import java.util.LinkedHashMap;
import java.util.Map;
-import org.apache.commons.lang3.builder.EqualsBuilder;
-import org.apache.commons.lang3.builder.HashCodeBuilder;
import org.apache.commons.lang3.tuple.ImmutablePair;
import org.apache.commons.lang3.tuple.Pair;
@Override
public int hashCode() {
- return HashCodeBuilder.reflectionHashCode(this);
+ final int prime = 31;
+ int result = super.hashCode();
+ result = prime * result
+ + ((fieldValues == null) ? 0 : fieldValues.hashCode());
+ return result;
}
@Override
public boolean equals(Object obj) {
- return EqualsBuilder.reflectionEquals(this, obj);
+ if (this == obj)
+ return true;
+ if (!super.equals(obj))
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ ARP other = (ARP) obj;
+ if (fieldValues == null) {
+ if (other.fieldValues != null)
+ return false;
+ } else if (!fieldValues.equals(other.fieldValues))
+ return false;
+ return true;
}
}
* Deriving the Total Length here
*/
int payloadLength = 0;
- try {
- payloadLength = payload.serialize().length;
- } catch (PacketException e) {
- logger.error("", e);
+ if (payload != null) {
+ try {
+ payloadLength = payload.serialize().length;
+ } catch (PacketException e) {
+ logger.error("", e);
+ }
}
this.setTotalLength((short) (this.getHeaderLen() + payloadLength));
import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
-import java.util.HashMap;
-
import java.util.Arrays;
+import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
-import org.apache.commons.lang3.builder.EqualsBuilder;
-import org.apache.commons.lang3.builder.HashCodeBuilder;
+
import org.apache.commons.lang3.tuple.MutablePair;
import org.apache.commons.lang3.tuple.Pair;
import org.opendaylight.controller.sal.utils.HexEncode;
@Override
public int hashCode() {
- return HashCodeBuilder.reflectionHashCode(this);
+ final int prime = 31;
+ int result = super.hashCode();
+ result = prime * result
+ + ((fieldValues == null) ? 0 : fieldValues.hashCode());
+ return result;
}
@Override
public boolean equals(Object obj) {
- return EqualsBuilder.reflectionEquals(this, obj);
+ if (this == obj)
+ return true;
+ if (!super.equals(obj))
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ LLDPTLV other = (LLDPTLV) obj;
+ if (fieldValues == null) {
+ if (other.fieldValues != null)
+ return false;
+ } else if (!fieldValues.equals(other.fieldValues))
+ return false;
+ return true;
}
@Override
/**
* Returns the size in bits of the whole TLV
- *
+ *
* @return int - size in bits of full TLV
*/
public int getTLVSize() {
/**
* Creates the ChassisID TLV value including the subtype and ChassisID
* string
- *
+ *
* @param nodeId
* node identifier string
* @return the ChassisID TLV value in byte array
/**
* Creates the PortID TLV value including the subtype and PortID string
- *
+ *
* @param portId
* port identifier string
* @return the PortID TLV value in byte array
/**
* Creates the custom TLV value including OUI, subtype and custom string
- *
+ *
* @param portId
* port identifier string
* @return the custom TLV value in byte array
/**
* Retrieves the string from TLV value and returns it in HexString format
- *
+ *
* @param tlvValue
* the TLV value
* @param tlvLen
/**
* Retrieves the string from TLV value
- *
+ *
* @param tlvValue
* the TLV value
* @param tlvLen
/**
* Retrieves the custom string from the Custom TLV value which includes OUI,
* subtype and custom string
- *
+ *
* @param customTlvValue
* the custom TLV value
* @param customTlvLen
/**
* This method deserializes the data bits obtained from the wire into the
* respective header and payload which are of type Packet
- *
+ *
* @param byte[] data - data from wire to deserialize
* @param int bitOffset bit position where packet header starts in data
* array
/**
* This method serializes the header and payload from the respective
* packet class, into a single stream of bytes to be sent on the wire
- *
+ *
* @return The byte array representing the serialized Packet
* @throws PacketException
*/
* byte stream which cannot be done or cannot be done efficiently during the
* normal Packet.serialize() path. An example is the checksum computation
* for IPv4
- *
+ *
* @param byte[] - serialized bytes
* @throws PacketException
*/
* of checksum varies based on the protocol, this method is overridden.
* Currently only IPv4 and ICMP do checksum computation and validation. TCP
* and UDP need to implement these if required.
- *
+ *
* @param byte[] data The byte stream representing the Ethernet frame
* @param int startBitOffset The bit offset from where the byte array corresponding to this Packet starts in the frame
* @throws PacketException
/**
* Gets the header length in bits
- *
+ *
* @return int the header length in bits
*/
public int getHeaderSize() {
* This method fetches the start bit offset for header field specified by
* 'fieldname'. The offset is present in the hdrFieldCoordMap of the
* respective packet class
- *
+ *
* @param String
* fieldName
* @return Integer - startOffset of the requested field
* This method fetches the number of bits for header field specified by
* 'fieldname'. The numBits are present in the hdrFieldCoordMap of the
* respective packet class
- *
+ *
* @param String
* fieldName
* @return Integer - number of bits of the requested field
/**
* Returns the raw payload carried by this packet in case payload was not
* parsed. Caller can call this function in case the getPaylod() returns null.
- *
+ *
* @return The raw payload if not parsable as an array of bytes, null otherwise
*/
public byte[] getRawPayload() {
/**
* Set a raw payload in the packet class
- *
+ *
* @param payload The raw payload as byte array
*/
public void setRawPayload(byte[] payload) {
* packet received from wire is not equal to the checksum read from the
* stream. For the Packet class which do not have a checksum field, this
* function will always return false.
- *
- *
+ *
+ *
* @return true if the deserialized packet's recomputed checksum is not
* equal to the packet carried checksum
*/
.getGlobalInstance(IUserManager.class, this);
if (userManager != null) {
return userManager.getPassword(username);
- } else
+ } else {
throw new RuntimeException("User Manager reference is null");
+ }
}
@Override
IUserManager userManager = (IUserManager) ServiceHelper
.getGlobalInstance(IUserManager.class, this);
if (userManager != null) {
- final List<String> levels = new ArrayList<String>();
- UserLevel level = userManager.getUserLevel(username);
- if (level == null) level = UserLevel.NOUSER;
- levels.add(level.toString());
- return new GenericPrincipal(username, "", levels);
- } else
+ List<String> controllerRoles = new ArrayList<String>();
+ for (UserLevel level : userManager.getUserLevels(username)) {
+ controllerRoles.add(level.toString());
+ }
+ return new GenericPrincipal(username, "", controllerRoles);
+ } else {
throw new RuntimeException("User Manager reference is null");
-
+ }
}
@Override
logger.error("Authentication failed for user " + username);
return null;
}
- } else
+ } else {
throw new RuntimeException("User Manager reference is null");
+ }
}
}
@Override
public byte[] getNodeMAC(Node node) {
- MacAddress mac = (MacAddress) nodeProps.get(MacAddress.name);
+ MacAddress mac = (MacAddress) this.getNodeProp(node,
+ MacAddress.name);
return (mac != null) ? mac.getMacAddress() : null;
}
/**
* Returns the list of roles associated to the passed user name
- *
+ *
* @param userName
* @return the role associated to the user name
*/
/**
* Authenticate user with AAA server and return authentication and
* authorization info
- *
+ *
* @param username
* the username
* @param password
/**
* Add/remove AAA server
- *
+ *
* @param configObject
* {@link org.opendaylight.controller.usermanager.internal.ServerConfig}
* Server Configuration
/**
* Remove AAA server
- *
+ *
* @param configObject
* refer to
* {@link org.opendaylight.controller.usermanager.internal.ServerConfig}
/**
* Add a local user
- *
+ *
* @param configObject
* {@link org.opendaylight.controller.usermanager.internal.UserConfig}
* User Configuration
/**
* Remove a local user
- *
+ *
* @param configObject
* {@link org.opendaylight.controller.usermanager.internal.UserConfig}
* UserConfig
/**
* Remove a local user
- *
+ *
* @param userName
* the user name
* @return {@link org.opendaylight.controller.sal.utils.Status}
/**
* Add the authorization information for a user that gets authenticated
* remotely
- *
+ *
* @param AAAconf
* {@link org.opendaylight.controller.usermanager.internal.AuthorizationConfig}
* Authorization Resources
/**
* Remove the authorization information for a user that gets authenticated
* remotely
- *
+ *
* @param AAAconf
* {@link org.opendaylight.controller.usermanager.internal.AuthorizationConfig}
* Authorization Resource
/**
* Return the list of authorization resources
- *
+ *
* @return {@link org.opendaylight.controller.usermanager.internal.AuthorizationConfig}
* List of Authorization Resource
*/
/**
* Returns a list of AAA Providers.
- *
+ *
* @return Set of provider names.
*/
public Set<String> getAAAProviderNames();
/**
* Change the current password for a locally configured user
- *
+ *
* @param user
* the username
* @param curPasssword
/**
* Return a list of AAA servers currently configured
- *
+ *
* @return {@link org.opendaylight.controller.usermanager.internal.ServerConfig}
* List of ServerConfig
*/
/**
* Return a list of local users
- *
+ *
* @return {@link org.opendaylight.controller.usermanager.internal.UserConfig}
* List of UserConfig
*/
/**
* Save the local users to disk
- *
+ *
* @return {@link org.opendaylight.controller.sal.utils.Status}
* status of this action
*/
/**
* Save the AAA server configurations to disk
- *
+ *
* @return {@link org.opendaylight.controller.sal.utils.Status}
* status of this action
*/
/**
* Save the Authorization configurations to disk
- *
+ *
* @return {@link org.opendaylight.controller.sal.utils.Status}
* status code
*/
/**
* Remove user profile when user logs out
- *
+ *
* @param username
* the user name
*/
/**
* Remove user profile when user times out
- *
+ *
* @param username
* the user name
*/
/**
* Get the list of users currently logged in
- *
+ *
* @return the list of users along with their administrative roles
*/
public Map<String, List<String>> getUserLoggedIn();
/**
* Get date and time user was successfully authenticated
- *
+ *
* @param user
* @return Date in String format
*/
public String getAccessDate(String user);
/**
- * Returns the user level for the passed user name. It checks the roles
+ * Returns the highest user level for the passed user name. It checks the roles
* assigned to this user and checks against the well known Controller user
* roles to determines the highest user level associated with the user
- *
+ *
* @param userName
* the user name
* @return {@link org.opendaylight.controller.sal.authorization.UserLevel}
*/
public UserLevel getUserLevel(String userName);
+ /**
+ * Returns the list of user level for the passed user name. It checks the roles
+ * assigned to this user and checks against the well known Controller user
+ * roles to determines the corresponding list of user level associated with the user
+ *
+ * @param userName
+ * the user name
+ * @return
+ * the list of user level for this user
+ */
+ public List<UserLevel> getUserLevels(String userName);
+
/**
* Returns the Security Context
- *
+ *
* @returns {@link org.springframework.security.web.context.SecurityContextRepository}
* Security Context
*/
/**
* Returns the Session Manager Interface Handler
- *
+ *
* @return {@link org.opendaylight.controller.usermanager.ISessionManager}
* session manager interface handler
*/
/* non-Javadoc
* Returns the password for a given user
- *
+ *
* @param username
* the user name
* @return password for the username
private ConcurrentMap<String, UserConfig> localUserConfigList;
private ConcurrentMap<String, ServerConfig> remoteServerConfigList;
// local authorization info for remotely authenticated users
- private ConcurrentMap<String, AuthorizationConfig> authorizationConfList;
+ private ConcurrentMap<String, AuthorizationConfig> authorizationConfList;
private ConcurrentMap<String, AuthenticatedUser> activeUsers;
private ConcurrentMap<String, IAAAProvider> authProviders;
private ConcurrentMap<Long, String> localUserListSaveConfigEvent,
- remoteServerSaveConfigEvent, authorizationSaveConfigEvent;
+ remoteServerSaveConfigEvent, authorizationSaveConfigEvent;
private IClusterGlobalServices clusterGlobalService = null;
private SecurityContextRepository securityContextRepo = new UserSecurityContextRepository();
private IContainerAuthorization containerAuthorizationClient;
return authProviders.get(name);
}
+ @Override
public Set<String> getAAAProviderNames() {
return authProviders.keySet();
}
} else if (rcResponse.getStatus() == AuthResultEnum.AUTH_REJECT) {
logger.info(
"Remote Authentication Rejected User: \"{}\", from Server: {}, Reason:{}",
- new Object[] {userName, aaaServer.getAddress(),
- rcResponse.getStatus().toString()});
+ new Object[] { userName, aaaServer.getAddress(),
+ rcResponse.getStatus().toString() });
} else {
logger.info(
"Remote Authentication Failed for User: \"{}\", from Server: {}, Reason:{}",
- new Object[] {userName, aaaServer.getAddress(),
- rcResponse.getStatus().toString()});
+ new Object[] { userName, aaaServer.getAddress(),
+ rcResponse.getStatus().toString() });
}
}
}
putUserInActiveList(userName, result);
if (authorized) {
logger.info("User \"{}\" authorized for the following role(s): {}",
- userName, result.getUserRoles());
+ userName, result.getUserRoles());
} else {
logger.info("User \"{}\" Not Authorized for any role ", userName);
}
activeUsers.remove(user);
}
+ @Override
public Status saveLocalUserList() {
// Publish the save config event to the cluster nodes
localUserListSaveConfigEvent.put(new Date().getTime(), SAVE);
localUserConfigList), usersFileName);
}
+ @Override
public Status saveAAAServerList() {
// Publish the save config event to the cluster nodes
remoteServerSaveConfigEvent.put(new Date().getTime(), SAVE);
remoteServerConfigList), serversFileName);
}
+ @Override
public Status saveAuthorizationList() {
// Publish the save config event to the cluster nodes
authorizationSaveConfigEvent.put(new Date().getTime(), SAVE);
return status;
}
// Trigger cluster update
- localUserConfigList.put(user, targetConfigEntry);
+ localUserConfigList.put(user, targetConfigEntry);
logger.info("Password changed for User \"{}\"", user);
String userName = ci.nextArgument();
String password = ci.nextArgument();
String role = ci.nextArgument();
-
+
List<String> roles = new ArrayList<String>();
while (role != null) {
if (!role.trim().isEmpty()) {
if (target == null) {
ci.println("User not found");
return;
- }
+ }
ci.println(this.removeLocalUser(target));
}
/**
* Function called by the dependency manager when all the required
* dependencies are satisfied
- *
+ *
*/
void init() {
}
* Function called by the dependency manager when at least one dependency
* become unsatisfied or when the component is shutting down because for
* example bundle is being stopped.
- *
+ *
*/
void destroy() {
}
/**
* Function called by dependency manager after "init ()" is called and after
* the services provided by the class are registered in the service registry
- *
+ *
*/
void start() {
authProviders = new ConcurrentHashMap<String, IAAAProvider>();
* Function called by the dependency manager before the services exported by
* the component are unregistered, this will be followed by a "destroy ()"
* calls
- *
+ *
*/
void stop() {
}
return UserLevel.NOUSER;
}
+
+ @Override
+ public List<UserLevel> getUserLevels(String username) {
+ // Returns the controller well-know user levels for the passed user
+ List<String> rolesNames = null;
+ List<UserLevel> levels = new ArrayList<UserLevel>();
+
+ if (activeUsers.containsKey(username)) {
+ List<String> roles = activeUsers.get(username).getUserRoles();
+ rolesNames = (roles == null || roles.isEmpty()) ? null : roles;
+ } else if (localUserConfigList.containsKey(username)) {
+ UserConfig config = localUserConfigList.get(username);
+ rolesNames = (config == null) ? null : config.getRoles();
+ }
+
+ if (rolesNames == null) {
+ return levels;
+ }
+
+ // Check against the well known controller roles first
+ if (rolesNames.contains(UserLevel.SYSTEMADMIN.toString())) {
+ levels.add(UserLevel.SYSTEMADMIN);
+ }
+ if (rolesNames.contains(UserLevel.NETWORKADMIN.toString())) {
+ levels.add(UserLevel.NETWORKADMIN);
+ }
+ if (rolesNames.contains(UserLevel.NETWORKOPERATOR.toString())) {
+ levels.add(UserLevel.NETWORKOPERATOR);
+ }
+ // Check if container user now
+ if (containerAuthorizationClient != null) {
+ for (String roleName : rolesNames) {
+ if (containerAuthorizationClient.isApplicationRole(roleName)) {
+ levels.add(UserLevel.CONTAINERUSER);
+ break;
+ }
+ }
+ }
+ // Finally check if application user
+ if (applicationAuthorizationClients != null) {
+ for (String roleName : rolesNames) {
+ for (IResourceAuthorization client : this.applicationAuthorizationClients) {
+ if (client.isApplicationRole(roleName)) {
+ levels.add(UserLevel.APPUSER);
+ break;
+ }
+ }
+ }
+ }
+ return levels;
+ }
+
@Override
public Status saveConfiguration() {
boolean success = true;
.getPassword(), enabled, accountNonExpired,
credentialsNonExpired, accountNonLocked,
user.getGrantedAuthorities(getUserLevel(username)));
- } else
+ } else {
throw new UsernameNotFoundException("User not found " + username);
+ }
}
@Override
.getName())));
return authentication;
- } else
+ } else {
throw new BadCredentialsException(
"Username or credentials did not match");
+ }
}
this.sessionMgr = sessionMgr;
}
+ @Override
public String getPassword(String username) {
return localUserConfigList.get(username).getPassword();
}
Code Review / controller.git / commitdiff