Return-Path:
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
by cust-asf2.ponee.io (Postfix) with ESMTP id C8B90200BAD
for ; Tue, 11 Oct 2016 05:24:36 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
id C7483160AEB; Tue, 11 Oct 2016 03:24:36 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
by cust-asf.ponee.io (Postfix) with SMTP id BCB19160AE1
for ; Tue, 11 Oct 2016 05:24:35 +0200 (CEST)
Received: (qmail 11044 invoked by uid 500); 11 Oct 2016 03:24:34 -0000
Mailing-List: contact commits-help@directory.apache.org; run by ezmlm
Precedence: bulk
List-Help:
List-Unsubscribe:
List-Post:
List-Id:
Reply-To: dev@directory.apache.org
Delivered-To: mailing list commits@directory.apache.org
Received: (qmail 11035 invoked by uid 99); 11 Oct 2016 03:24:34 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23)
by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 11 Oct 2016 03:24:34 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33)
id 9BA1FDFDEC; Tue, 11 Oct 2016 03:24:34 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: smckinney@apache.org
To: commits@directory.apache.org
Message-Id:
X-Mailer: ASF-Git Admin Mailer
Subject: directory-fortress-realm git commit: FC-194 - pw2string on admin &
access mgr method sigs
Date: Tue, 11 Oct 2016 03:24:34 +0000 (UTC)
archived-at: Tue, 11 Oct 2016 03:24:37 -0000
Repository: directory-fortress-realm
Updated Branches:
refs/heads/master 55198c447 -> 5dcc3c06e
FC-194 - pw2string on admin & access mgr method sigs
Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-realm/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-realm/commit/5dcc3c06
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-realm/tree/5dcc3c06
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-realm/diff/5dcc3c06
Branch: refs/heads/master
Commit: 5dcc3c06e7b49bc83150721da24360ec5f2ff84f
Parents: 55198c4
Author: Shawn McKinney
Authored: Mon Oct 10 22:03:08 2016 -0500
Committer: Shawn McKinney
Committed: Mon Oct 10 22:03:08 2016 -0500
----------------------------------------------------------------------
.../directory/fortress/realm/J2eePolicyMgr.java | 26 ++++++++++----------
.../fortress/realm/J2eePolicyMgrImpl.java | 6 ++---
.../fortress/realm/tomcat/TcAccessMgrImpl.java | 2 +-
3 files changed, 17 insertions(+), 17 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-fortress-realm/blob/5dcc3c06/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgr.java
----------------------------------------------------------------------
diff --git a/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgr.java b/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgr.java
index 379edec..f53993c 100644
--- a/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgr.java
+++ b/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgr.java
@@ -45,7 +45,7 @@ public interface J2eePolicyMgr
* @throws org.apache.directory.fortress.core.SecurityException
* in the event of data validation failure, security policy violation or DAO error.
*/
- boolean authenticate( String userId, char[] password ) throws SecurityException;
+ boolean authenticate( String userId, String password ) throws SecurityException;
/**
* Perform user authentication {@link User#password} and role activations.
@@ -58,9 +58,9 @@ public interface J2eePolicyMgr
* authenticate user password if trusted == false.
* perform OpenLDAP password policy evaluation.
* fail for any user who is locked by OpenLDAP's policies {@link org.apache.directory.fortress.core.model.User#isLocked()}, regardless of trusted flag being set as parm on API.
- * evaluate temporal {@link org.apache.directory.fortress.core.util.time.Constraint}(s) on {@link User}, {@link org.apache.directory.fortress.core.model.UserRole} and {@link org.apache.directory.fortress.core.model.UserAdminRole} entities.
+ * evaluate temporal {@link org.apache.directory.fortress.core.model.Constraint}(s) on {@link User}, {@link org.apache.directory.fortress.core.model.UserRole} and {@link org.apache.directory.fortress.core.model.UserAdminRole} entities.
* process selective role activations into User RBAC Session {@link User#roles}.
- * check Dynamic Separation of Duties {@link org.apache.directory.fortress.core.model.DSDChecker#validate(org.apache.directory.fortress.core.model.Session, org.apache.directory.fortress.core.util.time.Constraint, org.apache.directory.fortress.core.util.time.Time)} on {@link org.apache.directory.fortress.core.model.User#roles}.
+ * check Dynamic Separation of Duties {@link org.apache.directory.fortress.core.impl.DSDChecker#validate(org.apache.directory.fortress.core.model.Session, org.apache.directory.fortress.core.model.Constraint, org.apache.directory.fortress.core.util.time.Time), org.apache.directory.fortress.core.util.VUtil#ConstraintType} on {@link org.apache.directory.fortress.core.model.User#roles}.
* process selective administrative role activations {@link User#adminRoles}.
* return a {@link org.apache.directory.fortress.core.model.Session} containing {@link org.apache.directory.fortress.core.model.Session#getUser()}, {@link org.apache.directory.fortress.core.model.Session#getRoles()} and {@link org.apache.directory.fortress.core.model.Session#getAdminRoles()} if everything checks out good.
* throw a checked exception that will be {@link org.apache.directory.fortress.core.SecurityException} or its derivation.
@@ -92,7 +92,7 @@ public interface J2eePolicyMgr
*
*
* - roles that violate Dynamic Separation of Duty Relationships will not be activated into session.
- *
- role activations will proceed in same order as supplied to User entity setter, see {@link User#setRole(String)}.
+ *
- role activations will proceed in same order as supplied to User entity setter, see {@link User#setRoleName(String)}.
*
*
*
@@ -102,7 +102,7 @@ public interface J2eePolicyMgr
* @throws org.apache.directory.fortress.core.SecurityException
* in the event of data validation failure, security policy violation or DAO error.
*/
- TcPrincipal createSession( String userId, char[] password ) throws SecurityException;
+ TcPrincipal createSession( String userId, String password ) throws SecurityException;
/**
* Perform user authentication {@link User#password} and role activations.
@@ -115,9 +115,9 @@ public interface J2eePolicyMgr
* authenticate user password if trusted == false.
* perform OpenLDAP password policy evaluation.
* fail for any user who is locked by OpenLDAP's policies {@link org.apache.directory.fortress.core.model.User#isLocked()}, regardless of trusted flag being set as parm on API.
- * evaluate temporal {@link org.apache.directory.fortress.core.util.time.Constraint}(s) on {@link User}, {@link org.apache.directory.fortress.core.model.UserRole} and {@link org.apache.directory.fortress.core.model.UserAdminRole} entities.
+ * evaluate temporal {@link org.apache.directory.fortress.core.model.Constraint}(s) on {@link User}, {@link org.apache.directory.fortress.core.model.UserRole} and {@link org.apache.directory.fortress.core.model.UserAdminRole} entities.
* process selective role activations into User RBAC Session {@link User#roles}.
- * check Dynamic Separation of Duties {@link org.apache.directory.fortress.core.model.DSDChecker#validate(org.apache.directory.fortress.core.model.Session, org.apache.directory.fortress.core.util.time.Constraint, org.apache.directory.fortress.core.util.time.Time)} on {@link org.apache.directory.fortress.core.model.User#roles}.
+ * check Dynamic Separation of Duties {@link org.apache.directory.fortress.core.impl.DSDChecker#validate(org.apache.directory.fortress.core.model.Session, org.apache.directory.fortress.core.model.Constraint, org.apache.directory.fortress.core.util.time.Time)} on {@link org.apache.directory.fortress.core.model.User#roles}.
* process selective administrative role activations {@link User#adminRoles}.
* return a {@link org.apache.directory.fortress.core.model.Session} containing {@link org.apache.directory.fortress.core.model.Session#getUser()}, {@link org.apache.directory.fortress.core.model.Session#getRoles()} and {@link org.apache.directory.fortress.core.model.Session#getAdminRoles()} if everything checks out good.
* throw a checked exception that will be {@link org.apache.directory.fortress.core.SecurityException} or its derivation.
@@ -149,7 +149,7 @@ public interface J2eePolicyMgr
*
*
* - roles that violate Dynamic Separation of Duty Relationships will not be activated into session.
- *
- role activations will proceed in same order as supplied to User entity setter, see {@link User#setRole(String)}.
+ *
- role activations will proceed in same order as supplied to User entity setter, see {@link User#setRoleName(String)}.
*
*
*
@@ -160,7 +160,7 @@ public interface J2eePolicyMgr
* @throws org.apache.directory.fortress.core.SecurityException
* in the event of data validation failure, security policy violation or DAO error.
*/
- TcPrincipal createSession( String userId, char[] password, List roles ) throws SecurityException;
+ TcPrincipal createSession( String userId, String password, List roles ) throws SecurityException;
/**
* Perform user authentication {@link User#password} and role activations.
@@ -173,9 +173,9 @@ public interface J2eePolicyMgr
* authenticate user password if trusted == false.
* perform OpenLDAP password policy evaluation.
* fail for any user who is locked by OpenLDAP's policies {@link org.apache.directory.fortress.core.model.User#isLocked()}, regardless of trusted flag being set as parm on API.
- * evaluate temporal {@link org.apache.directory.fortress.core.util.time.Constraint}(s) on {@link User}, {@link org.apache.directory.fortress.core.model.UserRole} and {@link org.apache.directory.fortress.core.model.UserAdminRole} entities.
+ * evaluate temporal {@link org.apache.directory.fortress.core.model.Constraint}(s) on {@link User}, {@link org.apache.directory.fortress.core.model.UserRole} and {@link org.apache.directory.fortress.core.model.UserAdminRole} entities.
* process selective role activations into User RBAC Session {@link User#roles}.
- * check Dynamic Separation of Duties {@link org.apache.directory.fortress.core.model.DSDChecker#validate(org.apache.directory.fortress.core.model.Session, org.apache.directory.fortress.core.util.time.Constraint, org.apache.directory.fortress.core.util.time.Time)} on {@link org.apache.directory.fortress.core.model.User#roles}.
+ * check Dynamic Separation of Duties {@link org.apache.directory.fortress.core.impl.DSDChecker#validate(org.apache.directory.fortress.core.model.Session, org.apache.directory.fortress.core.model.Constraint, org.apache.directory.fortress.core.util.time.Time)} on {@link org.apache.directory.fortress.core.model.User#roles}.
* process selective administrative role activations {@link User#adminRoles}.
* return a {@link org.apache.directory.fortress.core.model.Session} containing {@link org.apache.directory.fortress.core.model.Session#getUser()}, {@link org.apache.directory.fortress.core.model.Session#getRoles()} and {@link org.apache.directory.fortress.core.model.Session#getAdminRoles()} if everything checks out good.
* throw a checked exception that will be {@link org.apache.directory.fortress.core.SecurityException} or its derivation.
@@ -207,13 +207,13 @@ public interface J2eePolicyMgr
*
*
* - roles that violate Dynamic Separation of Duty Relationships will not be activated into session.
- *
- role activations will proceed in same order as supplied to User entity setter, see {@link User#setRole(String)}.
+ *
- role activations will proceed in same order as supplied to User entity setter, see {@link User#setRoleName(String)}.
*
*
*
* @param user Contains {@link User#userId}, {@link org.apache.directory.fortress.core.model.User#password} (optional if {@code isTrusted} is 'true'), optional {@link User#roles}, optional {@link org.apache.directory.fortress.core.model.User#adminRoles}
* @param isTrusted if true password is not required.
- * @return Session object will contain authentication result code {@link org.apache.directory.fortress.core.model.Session#errorId}, RBAC role activations {@link org.apache.directory.fortress.core.model.Session#getRoles()}, Admin Role activations {@link org.apache.directory.fortress.core.model.Session#getAdminRoles()},OpenLDAP pw policy codes {@link org.apache.directory.fortress.core.model.Session#warningId}, {@link org.apache.directory.fortress.core.model.Session#expirationSeconds}, {@link org.apache.directory.fortress.core.model.Session#graceLogins} and more.
+ * @return Session object will contain authentication result code {@link org.apache.directory.fortress.core.model.Session#errorId}, RBAC role activations {@link org.apache.directory.fortress.core.model.Session#getRoles()}, Admin Role activations {@link org.apache.directory.fortress.core.model.Session#getAdminRoles()},OpenLDAP pw policy codes {@link org.apache.directory.fortress.core.model.Session#warnings}, {@link org.apache.directory.fortress.core.model.Session#expirationSeconds}, {@link org.apache.directory.fortress.core.model.Session#graceLogins} and more.
* @throws org.apache.directory.fortress.core.SecurityException
* in the event of data validation failure, security policy violation or DAO error.
*/
http://git-wip-us.apache.org/repos/asf/directory-fortress-realm/blob/5dcc3c06/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgrImpl.java
----------------------------------------------------------------------
diff --git a/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgrImpl.java b/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgrImpl.java
index aedcdfa..5250108 100644
--- a/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgrImpl.java
+++ b/impl/src/main/java/org/apache/directory/fortress/realm/J2eePolicyMgrImpl.java
@@ -81,7 +81,7 @@ public class J2eePolicyMgrImpl implements J2eePolicyMgr
* {@inheritDoc}
*/
@Override
- public boolean authenticate( String userId, char[] password ) throws SecurityException
+ public boolean authenticate( String userId, String password ) throws SecurityException
{
boolean result = false;
Session session = accessMgr.authenticate( userId, password );
@@ -103,7 +103,7 @@ public class J2eePolicyMgrImpl implements J2eePolicyMgr
* {@inheritDoc}
*/
@Override
- public TcPrincipal createSession( String userId, char[] password ) throws SecurityException
+ public TcPrincipal createSession( String userId, String password ) throws SecurityException
{
User user = new User( userId, new String ( password ) );
@@ -113,7 +113,7 @@ public class J2eePolicyMgrImpl implements J2eePolicyMgr
/**
* {@inheritDoc}
*/
- public TcPrincipal createSession( String userId, char[] password, List roles ) throws SecurityException
+ public TcPrincipal createSession( String userId, String password, List roles ) throws SecurityException
{
User user = new User( userId, new String ( password ) );
http://git-wip-us.apache.org/repos/asf/directory-fortress-realm/blob/5dcc3c06/impl/src/main/java/org/apache/directory/fortress/realm/tomcat/TcAccessMgrImpl.java
----------------------------------------------------------------------
diff --git a/impl/src/main/java/org/apache/directory/fortress/realm/tomcat/TcAccessMgrImpl.java b/impl/src/main/java/org/apache/directory/fortress/realm/tomcat/TcAccessMgrImpl.java
index 76b1f5e..035668a 100644
--- a/impl/src/main/java/org/apache/directory/fortress/realm/tomcat/TcAccessMgrImpl.java
+++ b/impl/src/main/java/org/apache/directory/fortress/realm/tomcat/TcAccessMgrImpl.java
@@ -78,7 +78,7 @@ public class TcAccessMgrImpl implements TcAccessMgr
* {@inheritDoc}
*/
@Override
- public Principal authenticate( String userId, char[] password )
+ public Principal authenticate( String userId, String password )
{
TcPrincipal principal = null;
try