- private void checkDefaultNetworkAdmin() {
- /*
- * If startup config is not there, it's old or it was deleted or if a
- * password recovery was run, need to add Default Network Admin User
- */
- if (!localUserConfigList.containsKey(DEFAULT_ADMIN)) {
- List<String> roles = new ArrayList<String>(1);
- roles.add(DEFAULT_ADMIN_ROLE);
- // Need to skip the strong password check for the default admin
- UserConfig defaultAdmin = UserConfig.getUncheckedUserConfig(UserManager.DEFAULT_ADMIN,
- UserManager.DEFAULT_ADMIN_PASSWORD, roles);
- localUserConfigList.put(UserManager.DEFAULT_ADMIN, defaultAdmin);
+ private void checkDefaultNetworkAdmin(String newPass) {
+ boolean usingFactoryPassword = false;
+ // network admin already configured.
+ if (localUserConfigList.containsKey(DEFAULT_ADMIN)) {
+ UserConfig uc = localUserConfigList.get(DEFAULT_ADMIN);
+ if (!uc.isPasswordMatch(DEFAULT_ADMIN_PASSWORD)) {
+ return;
+ } else {
+ usingFactoryPassword = true;
+ }
+ }
+
+ List<String> defaultRoles = new ArrayList<String>(1);
+ defaultRoles.add(DEFAULT_ADMIN_ROLE);
+ if (newPass == null) {
+ if (!localUserConfigList.containsKey(DEFAULT_ADMIN)) {
+ // Need to skip the strong password check for the default admin
+ UserConfig defaultAdmin = UserConfig.getUncheckedUserConfig(
+ UserManager.DEFAULT_ADMIN, UserManager.DEFAULT_ADMIN_PASSWORD,
+ defaultRoles);
+ localUserConfigList.put(UserManager.DEFAULT_ADMIN, defaultAdmin);
+ usingFactoryPassword = true;
+ }
+ } else {
+ // use new password for admin
+ Status status = UserConfig.validateClearTextPassword(newPass);
+ if (status.isSuccess()) {
+ localUserConfigList.put(UserManager.DEFAULT_ADMIN,
+ new UserConfig(UserManager.DEFAULT_ADMIN, newPass, defaultRoles));
+ logger.trace("Network Adminstrator password is reset.");
+ if (newPass.equals(DEFAULT_ADMIN_PASSWORD)) {
+ usingFactoryPassword = true;
+ }
+ } else {
+ logger.warn("Password is invalid - {}. Network Adminstrator password " +
+ "cannot be set.", status.getDescription());
+ }
+ }
+
+ if (usingFactoryPassword) {
+ if (DISALLOW_DEFAULT_ADMIN_PASSWORD) {
+ logger.warn("Network Administrator factory default password " +
+ "is disallowed. Please set the password prior to starting " +
+ "the controller. Shutting down now.");
+ // shutdown osgi
+ try {
+ BundleContext bundleContext = FrameworkUtil.getBundle(
+ getClass()).getBundleContext();
+ bundleContext.getBundle(0).stop();
+ } catch (BundleException e) {
+ logger.warn("Cannot stop framework ", e);
+ }
+ } else {
+ logger.warn("Network Administrator password is set to factory default. " +
+ "Please change the password as soon as possible.");
+ }