I thought about repurposing org.eclipse.jface.bindings.Scheme to store key bindings on a per user base:
String userName = "Bob";
BindingManager bindingManager = ((BindingService) PlatformUI.getWorkbench().getService(IBindingService.class)).getBindingManager();
Scheme scheme = bindingManager.getScheme(userName);
scheme.define(userName, "Scheme for user " + userName, DEFAULT_SCHEME);
bindingManager.setActiveScheme(scheme);
Which works well for some moments, but whenever the schemes get loaded from the preferences (e.g. via CommandPersistence#reRead) only the schemes defined in the plugin.xml will be read and everything else gets discarded.
Especially this method of the class BindingService is a problem:
public final void savePreferences(final Scheme activeScheme,
final Binding[] bindings) throws IOException {
// store everything in preferences, then read everything
// -> custom schemes get removed
BindingPersistence.write(activeScheme, bindings);
// now the removed (undefined) scheme gets set
bindingManager.setActiveScheme(activeScheme);
bindingManager.setBindings(bindings);
}
Since I can't really register all users via plugin.xml, how can I register schemes programmatically?
As a "solution", I just re-implemented the scheme for our use case:
String userName = "Bob";
String keyBindings = MyPlugin.getDefault().getPreferenceStore().getString("keyBindings." + userName);
PlatformUI.getPreferenceStore().setValue(PlatformUI.PLUGIN_ID + ".commands", keyBindings);
This triggers CommandPersistence#reRead as well, but since I don't have my custom scheme this time, it doesn't fail. Now the management of our different schemes is our problem, but at least that way it works.
Related
I'm planning to create a web page (lets say for admin) to add user identifier only which is using email and create a temporary password for user without creating a collection.
I'm considering to either use python or java language but I couldn't find any answer whether this can be done or not with cloud firestore. does anyone have any idea?
You can create users for your firebase app without adding them to a collection.
Firestore Admin SDK supports Node.js, Java, Python, Go, C# and .NET it really depends on what language you wish to use for your web server. It could really be either that you choose or you could not use an SDK and instead use something completely different because you can also use firestore with javascript. It really depends on your requirements.
Here is more information on how to set up your environment for which ever option you may need.
To create a user with an email and a password you can use this code in:
javascript
firebase.auth().createUserWithEmailAndPassword(email, password)
.then((userCredential) => {
// Signed in
var user = userCredential.user;
// ...
})
.catch((error) => {
var errorCode = error.code;
var errorMessage = error.message;
// ..
});
Python
user = auth.create_user(
uid='some-uid', email='user#example.com', phone_number='+15555550100')
print('Sucessfully created new user: {0}'.format(user.uid))
Java
CreateRequest request = new CreateRequest()
.setUid("some-uid")
.setEmail("user#example.com")
.setPhoneNumber("+11234567890");
UserRecord userRecord = FirebaseAuth.getInstance().createUser(request); System.out.println("Successfully created new user: " + userRecord.getUid());
More information on creating users with email Here
This is a banking system and I have to create two user levels, Manager and Cashier. I have to provide username and password for manager and manager has to provide username and password for a cashier. I am not really sure how to code validation for cahsier login. This has to be coded in Java in Netbeans IDE (GUI)
My point is just a concern as your question needs you to have a basic understanding of Java. I am not sure whether you are storing your login details in a database or in a text file. If you store the data in a database, then you can just use the normal java validation techniques described below:
Get a username and a password from the cashier.
Select the records that match the user name and password you've entered above from the database.
Print a message if the number of records that you match is zero.
Login the cashier if the entered records match the ones stored in the database.
Please refer to here for more information on connecting to the database and storing/retrieving user data using java.
Also, note that banking applications should be more secure and therefore the best practice is to store seeded hashes of the passwords and use a cryptographically strong hashing function.
In case you are saving your data in a text file, then you can refer to this sample code . You can read more about the Java Scanner Class here. You can also decide to use a map to map all users on registering and then just check the map to confirm the login details.
N/B: In all of these cases, check if the username and password fields are empty before you submit the details.
If this were a real application, you would store usernames and hashed-and-salted versions of the passwords on disk (or you would query them over a network), ideally using bcrypt, pbkdf2, or another strong and upgrade-able password-hashing scheme. There are multiple open-source libraries that implement those for you.
Since this appears to be a programming exercise, the question of how you store them is probably mandated by whoever wrote it, and security may therefore be minimal.
The easiest way (which is not secure at all) of implementing this is to keep a password file around. You could, for example, use something similar to the following code:
public class InsecurePasswordStore {
private Map<String, String> passwords = new HashMap<>();
public void setPassword(String user, String password) {
passwords.put(user, password);
}
public boolean isPasswordCorrect(String user, String password) {
return passwords.get(user) != null && passwords.get(user).equals(password);
}
public void save(File file) throws IOException {
try (PrintWriter writer = new PrintWriter(new BufferedWriter(new FileWriter(file)))) {
for (Map.Entry<String, String> e: passwords.entrySet()) {
writer.println(e.getKey());
writer.println(e.getValue());
}
}
}
public void load(File file) throws IOException {
passwords.clear();
try (BufferedReader reader = new BufferedReader(new FileReader(file))) {
boolean finished = false;
while ( ! finished) {
String user = reader.readLine();
String password = reader.readLine();
if (user == null || password == null) {
finished = true;
} else {
passwords.put(user, password);
}
}
}
}
public static void main(String[] args) throws IOException {
InsecurePasswordStore store = new InsecurePasswordStore();
File passwordFile = new File("secrets.txt");
// create initial password file before first run
store.setPassword("manager", "12345");
store.save(passwordFile);
// load file when the app is launched
store.load(passwordFile);
// check password for a user
String badGuess = "2345";
System.out.println("Is " + badGuess
+ " the correct password for the manager? " + store.isPasswordCorrect("manager", badGuess));
String goodGuess = "12345";
System.out.println("Is " + goodGuess
+ " the correct password for the manager? " + store.isPasswordCorrect("manager", goodGuess));
// if the password was correct, set another username-password pair
if (store.isPasswordCorrect("manager", goodGuess)) {
store.setPassword("cashier", "abcde");
}
store.save(passwordFile);
}
}
My answer is more a series of questions and suggestions to get you to think about how to do it. Also, I cannot be very specific because you have provided very little detail in your question.
Question 1, after your manager enters the cashier details, where do you store them? In memory? In a file? In a database? Something else?
Question 2, when validating the cashier login, why would you not validate the cashier details against that database/file/memory store? The answer is you should validate your cashier logins against the place where they are stored.
Also for whatever it is worth, you should never hardcode a logon (e.g. the manager) into an application (not even for testing). Why?
There is no way to get rid of it without releasing a new version of the software.
It is a security risk (because of reason 1).
If you do it in testing, it is entirely possible that you will forget to remove it before the code is released. Then reason 2 applies.
There is no need for it - you can simply "seed" your user store with a single record representing the manager's login and default password (ideally with a "password has expired" indication) in your distribution or if you have an installer, prompt the person doing the setup to create the manager login during the installation process.
Therefore, the way you validate the manager's credentials will be exactly the same as everybody else.
This will (should) have the advantage of a simpler program which will be easier to maintain.
And just in case, the way you tell the difference between the manager, the cashier, a supervisor or whatever other user types that you might have (or need in the future) is via a role. In your user data store have a field that define which role the user is in (e.g. manager, cashier etc). Another model is "muliple fields" where you indicate that a user has that role (and thus access to the associated function or not). For example, you might have manager, supervisor, cashier, backoffice etc roles. Then just put a true/false in your user record that indicates whether that user can access the functions associated with a particular role.
Finally, your program becomes simpler because your logic is now simply
if user has manager role then display manager menu
if user has supervisor role then display supervisor menu"
etc
Note that there is no else in the above psuedo code.
Background
My application connects to the Genesys Interaction Server in order to receive events for actions performed on the Interaction Workspace. I am using the Platform SDK 8.5 for Java.
I make the connection to the Interaction Server using the method described in the API reference.
InteractionServerProtocol interactionServerProtocol =
new InteractionServerProtocol(
new Endpoint(
endpointName,
interactionServerHost,
interactionServerPort));
interactionServerProtocol.setClientType(InteractionClient.AgentApplication);
interactionServerProtocol.open();
Next, I need to register a listener for each Place I wish to receive events for.
RequestStartPlaceAgentStateReporting requestStartPlaceAgentStateReporting = RequestStartPlaceAgentStateReporting.create();
requestStartPlaceAgentStateReporting.setPlaceId("PlaceOfGold");
requestStartPlaceAgentStateReporting.setTenantId(101);
isProtocol.send(requestStartPlaceAgentStateReporting);
The way it is now, my application requires the user to manually specify each Place he wishes to observe. This requires him to know the names of all the Places, which he may not necessarily have [easy] access to.
Question
How do I programmatically obtain a list of Places available? Preferably from the Interaction Server to limit the number of connections needed.
There is a method you can use. If you check methods of applicationblocks you will see cfg and query objects. You can use it for get list of all DNs. When building query, try blank DBID,name and number.
there is a .net code similar to java code(actually exatly the same)
List<CfgDN> list = new List<CfgDN>();
List<DN> dnlist = new List<Dn>();
CfgDNQuery query = new CfgDNQuery(m_ConfService);
list = m_ConfService.RetrieveMultipleObjects<CfgDN>(query).ToList();
foreach (CfgDN item in list)
{
foo = (DN) item.DBID;
......
dnlist.Add(foo);
}
Note : DN is my class which contains some property from platform SDK.
KeyValueCollection tenantList = new KeyValueCollection();
tenantList.addString("tenant", "Resources");
RequestStartPlaceAgentStateReportingAll all = RequestStartPlaceAgentStateReportingAll.create(tenantList);
interactionServerProtocol.send(all);
I'm developing a web app that let users reset their own passwords in Active Directory. I've been doing it by binding as an administrator and it works fine, but the directory policies (reuse history, characters, etc) are not being enforced. I can't bind as a user because I don't have the current password.
I read about the LDAP_SERVER_POLICY_HINTS control introduced in Windows 2008 R2 SP1 for doing that in Active Directory and even found someone who made it using Spring LDAP
Since I'm using UnboundID and there is no standard control shipped for that, I figured that I had to create my own control class. The documented OID is 1.2.840.113556.1.4.2239 and the value {48, 3, 2, 1, 1}
public class PolicyHintsControl extends Control {
private static final long serialVersionUID = 1L;
public final static String LDAP_SERVER_POLICY_HINTS_OID = "1.2.840.113556.1.4.2066";
public final static byte[] LDAP_SERVER_POLICY_HINTS_DATA = { 48,
(byte) 132, 0, 0, 0, 3, 2, 1, 1 };
public PolicyHintsControl() {
super(LDAP_SERVER_POLICY_HINTS_OID, false, new ASN1OctetString(
LDAP_SERVER_POLICY_HINTS_DATA));
}
#Override
public String getControlName() {
return "LDAP Server Policy Hints Control";
}
#Override
public void toString(StringBuilder buffer) {
buffer.append("LDAPServerPolicyHints(isCritical=");
buffer.append(isCritical());
buffer.append(')');
}
}
So I added this new control in the modify request like this:
public static void main(String[] args) throws Exception {
final String host = "ldap.example.com";
final int port = 636;
String adminDn = "admin#example.com";
String adminPassword = "passwd";
String userDn = "CN=user,ou=people,dc=example,dc=com";
String userPassword = "passwd";
String keystoreFile = "/path/to/keystore.jks";
String keystorePassword = "passwd";
String passwordAttribute = "unicodePwd";
//Password change requires SSL
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(new FileInputStream(keystoreFile), keystorePassword.toCharArray());
TrustManagerFactory factory = TrustManagerFactory.getInstance("x509");
factory.init(keyStore);
final SSLUtil sslUtil = new SSLUtil(factory.getTrustManagers());
SSLSocketFactory socketFactory = sslUtil.createSSLSocketFactory();
Debug.setEnabled(true);
// Connect as the configured administrator
LDAPConnection ldapConnection = new LDAPConnection(socketFactory, host,
port, adminDn, adminPassword);
// Set password in AD format
final String newQuotedPassword = "\"" + userPassword + "\"";
final byte[] newPasswordBytes = newQuotedPassword.getBytes("UTF-16LE");
String encryptedNewPwd = new String(newPasswordBytes);
//Build modifications array and request
final ArrayList<Modification> modifications = new ArrayList<Modification>();
modifications.add(new Modification(ModificationType.REPLACE,
passwordAttribute, encryptedNewPwd));
ModifyRequest modifyRequest = new ModifyRequest(userDn, modifications);
//Add the policy hints control
modifyRequest.addControl(new PolicyHintsControl());
//Modify already
ldapConnection.modify(modifyRequest);
ldapConnection.close();
}
I get the following exception:
Exception in thread "main" LDAPException(resultCode=53 (unwilling to perform), errorMessage='0000052D: SvcErr: DSID-031A120C, problem 5003 (WILL_NOT_PERFORM), data 0
', diagnosticMessage='0000052D: SvcErr: DSID-031A120C, problem 5003 (WILL_NOT_PERFORM), data 0
')
After researching a bit more I found that there was another update in Windows 2012 for the same control which changed the OID to 1.2.840.113556.1.4.2066 and deprecated the old OID.
Since this app can be configured with any version of AD I'd like to handle gracefully every scenario (Windows 2012, Windows 2008 R2 SP1, others). My questions are:
Does anyone have successfully done this with UnboundID?
Is there anyway to know if the controls are available before the modification request?
What would be the best way to handle different OID's for different versions of AD for the same control? Same class or different classes?
I'm not all that familiar with Microsoft-specific controls so I can't provide a lot of help there, but it looks like you're already on the right track with that. In this case, it actually looks like the control is working as expected and the server is rejecting the password because it's not strong enough.
Active Directory is really awful with how hard it makes it to figure things like this out, but the secret lies in the "0000052D" given in the diagnostic message. That is a reference to Active Directory system error code 0x52D, which is decimal 1325. System error codes are documented at http://msdn.microsoft.com/en-us/library/windows/desktop/ms681381(v=vs.85).aspx, and in this case you need to follow the "System Error Codes (1300-1699)" link (http://msdn.microsoft.com/en-us/library/windows/desktop/ms681385(v=vs.85).aspx) and find the description for value 1325. The text for that error code says "Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain." Since the point of the control you're trying to use seems to be to cause the server to perform quality checking on the new password, it looks like it's working as expected. If you use a stronger password (e.g., make it longer, include uppercase/numeric/symbol characters, etc.) then perhaps the server will accept it.
With regard to your question about figuring out what controls the server supports, the way to do that is to retrieve the server root DSE and look at the OIDs reported in the supportedControls attribute. The UnboundID LDAP SDK for Java makes this pretty easy because you can use the LDAPConnection.getRootDSE method to retrieve the root DSE, and then the RootDSE.supportsControl method to determine whether the server supports the specified control.
With regard to your question about whether to handle different OIDs with the same class or different classes, that's more a matter of style than anything else. If the control with the newer OID also uses a different encoding for the value, then that would definitely suggest making a separate class. If the value encoding is the same for both OIDs, then it's probably a matter of personal preference but even if you make them separate classes then it would be good to keep the majority of the code common rather than having the same code in two different places.
I'm currently trying to query and set some windows registry entries through a Java app. We are mandated to use the JNI-Registry library (for licensing reasons). The keys and values to set are not under my control (I'm modifying values set by another, 3rd party, application).
I can get and set the various entries and values OK for normal keys and values, and I can query the default value for a key OK. However, I need to know how to set the default values for a key.
//This works
final RegistryKey regKey = Registry.HKEY_LOCAL_MACHINE.openSubKey("SOFTWARE\\company\\app\\subkey", RegistryKey.ACCESS_ALL);
RegStringValue blah = (RegStringValue) regKey.getValue("blah");
if (blah == null) {
blah = new RegStringValue(regKey, "blah");
}
blah.setData("Some data");
regKey.setValue(blah);
//Not sure about this...
final RegistryKey regKey = Registry.HKEY_LOCAL_MACHINE.openSubKey("SOFTWARE\\company\\app\\subkey", RegistryKey.ACCESS_ALL);
String defaultValue = regKey.getDefaultValue(); //Gets the default value OK
//How do I reset it, though???
//need something like:
// regKey.setDefaultValue("Some new value");
//The following does not seem to work
RegDWordValue defVal = (RegDWordValue) regKey.getValue(""); //Also tried ...getValue("Default")
defVal.setData("Some new Value");
regKey.setValue(defVal);
regKey.closeKey();
Does anyone know if this is possible?
Yes, its possible.
Well, in c#, for any key, you can do
key.SetValue("", "value");
The nameless key is the default one.
This is documented at: http://msdn.microsoft.com/en-us/library/microsoft.win32.registry.setvalue.aspx (page archived here)
Kinda late, i know. still, hope it helps someone. I was looking for the same thing.