entaxy/entaxy-public
14
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

release version 1.11.0

Browse Source
This commit is contained in:
Валерия Бородина
2025-07-10 23:47:05 +03:00
parent 5cb6857fa1
commit 8dd9cf9cf2
3082 changed files with 278464 additions and 1833 deletions
Download Patch File Download Diff File Expand all files Collapse all files

144
platform/runtime/security/jaas/entaxy-legacy-auth/src/main/java/ru/entaxy/esb/system/auth/basic/interceptor/AuthenticationInterceptor.java Normal file
View File

@ -0,0 +1,144 @@
/*-
* ~~~~~~licensing~~~~~~
* basic-auth-impl
* ==========
* Copyright (C) 2020 - 2025 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.esb.system.auth.basic.interceptor;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.common.util.Base64Exception;
import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.interceptor.security.AuthenticationException;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.transport.http.Headers;
import ru.entaxy.esb.system.auth.basic.jpa.api.BasicAuthService;
import ru.entaxy.esb.system.common.util.SystemHeadersConstants;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Optional;
public class AuthenticationInterceptor extends AbstractPhaseInterceptor<Message> {
private static final Log LOG = LogFactory.getLog(AuthenticationInterceptor.class);
private boolean enabled = false;
private BasicAuthService basicAuthService;
private static final String BASIC = "Basic";
private static final String AUTHORIZATION = "Authorization";
private static final String WWW_AUTHENTICATE = "WWW-Authenticate";
private static final String WWW_AUTHENTICATE_MESSAGE = "Basic realm=\"Access to Entaxy\"";
public AuthenticationInterceptor() {
super(Phase.RECEIVE);
}
@Override
public void handleMessage(Message message) throws Fault {
LOG.debug("AuthenticationInterceptor enabled=" + enabled);
if (!enabled) {
return;
}
Map<String, List<String>> headers = Headers.getSetProtocolHeaders(message);
//reset passed value
headers.put(SystemHeadersConstants.HEADER_USER_LOGIN, Collections.emptyList());
Optional<String> auth = Optional.ofNullable(headers.get(AUTHORIZATION)).
orElse(Collections.emptyList())
.stream().findFirst();
Optional<String> isDisplayServiceSchema = Optional.ofNullable(headers.get(SystemHeadersConstants.HEADER_IS_DISPLAY_SERVICE_SERVICE)).
orElse(Collections.emptyList())
.stream().findFirst();
if (isDisplayServiceSchema.isPresent() && Boolean.parseBoolean(isDisplayServiceSchema.get()))
return;
if (auth.isPresent()) {
String[] namePassword = prepareAuthData(message, auth);
if (namePassword.length == 2 && isAuthenticated(namePassword[0], namePassword[1])) {
// let request to continue
LOG.trace(namePassword[0] + " authenticated");
headers.put(SystemHeadersConstants.HEADER_USER_LOGIN, Collections.singletonList(namePassword[0]));
} else {
faultAction(message);
}
} else {
faultAction(message);
}
}
private String[] prepareAuthData(Message message, Optional<String> auth) {
String[] parts = auth.get().split(" ");
if (parts.length != 2 || !BASIC.equals(parts[0])) {
faultAction(message);
}
String decodedValue = null;
try {
decodedValue = new String(Base64Utility.decode(parts[1]));
} catch (Base64Exception ex) {
faultAction(message);
}
String[] namePassword = decodedValue.split(":");
return namePassword;
}
private void faultAction(Message message) {
Map<String, List<String>> headers = Headers.getSetProtocolHeaders(message);
headers.put(WWW_AUTHENTICATE, Collections.singletonList(WWW_AUTHENTICATE_MESSAGE));
Fault fault = new Fault(new AuthenticationException("Unauthorized Access"));
fault.setFaultCode(Fault.FAULT_CODE_CLIENT);
fault.setStatusCode(401);
throw fault;
}
private boolean isAuthenticated(String name, String password) {
return basicAuthService.check(name, password);
}
public boolean isEnabled() {
return enabled;
}
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
public BasicAuthService getBasicAuthService() {
return basicAuthService;
}
public void setBasicAuthService(BasicAuthService basicAuthService) {
this.basicAuthService = basicAuthService;
}
}

119
platform/runtime/security/jaas/entaxy-legacy-auth/src/main/java/ru/entaxy/esb/system/auth/basic/interceptor/SystemInterceptor.java Normal file
View File

@ -0,0 +1,119 @@
/*-
* ~~~~~~licensing~~~~~~
* basic-auth-impl
* ==========
* Copyright (C) 2020 - 2025 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.esb.system.auth.basic.interceptor;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.transport.http.Headers;
import ru.entaxy.esb.system.auth.basic.jpa.api.BasicAuthService;
import ru.entaxy.esb.system.auth.basic.jpa.api.entity.BasicAuthAccount;
import ru.entaxy.esb.system.common.util.SystemHeadersConstants;
import ru.entaxy.esb.system.jpa.SystemService;
import ru.entaxy.esb.system.jpa.entity.System;
import javax.ws.rs.ForbiddenException;
import java.util.*;
public class SystemInterceptor extends AbstractPhaseInterceptor<Message> {
private static final Log LOG = LogFactory.getLog(SystemInterceptor.class);
private BasicAuthService basicAuthService;
private SystemService systemService;
public SystemInterceptor() {
super(Phase.PRE_PROTOCOL);
}
@Override
public void handleMessage(Message message) throws Fault {
Map<String, List<String>> headers = Headers.getSetProtocolHeaders(message);
Optional<String> login = Optional.ofNullable(headers.get(SystemHeadersConstants.HEADER_USER_LOGIN)).
orElse(Collections.emptyList())
.stream().findFirst();
Optional<String> isDisplayServiceSchema = Optional.ofNullable(headers.get(SystemHeadersConstants.HEADER_IS_DISPLAY_SERVICE_SERVICE)).
orElse(Collections.emptyList())
.stream().findFirst();
//TEST
// login = Optional.of("user");
LOG.trace(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>SystemInterceptor <<< headers.get( HEADER_USER_LOGIN ) " + login.orElse("NULL"));
if (isDisplayServiceSchema.isPresent() && Boolean.parseBoolean(isDisplayServiceSchema.get()))
return;
if (login.isPresent()) {
Optional<BasicAuthAccount> accountOpt = basicAuthService.get(login.get());
if (accountOpt.isPresent()) {
BasicAuthAccount account = accountOpt.get();
headers.put(SystemHeadersConstants.HEADER_USER_ID, Collections.singletonList(String.valueOf(account.getId())));
headers.put(SystemHeadersConstants.HEADER_SYSTEM_UUID, Collections.singletonList(account.getSystemUUID()));
System system = account.getSystemUUID() != null && !account.getSystemUUID().isEmpty()
? systemService.getByUuid(account.getSystemUUID())
: null;
if (system != null) {
headers.put(SystemHeadersConstants.HEADER_SYSTEM_NAME, Collections.singletonList(system.getName()));
headers.put(SystemHeadersConstants.HEADER_SYSTEM_ID, Collections.singletonList(String.valueOf(system.getId())));
}
} else {
throw new ForbiddenException();
}
}
// It stops the process
// else {
// message.getInterceptorChain().abort();
// }
}
public BasicAuthService getBasicAuthService() {
return basicAuthService;
}
public void setBasicAuthService(BasicAuthService basicAuthService) {
this.basicAuthService = basicAuthService;
}
public SystemService getSystemService() {
return systemService;
}
public void setSystemService(SystemService systemService) {
this.systemService = systemService;
}
}

274
platform/runtime/security/jaas/entaxy-legacy-auth/src/main/java/ru/entaxy/esb/system/auth/basic/jpa/impl/BasicAuthServiceImpl.java Normal file
View File

@ -0,0 +1,274 @@
/*-
* ~~~~~~licensing~~~~~~
* basic-auth-impl
* ==========
* Copyright (C) 2020 - 2025 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.esb.system.auth.basic.jpa.impl;
import java.security.NoSuchAlgorithmException;
import java.util.Date;
import java.util.List;
import java.util.Optional;
import javax.persistence.criteria.CriteriaBuilder;
import javax.persistence.criteria.CriteriaQuery;
import javax.persistence.criteria.Root;
import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import ru.entaxy.esb.system.auth.basic.jpa.api.BasicAuthService;
import ru.entaxy.esb.system.auth.basic.jpa.api.entity.BasicAuthAccount;
import ru.entaxy.esb.system.auth.basic.jpa.api.entity.field.EncryptionAlgorithm;
import ru.entaxy.esb.system.auth.basic.jpa.api.exception.BadPasswordException;
import ru.entaxy.esb.system.auth.basic.jpa.util.EncryptionHelper;
public class BasicAuthServiceImpl implements BasicAuthService {
private static final Logger LOG = LoggerFactory.getLogger(BasicAuthServiceImpl.class);
private SessionFactory sessionFactory;
private String encryptionAlgorithm;
private String encryptionSalt;
// private PermissionService permissionService;
public void setSessionFactory(SessionFactory sessionFactory) {
this.sessionFactory = sessionFactory;
}
public Session getSession() {
return sessionFactory.openSession();
}
public void setEncryptionAlgorithm(String encryptionAlgorithm) {
this.encryptionAlgorithm = encryptionAlgorithm;
}
public void setEncryptionSalt(String encryptionSalt) {
this.encryptionSalt = encryptionSalt;
}
/*
public PermissionService getPermissionService() {
return permissionService;
}
public void setPermissionService(PermissionService permissionService) {
this.permissionService = permissionService;
}
*/
@Override
public List<BasicAuthAccount> list() {
List<BasicAuthAccount> list;
try (Session s = getSession()) {
s.getTransaction().begin();
CriteriaQuery<BasicAuthAccount> cq = s.getCriteriaBuilder().createQuery(BasicAuthAccount.class);
cq.from(BasicAuthAccount.class);
list = s.createQuery(cq).getResultList();
s.getTransaction().commit();
s.close();
}
return list;
}
@Override
public Optional<BasicAuthAccount> get(String login) {
Optional<BasicAuthAccount> basicAuthAccount;
try (Session s = getSession()) {
s.getTransaction().begin();
CriteriaBuilder builder = s.getCriteriaBuilder();
CriteriaQuery<BasicAuthAccount> criteriaQuery = builder.createQuery(BasicAuthAccount.class);
Root<BasicAuthAccount> root = criteriaQuery.from(BasicAuthAccount.class);
criteriaQuery.where(builder.equal(root.get("login"), login));
basicAuthAccount = s.createQuery(criteriaQuery).uniqueResultOptional();
s.getTransaction().commit();
s.close();
}
return basicAuthAccount;
}
public Optional<BasicAuthAccount> getBySystem(String systemUuid) {
Optional<BasicAuthAccount> basicAuthAccount;
try (Session s = getSession()) {
s.getTransaction().begin();
CriteriaBuilder builder = s.getCriteriaBuilder();
CriteriaQuery<BasicAuthAccount> criteriaQuery = builder.createQuery(BasicAuthAccount.class);
Root<BasicAuthAccount> root = criteriaQuery.from(BasicAuthAccount.class);
criteriaQuery.where(builder.equal(root.get("systemUUID"), systemUuid));
basicAuthAccount = s.createQuery(criteriaQuery).uniqueResultOptional();
s.getTransaction().commit();
s.close();
}
return basicAuthAccount;
};
public Optional<BasicAuthAccount> get(Session session, String login) {
Optional<BasicAuthAccount> basicAuthAccount;
CriteriaBuilder builder = session.getCriteriaBuilder();
CriteriaQuery<BasicAuthAccount> criteriaQuery = builder.createQuery(BasicAuthAccount.class);
Root<BasicAuthAccount> root = criteriaQuery.from(BasicAuthAccount.class);
criteriaQuery.where(builder.equal(root.get("login"), login));
basicAuthAccount = session.createQuery(criteriaQuery).uniqueResultOptional();
return basicAuthAccount;
}
@Override
public Optional<BasicAuthAccount> getByAuthorizationHeaderHash(String authorizationHeaderHash) {
Optional<BasicAuthAccount> basicAuthAccount;
try (Session s = getSession()) {
s.getTransaction().begin();
CriteriaBuilder builder = s.getCriteriaBuilder();
CriteriaQuery<BasicAuthAccount> criteriaQuery = builder.createQuery(BasicAuthAccount.class);
Root<BasicAuthAccount> root = criteriaQuery.from(BasicAuthAccount.class);
criteriaQuery.where(builder.equal(root.get("authorizationHeaderHash"), authorizationHeaderHash));
basicAuthAccount = s.createQuery(criteriaQuery).uniqueResultOptional();
s.getTransaction().commit();
s.close();
}
return basicAuthAccount;
}
@Override
public BasicAuthAccount save(BasicAuthAccount basicAuthAccount, boolean isExist) {
try (Session s = getSession()) {
s.getTransaction().begin();
if (isExist) {
s.update(basicAuthAccount);
} else {
s.persist(basicAuthAccount);
}
s.getTransaction().commit();
s.close();
}
return basicAuthAccount;
}
@Override
public BasicAuthAccount saveFull(String login, String passwordHash, String encryptionAlgorithm, String systemUUID,
String authorizationHeaderHash, String description, String createdBy, String editedBy) {
LOG.debug("Parameters " + login + " " + passwordHash + " " + encryptionAlgorithm
+ " " + systemUUID + " " + authorizationHeaderHash + " " + description + " " + createdBy + " "
+ editedBy);
Optional<BasicAuthAccount> existingBasicAuthAccount = get(login);
EncryptionAlgorithm encryptionAlgorithmObj = EncryptionAlgorithm.getByName(encryptionAlgorithm.toUpperCase());
BasicAuthAccount basicAuthAccount = existingBasicAuthAccount.orElseGet(BasicAuthAccount::new);
settingBasicAuthAccount(login, passwordHash, encryptionAlgorithmObj, systemUUID, authorizationHeaderHash,
description, createdBy, editedBy, basicAuthAccount, existingBasicAuthAccount.isPresent());
return save(basicAuthAccount, existingBasicAuthAccount.isPresent());
}
private BasicAuthAccount settingBasicAuthAccount(String login, String passwordHash,
EncryptionAlgorithm encryptionAlgorithm,
String systemUUID, String authorizationHeaderHash,
String description, String createdBy, String editedBy,
BasicAuthAccount basicAuthAccount, boolean isExist) {
if (!isExist) {
basicAuthAccount.setLogin(login);
basicAuthAccount.setCreateDate(new Date());
basicAuthAccount.setCreatedBy(createdBy);
} else {
basicAuthAccount.setEditDate(new Date());
basicAuthAccount.setEditedBy(editedBy);
}
basicAuthAccount.setPasswordHash(passwordHash);
basicAuthAccount.setEncryptionAlgorithm(encryptionAlgorithm);
basicAuthAccount.setSystemUUID(systemUUID);
basicAuthAccount.setAuthorizationHeaderHash(authorizationHeaderHash);
basicAuthAccount.setDescription(description);
return basicAuthAccount;
}
@Override
public BasicAuthAccount saveCommon(String login, String passwordHash, String systemUUID, String createdBy,
String editedBy)
throws NoSuchAlgorithmException, BadPasswordException {
if (null != passwordHash && !passwordHash.isEmpty()) {
passwordHash = EncryptionHelper.encrypt(passwordHash, this.encryptionAlgorithm, this.encryptionSalt);
} else {
throw new BadPasswordException("Password not passed or empty!");
}
return saveFull(login, passwordHash, this.encryptionAlgorithm, systemUUID, "", "", createdBy, editedBy);
}
@Override
public BasicAuthAccount saveShort(String login, String passwordHash, String createdBy, String editedBy)
throws NoSuchAlgorithmException, BadPasswordException {
return saveCommon(login, passwordHash, "", createdBy, editedBy);
}
@Override
public void remove(String login) {
try (Session s = getSession()) {
s.getTransaction().begin();
Optional<BasicAuthAccount> basicAuthAccount = get(s, login);
basicAuthAccount.ifPresent((basicAuthAccount1) -> removeProc(s, basicAuthAccount1));
s.getTransaction().commit();
s.close();
}
}
private void removeProc(Session session, BasicAuthAccount account) {
// permissionService.removeAll(session, account.getId(), PermissionConstants.TYPE_ACCOUNT);
// session.flush();
session.delete(BasicAuthAccount.class.getName(), account);
}
@Override
public boolean check(String login, String password) {
if (login != null && password != null) {
Optional<BasicAuthAccount> basicAuthAccountOpt = get(login);
if (basicAuthAccountOpt.isPresent()) {
BasicAuthAccount basicAuthAccount = basicAuthAccountOpt.get();
try {
String passedPasswordHash = EncryptionHelper.encrypt(password,
basicAuthAccount.getEncryptionAlgorithm().getAlgorithmName(),
this.encryptionSalt);
if (passedPasswordHash.equals(basicAuthAccount.getPasswordHash())) {
return true;
}
} catch (NoSuchAlgorithmException e) {
LOG.error("Encryption algorithm error", e);
}
}
}
return false;
}
}

124
platform/runtime/security/jaas/entaxy-legacy-auth/src/main/java/ru/entaxy/esb/system/auth/basic/jpa/listener/BasicAuthPostEventListener.java Normal file
View File

@ -0,0 +1,124 @@
/*-
* ~~~~~~licensing~~~~~~
* basic-auth-impl
* ==========
* Copyright (C) 2020 - 2025 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.esb.system.auth.basic.jpa.listener;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.hibernate.event.spi.*;
import org.hibernate.persister.entity.EntityPersister;
import ru.entaxy.esb.system.auth.basic.htpasswd.HtpasswdGenerator;
import ru.entaxy.esb.system.auth.basic.jpa.api.BasicAuthService;
import ru.entaxy.esb.system.auth.basic.jpa.api.entity.BasicAuthAccount;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.util.List;
public class BasicAuthPostEventListener implements PostCommitInsertEventListener, PostCommitUpdateEventListener, PostCommitDeleteEventListener {
private static final long serialVersionUID = -6603994118756820823L;
private static final Log LOG = LogFactory.getLog(BasicAuthPostEventListener.class);
private BasicAuthService basicAuthService;
private HtpasswdGenerator htpasswdGenerator;
private String encryptionSalt;
public void setEncryptionSalt(String encryptionSalt) {
this.encryptionSalt = encryptionSalt;
}
@Override
public boolean requiresPostCommitHanding(EntityPersister persister) {
return true;
}
@Override
public void onPostDelete(PostDeleteEvent event) {
LOG.debug("Delete handler event " + event.getSession());
LOG.debug("Delete handler event " + event.getEntity());
if (event.getEntity() instanceof BasicAuthAccount) {
generateHtpasswd();
}
}
@Override
public void onPostUpdate(PostUpdateEvent event) {
LOG.debug("Update handler event " + event);
LOG.debug("Update handler event " + event.getEntity());
generateHtpasswd();
}
@Override
public void onPostInsert(PostInsertEvent event) {
LOG.debug("Insert handler event " + event);
LOG.debug("Insert handler event " + event.getEntity());
generateHtpasswd();
}
private void generateHtpasswd() {
List<BasicAuthAccount> accounts = basicAuthService.list();
try {
htpasswdGenerator.generateHtpasswd(accounts, encryptionSalt);
} catch (NoSuchAlgorithmException | IOException e) {
LOG.error(e);
}
}
@Override
public void onPostDeleteCommitFailed(PostDeleteEvent event) {
LOG.debug("Delete failed event " + event.getEntity());
}
@Override
public void onPostUpdateCommitFailed(PostUpdateEvent event) {
LOG.debug("Update failed event " + event.getEntity());
}
@Override
public void onPostInsertCommitFailed(PostInsertEvent event) {
LOG.debug("Insert failed event " + event.getEntity());
}
public BasicAuthService getBasicAuthService() {
return basicAuthService;
}
public void setBasicAuthService(BasicAuthService basicAuthService) {
this.basicAuthService = basicAuthService;
}
public HtpasswdGenerator getHtpasswdGenerator() {
return htpasswdGenerator;
}
public void setHtpasswdGenerator(HtpasswdGenerator htpasswdGenerator) {
this.htpasswdGenerator = htpasswdGenerator;
}
}

93
platform/runtime/security/jaas/entaxy-legacy-auth/src/main/java/ru/entaxy/esb/system/auth/basic/jpa/listener/EntityEventListenerRegistry.java Normal file
View File

@ -0,0 +1,93 @@
/*-
* ~~~~~~licensing~~~~~~
* basic-auth-impl
* ==========
* Copyright (C) 2020 - 2025 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.esb.system.auth.basic.jpa.listener;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.hibernate.SessionFactory;
import org.hibernate.engine.spi.SessionFactoryImplementor;
import org.hibernate.event.service.spi.EventListenerRegistry;
import org.hibernate.event.spi.EventType;
public class EntityEventListenerRegistry {
private static final Log LOG = LogFactory.getLog(EntityEventListenerRegistry.class);
private static final int SESSION_WAIT_TIMEOUT = 50000;
private SessionFactory sessionFactory;
private BasicAuthPostEventListener basicAuthPostEventListener;
private int initLimiter = 0;
public void registerListeners() {
LOG.info("Init EntityEventListenerRegistry " + sessionFactory.getClass().getName());
EventListenerRegistry registry = prepareRegistry();
registry.getEventListenerGroup(EventType.POST_COMMIT_INSERT).appendListener(basicAuthPostEventListener);
registry.getEventListenerGroup(EventType.POST_COMMIT_UPDATE).appendListener(basicAuthPostEventListener);
registry.getEventListenerGroup(EventType.POST_COMMIT_DELETE).appendListener(basicAuthPostEventListener);
}
private EventListenerRegistry prepareRegistry() {
try {
SessionFactoryImplementor sessionFactoryImpl = sessionFactory.unwrap(SessionFactoryImplementor.class);
EventListenerRegistry registry = sessionFactoryImpl.getServiceRegistry().getService(EventListenerRegistry.class);
return registry;
} catch (Exception e) {
LOG.error(e.getMessage());
if (initLimiter == 10) {
LOG.error(e);
}
try {
LOG.warn("Wait sessionFactory initialization...");
Thread.sleep(SESSION_WAIT_TIMEOUT);
} catch (InterruptedException e1) {
}
}
return initLimiter++ <= 9
? prepareRegistry()
: null;
}
public SessionFactory getSessionFactory() {
return sessionFactory;
}
public BasicAuthPostEventListener getBasicAuthPostEventListener() {
return basicAuthPostEventListener;
}
public void setBasicAuthPostEventListener(BasicAuthPostEventListener basicAuthPostEventListener) {
this.basicAuthPostEventListener = basicAuthPostEventListener;
}
public void setSessionFactory(SessionFactory sessionFactory) {
this.sessionFactory = sessionFactory;
}
}

71
platform/runtime/security/jaas/entaxy-legacy-auth/src/main/java/ru/entaxy/esb/system/auth/basic/jpa/util/EncryptionHelper.java Normal file
View File

@ -0,0 +1,71 @@
/*-
* ~~~~~~licensing~~~~~~
* basic-auth-impl
* ==========
* Copyright (C) 2020 - 2025 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.esb.system.auth.basic.jpa.util;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.codec.digest.Md5Crypt;
import org.apache.commons.codec.digest.Sha2Crypt;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import ru.entaxy.esb.system.auth.basic.jpa.api.entity.field.EncryptionAlgorithm;
import java.nio.charset.StandardCharsets;
import java.security.NoSuchAlgorithmException;
public class EncryptionHelper {
private static final Logger LOG = LoggerFactory.getLogger(EncryptionHelper.class);
static final String APR1_PREFIX = "$apr1$";
static final String SHA512_PREFIX = "$6$";
private EncryptionHelper() {
throw new IllegalStateException("Utility class");
}
public static String encrypt(String plaintext, String cipher, String salt) throws NoSuchAlgorithmException {
String passwordHash;
if (EncryptionAlgorithm.MD5.equalsName(cipher)) {
passwordHash = Md5Crypt.apr1Crypt((plaintext.getBytes(StandardCharsets.UTF_8)), salt);
passwordHash = passwordHash.substring(passwordHash.lastIndexOf("$") + 1);
} else if (EncryptionAlgorithm.SHA1.equalsName(cipher)) {
passwordHash = Base64.encodeBase64String(
DigestUtils.sha1((plaintext + salt).getBytes(StandardCharsets.UTF_8)));
} else if (EncryptionAlgorithm.SHA512.equalsName(cipher)) {
passwordHash = Sha2Crypt.sha512Crypt((plaintext.getBytes(StandardCharsets.UTF_8)), SHA512_PREFIX + salt);
passwordHash = passwordHash.substring(passwordHash.lastIndexOf("$"));
} else if (EncryptionAlgorithm.PLAIN.equalsName(cipher)) {
passwordHash = plaintext;
} else {
throw new NoSuchAlgorithmException();
}
return passwordHash;
}
}

38
platform/runtime/security/jaas/entaxy-legacy-auth/src/main/java/ru/entaxy/esb/system/common/util/SystemHeadersConstants.java Normal file
View File

@ -0,0 +1,38 @@
/*-
* ~~~~~~licensing~~~~~~
* system-commons
* ==========
* Copyright (C) 2020 - 2025 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.esb.system.common.util;
public class SystemHeadersConstants {
public static final String HEADER_USER_LOGIN = "X-ForwardedUser";
public static final String HEADER_USER_ID = "X-ForwardedUserId";
public static final String HEADER_SYSTEM_NAME = "X-SystemName";
public static final String HEADER_SYSTEM_UUID = "X-SystemUuid";
public static final String HEADER_SYSTEM_ID = "X-SystemId";
public static final String HEADER_IS_DISPLAY_SERVICE_SERVICE = "NTX_IsDisplayServiceSchema";
private SystemHeadersConstants() {
}
}

183
platform/runtime/security/jaas/entaxy-legacy-auth/src/main/java/ru/entaxy/platform/runtime/security/jaas/modules/entaxylegacy/EntaxyLegacyBackingEngine.java Normal file
View File

@ -0,0 +1,183 @@
/*-
* ~~~~~~licensing~~~~~~
* entaxy-legacy-auth
* ==========
* Copyright (C) 2020 - 2025 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.platform.runtime.security.jaas.modules.entaxylegacy;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.stream.Collectors;
import org.apache.karaf.jaas.boot.principal.GroupPrincipal;
import org.apache.karaf.jaas.boot.principal.RolePrincipal;
import org.apache.karaf.jaas.boot.principal.UserPrincipal;
import org.apache.karaf.jaas.modules.BackingEngine;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import ru.entaxy.esb.system.auth.basic.jpa.api.BasicAuthService;
import ru.entaxy.esb.system.auth.basic.jpa.api.entity.BasicAuthAccount;
import ru.entaxy.esb.system.auth.basic.jpa.api.exception.BadPasswordException;
import ru.entaxy.platform.base.support.CommonUtils;
public class EntaxyLegacyBackingEngine implements BackingEngine {
private static final Logger log = LoggerFactory.getLogger(EntaxyLegacyBackingEngine.class);
public static EntaxyLegacyBackingEngine INSTANCE = new EntaxyLegacyBackingEngine();
public static final String SYSTEM_ROLE_PREFIX = "PROFILE_";
@Override
public void addUser(String username, String password) {
if (ServiceHolder.getInstance() == null)
return;
try {
ServiceHolder.getInstance().getBasicAuthService().saveCommon(username, password, null, "admin", "admin");
} catch (NoSuchAlgorithmException | BadPasswordException e) {
log.error("Error adding user: [" + username + "]", e);
}
}
@Override
public void deleteUser(String username) {
if (ServiceHolder.getInstance() == null)
return;
ServiceHolder.getInstance().getBasicAuthService().remove(username);
}
@Override
public List<UserPrincipal> listUsers() {
if (ServiceHolder.getInstance() == null)
return new ArrayList<>();
return ServiceHolder.getInstance().getBasicAuthService().list().stream()
.map(acc -> new UserPrincipal(acc.getLogin())).collect(Collectors.toList());
}
@Override
public UserPrincipal lookupUser(String username) {
if (ServiceHolder.getInstance() == null)
return null;
Optional<BasicAuthAccount> opt = getBasicAuthService().get(username);
if (opt.isPresent())
return new UserPrincipal(opt.get().getLogin());
return null;
}
@Override
public List<GroupPrincipal> listGroups(UserPrincipal user) {
// NOT SUPPORTED
return Collections.emptyList();
}
@Override
public Map<GroupPrincipal, String> listGroups() {
// NOT SUPPORTED
return Collections.emptyMap();
}
@Override
public void addGroup(String username, String group) {
// NOT SUPPORTED
}
@Override
public void createGroup(String group) {
// NOT SUPPORTED
}
@Override
public void deleteGroup(String username, String group) {
// NOT SUPPORTED
}
@Override
public List<RolePrincipal> listRoles(Principal principal) {
if (ServiceHolder.getInstance() == null)
return Collections.emptyList();
if (principal instanceof UserPrincipal) {
Optional<BasicAuthAccount> opt = getBasicAuthService().get(principal.getName());
if (opt.isPresent()) {
String systemUuid = opt.get().getSystemUUID();
if (CommonUtils.isValid(systemUuid))
return Collections.singletonList(new RolePrincipal(SYSTEM_ROLE_PREFIX + systemUuid));
}
}
return Collections.emptyList();
}
@Override
public void addRole(String username, String role) {
if (ServiceHolder.getInstance() == null)
return;
if (!CommonUtils.isValid(role))
return;
if (!role.startsWith(SYSTEM_ROLE_PREFIX))
return;
String systemUuid = role.substring(SYSTEM_ROLE_PREFIX.length());
Optional<BasicAuthAccount> opt = getBasicAuthService().get(username);
if (opt.isEmpty())
return;
opt.get().setSystemUUID(systemUuid);
getBasicAuthService().save(opt.get(), true);
}
@Override
public void deleteRole(String username, String role) {
if (ServiceHolder.getInstance() == null)
return;
if (!CommonUtils.isValid(role))
return;
if (!role.startsWith(SYSTEM_ROLE_PREFIX))
return;
Optional<BasicAuthAccount> opt = getBasicAuthService().get(username);
if (opt.isEmpty())
return;
opt.get().setSystemUUID(null);
getBasicAuthService().save(opt.get(), true);
}
@Override
public void addGroupRole(String group, String role) {
// NOT SUPPORTED
}
@Override
public void deleteGroupRole(String group, String role) {
// NOT SUPPORTED
}
protected BasicAuthService getBasicAuthService() {
return ServiceHolder.getInstance().getBasicAuthService();
}
}

45
platform/runtime/security/jaas/entaxy-legacy-auth/src/main/java/ru/entaxy/platform/runtime/security/jaas/modules/entaxylegacy/EntaxyLegacyBackingEngineFactory.java Normal file
View File

@ -0,0 +1,45 @@
/*-
* ~~~~~~licensing~~~~~~
* entaxy-legacy-auth
* ==========
* Copyright (C) 2020 - 2025 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.platform.runtime.security.jaas.modules.entaxylegacy;
import java.util.Map;
import org.apache.karaf.jaas.modules.BackingEngine;
import org.apache.karaf.jaas.modules.BackingEngineFactory;
public class EntaxyLegacyBackingEngineFactory implements BackingEngineFactory {
@Override
public String getModuleClass() {
return EntaxyLegacyLoginModule.class.getName();
}
@Override
public BackingEngine build(Map<String, ?> options) {
return EntaxyLegacyBackingEngine.INSTANCE;
}
}

120
platform/runtime/security/jaas/entaxy-legacy-auth/src/main/java/ru/entaxy/platform/runtime/security/jaas/modules/entaxylegacy/EntaxyLegacyLoginModule.java Normal file
View File

@ -0,0 +1,120 @@
/*-
* ~~~~~~licensing~~~~~~
* entaxy-legacy-auth
* ==========
* Copyright (C) 2020 - 2025 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.platform.runtime.security.jaas.modules.entaxylegacy;
import java.io.IOException;
import java.util.HashSet;
import java.util.Map;
import java.util.Optional;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import org.apache.karaf.jaas.boot.principal.RolePrincipal;
import org.apache.karaf.jaas.boot.principal.UserPrincipal;
import org.apache.karaf.jaas.modules.AbstractKarafLoginModule;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import ru.entaxy.esb.system.auth.basic.jpa.api.entity.BasicAuthAccount;
import ru.entaxy.platform.base.support.CommonUtils;
public class EntaxyLegacyLoginModule extends AbstractKarafLoginModule {
private static final Logger log = LoggerFactory.getLogger(EntaxyLegacyLoginModule.class);
public static final String SYSTEM_ROLE_PREFIX = "PROFILE_";
@Override
public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
Map<String, ?> options) {
super.initialize(subject, callbackHandler, options);
}
@Override
public boolean login() throws LoginException {
if (ServiceHolder.getInstance() == null) {
throw new LoginException("Entaxy legacy BasicAuthService not found");
}
Callback[] callbacks = new Callback[2];
callbacks[0] = new NameCallback("Username: ");
callbacks[1] = new PasswordCallback("Password: ", false);
if (callbackHandler != null) {
try {
callbackHandler.handle(callbacks);
} catch (IOException ioe) {
throw new LoginException(ioe.getMessage());
} catch (UnsupportedCallbackException uce) {
throw new LoginException(uce.getMessage() + " not available to obtain information from user");
}
}
// user callback get value
if (((NameCallback) callbacks[0]).getName() == null) {
throw new LoginException("Username can not be null");
}
user = ((NameCallback) callbacks[0]).getName();
// password callback get value
if (((PasswordCallback) callbacks[1]).getPassword() == null) {
throw new LoginException("Password can not be null");
}
String password = new String(((PasswordCallback) callbacks[1]).getPassword());
if (!isAuthenticated(user, password))
throw new FailedLoginException("login failed");
principals = new HashSet<>();
principals.add(new UserPrincipal(user));
Optional<BasicAuthAccount> acc = ServiceHolder.getInstance().getBasicAuthService().get(user);
if (acc.isPresent()) {
String systemUuid = acc.get().getSystemUUID();
if (CommonUtils.isValid(systemUuid))
principals.add(new RolePrincipal(SYSTEM_ROLE_PREFIX + systemUuid));
}
if (debug) {
log.debug("Successfully logged in {}", user);
}
succeeded = true;
return true;
}
private boolean isAuthenticated(String name, String password) {
return ServiceHolder.getInstance().getBasicAuthService().check(name, password);
}
}

59
platform/runtime/security/jaas/entaxy-legacy-auth/src/main/java/ru/entaxy/platform/runtime/security/jaas/modules/entaxylegacy/ServiceHolder.java Normal file
View File

@ -0,0 +1,59 @@
/*-
* ~~~~~~licensing~~~~~~
* entaxy-legacy-auth
* ==========
* Copyright (C) 2020 - 2025 EmDev LLC
* ==========
* You may not use this file except in accordance with the License Terms of the Copyright
* Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
* rights to the Software and any copies are the property of the Copyright Holder. Unless
* it is explicitly allowed the Copyright Holder, the User is prohibited from using the
* Software for commercial purposes to provide services to third parties.
*
* The Copyright Holder hereby declares that the Software is provided on an "AS IS".
* Under no circumstances does the Copyright Holder guarantee or promise that the
* Software provided by him will be suitable or not suitable for the specific purposes
* of the User, that the Software will meet all commercial and personal subjective
* expectations of the User, that the Software will work properly, without technical
* errors, quickly and uninterruptedly.
*
* Under no circumstances shall the Copyright Holder or its Affiliates is not liable
* to the User for any direct or indirect losses of the User, his expenses or actual
* damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
* or damage to data, property, etc.
* ~~~~~~/licensing~~~~~~
*/
package ru.entaxy.platform.runtime.security.jaas.modules.entaxylegacy;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.osgi.service.component.annotations.ReferencePolicyOption;
import ru.entaxy.esb.system.auth.basic.jpa.api.BasicAuthService;
@Component(immediate = true)
public class ServiceHolder {
private static ServiceHolder INSTANCE;
public static ServiceHolder getInstance() {
return INSTANCE;
}
@Reference(cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC,
policyOption = ReferencePolicyOption.GREEDY)
volatile BasicAuthService basicAuthService;
@Activate
public void activate() {
INSTANCE = this;
}
public BasicAuthService getBasicAuthService() {
return basicAuthService;
}
}

105
platform/runtime/security/jaas/entaxy-legacy-auth/src/main/resources/OSGI-INF/blueprint/camel-context.xml Normal file
View File

@ -0,0 +1,105 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~~~~~~licensing~~~~~~
basic-auth-impl
==========
Copyright (C) 2020 - 2025 EmDev LLC
==========
You may not use this file except in accordance with the License Terms of the Copyright
Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
rights to the Software and any copies are the property of the Copyright Holder. Unless
it is explicitly allowed the Copyright Holder, the User is prohibited from using the
Software for commercial purposes to provide services to third parties.
The Copyright Holder hereby declares that the Software is provided on an "AS IS".
Under no circumstances does the Copyright Holder guarantee or promise that the
Software provided by him will be suitable or not suitable for the specific purposes
of the User, that the Software will meet all commercial and personal subjective
expectations of the User, that the Software will work properly, without technical
errors, quickly and uninterruptedly.
Under no circumstances shall the Copyright Holder or its Affiliates is not liable
to the User for any direct or indirect losses of the User, his expenses or actual
damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
or damage to data, property, etc.
~~~~~~/licensing~~~~~~
-->
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:cm="http://aries.apache.org/blueprint/xmlns/blueprint-cm/v1.1.0"
xsi:schemaLocation="http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd">
<cm:property-placeholder persistent-id="ru.entaxy.esb.system.basic_auth" update-strategy="reload">
<cm:default-properties>
<cm:property name="encryption.algorithm" value="SHA-1"/>
<cm:property name="encryption.salt" value="kDfq0qZJ"/>
<cm:property name="internal.authentication.enabled" value="false"/>
</cm:default-properties>
</cm:property-placeholder>
<reference id="sessionFactory"
interface="org.hibernate.SessionFactory"
timeout="30000"/>
<reference id="permissionService"
interface="ru.entaxy.esb.system.core.permission.jpa.PermissionService"
timeout="30000"
availability="mandatory"/>
<service ref="basicAuthService" interface="ru.entaxy.esb.system.auth.basic.jpa.api.BasicAuthService"/>
<bean id="basicAuthService" class="ru.entaxy.esb.system.auth.basic.jpa.impl.BasicAuthServiceImpl">
<property name="sessionFactory" ref="sessionFactory"/>
<property name="encryptionAlgorithm" value="${encryption.algorithm}"/>
<property name="encryptionSalt" value="${encryption.salt}"/>
<!-- property name="permissionService" ref="permissionService"/ -->
</bean>
<reference xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0"
id="htpasswdGenerator"
interface="ru.entaxy.esb.system.auth.basic.htpasswd.HtpasswdGenerator"
timeout="30000"
availability="mandatory"
ext:proxy-method="classes"/>
<!-- bean id="basicAuthPostEventListener"
class="ru.entaxy.esb.system.auth.basic.jpa.listener.BasicAuthPostEventListener">
<property name="basicAuthService" ref="basicAuthService"/>
<property name="encryptionSalt" value="${encryption.salt}"/>
<property name="htpasswdGenerator" ref="htpasswdGenerator"/>
</bean>
<bean id="baseAuthPostDeleteEventListener"
class="ru.entaxy.esb.system.auth.basic.jpa.listener.EntityEventListenerRegistry"
init-method="registerListeners">
<property name="sessionFactory" ref="sessionFactory"/>
<property name="basicAuthPostEventListener" ref="basicAuthPostEventListener"/>
</bean -->
<reference id="systemService"
interface="ru.entaxy.esb.system.jpa.SystemService"
timeout="30000"
availability="mandatory"/>
<bean id="systemInterceptor" class="ru.entaxy.esb.system.auth.basic.interceptor.SystemInterceptor">
<property name="basicAuthService" ref="basicAuthService"/>
<property name="systemService" ref="systemService"/>
</bean>
<service ref="systemInterceptor" interface="org.apache.cxf.phase.PhaseInterceptor">
<service-properties>
<entry key="type" value="system"/>
</service-properties>
</service>
<bean id="authInterceptor" class="ru.entaxy.esb.system.auth.basic.interceptor.AuthenticationInterceptor">
<property name="basicAuthService" ref="basicAuthService"/>
<property name="enabled" value="${internal.authentication.enabled}"/>
</bean>
<service ref="authInterceptor" interface="org.apache.cxf.phase.PhaseInterceptor">
<service-properties>
<entry key="type" value="authentication"/>
</service-properties>
</service>
</blueprint>

44
platform/runtime/security/jaas/entaxy-legacy-auth/src/main/resources/hibernate.cfg.xml Normal file
View File

@ -0,0 +1,44 @@
<?xml version='1.0' encoding='utf-8'?>
<!--
~~~~~~licensing~~~~~~
basic-auth-impl
==========
Copyright (C) 2020 - 2025 EmDev LLC
==========
You may not use this file except in accordance with the License Terms of the Copyright
Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
rights to the Software and any copies are the property of the Copyright Holder. Unless
it is explicitly allowed the Copyright Holder, the User is prohibited from using the
Software for commercial purposes to provide services to third parties.
The Copyright Holder hereby declares that the Software is provided on an "AS IS".
Under no circumstances does the Copyright Holder guarantee or promise that the
Software provided by him will be suitable or not suitable for the specific purposes
of the User, that the Software will meet all commercial and personal subjective
expectations of the User, that the Software will work properly, without technical
errors, quickly and uninterruptedly.
Under no circumstances shall the Copyright Holder or its Affiliates is not liable
to the User for any direct or indirect losses of the User, his expenses or actual
damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
or damage to data, property, etc.
~~~~~~/licensing~~~~~~
-->
<!DOCTYPE hibernate-configuration PUBLIC
"-//Hibernate/Hibernate Configuration DTD//EN"
"http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd">
<hibernate-configuration>
<session-factory>
<property name="connection.datasource">osgi:service/entaxy.esb.storage</property>
<property name="hibernate.hbm2ddl.auto">validate</property>
<property name="hibernate.enable_lazy_load_no_trans">true</property>
<mapping class="ru.entaxy.esb.system.auth.basic.jpa.api.entity.BasicAuthAccount"/>
<mapping class="ru.entaxy.esb.system.core.permission.jpa.entity.Permission"/>
</session-factory>
</hibernate-configuration>

36
platform/runtime/security/jaas/entaxy-legacy-auth/src/main/resources/log4j2.properties Normal file
View File

@ -0,0 +1,36 @@
###
# ~~~~~~licensing~~~~~~
# basic-auth-impl
# ==========
# Copyright (C) 2020 - 2025 EmDev LLC
# ==========
# You may not use this file except in accordance with the License Terms of the Copyright
# Holder located at: https://entaxy.ru/eula . All copyrights, all intellectual property
# rights to the Software and any copies are the property of the Copyright Holder. Unless
# it is explicitly allowed the Copyright Holder, the User is prohibited from using the
# Software for commercial purposes to provide services to third parties.
#
# The Copyright Holder hereby declares that the Software is provided on an "AS IS".
# Under no circumstances does the Copyright Holder guarantee or promise that the
# Software provided by him will be suitable or not suitable for the specific purposes
# of the User, that the Software will meet all commercial and personal subjective
# expectations of the User, that the Software will work properly, without technical
# errors, quickly and uninterruptedly.
#
# Under no circumstances shall the Copyright Holder or its Affiliates is not liable
# to the User for any direct or indirect losses of the User, his expenses or actual
# damage, including, downtime; loss of bussines; lost profit; lost earnings; loss
# or damage to data, property, etc.
# ~~~~~~/licensing~~~~~~
###
appender.file.type=File
appender.file.name=file
appender.file.fileName=target/camel-test.log
appender.file.layout.type=PatternLayout
appender.file.layout.pattern=%d %-5p %c{1} - %m %n
appender.out.type=Console
appender.out.name=out
appender.out.layout.type=PatternLayout
appender.out.layout.pattern=[%30.30t] %-30.30c{1} %-5p %m%n
rootLogger.level=DEBUG
rootLogger.appenderRef.out.ref=out

26
platform/runtime/security/jaas/entaxy-legacy-auth/src/main/resources/ru/entaxy/factory/entaxy-legacy-jaas-login-module.json Normal file
View File

@ -0,0 +1,26 @@
{
"factory": {
"id": "entaxy-legacy-jaas-login-module",
"type": "entaxy.security.jaas.loginmodule",
"description": "Factory entaxy-legacy-jaas-login-module of entaxy.security.jaas.loginmodule",
"isAbstract": false,
"parent": "abstract-real-jaas-login-module-with-backend",
"label": "",
"category": ""
},
"entaxy.security.jaas.loginmodule": {
"moduleClassName": "ru.entaxy.platform.runtime.security.jaas.modules.entaxylegacy.EntaxyLegacyLoginModule",
"backendFactoryClassName": "ru.entaxy.platform.runtime.security.jaas.modules.entaxylegacy.EntaxyLegacyBackingEngineFactory"
},
"fields": {
},
"outputs": {
"init": {
"isDefault": true,
"config": {
"configurable": false
}
}
}
}