merge-requests/7/head
hasuniea 9 years ago
commit 7c41b50203

@ -150,4 +150,11 @@ public interface DeviceManager {
void addLicense(License license) throws LicenseManagementException; void addLicense(License license) throws LicenseManagementException;
/**
* Method to enable to device-authentication for the device-platform.
*
* @return Returns boolean status to enable or disable device-authentication.
*/
boolean requireDeviceAuthorization();
} }

@ -21,6 +21,7 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.device.mgt.common.DeviceManagementException; import org.wso2.carbon.device.mgt.common.DeviceManagementException;
import org.wso2.carbon.device.mgt.common.spi.DeviceManagementService; import org.wso2.carbon.device.mgt.common.spi.DeviceManagementService;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementServiceComponent; import org.wso2.carbon.device.mgt.core.internal.DeviceManagementServiceComponent;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagerStartupListener; import org.wso2.carbon.device.mgt.core.internal.DeviceManagerStartupListener;
import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil; import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil;
@ -41,13 +42,16 @@ public class DeviceManagementPluginRepository implements DeviceManagerStartupLis
} }
public void addDeviceManagementProvider(DeviceManagementService provider) throws DeviceManagementException { public void addDeviceManagementProvider(DeviceManagementService provider) throws DeviceManagementException {
String deviceType = provider.getType(); String deviceType = provider.getType();
synchronized (providers) { synchronized (providers) {
try { try {
if (isInited) { if (isInited) {
/* Initializing Device Management Service Provider */ /* Initializing Device Management Service Provider */
provider.init(); provider.init();
DeviceManagerUtil.registerDeviceType(deviceType); DeviceManagerUtil.registerDeviceType(deviceType);
DeviceManagementDataHolder.getInstance().setRequireDeviceAuthorization(deviceType,
provider.getDeviceManager().requireDeviceAuthorization());
} }
} catch (DeviceManagementException e) { } catch (DeviceManagementException e) {
throw new DeviceManagementException("Error occurred while adding device management provider '" + throw new DeviceManagementException("Error occurred while adding device management provider '" +
@ -76,6 +80,13 @@ public class DeviceManagementPluginRepository implements DeviceManagerStartupLis
try { try {
provider.init(); provider.init();
DeviceManagerUtil.registerDeviceType(provider.getType()); DeviceManagerUtil.registerDeviceType(provider.getType());
//TODO:
//This is a temporory fix.
//windows and IOS cannot resolve user info by extracting certs
//until fix that, use following variable to enable and disable of checking user authorization.
DeviceManagementDataHolder.getInstance().setRequireDeviceAuthorization(provider.getType(),
provider.getDeviceManager().requireDeviceAuthorization());
} catch (Throwable e) { } catch (Throwable e) {
/* Throwable is caught intentionally as failure of one plugin - due to invalid start up parameters, /* Throwable is caught intentionally as failure of one plugin - due to invalid start up parameters,
etc - should not block the initialization of other device management providers */ etc - should not block the initialization of other device management providers */

@ -21,10 +21,7 @@ package org.wso2.carbon.device.mgt.core.authorization;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.Device; import org.wso2.carbon.device.mgt.common.*;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException; import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService; import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAuthorizationResult; import org.wso2.carbon.device.mgt.common.authorization.DeviceAuthorizationResult;
@ -74,7 +71,7 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
String username = this.getUserName(); String username = this.getUserName();
int tenantId = this.getTenantId(); int tenantId = this.getTenantId();
if (username == null || username.isEmpty()) { if (username == null || username.isEmpty()) {
return false; return !DeviceManagementDataHolder.getInstance().requireDeviceAuthorization(deviceIdentifier.getType());
} }
try { try {
//Check for admin users. If the user is an admin user we authorize the access to that device. //Check for admin users. If the user is an admin user we authorize the access to that device.
@ -227,11 +224,14 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
private String getUserName() { private String getUserName() {
String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername(); String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
String tenantDomain = MultitenantUtils.getTenantDomain(username); if (username != null && username.isEmpty()) {
if (username.endsWith(tenantDomain)) { String tenantDomain = MultitenantUtils.getTenantDomain(username);
return username.substring(0, username.lastIndexOf("@")); if (username.endsWith(tenantDomain)) {
return username.substring(0, username.lastIndexOf("@"));
}
return username;
} }
return username; return null;
} }
private int getTenantId() { private int getTenantId() {

@ -30,6 +30,8 @@ import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.user.core.tenant.TenantManager; import org.wso2.carbon.user.core.tenant.TenantManager;
import org.wso2.carbon.utils.ConfigurationContextService; import org.wso2.carbon.utils.ConfigurationContextService;
import java.util.HashMap;
public class DeviceManagementDataHolder { public class DeviceManagementDataHolder {
private RealmService realmService; private RealmService realmService;
@ -42,6 +44,7 @@ public class DeviceManagementDataHolder {
private AppManagementConfig appManagerConfig; private AppManagementConfig appManagerConfig;
private OperationManager operationManager; private OperationManager operationManager;
private ConfigurationContextService configurationContextService; private ConfigurationContextService configurationContextService;
private HashMap<String,Boolean> requireDeviceAuthorization = new HashMap<>();
private DeviceAccessAuthorizationService deviceAccessAuthorizationService; private DeviceAccessAuthorizationService deviceAccessAuthorizationService;
private static DeviceManagementDataHolder thisInstance = new DeviceManagementDataHolder(); private static DeviceManagementDataHolder thisInstance = new DeviceManagementDataHolder();
@ -145,6 +148,14 @@ public class DeviceManagementDataHolder {
this.configurationContextService = configurationContextService; this.configurationContextService = configurationContextService;
} }
public void setRequireDeviceAuthorization(String pluginType, boolean requireAuthentication) {
requireDeviceAuthorization.put(pluginType,requireAuthentication);
}
public boolean requireDeviceAuthorization(String pluginType) {
return requireDeviceAuthorization.get(pluginType);
}
public DeviceAccessAuthorizationService getDeviceAccessAuthorizationService() { public DeviceAccessAuthorizationService getDeviceAccessAuthorizationService() {
return deviceAccessAuthorizationService; return deviceAccessAuthorizationService;
} }

@ -116,4 +116,9 @@ public class TestDeviceManager implements DeviceManager {
} }
@Override
public boolean requireDeviceAuthorization() {
return false;
}
} }

@ -1435,8 +1435,19 @@
<enabled>false</enabled> <enabled>false</enabled>
</releases> </releases>
</repository> </repository>
<!--<repository>-->
<!--<id>wso2-staging</id>-->
<!--<name>WSO2 internal Repository</name>-->
<!--<url>http://maven.wso2.org/nexus/content/repositories/orgwso2carbonapimgt-125/</url>-->
<!--<releases>-->
<!--<enabled>true</enabled>-->
<!--<updatePolicy>daily</updatePolicy>-->
<!--<checksumPolicy>ignore</checksumPolicy>-->
<!--</releases>-->
<!--</repository>-->
</repositories> </repositories>
<properties> <properties>
<testng.version>6.1.1</testng.version> <testng.version>6.1.1</testng.version>
<carbon.kernel.version>4.4.2</carbon.kernel.version> <carbon.kernel.version>4.4.2</carbon.kernel.version>
@ -1506,7 +1517,7 @@
<version.commons.lang>2.6.0.wso2v1</version.commons.lang> <version.commons.lang>2.6.0.wso2v1</version.commons.lang>
<!-- Carbon API Management --> <!-- Carbon API Management -->
<carbon.api.mgt.version>4.3.0-SNAPSHOT</carbon.api.mgt.version> <carbon.api.mgt.version>4.3.0</carbon.api.mgt.version>
<!--CXF properties--> <!--CXF properties-->
<cxf.version>2.7.16</cxf.version> <cxf.version>2.7.16</cxf.version>

Loading…
Cancel
Save