diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/email/EmailConfigurations.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/email/EmailConfigurations.java index b0a242df46a..b0e3a9009ae 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/email/EmailConfigurations.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/config/email/EmailConfigurations.java @@ -28,6 +28,8 @@ public class EmailConfigurations { private int maxNumOfThread; private int keepAliveTime; private int threadQueueCapacity; + private String lBHostPortPrefix; + private String enrollmentContextPath; @XmlElement(name = "minimumThread", required = true) public int getMinNumOfThread() { @@ -62,4 +64,22 @@ public class EmailConfigurations { public void setThreadQueueCapacity(int threadQueueCapacity) { this.threadQueueCapacity = threadQueueCapacity; } + + @XmlElement(name = "LBHostPortPrefix", required = true) + public String getlBHostPortPrefix() { + return lBHostPortPrefix; + } + + public void setlBHostPortPrefix(String lBHostPortPrefix) { + this.lBHostPortPrefix = lBHostPortPrefix; + } + + @XmlElement(name = "enrollmentContextPath", required = true) + public String getEnrollmentContextPath() { + return enrollmentContextPath; + } + + public void setEnrollmentContextPath(String enrollmentContextPath) { + this.enrollmentContextPath = enrollmentContextPath; + } } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java index 054e4c5e3b0..8eed2efc670 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.core/src/main/java/org/wso2/carbon/device/mgt/core/service/DeviceManagementProviderServiceImpl.java @@ -29,6 +29,7 @@ import org.wso2.carbon.device.mgt.common.operation.mgt.OperationManagementExcept import org.wso2.carbon.device.mgt.common.spi.DeviceManagementService; import org.wso2.carbon.device.mgt.core.DeviceManagementPluginRepository; import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager; +import org.wso2.carbon.device.mgt.core.config.email.EmailConfigurations; import org.wso2.carbon.device.mgt.core.config.email.NotificationMessages; import org.wso2.carbon.device.mgt.core.dao.*; import org.wso2.carbon.device.mgt.core.dto.DeviceType; @@ -144,7 +145,9 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv this.modifyEnrollment(device); status = true; } else { - this.setStatus(deviceIdentifier, existingEnrolmentInfo.getOwner(), EnrolmentInfo.Status.INACTIVE); + if (!EnrolmentInfo.Status.REMOVED.equals(existingEnrolmentInfo.getStatus())) { + this.setStatus(deviceIdentifier, existingEnrolmentInfo.getOwner(), EnrolmentInfo.Status.INACTIVE); + } int enrolmentId; try { DeviceManagementDAOFactory.beginTransaction(); @@ -494,6 +497,13 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv StringBuilder messageBuilder = new StringBuilder(); try { + + // Reading the download url from the cdm-config.xml file + EmailConfigurations emailConfig = + DeviceConfigurationManager.getInstance().getDeviceManagementConfig(). + getDeviceManagementConfigRepository().getEmailConfigurations(); + emailMessageProperties.setEnrolmentUrl(emailConfig.getlBHostPortPrefix()+ emailConfig.getEnrollmentContextPath()); + messageHeader = messageHeader.replaceAll("\\{" + EmailConstants.EnrolmentEmailConstants.FIRST_NAME + "\\}", URLEncoder.encode(emailMessageProperties.getFirstName(), EmailConstants.EnrolmentEmailConstants.ENCODED_SCHEME)); @@ -549,6 +559,14 @@ public class DeviceManagementProviderServiceImpl implements DeviceManagementProv StringBuilder messageBuilder = new StringBuilder(); try { + + // Reading the download url from the cdm-config.xml file + EmailConfigurations emailConfig = + DeviceConfigurationManager.getInstance().getDeviceManagementConfig(). + getDeviceManagementConfigRepository().getEmailConfigurations(); + emailMessageProperties.setEnrolmentUrl(emailConfig.getlBHostPortPrefix()+ emailConfig.getEnrollmentContextPath()); + + messageHeader = messageHeader.replaceAll("\\{" + EmailConstants.EnrolmentEmailConstants.FIRST_NAME + "\\}", URLEncoder.encode(emailMessageProperties.getFirstName(), EmailConstants.EnrolmentEmailConstants.ENCODED_SCHEME)); diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java index bdc5428984f..bf9a80e5ca0 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java @@ -29,13 +29,14 @@ import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthen import javax.servlet.http.HttpServletResponse; import java.util.Arrays; +import java.util.HashMap; import java.util.List; import java.util.StringTokenizer; public class WebappAuthenticationValve extends CarbonTomcatValve { private static final Log log = LogFactory.getLog(WebappAuthenticationValve.class); - private static final String BYPASS_URIS = "bypass-uris"; + private static HashMap nonSecuredEndpoints = new HashMap<>(); @Override public void invoke(Request request, Response response, CompositeValve compositeValve) { @@ -45,21 +46,6 @@ public class WebappAuthenticationValve extends CarbonTomcatValve { return; } - String byPassURIs = request.getContext().findParameter(WebappAuthenticationValve.BYPASS_URIS); - - if (byPassURIs != null && !byPassURIs.isEmpty()) { - List requestURI = Arrays.asList(byPassURIs.split(",")); - if (requestURI != null && requestURI.size() > 0) { - for (String pathURI : requestURI) { - pathURI = pathURI.replace("\n", "").replace("\r", "").trim(); - if (request.getRequestURI().equals(pathURI)) { - this.getNext().invoke(request, response, compositeValve); - return; - } - } - } - } - WebappAuthenticator authenticator = WebappAuthenticatorFactory.getAuthenticator(request); if (authenticator == null) { String msg = "Failed to load an appropriate authenticator to authenticate the request"; @@ -90,7 +76,7 @@ public class WebappAuthenticationValve extends CarbonTomcatValve { private boolean skipAuthentication(Request request) { String param = request.getContext().findParameter("doAuthentication"); - return (param == null || !Boolean.parseBoolean(param)); + return (param == null || !Boolean.parseBoolean(param) || isNonSecuredEndPoint(request)); } private boolean isContextSkipped(Request request) { @@ -112,6 +98,36 @@ public class WebappAuthenticationValve extends CarbonTomcatValve { return (ctx.equalsIgnoreCase("carbon") || ctx.equalsIgnoreCase("services")); } + private boolean isNonSecuredEndPoint(Request request) { + String uri = request.getRequestURI(); + if(!uri.endsWith("/")) { + uri = uri + "/"; + } + String ctx = request.getContextPath(); + //Check the context in nonSecuredEndpoints. If so it means current context is a skippedContext. + if (nonSecuredEndpoints.containsKey(uri)) { + return true; + } + String param = request.getContext().findParameter("nonSecuredEndPoints"); + String skippedEndPoint; + if (param != null && !param.isEmpty()) { + //Add the nonSecured end-points to cache + StringTokenizer tokenizer = new StringTokenizer(param, ","); + while (tokenizer.hasMoreTokens()) { + skippedEndPoint = ctx + tokenizer.nextToken(); + skippedEndPoint = skippedEndPoint.replace("\n", "").replace("\r", "").trim(); + if(!skippedEndPoint.endsWith("/")) { + skippedEndPoint = skippedEndPoint + "/"; + } + nonSecuredEndpoints.put(skippedEndPoint, "true"); + } + if (nonSecuredEndpoints.containsKey(uri)) { + return true; + } + } + return false; + } + private void processRequest(Request request, Response response, CompositeValve compositeValve, AuthenticationInfo authenticationInfo) { switch (authenticationInfo.getStatus()) { @@ -121,7 +137,7 @@ public class WebappAuthenticationValve extends CarbonTomcatValve { break; case FAILURE: String msg = "Failed to authorize incoming request"; - if(authenticationInfo.getMessage() != null && !authenticationInfo.getMessage().isEmpty()) { + if (authenticationInfo.getMessage() != null && !authenticationInfo.getMessage().isEmpty()) { msg = authenticationInfo.getMessage(); response.setHeader("WWW-Authenticate", msg); } @@ -132,5 +148,4 @@ public class WebappAuthenticationValve extends CarbonTomcatValve { break; } } - -} +} \ No newline at end of file diff --git a/features/device-mgt/org.wso2.carbon.device.mgt.server.feature/src/main/resources/conf/cdm-config.xml b/features/device-mgt/org.wso2.carbon.device.mgt.server.feature/src/main/resources/conf/cdm-config.xml index 0f5861cc1d1..2fdabf455a3 100644 --- a/features/device-mgt/org.wso2.carbon.device.mgt.server.feature/src/main/resources/conf/cdm-config.xml +++ b/features/device-mgt/org.wso2.carbon.device.mgt.server.feature/src/main/resources/conf/cdm-config.xml @@ -29,6 +29,8 @@ 100 20 1000 + https://localhost:9443 + /mdm/enrollment https://localhost:9443