1 | package gov.va.med.edp.weblogic;
|
---|
2 |
|
---|
3 | import javax.naming.Context;
|
---|
4 |
|
---|
5 | import org.apache.log4j.Logger;
|
---|
6 |
|
---|
7 | import weblogic.jndi.Environment;
|
---|
8 | import weblogic.management.MBeanHome;
|
---|
9 | import weblogic.management.security.RealmMBean;
|
---|
10 | import weblogic.management.security.authentication.AuthenticationProviderMBean;
|
---|
11 | import weblogic.management.security.authentication.GroupEditorMBean;
|
---|
12 | import weblogic.management.security.authentication.GroupReaderMBean;
|
---|
13 | import weblogic.management.security.authentication.UserEditorMBean;
|
---|
14 | import weblogic.management.security.authentication.UserReaderMBean;
|
---|
15 |
|
---|
16 | public class WeblogicUserManager {
|
---|
17 |
|
---|
18 | private static Logger logger = Logger.getLogger(WeblogicUserManager.class);
|
---|
19 | private static final String SSL_GROUP_NAME = "SSL_AUTHENTICATED_USERS";
|
---|
20 |
|
---|
21 | public static void addUserToWeblogicSecurity(String username) {
|
---|
22 | boolean userExists = false;
|
---|
23 | try {
|
---|
24 | AuthenticationProviderMBean[] providers = getAuthenticationProviders();
|
---|
25 | for (int i = 0; i < providers.length; i++) {
|
---|
26 | if(logger.isDebugEnabled()){
|
---|
27 | logger.debug("Available Authentication Provider # "+ i + " is " + providers[i].toString());
|
---|
28 | }
|
---|
29 |
|
---|
30 | if ((providers[i].toString()).equalsIgnoreCase("Security:Name=myrealmDefaultAuthenticator")){
|
---|
31 | if(logger.isDebugEnabled()){
|
---|
32 | logger.debug("Using Authentication Provider: "+ providers[i].toString());
|
---|
33 | }
|
---|
34 | if (providers[i] instanceof UserEditorMBean) {
|
---|
35 | UserReaderMBean userReaderMBean = (UserReaderMBean) providers[i];
|
---|
36 | userExists = userReaderMBean.userExists(username);
|
---|
37 | }
|
---|
38 |
|
---|
39 | if(userExists) {
|
---|
40 | if(logger.isDebugEnabled()) logger.debug("User: "+ username + " already exists in the weblogic security");
|
---|
41 | return;
|
---|
42 | } else {
|
---|
43 | // create a new user and add him to the Group..
|
---|
44 | if(logger.isDebugEnabled()) logger.debug("User: "+ username + " does not exists in the weblogic security. Adding new user to weblogic security");
|
---|
45 |
|
---|
46 | if (providers[i] instanceof UserEditorMBean) {
|
---|
47 | UserEditorMBean userEditorMBean = (UserEditorMBean) providers[i];
|
---|
48 | userEditorMBean.createUser(username, username, "EDIS BigBoard User: " + username);
|
---|
49 | addUserToGroup(username);
|
---|
50 | }
|
---|
51 | }
|
---|
52 | }
|
---|
53 | }
|
---|
54 | } catch (Exception e) {
|
---|
55 | logger.error("Exception Occurred while adding the user to weblogic security: "+ e);
|
---|
56 | }
|
---|
57 |
|
---|
58 |
|
---|
59 | }
|
---|
60 |
|
---|
61 | private static void addUserToGroup(String userName) {
|
---|
62 | boolean groupExists = false;
|
---|
63 | try {
|
---|
64 | AuthenticationProviderMBean[] providers = getAuthenticationProviders();
|
---|
65 | for (int i = 0; i < providers.length; i++) {
|
---|
66 | if ((providers[i].toString()).equalsIgnoreCase("Security:Name=myrealmDefaultAuthenticator")){
|
---|
67 | GroupReaderMBean groupReaderMBean = (GroupReaderMBean) providers[i];
|
---|
68 | groupExists = groupReaderMBean.groupExists(SSL_GROUP_NAME);
|
---|
69 | GroupEditorMBean groupEditorMBean = (GroupEditorMBean)providers[i];
|
---|
70 | if (!groupExists){
|
---|
71 | if(logger.isDebugEnabled()){
|
---|
72 | logger.debug("Group: "+ SSL_GROUP_NAME + " does not exists in the weblogic security. Adding new group to weblogic security");
|
---|
73 | }
|
---|
74 | groupEditorMBean.createGroup(SSL_GROUP_NAME, "EDIS SSL Group");
|
---|
75 | }
|
---|
76 | if(logger.isDebugEnabled()){
|
---|
77 | logger.debug("Adding user: "+ userName + " to group: " + SSL_GROUP_NAME);
|
---|
78 | }
|
---|
79 | groupEditorMBean.addMemberToGroup(SSL_GROUP_NAME, userName);
|
---|
80 | }
|
---|
81 | }
|
---|
82 | } catch (Exception e) {
|
---|
83 | logger.error("Exception Occurred while adding the user to the group: "+ e);
|
---|
84 | }
|
---|
85 | }
|
---|
86 |
|
---|
87 | private static AuthenticationProviderMBean[] getAuthenticationProviders() throws Exception{
|
---|
88 | Environment env = new Environment();
|
---|
89 | Context ctx = env.getInitialContext();
|
---|
90 | MBeanHome home = (MBeanHome) ctx.lookup(MBeanHome.ADMIN_JNDI_NAME);
|
---|
91 | RealmMBean securityRealm = home.getActiveDomain().getSecurityConfiguration().findDefaultRealm();
|
---|
92 | AuthenticationProviderMBean[] providers = securityRealm.getAuthenticationProviders();
|
---|
93 | return providers;
|
---|
94 | }
|
---|
95 | }
|
---|