- private final String NAME,mailHost,mailFrom;
- private final Set<String> supportedRealms;
-
- public DefaultOrg(Env env, String realm) throws OrganizationException {
- this.realm = realm;
- supportedRealms=new HashSet<String>();
- supportedRealms.add(realm);
- domain=FQI.reverseDomain(realm);
- atDomain = '@'+domain;
- String s;
- NAME=env.getProperty(realm + ".name","Default Organization");
- mailHost = env.getProperty(s=(realm + ".mailHost"), null);
- if(mailHost==null) {
- throw new OrganizationException(s + PROPERTY_IS_REQUIRED);
- }
- mailFrom = env.getProperty(s=(realm + ".mailFrom"), null);
- if(mailFrom==null) {
- throw new OrganizationException(s + PROPERTY_IS_REQUIRED);
- }
-
- System.getProperties().setProperty("mail.smtp.host",mailHost);
- System.getProperties().setProperty("mail.user", mailFrom);
- // Get the default Session object.
- session = Session.getDefaultInstance(System.getProperties());
-
- try {
- String defFile;
- String temp=env.getProperty(defFile = (getClass().getName()+".file"));
- File fIdentities=null;
- if(temp==null) {
- temp = env.getProperty(AAF_DATA_DIR);
- if(temp!=null) {
- env.warn().log(defFile, " is not defined. Using default: ",temp+"/identities.dat");
- File dir = new File(temp);
- fIdentities=new File(dir,"identities.dat");
- if(!fIdentities.exists()) {
- env.warn().log("No",fIdentities.getCanonicalPath(),"exists. Creating.");
- if(!dir.exists()) {
- dir.mkdirs();
- }
- fIdentities.createNewFile();
- }
- }
- } else {
- fIdentities = new File(temp);
- if(!fIdentities.exists()) {
- String dataDir = env.getProperty(AAF_DATA_DIR);
- if(dataDir!=null) {
- fIdentities = new File(dataDir,temp);
- }
- }
- }
-
- if(fIdentities!=null && fIdentities.exists()) {
- identities = new Identities(fIdentities);
- } else {
- if(fIdentities==null) {
- throw new OrganizationException("No Identities");
- } else {
- throw new OrganizationException(fIdentities.getCanonicalPath() + " does not exist.");
- }
- }
- } catch (IOException e) {
- throw new OrganizationException(e);
- }
- }
-
- // Implement your own Delegation System
- static final List<String> NULL_DELEGATES = new ArrayList<String>();
-
- public Identities identities;
- private boolean dryRun;
- private Session session;
- public enum Types {Employee, Contractor, Application, NotActive};
- private final static Set<String> typeSet;
-
- static {
- typeSet = new HashSet<String>();
- for(Types t : Types.values()) {
- typeSet.add(t.name());
- }
- }
-
- private static final EmailWarnings emailWarnings = new DefaultOrgWarnings();
-
- @Override
- public String getName() {
- return NAME;
- }
-
- @Override
- public String getRealm() {
- return realm;
- }
-
- @Override
- public String getDomain() {
- return domain;
- }
-
- @Override
- public DefaultOrgIdentity getIdentity(AuthzTrans trans, String id) throws OrganizationException {
- int at = id.indexOf('@');
- return new DefaultOrgIdentity(trans,at<0?id:id.substring(0, at),this);
- }
-
- // Note: Return a null if found; return a String Message explaining why not found.
- @Override
- public String isValidID(final AuthzTrans trans, final String id) {
- try {
- DefaultOrgIdentity u = getIdentity(trans,id);
- return (u==null||!u.isFound())?id + "is not an Identity in " + getName():null;
- } catch (OrganizationException e) {
- return getName() + " could not lookup " + id + ": " + e.getLocalizedMessage();
- }
- }
- // Possible ID Pattern
- // private static final Pattern ID_PATTERN=Pattern.compile("([\\w.-]+@[\\w.-]+).{4-13}");
- // Another one: ID_PATTERN = "(a-z[a-z0-9]{5-8}@.*).{4-13}";
-
- @Override
- public boolean isValidCred(final AuthzTrans trans, final String id) {
- // have domain?
- int at = id.indexOf('@');
- String sid;
- if(at > 0) {
- // Use this to prevent passwords to any but THIS domain.
-// if(!id.regionMatches(at+1, domain, 0, id.length()-at-1)) {
-// return false;
-// }
- sid = id.substring(0,at);
- } else {
- sid = id;
- }
- // We'll validate that it exists, rather than check patterns.
-
- return isValidID(trans, sid)==null;
- // Check Pattern (if checking existing is too long)
- // if(id.endsWith(SUFFIX) && ID_PATTERN.matcher(id).matches()) {
- // return true;
- // }
- // return false;
- }
-
- private static final String SPEC_CHARS = "!@#$%^*-+?/,:;.";
- private static final Pattern PASS_PATTERN=Pattern.compile("((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[" + SPEC_CHARS +"]).{6,20})");
- /**
- * Attribution: from mkyong.com
- * ( # Start of group
- * (?=.*\d) # must contains one digit from 0-9
- * (?=.*[a-z]) # must contains one lowercase characters
- * (?=.*[A-Z]) # must contains one uppercase characters
- * (?=.*[@#$%]) # must contains one special symbols in the list SPEC_CHARS
- * . # match anything with previous condition checking
- * {6,20} # length at least 6 characters and maximum of 20
- * ) # End of group
- */
- @Override
- public String isValidPassword(final AuthzTrans trans, final String user, final String password, final String... prev) {
- for(String p : prev) {
- if(password.contains(p)) { // A more sophisticated algorithm might be better.
- return "Password too similar to previous passwords";
- }
- }
- // If you have an Organization user/Password scheme, replace the following
- if(PASS_PATTERN.matcher(password).matches()) {
- return "";
- }
- return "Password does not match " + NAME + " Password Standards";
- }
+ private final String root_ns;
+
+ private final String NAME;
+ private final Set<String> supportedRealms;
+
+
+
+ public DefaultOrg(Env env, String realm) throws OrganizationException {
+
+ this.realm = realm;
+ supportedRealms=new HashSet<>();
+ supportedRealms.add(realm);
+ domain=FQI.reverseDomain(realm);
+ atDomain = '@'+domain;
+ NAME=env.getProperty(realm + ".name","Default Organization");
+ root_ns = env.getProperty(Config.AAF_ROOT_NS,Config.AAF_ROOT_NS_DEF);
+
+ try {
+ String defFile;
+ String temp=env.getProperty(defFile = (getClass().getName()+".file"));
+ File fIdentities=null;
+ if (temp==null) {
+ temp = env.getProperty(AAF_DATA_DIR);
+ if (temp!=null) {
+ env.warn().log(defFile, " is not defined. Using default: ",temp+"/identities.dat");
+ File dir = new File(temp);
+ fIdentities=new File(dir,"identities.dat");
+
+ if (!fIdentities.exists()) {
+ env.warn().log("No",fIdentities.getCanonicalPath(),"exists. Creating.");
+ if (!dir.exists()) {
+ dir.mkdirs();
+ }
+ fIdentities.createNewFile();
+ }
+ }
+ } else {
+ fIdentities = new File(temp);
+ if (!fIdentities.exists()) {
+ String dataDir = env.getProperty(AAF_DATA_DIR);
+ if (dataDir!=null) {
+ fIdentities = new File(dataDir,temp);
+ }
+ }
+ }