From 16edca2aeadf741b377d119f938ca9388ef98957 Mon Sep 17 00:00:00 2001 From: inoshperera Date: Fri, 24 Jun 2016 13:57:48 +0530 Subject: [PATCH 1/2] fixing ios enrollment issue by fetching the identity certificate from the header. --- .../framework/authenticator/CertificateAuthenticator.java | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java index 30313d24992..0b53c873061 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/CertificateAuthenticator.java @@ -29,7 +29,7 @@ public class CertificateAuthenticator implements WebappAuthenticator { private static final String CERTIFICATE_AUTHENTICATOR = "CertificateAuth"; private static final String MUTUAL_AUTH_HEADER = "mutual-auth-header"; private static final String PROXY_MUTUAL_AUTH_HEADER = "proxy-mutual-auth-header"; - private static final String CERTIFICATE_VERIFICATION_HEADER = "certificate-verification-header"; + private static final String CERTIFICATE_VERIFICATION_HEADER = "Mdm-Signature"; private static final String CLIENT_CERTIFICATE_ATTRIBUTE = "javax.servlet.request.X509Certificate"; @Override @@ -55,7 +55,6 @@ public class CertificateAuthenticator implements WebappAuthenticator { authenticationInfo.setStatus(Status.CONTINUE); } - String certVerificationHeader = request.getContext().findParameter(CERTIFICATE_VERIFICATION_HEADER); try { // When there is a load balancer terminating mutual SSL, it should pass this header along and // as the value of this header, the client certificate subject dn should be passed. @@ -78,7 +77,7 @@ public class CertificateAuthenticator implements WebappAuthenticator { } } else if (request.getHeader(CERTIFICATE_VERIFICATION_HEADER) != null) { - String certHeader = request.getHeader(certVerificationHeader); + String certHeader = request.getHeader(CERTIFICATE_VERIFICATION_HEADER); if (certHeader != null && AuthenticatorFrameworkDataHolder.getInstance().getCertificateManagementService(). verifySignature(certHeader)) { From 50009c7ac580a43a5fb45647b009b79e3d972e01 Mon Sep 17 00:00:00 2001 From: inoshperera Date: Fri, 24 Jun 2016 16:13:50 +0530 Subject: [PATCH 2/2] adding apply policy end point --- .../service/api/PolicyManagementService.java | 25 +++++++++++++++++++ .../impl/PolicyManagementServiceImpl.java | 17 +++++++++++++ .../src/main/webapp/META-INF/permissions.xml | 6 +++++ 3 files changed, 48 insertions(+) diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java index c1e268eb7fa..84a4179a708 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/api/PolicyManagementService.java @@ -386,5 +386,30 @@ public interface PolicyManagementService { @ApiParam(name = "policyIds", value = "Policy ID list to be deactivated.", required = true) List policyIds); + @PUT + @Produces("application/json") + @Path("apply-changes") + @ApiOperation( + consumes = MediaType.APPLICATION_JSON, + produces = MediaType.APPLICATION_JSON, + httpMethod = "PUT", + value = "Applying Changes on Policies.", + notes = "Policies in the active state will be applied to new device that register with WSO2 EMM based on" + + " the policy enforcement criteria . In a situation where you need to make changes to existing" + + " policies (removing, activating, deactivating and updating) or add new policies, the existing" + + " devices will not receive these changes immediately. Once all the required changes are made" + + " you need to apply the changes to push the policy changes to the existing devices.") + @ApiResponses(value = { + @ApiResponse( + code = 200, + message = "Changes have been successfully updated."), + @ApiResponse( + code = 500, + message = "ErrorResponse in deactivating policies.", + response = ErrorResponse.class) + }) + @Permission(scope = "policy-modify", permissions = {"/permission/admin/device-mgt/admin/policies/update"}) + Response applyChanges(); + } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/PolicyManagementServiceImpl.java b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/PolicyManagementServiceImpl.java index e22b3996d17..2cc81ad7b89 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/PolicyManagementServiceImpl.java +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/java/org/wso2/carbon/device/mgt/jaxrs/service/impl/PolicyManagementServiceImpl.java @@ -301,4 +301,21 @@ public class PolicyManagementServiceImpl implements PolicyManagementService { } } + @Override + @PUT + @Produces("application/json") + @Path("apply-changes") + public Response applyChanges() { + try { + PolicyManagerService policyManagementService = DeviceMgtAPIUtils.getPolicyManagementService(); + PolicyAdministratorPoint pap = policyManagementService.getPAP(); + pap.publishChanges(); + } catch (PolicyManagementException e) { + String msg = "Exception in applying changes."; + log.error(msg, e); + throw new UnexpectedServerErrorException( + new ErrorResponse.ErrorResponseBuilder().setCode(500l).setMessage(msg).build()); + } + return Response.status(Response.Status.OK).entity("Changes have been successfully updated.").build(); + } } diff --git a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/META-INF/permissions.xml b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/META-INF/permissions.xml index 1e254bbce1e..d7249c6fde7 100644 --- a/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/META-INF/permissions.xml +++ b/components/device-mgt/org.wso2.carbon.device.mgt.api/src/main/webapp/META-INF/permissions.xml @@ -611,6 +611,12 @@ /policies/* Put + + Edit policy + /device-mgt/admin/policies/update + /policies/apply-changes + PUT +