hasuniea 9 years ago
commit 7c41b50203

@ -150,4 +150,11 @@ public interface DeviceManager {
void addLicense(License license) throws LicenseManagementException;
/**
* Method to enable to device-authentication for the device-platform.
*
* @return Returns boolean status to enable or disable device-authentication.
*/
boolean requireDeviceAuthorization();
}

@ -21,6 +21,7 @@ import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
import org.wso2.carbon.device.mgt.common.spi.DeviceManagementService;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementServiceComponent;
import org.wso2.carbon.device.mgt.core.internal.DeviceManagerStartupListener;
import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil;
@ -48,6 +49,9 @@ public class DeviceManagementPluginRepository implements DeviceManagerStartupLis
/* Initializing Device Management Service Provider */
provider.init();
DeviceManagerUtil.registerDeviceType(deviceType);
DeviceManagementDataHolder.getInstance().setRequireDeviceAuthorization(deviceType,
provider.getDeviceManager().requireDeviceAuthorization());
}
} catch (DeviceManagementException e) {
throw new DeviceManagementException("Error occurred while adding device management provider '" +
@ -76,6 +80,13 @@ public class DeviceManagementPluginRepository implements DeviceManagerStartupLis
try {
provider.init();
DeviceManagerUtil.registerDeviceType(provider.getType());
//TODO:
//This is a temporory fix.
//windows and IOS cannot resolve user info by extracting certs
//until fix that, use following variable to enable and disable of checking user authorization.
DeviceManagementDataHolder.getInstance().setRequireDeviceAuthorization(provider.getType(),
provider.getDeviceManager().requireDeviceAuthorization());
} catch (Throwable e) {
/* Throwable is caught intentionally as failure of one plugin - due to invalid start up parameters,
etc - should not block the initialization of other device management providers */

@ -21,10 +21,7 @@ package org.wso2.carbon.device.mgt.core.authorization;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.common.Device;
import org.wso2.carbon.device.mgt.common.DeviceIdentifier;
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
import org.wso2.carbon.device.mgt.common.EnrolmentInfo;
import org.wso2.carbon.device.mgt.common.*;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationException;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAccessAuthorizationService;
import org.wso2.carbon.device.mgt.common.authorization.DeviceAuthorizationResult;
@ -74,7 +71,7 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
String username = this.getUserName();
int tenantId = this.getTenantId();
if (username == null || username.isEmpty()) {
return false;
return !DeviceManagementDataHolder.getInstance().requireDeviceAuthorization(deviceIdentifier.getType());
}
try {
//Check for admin users. If the user is an admin user we authorize the access to that device.
@ -227,12 +224,15 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
private String getUserName() {
String username = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
if (username != null && username.isEmpty()) {
String tenantDomain = MultitenantUtils.getTenantDomain(username);
if (username.endsWith(tenantDomain)) {
return username.substring(0, username.lastIndexOf("@"));
}
return username;
}
return null;
}
private int getTenantId() {
return PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();

@ -30,6 +30,8 @@ import org.wso2.carbon.user.core.service.RealmService;
import org.wso2.carbon.user.core.tenant.TenantManager;
import org.wso2.carbon.utils.ConfigurationContextService;
import java.util.HashMap;
public class DeviceManagementDataHolder {
private RealmService realmService;
@ -42,6 +44,7 @@ public class DeviceManagementDataHolder {
private AppManagementConfig appManagerConfig;
private OperationManager operationManager;
private ConfigurationContextService configurationContextService;
private HashMap<String,Boolean> requireDeviceAuthorization = new HashMap<>();
private DeviceAccessAuthorizationService deviceAccessAuthorizationService;
private static DeviceManagementDataHolder thisInstance = new DeviceManagementDataHolder();
@ -145,6 +148,14 @@ public class DeviceManagementDataHolder {
this.configurationContextService = configurationContextService;
}
public void setRequireDeviceAuthorization(String pluginType, boolean requireAuthentication) {
requireDeviceAuthorization.put(pluginType,requireAuthentication);
}
public boolean requireDeviceAuthorization(String pluginType) {
return requireDeviceAuthorization.get(pluginType);
}
public DeviceAccessAuthorizationService getDeviceAccessAuthorizationService() {
return deviceAccessAuthorizationService;
}

@ -116,4 +116,9 @@ public class TestDeviceManager implements DeviceManager {
}
@Override
public boolean requireDeviceAuthorization() {
return false;
}
}

@ -1435,8 +1435,19 @@
<enabled>false</enabled>
</releases>
</repository>
<!--<repository>-->
<!--<id>wso2-staging</id>-->
<!--<name>WSO2 internal Repository</name>-->
<!--<url>http://maven.wso2.org/nexus/content/repositories/orgwso2carbonapimgt-125/</url>-->
<!--<releases>-->
<!--<enabled>true</enabled>-->
<!--<updatePolicy>daily</updatePolicy>-->
<!--<checksumPolicy>ignore</checksumPolicy>-->
<!--</releases>-->
<!--</repository>-->
</repositories>
<properties>
<testng.version>6.1.1</testng.version>
<carbon.kernel.version>4.4.2</carbon.kernel.version>
@ -1506,7 +1517,7 @@
<version.commons.lang>2.6.0.wso2v1</version.commons.lang>
<!-- Carbon API Management -->
<carbon.api.mgt.version>4.3.0-SNAPSHOT</carbon.api.mgt.version>
<carbon.api.mgt.version>4.3.0</carbon.api.mgt.version>
<!--CXF properties-->
<cxf.version>2.7.16</cxf.version>

Loading…
Cancel
Save