- Added the username/password criteria in usermanager 08/208/2
authordibhatia <dibhatia@cisco.com>
Thu, 18 Apr 2013 19:55:33 +0000 (12:55 -0700)
committerdibhatia <dibhatia@cisco.com>
Thu, 18 Apr 2013 19:55:33 +0000 (12:55 -0700)
- Relaxed the criteria for nodename/gateway name in devices

Change-Id: Id476f2d99e7dbaf285df761ff7e756d3d592cce3
Signed-off-by: dibhatia <dibhatia@cisco.com>
opendaylight/usermanager/src/main/java/org/opendaylight/controller/usermanager/internal/AuthorizationConfig.java
opendaylight/usermanager/src/main/java/org/opendaylight/controller/usermanager/internal/UserConfig.java
opendaylight/usermanager/src/main/java/org/opendaylight/controller/usermanager/internal/UserManagerImpl.java
opendaylight/usermanager/src/test/java/org/opendaylight/controller/usermanager/internal/AuthorizationUserConfigTest.java
opendaylight/web/devices/src/main/resources/js/page.js

index 3eafe2b..2474eec 100644 (file)
@@ -8,36 +8,36 @@
 
 package org.opendaylight.controller.usermanager.internal;
 
+import org.opendaylight.controller.sal.utils.Status;
 
 /**
  * Configuration Java Object which represents a Local configured Authorization
  * for a remote authenticated user for User Manager.
  */
 public class AuthorizationConfig extends UserConfig {
-       private static final long serialVersionUID = 1L;
-
-       public AuthorizationConfig() {
-               super();
-       }
-
-       // Constructor may be needed for autocontainer logic
-       public AuthorizationConfig(String user, String role) {
-               super();
-               this.user = user;
-               this.role = role;
-       }
-
-       @Override
-       public boolean isValid() {
-               return (user != null && !user.isEmpty() && role != null && !role
-                               .isEmpty());
-       }
-
-       public String getRolesData() {
-               return (role.replace(",", " "));
-       }
-
-       public String toString() {
-               return "AuthorizationConfig=[user: " + user + ", role: " + role + "]";
-       }
+    private static final long serialVersionUID = 1L;
+
+    public AuthorizationConfig() {
+        super();
+    }
+
+    // Constructor may be needed for autocontainer logic
+    public AuthorizationConfig(String user, String role) {
+        super();
+        this.user = user;
+        this.role = role;
+    }
+
+    @Override
+    public Status validate() {
+        return (!isRoleValid().isSuccess() ? isRoleValid() : isUsernameValid());
+    }
+
+    public String getRolesData() {
+        return (role.replace(",", " "));
+    }
+
+    public String toString() {
+        return "AuthorizationConfig=[user: " + user + ", role: " + role + "]";
+    }
 }
index 884ab87..cedae6c 100644 (file)
@@ -9,47 +9,56 @@
 package org.opendaylight.controller.usermanager.internal;
 
 import java.io.Serializable;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 
 import org.apache.commons.lang3.builder.EqualsBuilder;
 import org.apache.commons.lang3.builder.HashCodeBuilder;
 import org.opendaylight.controller.sal.authorization.AuthResultEnum;
+import org.opendaylight.controller.sal.utils.Status;
+import org.opendaylight.controller.sal.utils.StatusCode;
 import org.opendaylight.controller.usermanager.AuthResponse;
 
 /**
- * Configuration Java Object which represents a Local AAA user
- * configuration information for User Manager. 
+ * Configuration Java Object which represents a Local AAA user configuration
+ * information for User Manager.
  */
 public class UserConfig implements Serializable {
-       private static final long serialVersionUID = 1L;
+    private static final long serialVersionUID = 1L;
 
-       /*
-        * Clear text password as we are moving to some MD5 digest
-        * for when saving configurations
-        */
-       protected String user;
-       protected String role;
-       private String password;
+    /*
+     * Clear text password as we are moving to some MD5 digest for when saving
+     * configurations
+     */
+    protected String user;
+    protected String role;
+    private String password;
+    private static final int USERNAME_MAXLENGTH = 32;
+    private static final int PASSWORD_MINLENGTH = 5;
+    private static final int PASSWORD_MAXLENGTH = 256;
+    private static final Pattern INVALID_USERNAME_CHARACTERS = Pattern
+            .compile("([/\\s\\.\\?#%;\\\\]+)");
 
-       public UserConfig() {
-       }
+    public UserConfig() {
+    }
 
-       public UserConfig(String user, String password, String role) {
-               this.user = user;
-               this.password = password;
-               this.role = role;
-       }
+    public UserConfig(String user, String password, String role) {
+        this.user = user;
+        this.password = password;
+        this.role = role;
+    }
 
-       public String getUser() {
-               return user;
-       }
+    public String getUser() {
+        return user;
+    }
 
-       public String getPassword() {
-               return password;
-       }
+    public String getPassword() {
+        return password;
+    }
 
-       public String getRole() {
-               return role;
-       }
+    public String getRole() {
+        return role;
+    }
 
     @Override
     public int hashCode() {
@@ -60,41 +69,86 @@ public class UserConfig implements Serializable {
     public boolean equals(Object obj) {
         return EqualsBuilder.reflectionEquals(this, obj);
     }
-    
+
     @Override
     public String toString() {
-       return "UserConfig[user="+ user + ", password=" + password + "]";
+        return "UserConfig[user=" + user + ", password=" + password + "]";
+    }
+
+    public Status validate() {
+        Status validCheck = new Status(StatusCode.SUCCESS, null);
+        validCheck = isRoleValid();
+
+        if (validCheck.isSuccess())
+            validCheck = isUsernameValid();
+        if (validCheck.isSuccess())
+            validCheck = isPasswordValid();
+
+        return validCheck;
+    }
+
+    protected Status isUsernameValid() {
+        if (user == null || user.isEmpty()) {
+            return new Status(StatusCode.BADREQUEST, "Username cannot be empty");
+        }
+
+        Matcher mUser = UserConfig.INVALID_USERNAME_CHARACTERS.matcher(user);
+        if (user.length() > UserConfig.USERNAME_MAXLENGTH
+                || mUser.find() == true) {
+            return new Status(StatusCode.BADREQUEST,
+                    "Username can have 1-32 non-whitespace "
+                            + "alphanumeric characters and any special "
+                            + "characters except ./#%;?\\");
+        }
+
+        return new Status(StatusCode.SUCCESS, null);
+    }
+
+    private Status isPasswordValid() {
+        if (password == null || password.isEmpty()) {
+            return new Status(StatusCode.BADREQUEST, "Password cannot be empty");
+        }
+
+        if (password.length() < UserConfig.PASSWORD_MINLENGTH
+                || password.length() > UserConfig.PASSWORD_MAXLENGTH) {
+            return new Status(StatusCode.BADREQUEST,
+                    "Password should have 5-256 characters");
+        }
+        return new Status(StatusCode.SUCCESS, null);
     }
 
-       public boolean isValid() {
-               return (user != null && !user.isEmpty() && role != null
-                               && !role.isEmpty() && password != null && !password.isEmpty());
-       }
-
-       public boolean update(String currentPassword, String newPassword,
-                       String newRole) {
-               // To make any changes to a user configured profile, current password
-               // must always be provided
-               if (!this.password.equals(currentPassword)) {
-                       return false;
-               }
-               if (newPassword != null) {
-                       this.password = newPassword;
-               }
-               if (newRole != null) {
-                       this.role = newRole;
-               }
-               return true;
-       }
-
-       public AuthResponse authenticate(String clearTextPass) {
-               AuthResponse locResponse = new AuthResponse();
-               if (password.equals(clearTextPass)) {
-                       locResponse.setStatus(AuthResultEnum.AUTH_ACCEPT_LOC);
-                       locResponse.addData(role.replace(",", " "));
-               } else {
-                       locResponse.setStatus(AuthResultEnum.AUTH_REJECT_LOC);
-               }
-               return locResponse;
-       }
+    protected Status isRoleValid() {
+        if (role == null || role.isEmpty()) {
+            return new Status(StatusCode.BADREQUEST,
+                    "Role name cannot be empty");
+        }
+        return new Status(StatusCode.SUCCESS, null);
+    }
+
+    public boolean update(String currentPassword, String newPassword,
+            String newRole) {
+        // To make any changes to a user configured profile, current password
+        // must always be provided
+        if (!this.password.equals(currentPassword)) {
+            return false;
+        }
+        if (newPassword != null) {
+            this.password = newPassword;
+        }
+        if (newRole != null) {
+            this.role = newRole;
+        }
+        return true;
+    }
+
+    public AuthResponse authenticate(String clearTextPass) {
+        AuthResponse locResponse = new AuthResponse();
+        if (password.equals(clearTextPass)) {
+            locResponse.setStatus(AuthResultEnum.AUTH_ACCEPT_LOC);
+            locResponse.addData(role.replace(",", " "));
+        } else {
+            locResponse.setStatus(AuthResultEnum.AUTH_REJECT_LOC);
+        }
+        return locResponse;
+    }
 }
index 3e57ed8..1b9c749 100644 (file)
@@ -82,7 +82,13 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
     private static final String authFileName = ROOT + "authorization.conf";
     private ConcurrentMap<String, UserConfig> localUserConfigList;
     private ConcurrentMap<String, ServerConfig> remoteServerConfigList;
-    private ConcurrentMap<String, AuthorizationConfig> authorizationConfList; // local authorization info for remotely authenticated users
+    private ConcurrentMap<String, AuthorizationConfig> authorizationConfList; // local
+                                                                              // authorization
+                                                                              // info
+                                                                              // for
+                                                                              // remotely
+                                                                              // authenticated
+                                                                              // users
     private ConcurrentMap<String, AuthenticatedUser> activeUsers;
     private ConcurrentMap<String, IAAAProvider> authProviders;
     private ConcurrentMap<Long, String> localUserListSaveConfigEvent,
@@ -94,8 +100,7 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
     private ISessionManager sessionMgr = new SessionManager();
 
     public boolean addAAAProvider(IAAAProvider provider) {
-        if (provider == null
-                       || provider.getName() == null
+        if (provider == null || provider.getName() == null
                 || provider.getName().trim().isEmpty()) {
             return false;
         }
@@ -124,8 +129,7 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
         this.applicationAuthorizationClients = Collections
                 .synchronizedSet(new HashSet<IResourceAuthorization>());
         if (clusterGlobalService == null) {
-            logger
-                    .error("un-initialized clusterGlobalService, can't create cache");
+            logger.error("un-initialized clusterGlobalService, can't create cache");
             return;
         }
 
@@ -134,36 +138,35 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
                     EnumSet.of(IClusterServices.cacheMode.NON_TRANSACTIONAL));
 
             clusterGlobalService.createCache(
-                    "usermanager.remoteServerConfigList", EnumSet
-                            .of(IClusterServices.cacheMode.NON_TRANSACTIONAL));
+                    "usermanager.remoteServerConfigList",
+                    EnumSet.of(IClusterServices.cacheMode.NON_TRANSACTIONAL));
 
             clusterGlobalService.createCache(
-                    "usermanager.authorizationConfList", EnumSet
-                            .of(IClusterServices.cacheMode.NON_TRANSACTIONAL));
+                    "usermanager.authorizationConfList",
+                    EnumSet.of(IClusterServices.cacheMode.NON_TRANSACTIONAL));
 
-            clusterGlobalService.createCache("usermanager.activeUsers", EnumSet
-                    .of(IClusterServices.cacheMode.NON_TRANSACTIONAL));
+            clusterGlobalService.createCache("usermanager.activeUsers",
+                    EnumSet.of(IClusterServices.cacheMode.NON_TRANSACTIONAL));
 
             clusterGlobalService.createCache(
-                    "usermanager.localUserSaveConfigEvent", EnumSet
-                            .of(IClusterServices.cacheMode.NON_TRANSACTIONAL));
+                    "usermanager.localUserSaveConfigEvent",
+                    EnumSet.of(IClusterServices.cacheMode.NON_TRANSACTIONAL));
 
             clusterGlobalService.createCache(
-                    "usermanager.remoteServerSaveConfigEvent", EnumSet
-                            .of(IClusterServices.cacheMode.NON_TRANSACTIONAL));
+                    "usermanager.remoteServerSaveConfigEvent",
+                    EnumSet.of(IClusterServices.cacheMode.NON_TRANSACTIONAL));
 
             clusterGlobalService.createCache(
-                    "usermanager.authorizationSaveConfigEvent", EnumSet
-                            .of(IClusterServices.cacheMode.NON_TRANSACTIONAL));
+                    "usermanager.authorizationSaveConfigEvent",
+                    EnumSet.of(IClusterServices.cacheMode.NON_TRANSACTIONAL));
         } catch (CacheConfigException cce) {
             logger.error("\nCache configuration invalid - check cache mode");
         } catch (CacheExistException ce) {
-            logger
-                    .error("\nCache already exits - destroy and recreate if needed");
+            logger.error("\nCache already exits - destroy and recreate if needed");
         }
     }
 
-    @SuppressWarnings( { "unchecked", "deprecation" })
+    @SuppressWarnings({ "unchecked", "deprecation" })
     private void retrieveCaches() {
         if (clusterGlobalService == null) {
             logger.error("un-initialized clusterService, can't retrieve cache");
@@ -203,25 +206,23 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
         remoteServerSaveConfigEvent = (ConcurrentMap<Long, String>) clusterGlobalService
                 .getCache("usermanager.remoteServerSaveConfigEvent");
         if (remoteServerSaveConfigEvent == null) {
-            logger
-                    .error("\nFailed to get cache for remoteServerSaveConfigEvent");
+            logger.error("\nFailed to get cache for remoteServerSaveConfigEvent");
         }
 
         authorizationSaveConfigEvent = (ConcurrentMap<Long, String>) clusterGlobalService
                 .getCache("usermanager.authorizationSaveConfigEvent");
         if (authorizationSaveConfigEvent == null) {
-            logger
-                    .error("\nFailed to get cache for authorizationSaveConfigEvent");
+            logger.error("\nFailed to get cache for authorizationSaveConfigEvent");
         }
     }
 
     private void loadConfigurations() {
-       // To encode and decode user and server configuration objects
-       loadSecurityKeys();
-       
+        // To encode and decode user and server configuration objects
+        loadSecurityKeys();
+
         /*
-         * Do not load local startup file if we already got the
-         * configurations synced from another cluster node
+         * Do not load local startup file if we already got the configurations
+         * synced from another cluster node
          */
         if (localUserConfigList.isEmpty()) {
             loadUserConfig();
@@ -235,17 +236,15 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
     }
 
     private void loadSecurityKeys() {
-               
-       }
 
-       private void checkDefaultNetworkAdmin() {
-        // If startup config is not there, it's old or it was deleted, 
-               // need to add Default Admin
+    }
+
+    private void checkDefaultNetworkAdmin() {
+        // If startup config is not there, it's old or it was deleted,
+        // need to add Default Admin
         if (!localUserConfigList.containsKey(defaultAdmin)) {
-               localUserConfigList.put(defaultAdmin,
-                                               new UserConfig(defaultAdmin,
-                                                               defaultAdminPassword,
-                                                       defaultAdminRole));
+            localUserConfigList.put(defaultAdmin, new UserConfig(defaultAdmin,
+                    defaultAdminPassword, defaultAdminRole));
         }
     }
 
@@ -269,10 +268,9 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
                 rcResponse = aaaClient.authService(userName, password,
                         aaaServer.getAddress(), aaaServer.getSecret());
                 if (rcResponse.getStatus() == AuthResultEnum.AUTH_ACCEPT) {
-                    logger
-                            .info(
-                                    "Remote Authentication Succeeded for User: \"{}\", by Server: {}",
-                                    userName, aaaServer.getAddress());
+                    logger.info(
+                            "Remote Authentication Succeeded for User: \"{}\", by Server: {}",
+                            userName, aaaServer.getAddress());
                     remotelyAuthenticated = true;
                     break;
                 } else if (rcResponse.getStatus() == AuthResultEnum.AUTH_REJECT) {
@@ -299,9 +297,10 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
             }
             rcResponse = localUser.authenticate(password);
             if (rcResponse.getStatus() != AuthResultEnum.AUTH_ACCEPT_LOC) {
-                logger.info("Local Authentication Failed for User: \"{}\", Reason: {}",
-                                userName, rcResponse.getStatus().toString());
-                
+                logger.info(
+                        "Local Authentication Failed for User: \"{}\", Reason: {}",
+                        userName, rcResponse.getStatus().toString());
+
                 return (rcResponse.getStatus());
             }
             logger.info("Local Authentication Succeeded for User: \"{}\"",
@@ -314,8 +313,8 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
         result = new AuthenticatedUser(userName);
 
         /*
-         * Extract attributes from response
-         * All the information we are interested in is in the first Cisco VSA (vendor specific attribute).
+         * Extract attributes from response All the information we are
+         * interested in is in the first Cisco VSA (vendor specific attribute).
          * Just process the first VSA and return
          */
         String attributes = (rcResponse.getData() != null && !rcResponse
@@ -327,15 +326,14 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
         authorizationInfoIsPresent = checkAuthorizationInfo(attributes);
 
         /*
-         * The AAA server was only used to perform the authentication
-         * Look for locally stored authorization info for this user
-         * If found, add the data to the rcResponse
+         * The AAA server was only used to perform the authentication Look for
+         * locally stored authorization info for this user If found, add the
+         * data to the rcResponse
          */
         if (remotelyAuthenticated && !authorizationInfoIsPresent) {
-            logger
-                    .info(
-                            "No Remote Authorization Info provided by Server for User: \"{}\"",
-                            userName);
+            logger.info(
+                    "No Remote Authorization Info provided by Server for User: \"{}\"",
+                    userName);
             logger.info(
                     "Looking for Local Authorization Info for User: \"{}\"",
                     userName);
@@ -351,11 +349,11 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
         }
 
         /*
-         * Common response parsing for local & remote authenticated user
-         * Looking for authorized resources, detecting attributes' validity
+         * Common response parsing for local & remote authenticated user Looking
+         * for authorized resources, detecting attributes' validity
          */
         if (authorizationInfoIsPresent) {
-               // Identifying the administrative role
+            // Identifying the administrative role
             adminRoles = attributes.split(" ");
             result.setRoleList(adminRoles);
             authorized = true;
@@ -378,7 +376,8 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
         return rcResponse.getStatus();
     }
 
-    // Check in the attributes string whether or not authorization information is present
+    // Check in the attributes string whether or not authorization information
+    // is present
     private boolean checkAuthorizationInfo(String attributes) {
         return (attributes != null && !attributes.isEmpty());
     }
@@ -389,7 +388,8 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
 
     private void removeUserFromActiveList(String user) {
         if (!activeUsers.containsKey(user)) {
-            // as cookie persists in cache, we can get logout for unexisting active users
+            // as cookie persists in cache, we can get logout for unexisting
+            // active users
             return;
         }
         activeUsers.remove(user);
@@ -435,7 +435,8 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
     @Override
     public Object readObject(ObjectInputStream ois)
             throws FileNotFoundException, IOException, ClassNotFoundException {
-        // Perform the class deserialization locally, from inside the package where the class is defined
+        // Perform the class deserialization locally, from inside the package
+        // where the class is defined
         return ois.readObject();
     }
 
@@ -488,29 +489,28 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
      * Interaction with GUI START
      */
     public Status addRemoveLocalUser(UserConfig AAAconf, boolean delete) {
-        // Validation check
-        if (!AAAconf.isValid()) {
-               String msg = "Invalid Local User configuration";
-            logger.warn(msg);
-            return new Status(StatusCode.BADREQUEST, msg);
+        // UserConfig Validation check
+        Status validCheck = AAAconf.validate();
+        if (!validCheck.isSuccess()) {
+            return validCheck;
         }
 
         // Update Config database
         if (delete) {
-               if (AAAconf.getUser().equals(UserManagerImpl.defaultAdmin)) {
-                       String msg = "Invalid Request: Default Network Admin  User " +
-                                       "cannot be deleted";
-                       logger.debug(msg);
-                       return new Status(StatusCode.NOTALLOWED, msg);
-               }
+            if (AAAconf.getUser().equals(UserManagerImpl.defaultAdmin)) {
+                String msg = "Invalid Request: Default Network Admin  User "
+                        + "cannot be deleted";
+                logger.debug(msg);
+                return new Status(StatusCode.NOTALLOWED, msg);
+            }
             localUserConfigList.remove(AAAconf.getUser());
         } else {
-               if (AAAconf.getUser().equals(UserManagerImpl.defaultAdmin)) {
-                       String msg = "Invalid Request: Default Network Admin  User " +
-                                       "cannot be added";
-                       logger.debug(msg);
-                       return new Status(StatusCode.NOTALLOWED, msg);
-               }
+            if (AAAconf.getUser().equals(UserManagerImpl.defaultAdmin)) {
+                String msg = "Invalid Request: Default Network Admin  User "
+                        + "cannot be added";
+                logger.debug(msg);
+                return new Status(StatusCode.NOTALLOWED, msg);
+            }
             localUserConfigList.put(AAAconf.getUser(), AAAconf);
         }
 
@@ -520,7 +520,7 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
     private Status addRemoveAAAServer(ServerConfig AAAconf, boolean delete) {
         // Validation check
         if (!AAAconf.isValid()) {
-               String msg = "Invalid Server configuration";
+            String msg = "Invalid Server configuration";
             logger.warn(msg);
             return new Status(StatusCode.BADREQUEST, msg);
         }
@@ -535,10 +535,11 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
         return new Status(StatusCode.SUCCESS, null);
     }
 
-    private Status addRemoveAuthInfo(AuthorizationConfig AAAconf,
-            boolean delete) {
-        if (!AAAconf.isValid()) {
-               String msg = "Invalid Authorization configuration";
+    private Status addRemoveAuthInfo(AuthorizationConfig AAAconf, boolean delete) {
+        Status configCheck = AAAconf.validate();
+        if (!configCheck.isSuccess()) {
+            String msg = "Invalid Authorization configuration: "
+                    + configCheck.getDescription();
             logger.warn(msg);
             return new Status(StatusCode.BADREQUEST, msg);
         }
@@ -565,14 +566,15 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
 
     @Override
     public Status removeLocalUser(String userName) {
-       if (userName == null || userName.trim().isEmpty()) {
-               return new Status(StatusCode.BADREQUEST, "Invalid user name");
-       }
-       if (!localUserConfigList.containsKey(userName)) {
-               return new Status(StatusCode.NOTFOUND, "User does not exist");
-       }       
+        if (userName == null || userName.trim().isEmpty()) {
+            return new Status(StatusCode.BADREQUEST, "Invalid user name");
+        }
+        if (!localUserConfigList.containsKey(userName)) {
+            return new Status(StatusCode.NOTFOUND, "User does not exist");
+        }
         return addRemoveLocalUser(localUserConfigList.get(userName), true);
     }
+
     @Override
     public Status addAAAServer(ServerConfig AAAconf) {
         return addRemoveAAAServer(AAAconf, false);
@@ -605,8 +607,8 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
 
     @Override
     public List<AuthorizationConfig> getAuthorizationList() {
-        return new ArrayList<AuthorizationConfig>(authorizationConfList
-                .values());
+        return new ArrayList<AuthorizationConfig>(
+                authorizationConfList.values());
     }
 
     @Override
@@ -617,12 +619,14 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
         // update configuration entry
         targetConfigEntry = localUserConfigList.get(user);
         if (targetConfigEntry == null) {
-               return new Status(StatusCode.NOTFOUND, "User not found");
+            return new Status(StatusCode.NOTFOUND, "User not found");
         }
         if (false == targetConfigEntry.update(curPassword, newPassword, null)) {
-               return new Status(StatusCode.BADREQUEST, "Current password is incorrect");
+            return new Status(StatusCode.BADREQUEST,
+                    "Current password is incorrect");
         }
-        localUserConfigList.put(user, targetConfigEntry); // trigger cluster update
+        localUserConfigList.put(user, targetConfigEntry); // trigger cluster
+                                                          // update
 
         logger.info("Password changed for User \"{}\"", user);
 
@@ -631,7 +635,8 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
 
     @Override
     public void userLogout(String userName) {
-        // TODO: if user was authenticated through AAA server, send Acct-Status-Type=stop message to server with logout as reason
+        // TODO: if user was authenticated through AAA server, send
+        // Acct-Status-Type=stop message to server with logout as reason
         removeUserFromActiveList(userName);
         logger.info("User \"{}\" logged out", userName);
     }
@@ -641,7 +646,8 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
      */
     @Override
     public void userTimedOut(String userName) {
-        // TODO: if user was authenticated through AAA server, send Acct-Status-Type=stop message to server with timeout as reason
+        // TODO: if user was authenticated through AAA server, send
+        // Acct-Status-Type=stop message to server with timeout as reason
         removeUserFromActiveList(userName);
         logger.info("User \"{}\" timed out", userName);
     }
@@ -726,34 +732,34 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
             ci.println(conf.getUser() + " " + conf.getRole());
         }
     }
-    
-    public void _addAAAServer (CommandInterpreter ci) {
+
+    public void _addAAAServer(CommandInterpreter ci) {
         String server = ci.nextArgument();
         String secret = ci.nextArgument();
         String protocol = ci.nextArgument();
-        
+
         if (server == null || secret == null || protocol == null) {
-               ci.println("Usage : addAAAServer <server> <secret> <protocol>");
-               return;
+            ci.println("Usage : addAAAServer <server> <secret> <protocol>");
+            return;
         }
         ServerConfig s = new ServerConfig(server, secret, protocol);
         addAAAServer(s);
     }
-    
-    public void _removeAAAServer (CommandInterpreter ci) {
+
+    public void _removeAAAServer(CommandInterpreter ci) {
         String server = ci.nextArgument();
         String secret = ci.nextArgument();
         String protocol = ci.nextArgument();
-        
+
         if (server == null || secret == null || protocol == null) {
-               ci.println("Usage : addAAAServer <server> <secret> <protocol>");
-               return;
+            ci.println("Usage : addAAAServer <server> <secret> <protocol>");
+            return;
         }
         ServerConfig s = new ServerConfig(server, secret, protocol);
         removeAAAServer(s);
     }
 
-    public void _printAAAServers (CommandInterpreter ci) {
+    public void _printAAAServers(CommandInterpreter ci) {
         for (ServerConfig aaaServer : remoteServerConfigList.values()) {
             String protocol = aaaServer.getProtocol();
             ci.println(aaaServer.getAddress() + "-" + aaaServer.getProtocol());
@@ -799,25 +805,24 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
     /**
      * Function called by the dependency manager when all the required
      * dependencies are satisfied
-     *
+     * 
      */
     void init() {
     }
 
     /**
-     * Function called by the dependency manager when at least one
-     * dependency become unsatisfied or when the component is shutting
-     * down because for example bundle is being stopped.
-     *
+     * Function called by the dependency manager when at least one dependency
+     * become unsatisfied or when the component is shutting down because for
+     * example bundle is being stopped.
+     * 
      */
     void destroy() {
     }
 
     /**
-     * Function called by dependency manager after "init ()" is called
-     * and after the services provided by the class are registered in
-     * the service registry
-     *
+     * Function called by dependency manager after "init ()" is called and after
+     * the services provided by the class are registered in the service registry
+     * 
      */
     void start() {
         authProviders = new ConcurrentHashMap<String, IAAAProvider>();
@@ -837,10 +842,10 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
     }
 
     /**
-     * Function called by the dependency manager before the services
-     * exported by the component are unregistered, this will be
-     * followed by a "destroy ()" calls
-     *
+     * Function called by the dependency manager before the services exported by
+     * the component are unregistered, this will be followed by a "destroy ()"
+     * calls
+     * 
      */
     void stop() {
     }
@@ -858,19 +863,19 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
     @Override
     public UserLevel getUserLevel(String username) {
         // Returns the controller well-know user level for the passed user
-       String roleName = null;
+        String roleName = null;
 
-       // First check in active users then in local configured users
+        // First check in active users then in local configured users
         if (activeUsers.containsKey(username)) {
-               roleName = activeUsers.get(username).getUserRoles().get(0);
+            roleName = activeUsers.get(username).getUserRoles().get(0);
         } else if (localUserConfigList.containsKey(username)) {
-               roleName = localUserConfigList.get(username).getRole();
+            roleName = localUserConfigList.get(username).getRole();
         }
-        
+
         if (roleName == null) {
-               return UserLevel.NOUSER;
+            return UserLevel.NOUSER;
         }
-        
+
         // For now only one role per user is allowed
         if (roleName.equals(UserLevel.SYSTEMADMIN.toString())) {
             return UserLevel.SYSTEMADMIN;
@@ -915,7 +920,7 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
         }
 
         return new Status(StatusCode.INTERNALERROR,
-                       "Failed to save user configurations");
+                "Failed to save user configurations");
     }
 
     @Override
@@ -931,8 +936,8 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
 
             return new User(username, localUserConfigList.get(username)
                     .getPassword(), enabled, accountNonExpired,
-                    credentialsNonExpired, accountNonLocked, user
-                            .getGrantedAuthorities(getUserLevel(username)));
+                    credentialsNonExpired, accountNonLocked,
+                    user.getGrantedAuthorities(getUserLevel(username)));
         } else
             throw new UsernameNotFoundException("User not found " + username);
     }
@@ -964,8 +969,9 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
                     "Username or credentials did not match");
         }
 
-        AuthResultEnum result = authenticate((String) authentication
-                .getPrincipal(), (String) authentication.getCredentials());
+        AuthResultEnum result = authenticate(
+                (String) authentication.getPrincipal(),
+                (String) authentication.getCredentials());
         if (result.equals(AuthResultEnum.AUTHOR_PASS)
                 || result.equals(AuthResultEnum.AUTH_ACCEPT_LOC)
                 || result.equals(AuthResultEnum.AUTH_ACCEPT)) {
@@ -979,10 +985,10 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
             }
 
             authentication = new UsernamePasswordAuthenticationToken(
-                    authentication.getPrincipal(), authentication
-                            .getCredentials(), user
-                            .getGrantedAuthorities(getUserLevel(authentication
-                                    .getName())));
+                    authentication.getPrincipal(),
+                    authentication.getCredentials(),
+                    user.getGrantedAuthorities(getUserLevel(authentication
+                            .getName())));
             return authentication;
 
         } else
@@ -991,34 +997,46 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
 
     }
 
-    //following are setters for use in unit testing
+    // following are setters for use in unit testing
     void setLocalUserConfigList(ConcurrentMap<String, UserConfig> ucl) {
-       if (ucl != null) { this.localUserConfigList = ucl; }
+        if (ucl != null) {
+            this.localUserConfigList = ucl;
+        }
     }
-    void setRemoteServerConfigList (ConcurrentMap<String, ServerConfig> scl) {
-       if (scl != null) { this.remoteServerConfigList = scl; }
+
+    void setRemoteServerConfigList(ConcurrentMap<String, ServerConfig> scl) {
+        if (scl != null) {
+            this.remoteServerConfigList = scl;
+        }
     }
-    void setAuthorizationConfList (ConcurrentMap<String, AuthorizationConfig> acl) {
-       if (acl != null) { this.authorizationConfList = acl; }
+
+    void setAuthorizationConfList(ConcurrentMap<String, AuthorizationConfig> acl) {
+        if (acl != null) {
+            this.authorizationConfList = acl;
+        }
     }
-    void setActiveUsers (ConcurrentMap<String, AuthenticatedUser> au) {
-        if (au != null) { this.activeUsers = au; }
+
+    void setActiveUsers(ConcurrentMap<String, AuthenticatedUser> au) {
+        if (au != null) {
+            this.activeUsers = au;
+        }
     }
-    void setAuthProviders(ConcurrentMap<String, IAAAProvider> ap ) {
-        if (ap != null){ 
+
+    void setAuthProviders(ConcurrentMap<String, IAAAProvider> ap) {
+        if (ap != null) {
             this.authProviders = ap;
         }
     }
-    
+
     @Override
     public ISessionManager getSessionManager() {
         return this.sessionMgr;
     }
-    
+
     public void setSessionMgr(ISessionManager sessionMgr) {
         this.sessionMgr = sessionMgr;
     }
-    
+
     public String getPassword(String username) {
         return localUserConfigList.get(username).getPassword();
     }
index 12c7690..d274da5 100644 (file)
@@ -21,82 +21,81 @@ import org.opendaylight.controller.usermanager.AuthResponse;
  */
 public class AuthorizationUserConfigTest {
 
-       @Test
-       public void AuthorizationConfigTest() {
-               AuthorizationConfig authConfig;
-
-               // test isValid
-               authConfig = new AuthorizationConfig(null,
-                               UserLevel.SYSTEMADMIN.toString());
-               assertFalse(authConfig.isValid());
-               authConfig = new AuthorizationConfig("admin", "");
-               assertFalse(authConfig.isValid());
-               authConfig = new AuthorizationConfig("admin",
-                               UserLevel.SYSTEMADMIN.toString());
-               assertTrue(authConfig.isValid());               
-       }
-
-       @Test
-       public void UserConfigTest() {
-               UserConfig userConfig;
-
-               userConfig = new UserConfig(null, "cisco",
-                               UserLevel.NETWORKOPERATOR.toString());
-               assertFalse(userConfig.isValid());
-
-               userConfig = new UserConfig("uname", "", "cisco");
-               assertFalse(userConfig.isValid());
-
-               userConfig = new UserConfig("uname", "ciscocisco",
-                               UserLevel.NETWORKOPERATOR.toString());
-               assertTrue(userConfig.isValid());
-
-               /* currentPassword mismatch */
-               assertFalse(userConfig.update("Cisco", "cisco123",
-                               UserLevel.NETWORKOPERATOR.toString()));
-
-               assertTrue(userConfig.update("ciscocisco", null,
-                               UserLevel.NETWORKOPERATOR.toString()));
-               /* New Password = null, No change in password */
-               assertTrue(userConfig.getPassword().equals("ciscocisco"));
-
-               /* Password changed successfully, no change in user role */
-               assertTrue(userConfig.update("ciscocisco", "cisco123",
-                               UserLevel.NETWORKOPERATOR.toString()));
-               assertTrue(userConfig.getPassword().equals("cisco123"));
-               assertTrue(userConfig.getRole().equals(
-                               UserLevel.NETWORKOPERATOR.toString()));
-
-               /* Password not changed, role changed successfully */
-               assertTrue(userConfig.update("cisco123", "cisco123",
-                               UserLevel.SYSTEMADMIN.toString()));
-               assertTrue(userConfig.getPassword().equals("cisco123"));
-               assertTrue(userConfig.getRole()
-                               .equals(UserLevel.SYSTEMADMIN.toString()));
-
-               /* Password and role changed successfully */
-               assertTrue(userConfig.update("cisco123", "ciscocisco",
-                               UserLevel.SYSTEMADMIN.toString()));
-               assertTrue(userConfig.getPassword().equals("ciscocisco"));
-               assertTrue(userConfig.getRole()
-                               .equals(UserLevel.SYSTEMADMIN.toString()));
-
-               String username = userConfig.getUser();
-               assertTrue(username.equals("uname"));
-
-               // test authenticate
-               AuthResponse authresp = userConfig.authenticate("ciscocisco");
-               assertTrue(authresp.getStatus().equals(AuthResultEnum.AUTH_ACCEPT_LOC));
-               authresp = userConfig.authenticate("wrongPassword");
-               assertTrue(authresp.getStatus().equals(AuthResultEnum.AUTH_REJECT_LOC));
-
-               // test equals()
-               userConfig = new UserConfig("uname", "ciscocisco",
-                               UserLevel.NETWORKOPERATOR.toString());
-               assertEquals(userConfig, userConfig);
-               UserConfig userConfig2 = new UserConfig("uname",
-                               "ciscocisco",
-                               UserLevel.NETWORKOPERATOR.toString());
-               assertEquals(userConfig, userConfig2);
-       }
+    @Test
+    public void AuthorizationConfigTest() {
+        AuthorizationConfig authConfig;
+
+        // test isValid
+        authConfig = new AuthorizationConfig(null,
+                UserLevel.SYSTEMADMIN.toString());
+        assertFalse(authConfig.validate().isSuccess());
+        authConfig = new AuthorizationConfig("admin", "");
+        assertFalse(authConfig.validate().isSuccess());
+        authConfig = new AuthorizationConfig("admin",
+                UserLevel.SYSTEMADMIN.toString());
+        assertTrue(authConfig.validate().isSuccess());
+    }
+
+    @Test
+    public void UserConfigTest() {
+        UserConfig userConfig;
+
+        userConfig = new UserConfig(null, "cisco",
+                UserLevel.NETWORKOPERATOR.toString());
+        assertFalse(userConfig.validate().isSuccess());
+
+        userConfig = new UserConfig("uname", "", "cisco");
+        assertFalse(userConfig.validate().isSuccess());
+
+        userConfig = new UserConfig("uname", "ciscocisco",
+                UserLevel.NETWORKOPERATOR.toString());
+        assertTrue(userConfig.validate().isSuccess());
+
+        /* currentPassword mismatch */
+        assertFalse(userConfig.update("Cisco", "cisco123",
+                UserLevel.NETWORKOPERATOR.toString()));
+
+        assertTrue(userConfig.update("ciscocisco", null,
+                UserLevel.NETWORKOPERATOR.toString()));
+        /* New Password = null, No change in password */
+        assertTrue(userConfig.getPassword().equals("ciscocisco"));
+
+        /* Password changed successfully, no change in user role */
+        assertTrue(userConfig.update("ciscocisco", "cisco123",
+                UserLevel.NETWORKOPERATOR.toString()));
+        assertTrue(userConfig.getPassword().equals("cisco123"));
+        assertTrue(userConfig.getRole().equals(
+                UserLevel.NETWORKOPERATOR.toString()));
+
+        /* Password not changed, role changed successfully */
+        assertTrue(userConfig.update("cisco123", "cisco123",
+                UserLevel.SYSTEMADMIN.toString()));
+        assertTrue(userConfig.getPassword().equals("cisco123"));
+        assertTrue(userConfig.getRole()
+                .equals(UserLevel.SYSTEMADMIN.toString()));
+
+        /* Password and role changed successfully */
+        assertTrue(userConfig.update("cisco123", "ciscocisco",
+                UserLevel.SYSTEMADMIN.toString()));
+        assertTrue(userConfig.getPassword().equals("ciscocisco"));
+        assertTrue(userConfig.getRole()
+                .equals(UserLevel.SYSTEMADMIN.toString()));
+
+        String username = userConfig.getUser();
+        assertTrue(username.equals("uname"));
+
+        // test authenticate
+        AuthResponse authresp = userConfig.authenticate("ciscocisco");
+        assertTrue(authresp.getStatus().equals(AuthResultEnum.AUTH_ACCEPT_LOC));
+        authresp = userConfig.authenticate("wrongPassword");
+        assertTrue(authresp.getStatus().equals(AuthResultEnum.AUTH_REJECT_LOC));
+
+        // test equals()
+        userConfig = new UserConfig("uname", "ciscocisco",
+                UserLevel.NETWORKOPERATOR.toString());
+        assertEquals(userConfig, userConfig);
+        UserConfig userConfig2 = new UserConfig("uname", "ciscocisco",
+                UserLevel.NETWORKOPERATOR.toString());
+        assertEquals(userConfig, userConfig2);
+    }
 }
index d21f8d8..7a2b579 100644 (file)
@@ -62,7 +62,7 @@ one.f.switchmanager = {
                return $table;
        },
        validateName: function(name) {
-               return name.match(/^[a-zA-Z0-9][a-zA-Z0-9_\-\.]{1,31}$/g) == null ? false : true;
+        return (name.length < 256);
        }
 };
 
@@ -177,7 +177,7 @@ one.f.switchmanager.nodesLearnt = {
                        var result = {};
             result['nodeName'] = $('#' + one.f.switchmanager.nodesLearnt.id.modal.form.nodeName, $modal).val();
             if(!one.f.switchmanager.validateName(result['nodeName'])) {
-               alert("Node name can contain alphabets numbers and characters _ - . upto 32 characters in length");
+               alert("Node name can contain upto 255 characters");
                return;
             }
             result['nodeId'] = $('#' + one.f.switchmanager.nodesLearnt.id.modal.form.nodeId, $modal).val();
@@ -386,7 +386,7 @@ one.f.switchmanager.subnetGatewayConfig = {
                                var result = {};
                    result['gatewayName'] = $('#' + one.f.switchmanager.subnetGatewayConfig.id.modal.form.name, $modal).val();
                    if(!one.f.switchmanager.validateName(result['gatewayName'])) {
-                       alert("Gateway name can contain alphabets numbers and characters _ - . upto 32 characters in length");
+                       alert("Gateway name can contain upto 255 characters");
                        return;
                    }
                    result['gatewayIPAddress'] = $('#' + one.f.switchmanager.subnetGatewayConfig.id.modal.form.gatewayIPAddress, $modal).val();