint}(s)
on {@link User}, {@link org.apache.directory.fortress.core.model.UserRole} and {@link org.apache.directory.fortress.core.model.UserAdminRole}
entities.
      * <li> process selective role activations into User RBAC Session {@link User#roles}.
-     * <li> check Dynamic Separation of Duties {@link org.apache.directory.fortress.core.model.DSDChecker#validate(org.apache.directory.fortress.core.model.Session,
org.apache.directory.fortress.core.util.time.Constraint, org.apache.directory.fortress.core.util.time.Time)}
on {@link org.apache.directory.fortress.core.model.User#roles}.
+     * <li> check Dynamic Separation of Duties {@link org.apache.directory.fortress.core.impl.DSDChecker#validate(org.apache.directory.fortress.core.model.Session,
org.apache.directory.fortress.core.model.Constraint, org.apache.directory.fortress.core.util.time.Time)}
on {@link org.apache.directory.fortress.core.model.User#roles}.
      * <li> process selective administrative role activations {@link User#adminRoles}.
      * <li> return a {@link org.apache.directory.fortress.core.model.Session} containing
{@link org.apache.directory.fortress.core.model.Session#getUser()}, {@link org.apache.directory.fortress.core.model.Session#getRoles()}
and {@link org.apache.directory.fortress.core.model.Session#getAdminRoles()} if everything
checks out good.
      * <li> throw a checked exception that will be {@link org.apache.directory.fortress.core.SecurityException}
or its derivation.
@@ -149,7 +149,7 @@ public interface J2eePolicyMgr
      * </h4>
      * <ul>
      * <li> roles that violate Dynamic Separation of Duty Relationships will not be
activated into session.
-     * <li> role activations will proceed in same order as supplied to User entity
setter, see {@link User#setRole(String)}.
+     * <li> role activations will proceed in same order as supplied to User entity
setter, see {@link User#setRoleName(String)}.
      * </ul>
      * </p>
      *
@@ -160,7 +160,7 @@ public interface J2eePolicyMgr
      * @throws org.apache.directory.fortress.core.SecurityException
      *          in the event of data validation failure, security policy violation or DAO
error.
      */
-    TcPrincipal createSession( String userId, char[] password, List<String> roles )
throws SecurityException;
+    TcPrincipal createSession( String userId, String password, List<String> roles )
throws SecurityException;
 
     /**
      * Perform user authentication {@link User#password} and role activations.<br />
@@ -173,9 +173,9 @@ public interface J2eePolicyMgr
      * <li> authenticate user password if trusted == false.
      * <li> perform <a href="http://www.openldap.org/">OpenLDAP</a> <a
href="http://tools.ietf.org/html/draft-behera-ldap-password-policy-10/">password policy
evaluation</a>.
      * <li> fail for any user who is locked by OpenLDAP's policies {@link org.apache.directory.fortress.core.model.User#isLocked()},
regardless of trusted flag being set as parm on API.
-     * <li> evaluate temporal {@link org.apache.directory.fortress.core.util.time.Constraint}(s)
on {@link User}, {@link org.apache.directory.fortress.core.model.UserRole} and {@link org.apache.directory.fortress.core.model.UserAdminRole}
entities.
+     * <li> evaluate temporal {@link org.apache.directory.fortress.core.model.Constraint}(s)
on {@link User}, {@link org.apache.directory.fortress.core.model.UserRole} and {@link org.apache.directory.fortress.core.model.UserAdminRole}
entities.
      * <li> process selective role activations into User RBAC Session {@link User#roles}.
-     * <li> check Dynamic Separation of Duties {@link org.apache.directory.fortress.core.model.DSDChecker#validate(org.apache.directory.fortress.core.model.Session,
org.apache.directory.fortress.core.util.time.Constraint, org.apache.directory.fortress.core.util.time.Time)}
on {@link org.apache.directory.fortress.core.model.User#roles}.
+     * <li> check Dynamic Separation of Duties {@link org.apache.directory.fortress.core.impl.DSDChecker#validate(org.apache.directory.fortress.core.model.Session,
org.apache.directory.fortress.core.model.Constraint, org.apache.directory.fortress.core.util.time.Time)}
on {@link org.apache.directory.fortress.core.model.User#roles}.
      * <li> process selective administrative role activations {@link User#adminRoles}.
      * <li> return a {@link org.apache.directory.fortress.core.model.Session} containing
{@link org.apache.directory.fortress.core.model.Session#getUser()}, {@link org.apache.directory.fortress.core.model.Session#getRoles()}
and {@link org.apache.directory.fortress.core.model.Session#getAdminRoles()} if everything
checks out good.
      * <li> throw a checked exception that will be {@link org.apache.directory.fortress.core.SecurityException}
or its derivation.
@@ -207,13 +207,13 @@ public interface J2eePolicyMgr
      * </h4>
      * <ul>
      * <li> roles that violate Dynamic Separation of Duty Relationships will not be
activated into session.
-     * <li> role activations will proceed in same order as supplied to User entity
setter, see {@link User#setRole(String)}.
+     * <li> role activations will proceed in same order as supplied to User entity
setter, see {@link User#setRoleName(String)}.
      * </ul>
      * </p>
      *
      * @param user      Contains {@link User#userId}, {@link org.apache.directory.fortress.core.model.User#password}
(optional if {@code isTrusted} is 'true'), optional {@link User#roles}, optional {@link org.apache.directory.fortress.core.model.User#adminRoles}
      * @param isTrusted if true password is not required.
-     * @return Session object will contain authentication result code {@link org.apache.directory.fortress.core.model.Session#errorId},
RBAC role activations {@link org.apache.directory.fortress.core.model.Session#getRoles()},
Admin Role activations {@link org.apache.directory.fortress.core.model.Session#getAdminRoles()},OpenLDAP
pw policy codes {@link org.apache.directory.fortress.core.model.Session#warningId}, {@link
org.apache.directory.fortress.core.model.Session#expirationSeconds}, {@link org.apache.directory.fortress.core.model.Session#graceLogins}
and more.
+     * @return Session object will contain authentication result code {@link org.apache.directory.fortress.core.model.Session#errorId},
RBAC role activations {@link org.apache.directory.fortress.core.model.Session#getRoles()},
Admin Role activations {@link org.apache.directory.fortress.core.model.Session#getAdminRoles()},OpenLDAP
pw policy codes {@link org.apache.directory.fortress.core.model.Session#warnings}, {@link
org.apache.directory.fortress.core.model.Session#expirationSeconds}, {@link org.apache.directory.fortress.core.model.Session#graceLogins}
and more.
      * @throws org.apache.directory.fortress.core.SecurityException
      *          in the event of data validation failure, security policy violation or DAO
error.
      */

http://git-wip-us.apache.org/repos/asf/directory-fortress-realm/blob/5dcc3c06/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgrImpl.java
----------------------------------------------------------------------
diff --git a/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgrImpl.java
b/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgrImpl.java
index aedcdfa..5250108 100644
--- a/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgrImpl.java
+++ b/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgrImpl.java
@@ -81,7 +81,7 @@ public class J2eePolicyMgrImpl implements J2eePolicyMgr
      * {@inheritDoc}
      */
     @Override
-    public boolean authenticate( String userId, char[] password ) throws SecurityException
+    public boolean authenticate( String userId, String password ) throws SecurityException
     {
         boolean result = false;
         Session session = accessMgr.authenticate( userId, password );
@@ -103,7 +103,7 @@ public class J2eePolicyMgrImpl implements J2eePolicyMgr
      * {@inheritDoc}
      */
     @Override
-    public TcPrincipal createSession( String userId, char[] password ) throws SecurityException
+    public TcPrincipal createSession( String userId, String password ) throws SecurityException
     {
         User user = new User( userId, new String ( password ) );
         
@@ -113,7 +113,7 @@ public class J2eePolicyMgrImpl implements J2eePolicyMgr
     /**
      * {@inheritDoc}
      */
-    public TcPrincipal createSession( String userId, char[] password, List<String>
roles ) throws SecurityException
+    public TcPrincipal createSession( String userId, String password, List<String>
roles ) throws SecurityException
     {
         User user = new User( userId, new String ( password ) );
         

http://git-wip-us.apache.org/repos/asf/directory-fortress-realm/blob/5dcc3c06/impl/src/main/java/org/apache/directory/fortress/realm/tomcat/TcAccessMgrImpl.java
----------------------------------------------------------------------
diff --git a/impl/src/main/java/org/apache/directory/fortress/realm/tomcat/TcAccessMgrImpl.java
b/impl/src/main/java/org/apache/directory/fortress/realm/tomcat/TcAccessMgrImpl.java
index 76b1f5e..035668a 100644
--- a/impl/src/main/java/org/apache/directory/fortress/realm/tomcat/TcAccessMgrImpl.java
+++ b/impl/src/main/java/org/apache/directory/fortress/realm/tomcat/TcAccessMgrImpl.java
@@ -78,7 +78,7 @@ public class TcAccessMgrImpl implements TcAccessMgr
      * {@inheritDoc}
      */
     @Override
-    public Principal authenticate( String userId, char[] password )
+    public Principal authenticate( String userId, String password )
     {
         TcPrincipal principal = null;
         try


Mime
View raw message