You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by co...@apache.org on 2014/06/12 17:43:04 UTC
svn commit: r1602209 -
/syncope/trunk/core/src/main/java/org/apache/syncope/core/sync/impl/DBPasswordSyncActions.java
Author: coheigea
Date: Thu Jun 12 15:43:04 2014
New Revision: 1602209
URL: http://svn.apache.org/r1602209
Log:
[SYNCOPE-313] - SyncActions implementation to sync passwords from a Database
Added:
syncope/trunk/core/src/main/java/org/apache/syncope/core/sync/impl/DBPasswordSyncActions.java
Added: syncope/trunk/core/src/main/java/org/apache/syncope/core/sync/impl/DBPasswordSyncActions.java
URL: http://svn.apache.org/viewvc/syncope/trunk/core/src/main/java/org/apache/syncope/core/sync/impl/DBPasswordSyncActions.java?rev=1602209&view=auto
==============================================================================
--- syncope/trunk/core/src/main/java/org/apache/syncope/core/sync/impl/DBPasswordSyncActions.java (added)
+++ syncope/trunk/core/src/main/java/org/apache/syncope/core/sync/impl/DBPasswordSyncActions.java Thu Jun 12 15:43:04 2014
@@ -0,0 +1,112 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.syncope.core.sync.impl;
+
+import java.util.Iterator;
+
+import org.apache.syncope.common.to.AbstractAttributableTO;
+import org.apache.syncope.common.to.UserTO;
+import org.apache.syncope.common.types.CipherAlgorithm;
+import org.apache.syncope.common.types.ConnConfProperty;
+import org.apache.syncope.core.persistence.beans.ConnInstance;
+import org.apache.syncope.core.persistence.beans.user.SyncopeUser;
+import org.apache.syncope.core.persistence.dao.UserDAO;
+import org.apache.syncope.core.propagation.Connector;
+import org.apache.syncope.core.sync.DefaultSyncActions;
+import org.apache.syncope.core.sync.SyncResult;
+import org.identityconnectors.framework.common.objects.SyncDelta;
+import org.quartz.JobExecutionException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.transaction.annotation.Transactional;
+
+/**
+ * A SyncActions implementation which allows the ability to import passwords from a Database
+ * backend, where the passwords are hashed according to the password cipher algorithm property
+ * of the (DB) Connector and HEX-encoded.
+ */
+public class DBPasswordSyncActions extends DefaultSyncActions {
+
+ protected static final Logger LOG = LoggerFactory.getLogger(DBPasswordSyncActions.class);
+
+ @Autowired
+ private UserDAO userDAO;
+
+ private String encodedPassword;
+
+ private CipherAlgorithm cipher;
+
+ @Transactional(readOnly = true)
+ @Override
+ public <T extends AbstractAttributableTO> SyncDelta beforeCreate(
+ final AbstractSyncopeResultHandler<?, ?> handler,
+ final SyncDelta delta,
+ final T subject) throws JobExecutionException {
+
+ if (subject instanceof UserTO) {
+ String password = ((UserTO) subject).getPassword();
+ if (password != null) {
+ Connector connector = handler.getConnector();
+
+ ConnInstance connInstance = connector.getActiveConnInstance();
+ Iterator<ConnConfProperty> propertyIterator = connInstance.getConfiguration().iterator();
+ String cipherAlgorithm = "CLEARTEXT";
+ while (propertyIterator.hasNext()) {
+ ConnConfProperty property = propertyIterator.next();
+ if ("cipherAlgorithm".equals(property.getSchema().getName())
+ && property.getValues() != null && !property.getValues().isEmpty()) {
+ cipherAlgorithm = (String) property.getValues().get(0);
+ break;
+ }
+ }
+ if (!"CLEARTEXT".equals(cipherAlgorithm)) {
+ try {
+ encodedPassword = password;
+ cipher = CipherAlgorithm.valueOf(cipherAlgorithm);
+ } catch (IllegalArgumentException e) {
+ LOG.error("Cipher algorithm not allowed: {}", cipherAlgorithm, e);
+ encodedPassword = null;
+ }
+ }
+ }
+ }
+
+ return delta;
+ }
+
+ @Transactional(readOnly = true)
+ @Override
+ public <T extends AbstractAttributableTO> void after(
+ final AbstractSyncopeResultHandler<?, ?> handler,
+ final SyncDelta delta,
+ final T subject,
+ final SyncResult result) throws JobExecutionException {
+
+ if (subject instanceof UserTO && encodedPassword != null && cipher != null) {
+ SyncopeUser syncopeUser = userDAO.find(subject.getId());
+ if (syncopeUser != null) {
+ syncopeUser.setEncodedPassword(encodedPassword.toUpperCase(), cipher);
+ }
+ encodedPassword = null;
+ cipher = null;
+ }
+ }
+
+}