| 1 | package gov.va.med.edp.weblogic;
|
|---|
| 2 |
|
|---|
| 3 | import javax.naming.Context;
|
|---|
| 4 |
|
|---|
| 5 | import org.apache.log4j.Logger;
|
|---|
| 6 |
|
|---|
| 7 | import weblogic.jndi.Environment;
|
|---|
| 8 | import weblogic.management.MBeanHome;
|
|---|
| 9 | import weblogic.management.security.RealmMBean;
|
|---|
| 10 | import weblogic.management.security.authentication.AuthenticationProviderMBean;
|
|---|
| 11 | import weblogic.management.security.authentication.GroupEditorMBean;
|
|---|
| 12 | import weblogic.management.security.authentication.GroupReaderMBean;
|
|---|
| 13 | import weblogic.management.security.authentication.UserEditorMBean;
|
|---|
| 14 | import weblogic.management.security.authentication.UserReaderMBean;
|
|---|
| 15 |
|
|---|
| 16 | public class WeblogicUserManager {
|
|---|
| 17 |
|
|---|
| 18 | private static Logger logger = Logger.getLogger(WeblogicUserManager.class);
|
|---|
| 19 | private static final String SSL_GROUP_NAME = "SSL_AUTHENTICATED_USERS";
|
|---|
| 20 |
|
|---|
| 21 | public static void addUserToWeblogicSecurity(String username) {
|
|---|
| 22 | boolean userExists = false;
|
|---|
| 23 | try {
|
|---|
| 24 | AuthenticationProviderMBean[] providers = getAuthenticationProviders();
|
|---|
| 25 | for (int i = 0; i < providers.length; i++) {
|
|---|
| 26 | if(logger.isDebugEnabled()){
|
|---|
| 27 | logger.debug("Available Authentication Provider # "+ i + " is " + providers[i].toString());
|
|---|
| 28 | }
|
|---|
| 29 |
|
|---|
| 30 | if ((providers[i].toString()).equalsIgnoreCase("Security:Name=myrealmDefaultAuthenticator")){
|
|---|
| 31 | if(logger.isDebugEnabled()){
|
|---|
| 32 | logger.debug("Using Authentication Provider: "+ providers[i].toString());
|
|---|
| 33 | }
|
|---|
| 34 | if (providers[i] instanceof UserEditorMBean) {
|
|---|
| 35 | UserReaderMBean userReaderMBean = (UserReaderMBean) providers[i];
|
|---|
| 36 | userExists = userReaderMBean.userExists(username);
|
|---|
| 37 | }
|
|---|
| 38 |
|
|---|
| 39 | if(userExists) {
|
|---|
| 40 | if(logger.isDebugEnabled()) logger.debug("User: "+ username + " already exists in the weblogic security");
|
|---|
| 41 | return;
|
|---|
| 42 | } else {
|
|---|
| 43 | // create a new user and add him to the Group..
|
|---|
| 44 | if(logger.isDebugEnabled()) logger.debug("User: "+ username + " does not exists in the weblogic security. Adding new user to weblogic security");
|
|---|
| 45 |
|
|---|
| 46 | if (providers[i] instanceof UserEditorMBean) {
|
|---|
| 47 | UserEditorMBean userEditorMBean = (UserEditorMBean) providers[i];
|
|---|
| 48 | userEditorMBean.createUser(username, username, "EDIS BigBoard User: " + username);
|
|---|
| 49 | addUserToGroup(username);
|
|---|
| 50 | }
|
|---|
| 51 | }
|
|---|
| 52 | }
|
|---|
| 53 | }
|
|---|
| 54 | } catch (Exception e) {
|
|---|
| 55 | logger.error("Exception Occurred while adding the user to weblogic security: "+ e);
|
|---|
| 56 | }
|
|---|
| 57 |
|
|---|
| 58 |
|
|---|
| 59 | }
|
|---|
| 60 |
|
|---|
| 61 | private static void addUserToGroup(String userName) {
|
|---|
| 62 | boolean groupExists = false;
|
|---|
| 63 | try {
|
|---|
| 64 | AuthenticationProviderMBean[] providers = getAuthenticationProviders();
|
|---|
| 65 | for (int i = 0; i < providers.length; i++) {
|
|---|
| 66 | if ((providers[i].toString()).equalsIgnoreCase("Security:Name=myrealmDefaultAuthenticator")){
|
|---|
| 67 | GroupReaderMBean groupReaderMBean = (GroupReaderMBean) providers[i];
|
|---|
| 68 | groupExists = groupReaderMBean.groupExists(SSL_GROUP_NAME);
|
|---|
| 69 | GroupEditorMBean groupEditorMBean = (GroupEditorMBean)providers[i];
|
|---|
| 70 | if (!groupExists){
|
|---|
| 71 | if(logger.isDebugEnabled()){
|
|---|
| 72 | logger.debug("Group: "+ SSL_GROUP_NAME + " does not exists in the weblogic security. Adding new group to weblogic security");
|
|---|
| 73 | }
|
|---|
| 74 | groupEditorMBean.createGroup(SSL_GROUP_NAME, "EDIS SSL Group");
|
|---|
| 75 | }
|
|---|
| 76 | if(logger.isDebugEnabled()){
|
|---|
| 77 | logger.debug("Adding user: "+ userName + " to group: " + SSL_GROUP_NAME);
|
|---|
| 78 | }
|
|---|
| 79 | groupEditorMBean.addMemberToGroup(SSL_GROUP_NAME, userName);
|
|---|
| 80 | }
|
|---|
| 81 | }
|
|---|
| 82 | } catch (Exception e) {
|
|---|
| 83 | logger.error("Exception Occurred while adding the user to the group: "+ e);
|
|---|
| 84 | }
|
|---|
| 85 | }
|
|---|
| 86 |
|
|---|
| 87 | private static AuthenticationProviderMBean[] getAuthenticationProviders() throws Exception{
|
|---|
| 88 | Environment env = new Environment();
|
|---|
| 89 | Context ctx = env.getInitialContext();
|
|---|
| 90 | MBeanHome home = (MBeanHome) ctx.lookup(MBeanHome.ADMIN_JNDI_NAME);
|
|---|
| 91 | RealmMBean securityRealm = home.getActiveDomain().getSecurityConfiguration().findDefaultRealm();
|
|---|
| 92 | AuthenticationProviderMBean[] providers = securityRealm.getAuthenticationProviders();
|
|---|
| 93 | return providers;
|
|---|
| 94 | }
|
|---|
| 95 | }
|
|---|
