## Levels
log4j.logger.org.argeo=DEBUG
-
-log4j.logger.org.hibernate=WARN
+log4j.logger.org.argeo.server.json=TRACE
+log4j.logger.org.argeo.security.core=TRACE
log4j.logger.org.springframework=WARN
-#log4j.logger.org.springframework.web=DEBUG
-#log4j.logger.org.springframework.jms=WARN
log4j.logger.org.springframework.security=WARN
log4j.logger.org.apache.directory.server=INFO
log4j.logger.org.apache.coyote=INFO
## Appenders
-# console is set to be a ConsoleAppender.
log4j.appender.console=org.apache.log4j.ConsoleAppender
-
-# console uses PatternLayout.
log4j.appender.console.layout=org.apache.log4j.PatternLayout
log4j.appender.console.layout.ConversionPattern= %-5p %d{ISO8601} %m - %c%n
public interface ArgeoSecurityDao {
public ArgeoUser getCurrentUser();
-
+
public List<ArgeoUser> listUsers();
public List<String> listEditableRoles();
public Boolean userExists(String username);
public ArgeoUser getUser(String username);
+
+ public ArgeoUser getUserWithPassword(String username);
}
package org.argeo.security;
import java.io.Serializable;
-import java.util.UUID;
-//@JsonAutoDetect(value = { JsonMethod.GETTER, JsonMethod.SETTER })
public class UserNature implements Serializable {
private static final long serialVersionUID = 1L;
- // private final static Log log = LogFactory.getLog(UserNature.class);
-
- private String uuid = UUID.randomUUID().toString();
private String type;
- public String getUuid() {
- return uuid;
- }
-
- public void setUuid(String uuid) {
- this.uuid = uuid;
- }
-
public String getType() {
if (type != null)
return type;
public void setType(String type) {
this.type = type;
}
-
- // @JsonAnySetter
- // public void anySetter(String key, Object obj) {
- // if (obj != null)
- // log.info("anySetter: " + key + "=" + obj + " (" + obj.getClass()
- // + "), natureType=" + type);
- // }
}
import java.util.Collections;
import java.util.List;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
import org.argeo.security.ArgeoUser;
import org.argeo.security.SimpleArgeoUser;
import org.argeo.security.UserNature;
public class ArgeoUserDetails extends User implements ArgeoUser {
private static final long serialVersionUID = 1L;
+ private final static Log log = LogFactory.getLog(ArgeoUserDetails.class);
private final List<UserNature> userNatures;
private final List<String> roles;
protected static GrantedAuthority[] rolesToAuthorities(List<String> roles) {
GrantedAuthority[] arr = new GrantedAuthority[roles.size()];
for (int i = 0; i < roles.size(); i++) {
- arr[i] = new GrantedAuthorityImpl(roles.get(i));
+ String role = roles.get(i);
+ if (log.isTraceEnabled())
+ log.debug("Convert role " + role + " to authority (i=" + i
+ + ")");
+ arr[i] = new GrantedAuthorityImpl(role);
}
return arr;
}
- public static SimpleArgeoUser createBasicArgeoUser(UserDetails userDetails) {
+ public static SimpleArgeoUser createSimpleArgeoUser(UserDetails userDetails) {
if (userDetails instanceof ArgeoUser) {
return new SimpleArgeoUser((ArgeoUser) userDetails);
} else {
public static ArgeoUser asArgeoUser(Authentication authentication) {
if (authentication.getPrincipal() instanceof ArgeoUser) {
- return new SimpleArgeoUser((ArgeoUser) authentication.getPrincipal());
+ return new SimpleArgeoUser((ArgeoUser) authentication
+ .getPrincipal());
} else {
SimpleArgeoUser argeoUser = new SimpleArgeoUser();
argeoUser.setUsername(authentication.getName());
}
public void updateUserPassword(String username, String password) {
- SimpleArgeoUser user = new SimpleArgeoUser(securityDao.getUser(username));
+ SimpleArgeoUser user = new SimpleArgeoUser(securityDao
+ .getUser(username));
user.setPassword(password);
securityDao.update(user);
}
public void newUser(ArgeoUser user) {
+ user.getUserNatures().clear();
argeoSecurity.beforeCreate(user);
securityDao.create(user);
}
+ public void updateUser(ArgeoUser user) {
+ String password = securityDao.getUserWithPassword(user.getUsername())
+ .getPassword();
+ SimpleArgeoUser simpleArgeoUser = new SimpleArgeoUser(user);
+ simpleArgeoUser.setPassword(password);
+ securityDao.update(user);
+ }
+
public void setArgeoSecurity(ArgeoSecurity argeoSecurity) {
this.argeoSecurity = argeoSecurity;
}
package org.argeo.security.ldap;
-import static org.argeo.security.core.ArgeoUserDetails.createBasicArgeoUser;
+import static org.argeo.security.core.ArgeoUserDetails.createSimpleArgeoUser;
import java.util.ArrayList;
import java.util.List;
import org.argeo.security.ArgeoSecurityDao;
import org.argeo.security.ArgeoUser;
+import org.argeo.security.SimpleArgeoUser;
import org.argeo.security.core.ArgeoUserDetails;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.ldap.core.ContextExecutor;
}
public ArgeoUser getUser(String uname) {
- return createBasicArgeoUser(getDetails(uname));
+ SimpleArgeoUser user = createSimpleArgeoUser(getDetails(uname));
+ user.setPassword(null);
+ return user;
+ }
+
+ public ArgeoUser getUserWithPassword(String uname) {
+ return createSimpleArgeoUser(getDetails(uname));
}
public ArgeoUser getCurrentUser() {
List<ArgeoUser> lst = new ArrayList<ArgeoUser>();
for (String username : usernames) {
- lst.add(createBasicArgeoUser(getDetails(username)));
+ lst.add(createSimpleArgeoUser(getDetails(username)));
}
return lst;
}
import java.util.Collections;
import java.util.List;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
import org.argeo.security.ArgeoUser;
import org.argeo.security.UserNature;
import org.argeo.security.core.ArgeoUserDetails;
import org.springframework.security.userdetails.ldap.UserDetailsContextMapper;
public class ArgeoUserDetailsContextMapper implements UserDetailsContextMapper {
- private final static Log log = LogFactory
- .getLog(ArgeoUserDetailsContextMapper.class);
+// private final static Log log = LogFactory
+// .getLog(ArgeoUserDetailsContextMapper.class);
private List<UserNatureMapper> userNatureMappers = new ArrayList<UserNatureMapper>();
.first();
String password = new String(arr);
- List<UserNature> userInfos = new ArrayList<UserNature>();
+ List<UserNature> userNatures = new ArrayList<UserNature>();
for (UserNatureMapper userInfoMapper : userNatureMappers) {
UserNature userNature = userInfoMapper.mapUserInfoFromContext(ctx);
- if (log.isTraceEnabled())
- log.debug("Add user nature " + userNature);
- userInfos.add(userNature);
+ if (userNature != null)
+ userNatures.add(userNature);
}
return new ArgeoUserDetails(username, Collections
- .unmodifiableList(userInfos), password, authorities);
+ .unmodifiableList(userNatures), password, authorities);
}
public void mapUserToContext(UserDetails user, DirContextAdapter ctx) {
ctx.setAttributeValue("userPassword", user.getPassword());
if (user instanceof ArgeoUser) {
ArgeoUser argeoUser = (ArgeoUser) user;
- for (UserNature userInfo : argeoUser.getUserNatures()) {
+ for (UserNature userNature : argeoUser.getUserNatures()) {
for (UserNatureMapper userInfoMapper : userNatureMappers) {
- if (userInfoMapper.supports(userInfo)) {
- userInfoMapper.mapUserInfoToContext(userInfo, ctx);
+ if (userInfoMapper.supports(userNature)) {
+ userInfoMapper.mapUserInfoToContext(userNature, ctx);
break;// use the first mapper found and no others
}
}
public class CoworkerUserNatureMapper implements UserNatureMapper {
public UserNature mapUserInfoFromContext(DirContextOperations ctx) {
- CoworkerNature basicUserInfo = new CoworkerNature();
- basicUserInfo.setDescription(ctx.getStringAttribute("description"));
- basicUserInfo.setMobile(ctx.getStringAttribute("mobile"));
- basicUserInfo.setTelephoneNumber(ctx
- .getStringAttribute("telephoneNumber"));
- basicUserInfo.setUuid(ctx.getStringAttribute("employeeNumber"));
- return basicUserInfo;
+ CoworkerNature nature = new CoworkerNature();
+ nature.setDescription(ctx.getStringAttribute("description"));
+ nature.setMobile(ctx.getStringAttribute("mobile"));
+ nature.setTelephoneNumber(ctx.getStringAttribute("telephoneNumber"));
+
+ if (nature.getDescription() == null && nature.getMobile() == null
+ && nature.getTelephoneNumber() == null)
+ return null;
+ else
+ return nature;
}
public void mapUserInfoToContext(UserNature userInfoArg,
DirContextAdapter ctx) {
- CoworkerNature userInfo = (CoworkerNature) userInfoArg;
- ctx.setAttributeValue("employeeNumber", userInfo.getUuid());
- if (userInfo.getDescription() != null) {
- ctx.setAttributeValue("description", userInfo.getDescription());
+ CoworkerNature nature = (CoworkerNature) userInfoArg;
+ if (nature.getDescription() != null) {
+ ctx.setAttributeValue("description", nature.getDescription());
}
- if (userInfo.getMobile() == null || !userInfo.getMobile().equals("")) {
- ctx.setAttributeValue("mobile", userInfo.getMobile());
+ if (nature.getMobile() == null || !nature.getMobile().equals("")) {
+ ctx.setAttributeValue("mobile", nature.getMobile());
}
- if (userInfo.getTelephoneNumber() == null
- || !userInfo.getTelephoneNumber().equals("")) {
- ctx.setAttributeValue("telephoneNumber", userInfo
+ if (nature.getTelephoneNumber() == null
+ || !nature.getTelephoneNumber().equals("")) {
+ ctx.setAttributeValue("telephoneNumber", nature
.getTelephoneNumber());
}
}
- public Boolean supports(UserNature userInfo) {
- return userInfo instanceof CoworkerNature;
+ public Boolean supports(UserNature userNature) {
+ return userNature instanceof CoworkerNature;
}
}
public class SimpleUserNatureMapper implements UserNatureMapper {
public UserNature mapUserInfoFromContext(DirContextOperations ctx) {
- SimpleUserNature basicUserInfo = new SimpleUserNature();
- basicUserInfo.setLastName(ctx.getStringAttribute("sn"));
- basicUserInfo.setFirstName(ctx.getStringAttribute("givenName"));
- basicUserInfo.setEmail(ctx.getStringAttribute("mail"));
- basicUserInfo.setUuid(ctx.getStringAttribute("seeAlso"));
- return basicUserInfo;
+ SimpleUserNature nature = new SimpleUserNature();
+ nature.setLastName(ctx.getStringAttribute("sn"));
+ nature.setFirstName(ctx.getStringAttribute("givenName"));
+ nature.setEmail(ctx.getStringAttribute("mail"));
+ return nature;
}
public void mapUserInfoToContext(UserNature userInfoArg,
DirContextAdapter ctx) {
- SimpleUserNature userInfo = (SimpleUserNature) userInfoArg;
- ctx.setAttributeValue("cn", userInfo.getFirstName() + " "
- + userInfo.getLastName());
- ctx.setAttributeValue("sn", userInfo.getLastName());
- ctx.setAttributeValue("givenName", userInfo.getFirstName());
- ctx.setAttributeValue("mail", userInfo.getEmail());
- // TODO: find a cleaner way?
- ctx.setAttributeValue("seeAlso", userInfo.getUuid());
+ SimpleUserNature nature = (SimpleUserNature) userInfoArg;
+ ctx.setAttributeValue("cn", nature.getFirstName() + " "
+ + nature.getLastName());
+ ctx.setAttributeValue("sn", nature.getLastName());
+ ctx.setAttributeValue("givenName", nature.getFirstName());
+ ctx.setAttributeValue("mail", nature.getEmail());
}
- public Boolean supports(UserNature userInfo) {
- return userInfo instanceof SimpleUserNature;
+ public Boolean supports(UserNature userNature) {
+ return userNature instanceof SimpleUserNature;
}
}
-{"roles":["ROLE_ADMIN","ROLE_USER"],"userNatures":[{"email":"admin@localhost","firstName":"Gandalf","lastName":"User","type":"org.argeo.security.nature.SimpleUserNature","uuid":null},{"description":"Superuser","mobile":null,"telephoneNumber":null,"type":"org.argeo.security.nature.CoworkerNature","uuid":null}],"username":"gandalf2","enabled":true,"password":"{SHA}ieSV55Qc+eQOaYDRSha/AjzNTJE=","authorities":[{"authority":"ROLE_ADMIN"},{"authority":"ROLE_USER"}],"accountNonExpired":true,"accountNonLocked":true,"credentialsNonExpired":true}
\ No newline at end of file
+{"roles":["ROLE_ADMIN","ROLE_USER"],"userNatures":[{"email":"admin@localhost","firstName":"Gandalf","lastName":"User","type":"org.argeo.security.nature.SimpleUserNature"},{"description":"Superuser","mobile":null,"telephoneNumber":null,"type":"org.argeo.security.nature.CoworkerNature"}],"username":"gandalf2","enabled":true,"password":"{SHA}ieSV55Qc+eQOaYDRSha/AjzNTJE=","authorities":[{"authority":"ROLE_ADMIN"},{"authority":"ROLE_USER"}],"accountNonExpired":true,"accountNonLocked":true,"credentialsNonExpired":true}
\ No newline at end of file
package org.argeo.security.mvc;
import java.io.Reader;
-import java.io.StringReader;
import java.util.List;
-import org.apache.commons.io.IOUtils;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
import org.argeo.security.ArgeoSecurityService;
import org.argeo.security.ArgeoUser;
import org.argeo.server.BooleanAnswer;
@Controller
public class UsersRolesController implements MvcConstants {
- private final static Log log = LogFactory
- .getLog(UsersRolesController.class);
+// private final static Log log = LogFactory
+// .getLog(UsersRolesController.class);
private ArgeoSecurityService securityService;
private ServerDeserializer userDeserializer = null;
- // @InitBinder
- // public void initBinder(WebDataBinder binder) {
- // binder.registerCustomEditor(SimpleArgeoUser.class,
- // new DeserializingEditor(userDeserializer));
- // }
-
/* USER */
@RequestMapping("/getCredentials.security")
@ModelAttribute(ANSWER_MODEL_KEY)
public ArgeoUser createUser(Reader reader) {
ArgeoUser user = (ArgeoUser) userDeserializer.deserialize(reader);
- cleanUserBeforeCreate(user);
+ //cleanUserBeforeCreate(user);
securityService.newUser(user);
return securityService.getSecurityDao().getUser(user.getUsername());
}
securityService.getSecurityDao().update(user);
return securityService.getSecurityDao().getUser(user.getUsername());
}
-
+/*
@RequestMapping("/createUser2.security")
@ModelAttribute(ANSWER_MODEL_KEY)
public ArgeoUser createUser(@RequestParam("body") String body) {
cleanUserBeforeCreate(user);
securityService.newUser(user);
return securityService.getSecurityDao().getUser(user.getUsername());
- }
+ }*/
@RequestMapping("/deleteUser.security")
@ModelAttribute(ANSWER_MODEL_KEY)
return ServerAnswer.ok("Password updated");
}
- protected void cleanUserBeforeCreate(ArgeoUser user) {
- user.getUserNatures().clear();
- user.getRoles().clear();
- }
+// protected void cleanUserBeforeCreate(ArgeoUser user) {
+// user.getUserNatures().clear();
+// }
public void setUserDeserializer(ServerDeserializer userDeserializer) {
this.userDeserializer = userDeserializer;
public Object deserialize(Reader reader) {
try {
- // String body = request.getParameter("body");
- // if (body == null) {
- // // lets read the message body instead
- // BufferedReader reader = request.getReader();
- // StringBuffer buffer = new StringBuffer();
- // String line = null;
- // while (((line = reader.readLine()) != null)) {
- // buffer.append(line);
- // }
- // body = buffer.toString();
- // }
+ if (log.isTraceEnabled()) {
+ String str = IOUtils.toString(reader);
+ log.debug(str);
+ reader = new StringReader(str);
+ }
+
return getObjectMapper().readValue(reader, targetClass);
} catch (Exception e) {
throw new ArgeoServerException("Cannot deserialize " + reader, e);
this.targetClass = targetClass;
}
- public void setDeserializers(Map<Class<?>, JsonDeserializer<?>> deserializers) {
+ public void setDeserializers(
+ Map<Class<?>, JsonDeserializer<?>> deserializers) {
this.deserializers = deserializers;
}
package org.argeo.server.json;
import java.io.IOException;
+import java.io.StringWriter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
try {
response.setContentType("application/json");
- jsonGenerator = jsonFactory.createJsonGenerator(response
- .getWriter());
+ StringWriter stringWriter = null;
+ if (log.isTraceEnabled()) {
+ stringWriter = new StringWriter();
+ jsonGenerator = jsonFactory.createJsonGenerator(stringWriter);
+ } else {
+ jsonGenerator = jsonFactory.createJsonGenerator(response
+ .getWriter());
+ }
+
if (prettyPrint)
jsonGenerator.useDefaultPrettyPrinter();
objectMapper.writeValue(jsonGenerator, obj);
jsonGenerator.close();
+
+ if (stringWriter != null) {
+ if (log.isTraceEnabled())
+ log.debug(stringWriter.toString());
+ response.getWriter().append(stringWriter.toString());
+ }
+
} catch (Exception e) {
throw new ArgeoServerException("Cannot serialize " + obj, e);
} finally {