fixed secondary user-store related issues & multi-tenancy issues

4.x.x
harshanl 9 years ago
parent c1eea6894d
commit b4d17b888b

@ -31,6 +31,7 @@ import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionUtils; import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionUtils;
import org.wso2.carbon.user.api.UserRealm; import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException; import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.api.UserStoreManager;
import java.util.HashMap; import java.util.HashMap;
import java.util.List; import java.util.List;
@ -215,7 +216,7 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
UserRealm userRealm = DeviceManagementDataHolder.getInstance().getRealmService().getTenantUserRealm(tenantId); UserRealm userRealm = DeviceManagementDataHolder.getInstance().getRealmService().getTenantUserRealm(tenantId);
if (userRealm != null && userRealm.getAuthorizationManager() != null) { if (userRealm != null && userRealm.getAuthorizationManager() != null) {
return userRealm.getAuthorizationManager() return userRealm.getAuthorizationManager()
.isUserAuthorized(username, PermissionUtils.getAbsolutePermissionPath(EMM_ADMIN_PERMISSION), .isUserAuthorized(removeTenantDomain(username), PermissionUtils.getAbsolutePermissionPath(EMM_ADMIN_PERMISSION),
PermissionMethod.UI_EXECUTE); PermissionMethod.UI_EXECUTE);
} }
return false; return false;
@ -224,14 +225,18 @@ public class DeviceAccessAuthorizationServiceImpl implements DeviceAccessAuthori
private String getUserName() { private String getUserName() {
String username = CarbonContext.getThreadLocalCarbonContext().getUsername(); String username = CarbonContext.getThreadLocalCarbonContext().getUsername();
if (username != null && !username.isEmpty()) { if (username != null && !username.isEmpty()) {
return removeTenantDomain(username);
}
return null;
}
private String removeTenantDomain(String username) {
String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
if (username.endsWith(tenantDomain)) { if (username.endsWith(tenantDomain)) {
return username.substring(0, username.lastIndexOf("@")); return username.substring(0, username.lastIndexOf("@"));
} }
return username; return username;
} }
return null;
}
private int getTenantId() { private int getTenantId() {
return CarbonContext.getThreadLocalCarbonContext().getTenantId(); return CarbonContext.getThreadLocalCarbonContext().getTenantId();

@ -207,7 +207,7 @@ public class PolicyManagerUtil {
if (configuration != null && !configuration.isEmpty()) { if (configuration != null && !configuration.isEmpty()) {
for (ConfigurationEntry cEntry : configuration) { for (ConfigurationEntry cEntry : configuration) {
if (cEntry.getName().equalsIgnoreCase(MONITORING_FREQUENCY)) { if (cEntry.getName().equalsIgnoreCase(MONITORING_FREQUENCY)) {
monitoringFrequency = (int) cEntry.getValue(); monitoringFrequency = Integer.parseInt((String)cEntry.getValue());
} }
} }
} }

@ -139,7 +139,7 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
msg = authenticationInfo.getMessage(); msg = authenticationInfo.getMessage();
response.setHeader("WWW-Authenticate", msg); response.setHeader("WWW-Authenticate", msg);
} }
log.error(msg); log.error(msg + " , API : " + request.getRequestURI());
AuthenticationFrameworkUtil AuthenticationFrameworkUtil
.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, .handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED,
msg); msg);

@ -112,9 +112,9 @@ public class OAuthAuthenticator implements WebappAuthenticator {
if (oAuth2TokenValidationResponseDTO.isValid()) { if (oAuth2TokenValidationResponseDTO.isValid()) {
String username = oAuth2TokenValidationResponseDTO.getAuthorizedUser(); String username = oAuth2TokenValidationResponseDTO.getAuthorizedUser();
//Remove the userstore domain from username //Remove the userstore domain from username
if (username.contains("/")) { /*if (username.contains("/")) {
username = username.substring(username.indexOf('/') + 1); username = username.substring(username.indexOf('/') + 1);
} }*/
authenticationInfo.setUsername(username); authenticationInfo.setUsername(username);
authenticationInfo.setTenantDomain(MultitenantUtils.getTenantDomain(username)); authenticationInfo.setTenantDomain(MultitenantUtils.getTenantDomain(username));
authenticationInfo.setTenantId(Utils.getTenantIdOFUser(username)); authenticationInfo.setTenantId(Utils.getTenantIdOFUser(username));

Loading…
Cancel
Save