Package cz.metacentrum.perun.core.impl.modules.pwdmgr

Class GenericPasswordManagerModule

java.lang.Object

cz.metacentrum.perun.core.impl.modules.pwdmgr.GenericPasswordManagerModule

All Implemented Interfaces:

PasswordManagerModule

Direct Known Subclasses:

AdminmetaPasswordManagerModule, EgiuiPasswordManagerModule, EinfraPasswordManagerModule, EinfraservicesPasswordManagerModule, IcsmuniczPasswordManagerModule, LifescienceidusernamePasswordManagerModule, MuadmPasswordManagerModule, SitolaPasswordManagerModule, VsupPasswordManagerModule

public class GenericPasswordManagerModule
extends Object
implements PasswordManagerModule

Generic implementation of PasswordManagerModule. It runs generic password manger script defined as perun config in CoreConfig.getPasswordManagerProgram() or CoreConfig.getAlternativePasswordManagerProgram().

Author:

Pavel Zlamal <zlamal@cesnet.cz>

Field Summary

Fields

Modifier and Type	Field	Description
protected String	actualLoginNamespace
protected String	altPasswordManagerProgram
protected static final String	BIN_TRUE
protected static final Pattern	DEFAULT_LOGIN_PATTERN
protected static final String	LOGIN_EXIST
protected static final String	PASSWORD_CHANGE
protected static final String	PASSWORD_CHECK
protected static final String	PASSWORD_CREATE
protected static final String	PASSWORD_DELETE
protected static final String	PASSWORD_RESERVE
protected static final String	PASSWORD_RESERVE_RANDOM
protected static final String	PASSWORD_VALIDATE
protected String	passwordManagerProgram
protected char[]	randomPasswordCharacters
protected int	randomPasswordLength
protected static final String	WEAKPASS

Fields inherited from interface cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule

ALT_PASSWORD_PREFIX, BIRTH_DAY_KEY, BIRTH_NUMBER_KEY, FIRST_NAME_KEY, LAST_NAME_KEY, LOGIN_PREFIX, MAIL_KEY, PASSWORD_KEY, TITLE_AFTER_KEY, TITLE_BEFORE_KEY

Constructor Summary

Constructors

Constructor	Description
GenericPasswordManagerModule()

Method Summary

Modifier and Type	Method	Description
void	changePassword(PerunSession sess, String userLogin, String newPassword)
void	checkLoginFormat(PerunSession sess, String login)
void	checkPassword(PerunSession sess, String userLogin, String password)
void	checkPasswordStrength(PerunSession sess, String login, String password)
void	createAlternativePassword(PerunSession sess, User user, String passwordId, String password)
protected Process	createAltPwdManagerProcess(String operation, String loginNamespace, User user, String passwordId)
protected Process	createPwdManagerProcess(String operation, String loginNamespace, String login)	Run password manager script on path defined in perun config.
void	deleteAlternativePassword(PerunSession sess, User user, String passwordId)
void	deletePassword(PerunSession sess, String userLogin)
Map<String,String>	generateAccount(PerunSession sess, Map<String,String> parameters)
String	generateRandomPassword(PerunSession sess, String login)
String	getActualLoginNamespace()
protected void	handleAltPwdManagerExit(Process process, User user, String loginNamespace, String passwordId)	Wait for alternative password manager script to end and handle known return codes.
protected void	handleExit(Process process, String loginNamespace, String userLogin)	Wait for password manager script to end and handle known return codes.
protected void	handleGenericErrorCode(InputStream errorStream)	Handle error stream from password manager script on unexpected return code.
boolean	loginExist(PerunSession sess, String login)
void	reservePassword(PerunSession sess, String userLogin, String password)
void	reserveRandomPassword(PerunSession sess, String userLogin)
protected void	sendPassword(Process process, String password)	Send password to the STDIN of running password manager script process.
void	setActualLoginNamespace(String actualLoginNamespace)
void	validatePassword(PerunSession sess, String userLogin, User user)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule

handleSponsorship

Field Details

DEFAULT_LOGIN_PATTERN

protected static final Pattern DEFAULT_LOGIN_PATTERN

PASSWORD_VALIDATE

protected static final String PASSWORD_VALIDATE

See Also:

• Constant Field Values

PASSWORD_CREATE

protected static final String PASSWORD_CREATE

See Also:

• Constant Field Values

PASSWORD_RESERVE

protected static final String PASSWORD_RESERVE

See Also:

• Constant Field Values

PASSWORD_RESERVE_RANDOM

protected static final String PASSWORD_RESERVE_RANDOM

See Also:

• Constant Field Values

PASSWORD_CHANGE

protected static final String PASSWORD_CHANGE

See Also:

• Constant Field Values

PASSWORD_CHECK

protected static final String PASSWORD_CHECK

See Also:

• Constant Field Values

PASSWORD_DELETE

protected static final String PASSWORD_DELETE

See Also:

• Constant Field Values

LOGIN_EXIST

protected static final String LOGIN_EXIST

See Also:

• Constant Field Values

WEAKPASS

protected static final String WEAKPASS

See Also:

• Constant Field Values

BIN_TRUE

protected static final String BIN_TRUE

See Also:

• Constant Field Values

actualLoginNamespace

protected String actualLoginNamespace

passwordManagerProgram

protected String passwordManagerProgram

altPasswordManagerProgram

protected String altPasswordManagerProgram

randomPasswordLength

protected int randomPasswordLength

randomPasswordCharacters

protected char[] randomPasswordCharacters

Constructor Details

GenericPasswordManagerModule

public GenericPasswordManagerModule()

Method Details

changePassword

public void changePassword(PerunSession sess,
 String userLogin,
 String newPassword)
                    throws InvalidLoginException,
PasswordStrengthException

Specified by:

changePassword in interface PasswordManagerModule

Throws:

InvalidLoginException

PasswordStrengthException

checkLoginFormat

public void checkLoginFormat(PerunSession sess,
 String login)
                      throws InvalidLoginException

Specified by:

checkLoginFormat in interface PasswordManagerModule

Throws:

InvalidLoginException

checkPassword

public void checkPassword(PerunSession sess,
 String userLogin,
 String password)

Specified by:

checkPassword in interface PasswordManagerModule

checkPasswordStrength

public void checkPasswordStrength(PerunSession sess,
 String login,
 String password)
                           throws PasswordStrengthException

Specified by:

checkPasswordStrength in interface PasswordManagerModule

Throws:

PasswordStrengthException

createAltPwdManagerProcess

protected Process createAltPwdManagerProcess(String operation,
 String loginNamespace,
 User user,
 String passwordId)

createAlternativePassword

public void createAlternativePassword(PerunSession sess,
 User user,
 String passwordId,
 String password)
                               throws PasswordStrengthException

Specified by:

createAlternativePassword in interface PasswordManagerModule

Throws:

PasswordStrengthException

createPwdManagerProcess

protected Process createPwdManagerProcess(String operation,
 String loginNamespace,
 String login)

Run password manager script on path defined in perun config.

Parameters:

operation - Operation to perform (reserve, reserveRandom, validate, check, change, delete)

loginNamespace - Namespace in which operation is performed.

login - Login to perform operation for

Returns:

Started process

deleteAlternativePassword

public void deleteAlternativePassword(PerunSession sess,
 User user,
 String passwordId)

Specified by:

deleteAlternativePassword in interface PasswordManagerModule

deletePassword

public void deletePassword(PerunSession sess,
 String userLogin)
                    throws InvalidLoginException

Specified by:

deletePassword in interface PasswordManagerModule

Throws:

InvalidLoginException

generateAccount

public Map<String,String> generateAccount(PerunSession sess,
 Map<String,String> parameters)

Specified by:

generateAccount in interface PasswordManagerModule

generateRandomPassword

public String generateRandomPassword(PerunSession sess,
 String login)

Specified by:

generateRandomPassword in interface PasswordManagerModule

getActualLoginNamespace

public String getActualLoginNamespace()

handleAltPwdManagerExit

protected void handleAltPwdManagerExit(Process process,
 User user,
 String loginNamespace,
 String passwordId)

Wait for alternative password manager script to end and handle known return codes.

Parameters:

process - Running password manager script process.

user - User for which operation was performed.

loginNamespace - Namespace in which operation was performed.

passwordId - ID of alt password entry for which it was performed.

handleExit

protected void handleExit(Process process,
 String loginNamespace,
 String userLogin)

Wait for password manager script to end and handle known return codes.

Parameters:

process - Running password manager script process.

loginNamespace - Namespace in which operation was performed.

userLogin - Login for which operation was performed.

handleGenericErrorCode

protected void handleGenericErrorCode(InputStream errorStream)

Handle error stream from password manager script on unexpected return code.

Parameters:

errorStream - Password manager script error stream

loginExist

public boolean loginExist(PerunSession sess,
 String login)

Specified by:

loginExist in interface PasswordManagerModule

reservePassword

public void reservePassword(PerunSession sess,
 String userLogin,
 String password)
                     throws InvalidLoginException,
PasswordStrengthException

Specified by:

reservePassword in interface PasswordManagerModule

Throws:

InvalidLoginException

PasswordStrengthException

reserveRandomPassword

public void reserveRandomPassword(PerunSession sess,
 String userLogin)
                           throws InvalidLoginException

Specified by:

reserveRandomPassword in interface PasswordManagerModule

Throws:

InvalidLoginException

sendPassword

protected void sendPassword(Process process,
 String password)

Send password to the STDIN of running password manager script process.

Parameters:

process - process waiting for password on STDIN

password - password to be set

setActualLoginNamespace

public void setActualLoginNamespace(String actualLoginNamespace)

validatePassword

public void validatePassword(PerunSession sess,
 String userLogin,
 User user)
                      throws InvalidLoginException

Specified by:

validatePassword in interface PasswordManagerModule

Throws:

InvalidLoginException