Ejemplo n.º 1
0
  /**
   * Stop all forwards giving the resource ID of the <i>SSL-Tunnel</i> that started them.
   *
   * @param launchSession launch session
   * @throws NoPermissionException if not allowed
   * @throws CoreException on any other error
   */
  public void stopTunnels(LaunchSession launchSession) throws NoPermissionException, CoreException {
    if (!DefaultAgentManager.getInstance().hasActiveAgent(launchSession.getSession())) {
      throw new TunnelException(TunnelException.INTERNAL_ERROR, (Throwable) null, "No agent.");
    }

    Tunnel tunnel = (Tunnel) launchSession.getResource();
    launchSession.checkAccessRights(null, agent.getSession());
    MultiplexedConnection agent =
        DefaultAgentManager.getInstance().getAgentBySession(launchSession.getSession());

    try {
      if (tunnel.getType() == TransportType.LOCAL_TUNNEL_ID) {
        Collection<Tunnel> l = new ArrayList<Tunnel>();
        l.add(tunnel);
        stopLocalTunnels(agent, l);
      } else if (tunnel.getType() == TransportType.REMOTE_TUNNEL_ID) {
        Collection<Tunnel> l = new ArrayList<Tunnel>();
        l.add(tunnel);
        stopRemoteTunnels(agent, l);
      } else {
        throw new TunnelException(
            TunnelException.INTERNAL_ERROR,
            (Throwable) null,
            "Unknown tunnel type " + tunnel.getType());
      }

      CoreServlet.getServlet()
          .fireCoreEvent(
              new ResourceAccessEvent(
                  this,
                  TunnelsEventConstants.TUNNEL_CLOSED,
                  launchSession.getResource(),
                  launchSession.getPolicy(),
                  launchSession.getSession(),
                  CoreEvent.STATE_SUCCESSFUL));

    } catch (TunnelException te) {
      CoreServlet.getServlet()
          .fireCoreEvent(
              new ResourceAccessEvent(
                  this,
                  TunnelsEventConstants.TUNNEL_CLOSED,
                  launchSession.getResource(),
                  launchSession.getPolicy(),
                  launchSession.getSession(),
                  te));
      throw te;
    } finally {
      LaunchSessionFactory.getInstance().removeLaunchSession(launchSession);
    }
  }
Ejemplo n.º 2
0
  /**
   * Start port forwards for the <i>SSL Tunnel</i> specified by the provided resource ID.
   *
   * @param launchSession launch session
   * @throws NoPermissionException if not allowed
   * @throws TunnelException on any other other
   * @throws PolicyException on any other determininig policy
   */
  public void startTunnel(LaunchSession launchSession)
      throws NoPermissionException, TunnelException, PolicyException {

    if (!DefaultAgentManager.getInstance().hasActiveAgent(launchSession.getSession())) {
      throw new TunnelException(TunnelException.INTERNAL_ERROR, (Throwable) null, "No agent.");
    } else {
      Tunnel tunnel = (Tunnel) launchSession.getResource();
      launchSession.checkAccessRights(null, agent.getSession());
      AgentTunnel agent =
          DefaultAgentManager.getInstance().getAgentBySession(launchSession.getSession());

      try {
        if (tunnel.getType() == TransportType.LOCAL_TUNNEL_ID) {
          startLocalTunnel(agent, tunnel, launchSession);
        } else if (tunnel.getType() == TransportType.REMOTE_TUNNEL_ID) {
          startRemoteTunnel(agent, tunnel, launchSession);
        } else {
          throw new TunnelException(
              TunnelException.INTERNAL_ERROR,
              (Throwable) null,
              "Unknown tunnel type " + tunnel.getType());
        }

        // Fire event
        CoreServlet.getServlet()
            .fireCoreEvent(
                new ResourceAccessEvent(
                    this,
                    TunnelsEventConstants.TUNNEL_OPENED,
                    launchSession.getResource(),
                    launchSession.getPolicy(),
                    launchSession.getSession(),
                    CoreEvent.STATE_SUCCESSFUL));
      } catch (TunnelException te) {

        // Fire event
        CoreServlet.getServlet()
            .fireCoreEvent(
                new ResourceAccessEvent(
                    this,
                    TunnelsEventConstants.TUNNEL_OPENED,
                    launchSession.getResource(),
                    launchSession.getPolicy(),
                    launchSession.getSession(),
                    te));

        throw te;
      }
    }
  }
 private void fireCoreEvent(
     HttpServletRequest request, int eventID, String ipAddress, String ipPermission, int state) {
   CoreEvent coreEvent = new CoreEvent(this, eventID, null, getSessionInfo(request), state);
   coreEvent.addAttribute(CoreAttributeConstants.EVENT_ATTR_IP_RESTRICTION_ADDRESS, ipAddress);
   coreEvent.addAttribute(
       CoreAttributeConstants.EVENT_ATTR_IP_RESTRICTION_IS_AUTHORIZED, ipPermission);
   CoreServlet.getServlet().fireCoreEvent(coreEvent);
 }
Ejemplo n.º 4
0
 private void fireSuccessfulEvent(
     SessionInfo sessionInfo, int eventId, Role role, List<String> selectedUsers) {
   CoreEvent coreEvent = new CoreEvent(this, eventId, role, sessionInfo);
   coreEvent.addAttribute(CoreAttributeConstants.EVENT_ATTR_PRINCIPAL_ID, role.getPrincipalName());
   if (!selectedUsers.isEmpty()) {
     for (int index = 0; index < selectedUsers.size(); index++) {
       String username = selectedUsers.get(index);
       coreEvent.addAttribute(
           CoreAttributeConstants.EVENT_ATTR_ACCOUNT + Integer.valueOf(index), username);
     }
   }
   CoreServlet.getServlet().fireCoreEvent(coreEvent);
 }
Ejemplo n.º 5
0
 private void fireUnsuccessfulEvent(
     RoleForm roleForm, SessionInfo sessionInfo, int eventId, Exception ex) {
   CoreEvent coreEvent = new CoreEvent(this, eventId, null, sessionInfo, ex);
   coreEvent.addAttribute(CoreAttributeConstants.EVENT_ATTR_PRINCIPAL_ID, roleForm.getRolename());
   CoreServlet.getServlet().fireCoreEvent(coreEvent);
 }
Ejemplo n.º 6
0
  /*
   * (non-Javadoc)
   *
   * @see org.apache.struts.actions.DispatchAction#unspecified(org.apache.struts.action.ActionMapping,
   *      org.apache.struts.action.ActionForm,
   *      javax.servlet.http.HttpServletRequest,
   *      javax.servlet.http.HttpServletResponse)
   */
  public ActionForward unspecified(
      ActionMapping mapping,
      ActionForm form,
      HttpServletRequest request,
      HttpServletResponse response)
      throws Exception {
    List<WizardActionStatus> actionStatus = new ArrayList<WizardActionStatus>();
    AbstractWizardSequence seq = getWizardSequence(request);
    String name = (String) seq.getAttribute(WebForwardResourceDetailsForm.ATTR_RESOURCE_NAME, null);
    String description =
        (String) seq.getAttribute(WebForwardResourceDetailsForm.ATTR_RESOURCE_DESCRIPTION, null);
    boolean favorite =
        ((Boolean) seq.getAttribute(WebForwardResourceDetailsForm.ATTR_FAVORITE, Boolean.FALSE))
            .booleanValue();

    int type =
        ((Integer) seq.getAttribute(WebForwardTypeSelectionForm.ATTR_TYPE, new Integer(0)))
            .intValue();
    String category = (String) seq.getAttribute(WebForwardSpecificDetailsForm.ATTR_CATEGORY, null);
    String destinationURL =
        (String) seq.getAttribute(WebForwardSpecificDetailsForm.ATTR_DESTINATION_URL, null);

    PropertyList restrictToHosts =
        ((PropertyList)
            seq.getAttribute(WebForwardSpecificDetailsForm.ATTR_RESTRICT_TO_HOSTS, null));
    String encodeing = (String) seq.getAttribute(WebForwardSpecificDetailsForm.ATTR_ENCODEING, "");

    String authenticationUsername =
        (String)
            seq.getAttribute(
                WebForwardAuthenticationDetailsForm.ATTR_AUTHENTICATION_USERNAME, null);
    String authenticationPassword =
        (String)
            seq.getAttribute(
                WebForwardAuthenticationDetailsForm.ATTR_AUTHENTICATION_PASSWORD, null);
    String preferredAuthenticationScheme =
        (String)
            seq.getAttribute(
                WebForwardAuthenticationDetailsForm.ATTR_PREFERRED_AUTHENTICATION_SCHEME, null);

    String paths = (String) seq.getAttribute(WebForwardSpecificDetailsForm.ATTR_PATHS, "");
    String hostHeader =
        (String) seq.getAttribute(WebForwardSpecificDetailsForm.ATTR_HOST_HEADER, "");
    boolean activeDNS =
        ((Boolean) seq.getAttribute(WebForwardSpecificDetailsForm.ATTR_ACTIVE_DNS, Boolean.FALSE))
            .booleanValue();

    String formParameters =
        (String) seq.getAttribute(WebForwardAuthenticationDetailsForm.ATTR_FORM_PARAMETERS, "");
    String formType =
        (String) seq.getAttribute(WebForwardAuthenticationDetailsForm.ATTR_FORM_TYPE, "");
    boolean autoStart = false; // TODO this needs to be hooked in
    User user = this.getSessionInfo(request).getUser();

    WebForward webForward = null;
    try {
      try {
        Calendar now = Calendar.getInstance();

        if (type == WebForward.TYPE_TUNNELED_SITE) {
          com.adito.webforwards.TunneledSiteWebForward sswf =
              new com.adito.webforwards.TunneledSiteWebForward(
                  user.getRealm().getRealmID(),
                  -1,
                  destinationURL,
                  name,
                  description,
                  category,
                  autoStart,
                  now,
                  now);
          webForward = WebForwardDatabaseFactory.getInstance().createWebForward(sswf);
          CoreEvent evt =
              new ResourceChangeEvent(
                      this,
                      WebForwardEventConstants.CREATE_WEB_FORWARD,
                      webForward,
                      this.getSessionInfo(request),
                      CoreEvent.STATE_SUCCESSFUL)
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_CATEGORY,
                      webForward.getCategory())
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_TYPE,
                      ((WebForwardTypeItem)
                              WebForwardTypes.WEB_FORWARD_TYPES.get(webForward.getType()))
                          .getName())
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_URL,
                      webForward.getDestinationURL());
          CoreServlet.getServlet().fireCoreEvent(evt);
        } else if (type == WebForward.TYPE_REPLACEMENT_PROXY) {
          com.adito.webforwards.ReplacementProxyWebForward spwf =
              new com.adito.webforwards.ReplacementProxyWebForward(
                  user.getRealm().getRealmID(),
                  -1,
                  destinationURL,
                  name,
                  description,
                  category,
                  authenticationUsername,
                  authenticationPassword,
                  preferredAuthenticationScheme,
                  encodeing,
                  restrictToHosts,
                  formType,
                  formParameters,
                  autoStart,
                  now,
                  now);

          AbstractAuthenticatingWebForward abstractAuthenticatingWebForward =
              (AbstractAuthenticatingWebForward)
                  WebForwardDatabaseFactory.getInstance().createWebForward(spwf);
          CoreEvent evt =
              new ResourceChangeEvent(
                      this,
                      WebForwardEventConstants.CREATE_WEB_FORWARD,
                      abstractAuthenticatingWebForward,
                      this.getSessionInfo(request),
                      CoreEvent.STATE_SUCCESSFUL)
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_CATEGORY,
                      abstractAuthenticatingWebForward.getCategory())
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_TYPE,
                      ((WebForwardTypeItem)
                              WebForwardTypes.WEB_FORWARD_TYPES.get(
                                  abstractAuthenticatingWebForward.getType()))
                          .getName())
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_URL,
                      abstractAuthenticatingWebForward.getDestinationURL())
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_PREFERED_AUTH_SCHEME,
                      abstractAuthenticatingWebForward.getPreferredAuthenticationScheme())
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_AUTH_USERNAME,
                      abstractAuthenticatingWebForward.getAuthenticationUsername())
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_AUTH_FORM_TYPE,
                      abstractAuthenticatingWebForward.getFormType())
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_REPLACEMENT_WEB_FORWARD_ENCODEING,
                      spwf.getEncoding());

          spwf.addFormParametersToEvent(
              evt, WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_AUTH_FORM_PARAMETERS);
          spwf.addRestrictToHostsToEvent(
              evt, WebForwardEventConstants.EVENT_ATTR_REPLACEMENT_WEB_FORWARD_RESTRICT_TO_HOSTS);
          CoreServlet.getServlet().fireCoreEvent(evt);
          webForward = abstractAuthenticatingWebForward;
        } else if (type == WebForward.TYPE_PATH_BASED_REVERSE_PROXY
            || type == WebForward.TYPE_HOST_BASED_REVERSE_PROXY) {
          com.adito.webforwards.ReverseProxyWebForward rpwf =
              new com.adito.webforwards.ReverseProxyWebForward(
                  user.getRealm().getRealmID(),
                  -1,
                  type,
                  destinationURL,
                  name,
                  description,
                  category,
                  authenticationUsername,
                  authenticationPassword,
                  preferredAuthenticationScheme,
                  formType,
                  formParameters,
                  paths,
                  hostHeader,
                  activeDNS,
                  autoStart,
                  now,
                  now,
                  encodeing);
          AbstractAuthenticatingWebForward abstractAuthenticatingWebForward =
              (AbstractAuthenticatingWebForward)
                  WebForwardDatabaseFactory.getInstance().createWebForward(rpwf);
          CoreEvent evt =
              new ResourceChangeEvent(
                      this,
                      WebForwardEventConstants.CREATE_WEB_FORWARD,
                      abstractAuthenticatingWebForward,
                      this.getSessionInfo(request),
                      CoreEvent.STATE_SUCCESSFUL)
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_CATEGORY,
                      abstractAuthenticatingWebForward.getCategory())
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_TYPE,
                      ((WebForwardTypeItem)
                              WebForwardTypes.WEB_FORWARD_TYPES.get(
                                  abstractAuthenticatingWebForward.getType()))
                          .getName())
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_URL,
                      abstractAuthenticatingWebForward.getDestinationURL())
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_PREFERED_AUTH_SCHEME,
                      abstractAuthenticatingWebForward.getPreferredAuthenticationScheme())
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_AUTH_USERNAME,
                      abstractAuthenticatingWebForward.getAuthenticationUsername())
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_AUTH_FORM_TYPE,
                      abstractAuthenticatingWebForward.getFormType())
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_REVERSE_WEB_FORWARD_ACTIVE_DNS,
                      String.valueOf(rpwf.getActiveDNS()))
                  .addAttribute(
                      WebForwardEventConstants.EVENT_ATTR_REVERSE_WEB_FORWARD_HOST_HEADER,
                      rpwf.getHostHeader());

          rpwf.addPathsToEvent(evt, WebForwardEventConstants.EVENT_ATTR_REVERSE_WEB_FORWARD_PATHS);
          rpwf.addCustomHeadersToEvent(
              evt, WebForwardEventConstants.EVENT_ATTR_REVERSE_WEB_FORWARD_CUSTOM_HEADERS);
          rpwf.addFormParametersToEvent(
              evt, WebForwardEventConstants.EVENT_ATTR_WEB_FORWARD_AUTH_FORM_PARAMETERS);
          CoreServlet.getServlet().fireCoreEvent(evt);
          webForward = abstractAuthenticatingWebForward;
        }

      } catch (Exception e) {
        CoreServlet.getServlet()
            .fireCoreEvent(
                new ResourceChangeEvent(
                    this,
                    WebForwardEventConstants.CREATE_WEB_FORWARD,
                    this.getSessionInfo(request),
                    e));
        throw e;
      }
      actionStatus.add(
          new WizardActionStatus(
              WizardActionStatus.COMPLETED_OK,
              "webForwardWizard.webForwardFinish.status.profileCreated"));
    } catch (Exception e) {
      log.error("Failed to create profile.", e);
      actionStatus.add(
          new WizardActionStatus(
              WizardActionStatus.COMPLETED_WITH_ERRORS,
              "webForwardWizard.webForwardFinish.status.failedToCreateProfile",
              e.getMessage()));
    }
    // TODO do the attaching.
    if (webForward != null) {
      actionStatus.add(
          attachToPoliciesAndAddToFavorites(
              "webForwardWizard.webForwardFinish", seq, webForward, favorite, request));
    }
    ((AbstractWizardFinishForm) form).setActionStatus(actionStatus);
    return super.unspecified(mapping, form, request, response);
  }