Dileesha Rajapakse 9 years ago
commit 7b2cfd69f5

@ -150,4 +150,11 @@ public interface DeviceManager {
void addLicense(License license) throws LicenseManagementException;
/**
* Method to enable to device-authentication for the device-platform.
*
* @return Returns boolean status to enable or disable device-authentication.
*/
boolean requireDeviceAuthorization();
}

@ -21,6 +21,7 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
import org.wso2.carbon.device.mgt.common.spi.DeviceManagementService;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementServiceComponent;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagerStartupListener;
import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil;
@ -41,13 +42,16 @@ public class DeviceManagementPluginRepository implements DeviceManagerStartupLis
}
public void addDeviceManagementProvider(DeviceManagementService provider) throws DeviceManagementException {
String deviceType = provider.getType();
String deviceType = provider.getType();
synchronized (providers) {
try {
if (isInited) {
/* Initializing Device Management Service Provider */
provider.init();
DeviceManagerUtil.registerDeviceType(deviceType);
DeviceManagementDataHolder.getInstance().setRequireDeviceAuthorization(deviceType,
provider.getDeviceManager().requireDeviceAuthorization());
}
} catch (DeviceManagementException e) {
throw new DeviceManagementException("Error occurred while adding device management provider '" +
@ -76,6 +80,13 @@ public class DeviceManagementPluginRepository implements DeviceManagerStartupLis
try {
provider.init();
DeviceManagerUtil.registerDeviceType(provider.getType());
//TODO:
//This is a temporory fix.
//windows and IOS cannot resolve user info by extracting certs
//until fix that, use following variable to enable and disable of checking user authorization.
DeviceManagementDataHolder.getInstance().setRequireDeviceAuthorization(provider.getType(),
provider.getDeviceManager().requireDeviceAuthorization());
} catch (Throwable e) {
/* Throwable is caught intentionally as failure of one plugin - due to invalid start up parameters,
etc - should not block the initialization of other device management providers */

@ -21,10 +21,7 @@ package org.wso2.carbon.device.mgt.core.authorization;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.Device;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
import org.wso2.carbon.device.mgt.common.*;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAuthorizationResult;
@ -74,7 +71,7 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
String username = this.getUserName();
int tenantId = this.getTenantId();
if (username == null || username.isEmpty()) {
return false;
return !DeviceManagementDataHolder.getInstance().requireDeviceAuthorization(deviceIdentifier.getType());
}
try {
//Check for admin users. If the user is an admin user we authorize the access to that device.
@ -227,11 +224,14 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
private String getUserName() {
String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
String tenantDomain = MultitenantUtils.getTenantDomain(username);
if (username.endsWith(tenantDomain)) {
return username.substring(0, username.lastIndexOf("@"));
if (username != null && username.isEmpty()) {
String tenantDomain = MultitenantUtils.getTenantDomain(username);
if (username.endsWith(tenantDomain)) {
return username.substring(0, username.lastIndexOf("@"));
}
return username;
}
return username;
return null;
}
private int getTenantId() {

@ -30,6 +30,8 @@ import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.user.core.tenant.TenantManager;
import org.wso2.carbon.utils.ConfigurationContextService;
import java.util.HashMap;
public class DeviceManagementDataHolder {
private RealmService realmService;
@ -42,6 +44,7 @@ public class DeviceManagementDataHolder {
private AppManagementConfig appManagerConfig;
private OperationManager operationManager;
private ConfigurationContextService configurationContextService;
private HashMap<String,Boolean> requireDeviceAuthorization = new HashMap<>();
private DeviceAccessAuthorizationService deviceAccessAuthorizationService;
private static DeviceManagementDataHolder thisInstance = new DeviceManagementDataHolder();
@ -145,6 +148,14 @@ public class DeviceManagementDataHolder {
this.configurationContextService = configurationContextService;
}
public void setRequireDeviceAuthorization(String pluginType, boolean requireAuthentication) {
requireDeviceAuthorization.put(pluginType,requireAuthentication);
}
public boolean requireDeviceAuthorization(String pluginType) {
return requireDeviceAuthorization.get(pluginType);
}
public DeviceAccessAuthorizationService getDeviceAccessAuthorizationService() {
return deviceAccessAuthorizationService;
}

@ -116,4 +116,9 @@ public class TestDeviceManager implements DeviceManager {
}
@Override
public boolean requireDeviceAuthorization() {
return false;
}
}

Loading…
Cancel
Save