Dileesha Rajapakse 9 years ago
commit 7b2cfd69f5

@ -150,4 +150,11 @@ public interface DeviceManager {
void addLicense(License license) throws LicenseManagementException; void addLicense(License license) throws LicenseManagementException;
/**
* Method to enable to device-authentication for the device-platform.
*
* @return Returns boolean status to enable or disable device-authentication.
*/
boolean requireDeviceAuthorization();
} }

@ -21,6 +21,7 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.device.mgt.common.DeviceManagementException; import org.wso2.carbon.device.mgt.common.DeviceManagementException;
import org.wso2.carbon.device.mgt.common.spi.DeviceManagementService; import org.wso2.carbon.device.mgt.common.spi.DeviceManagementService;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementServiceComponent; import org.wso2.carbon.device.mgt.core.internal.DeviceManagementServiceComponent;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagerStartupListener; import org.wso2.carbon.device.mgt.core.internal.DeviceManagerStartupListener;
import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil; import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil;
@ -48,6 +49,9 @@ public class DeviceManagementPluginRepository implements DeviceManagerStartupLis
/* Initializing Device Management Service Provider */ /* Initializing Device Management Service Provider */
provider.init(); provider.init();
DeviceManagerUtil.registerDeviceType(deviceType); DeviceManagerUtil.registerDeviceType(deviceType);
DeviceManagementDataHolder.getInstance().setRequireDeviceAuthorization(deviceType,
provider.getDeviceManager().requireDeviceAuthorization());
} }
} catch (DeviceManagementException e) { } catch (DeviceManagementException e) {
throw new DeviceManagementException("Error occurred while adding device management provider '" + throw new DeviceManagementException("Error occurred while adding device management provider '" +
@ -76,6 +80,13 @@ public class DeviceManagementPluginRepository implements DeviceManagerStartupLis
try { try {
provider.init(); provider.init();
DeviceManagerUtil.registerDeviceType(provider.getType()); DeviceManagerUtil.registerDeviceType(provider.getType());
//TODO:
//This is a temporory fix.
//windows and IOS cannot resolve user info by extracting certs
//until fix that, use following variable to enable and disable of checking user authorization.
DeviceManagementDataHolder.getInstance().setRequireDeviceAuthorization(provider.getType(),
provider.getDeviceManager().requireDeviceAuthorization());
} catch (Throwable e) { } catch (Throwable e) {
/* Throwable is caught intentionally as failure of one plugin - due to invalid start up parameters, /* Throwable is caught intentionally as failure of one plugin - due to invalid start up parameters,
etc - should not block the initialization of other device management providers */ etc - should not block the initialization of other device management providers */

@ -21,10 +21,7 @@ package org.wso2.carbon.device.mgt.core.authorization;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.Device; import org.wso2.carbon.device.mgt.common.*;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException; import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService; import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAuthorizationResult; import org.wso2.carbon.device.mgt.common.authorization.DeviceAuthorizationResult;
@ -74,7 +71,7 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
String username = this.getUserName(); String username = this.getUserName();
int tenantId = this.getTenantId(); int tenantId = this.getTenantId();
if (username == null || username.isEmpty()) { if (username == null || username.isEmpty()) {
return false; return !DeviceManagementDataHolder.getInstance().requireDeviceAuthorization(deviceIdentifier.getType());
} }
try { try {
//Check for admin users. If the user is an admin user we authorize the access to that device. //Check for admin users. If the user is an admin user we authorize the access to that device.
@ -227,12 +224,15 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
private String getUserName() { private String getUserName() {
String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername(); String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
if (username != null && username.isEmpty()) {
String tenantDomain = MultitenantUtils.getTenantDomain(username); String tenantDomain = MultitenantUtils.getTenantDomain(username);
if (username.endsWith(tenantDomain)) { if (username.endsWith(tenantDomain)) {
return username.substring(0, username.lastIndexOf("@")); return username.substring(0, username.lastIndexOf("@"));
} }
return username; return username;
} }
return null;
}
private int getTenantId() { private int getTenantId() {
return PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); return PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();

@ -30,6 +30,8 @@ import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.user.core.tenant.TenantManager; import org.wso2.carbon.user.core.tenant.TenantManager;
import org.wso2.carbon.utils.ConfigurationContextService; import org.wso2.carbon.utils.ConfigurationContextService;
import java.util.HashMap;
public class DeviceManagementDataHolder { public class DeviceManagementDataHolder {
private RealmService realmService; private RealmService realmService;
@ -42,6 +44,7 @@ public class DeviceManagementDataHolder {
private AppManagementConfig appManagerConfig; private AppManagementConfig appManagerConfig;
private OperationManager operationManager; private OperationManager operationManager;
private ConfigurationContextService configurationContextService; private ConfigurationContextService configurationContextService;
private HashMap<String,Boolean> requireDeviceAuthorization = new HashMap<>();
private DeviceAccessAuthorizationService deviceAccessAuthorizationService; private DeviceAccessAuthorizationService deviceAccessAuthorizationService;
private static DeviceManagementDataHolder thisInstance = new DeviceManagementDataHolder(); private static DeviceManagementDataHolder thisInstance = new DeviceManagementDataHolder();
@ -145,6 +148,14 @@ public class DeviceManagementDataHolder {
this.configurationContextService = configurationContextService; this.configurationContextService = configurationContextService;
} }
public void setRequireDeviceAuthorization(String pluginType, boolean requireAuthentication) {
requireDeviceAuthorization.put(pluginType,requireAuthentication);
}
public boolean requireDeviceAuthorization(String pluginType) {
return requireDeviceAuthorization.get(pluginType);
}
public DeviceAccessAuthorizationService getDeviceAccessAuthorizationService() { public DeviceAccessAuthorizationService getDeviceAccessAuthorizationService() {
return deviceAccessAuthorizationService; return deviceAccessAuthorizationService;
} }

@ -116,4 +116,9 @@ public class TestDeviceManager implements DeviceManager {
} }
@Override
public boolean requireDeviceAuthorization() {
return false;
}
} }

Loading…
Cancel
Save