Search in sources :

Example 21 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project jackrabbit-oak by apache.

the class LoginContextProviderImpl method getLoginContext.

@Override
@Nonnull
public LoginContext getLoginContext(Credentials credentials, String workspaceName) throws LoginException {
    Subject subject = getSubject();
    if (subject != null && credentials == null) {
        log.debug("Found pre-authenticated subject: No further login actions required.");
        return new PreAuthContext(subject);
    }
    if (subject == null) {
        subject = new Subject();
    }
    CallbackHandler handler = getCallbackHandler(credentials, workspaceName);
    return new JaasLoginContext(appName, subject, handler, getConfiguration());
}
Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler) JaasLoginContext(org.apache.jackrabbit.oak.spi.security.authentication.JaasLoginContext) PreAuthContext(org.apache.jackrabbit.oak.spi.security.authentication.PreAuthContext) Subject(javax.security.auth.Subject) Nonnull(javax.annotation.Nonnull)

Example 22 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project jackrabbit-oak by apache.

the class AbstractLoginModuleTest method testGetCredentialsFromCallbackHandler.

@Test
public void testGetCredentialsFromCallbackHandler() {
    CallbackHandler cbh = new CallbackHandler() {

        @Override
        public void handle(Callback[] callbacks) {
            for (Callback cb : callbacks) {
                if (cb instanceof CredentialsCallback) {
                    ((CredentialsCallback) cb).setCredentials(new TestCredentials());
                }
            }
        }
    };
    AbstractLoginModule lm = initLoginModule(TestCredentials.class, cbh);
    assertTrue(lm.getCredentials() instanceof TestCredentials);
    lm = initLoginModule(SimpleCredentials.class, cbh);
    assertNull(lm.getCredentials());
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) CallbackHandler(javax.security.auth.callback.CallbackHandler) PrincipalProviderCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.PrincipalProviderCallback) RepositoryCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.RepositoryCallback) SecurityProviderCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.SecurityProviderCallback) WhiteboardCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.WhiteboardCallback) UserManagerCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.UserManagerCallback) CredentialsCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback) Callback(javax.security.auth.callback.Callback) CredentialsCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback) Test(org.junit.Test)

Example 23 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project jackrabbit-oak by apache.

the class GuestLoginModuleTest method testSimpleCredentials.

@Test
public void testSimpleCredentials() throws LoginException {
    Subject subject = new Subject();
    CallbackHandler cbh = new TestCallbackHandler(new SimpleCredentials("test", new char[0]));
    Map sharedState = new HashMap();
    guestLoginModule.initialize(subject, cbh, sharedState, Collections.<String, Object>emptyMap());
    assertFalse(guestLoginModule.login());
    assertFalse(sharedState.containsKey(AbstractLoginModule.SHARED_KEY_CREDENTIALS));
    assertFalse(guestLoginModule.commit());
    assertTrue(subject.getPrincipals().isEmpty());
    assertTrue(subject.getPublicCredentials().isEmpty());
    assertFalse(guestLoginModule.logout());
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) CallbackHandler(javax.security.auth.callback.CallbackHandler) HashMap(java.util.HashMap) HashMap(java.util.HashMap) Map(java.util.Map) Subject(javax.security.auth.Subject) Test(org.junit.Test)

Example 24 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project jackrabbit-oak by apache.

the class GuestLoginModuleTest method testGuestCredentials.

@Test
public void testGuestCredentials() throws LoginException {
    Subject subject = new Subject();
    CallbackHandler cbh = new TestCallbackHandler(new GuestCredentials());
    Map sharedState = new HashMap();
    guestLoginModule.initialize(subject, cbh, sharedState, Collections.<String, Object>emptyMap());
    assertFalse(guestLoginModule.login());
    assertFalse(sharedState.containsKey(AbstractLoginModule.SHARED_KEY_CREDENTIALS));
    assertFalse(guestLoginModule.commit());
    assertTrue(subject.getPrincipals().isEmpty());
    assertTrue(subject.getPublicCredentials().isEmpty());
    assertFalse(guestLoginModule.logout());
}
Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler) HashMap(java.util.HashMap) HashMap(java.util.HashMap) Map(java.util.Map) Subject(javax.security.auth.Subject) GuestCredentials(javax.jcr.GuestCredentials) Test(org.junit.Test)

Example 25 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project jackrabbit-oak by apache.

the class GuestLoginModuleTest method testThrowingCallbackhandler.

@Test
public void testThrowingCallbackhandler() throws LoginException {
    Subject subject = new Subject();
    CallbackHandler cbh = new ThrowingCallbackHandler(true);
    Map sharedState = new HashMap();
    guestLoginModule.initialize(subject, cbh, sharedState, Collections.<String, Object>emptyMap());
    assertFalse(guestLoginModule.login());
    assertFalse(sharedState.containsKey(AbstractLoginModule.SHARED_KEY_CREDENTIALS));
    assertFalse(guestLoginModule.commit());
    assertTrue(subject.getPublicCredentials(GuestCredentials.class).isEmpty());
    assertFalse(guestLoginModule.logout());
}
Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler) HashMap(java.util.HashMap) HashMap(java.util.HashMap) Map(java.util.Map) Subject(javax.security.auth.Subject) Test(org.junit.Test)

Aggregations

CallbackHandler (javax.security.auth.callback.CallbackHandler)89 IOException (java.io.IOException)38 Callback (javax.security.auth.callback.Callback)36 PasswordCallback (javax.security.auth.callback.PasswordCallback)30 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)27 HashMap (java.util.HashMap)25 Subject (javax.security.auth.Subject)24 NameCallback (javax.security.auth.callback.NameCallback)22 LoginContext (javax.security.auth.login.LoginContext)17 LoginException (javax.security.auth.login.LoginException)15 Test (org.junit.Test)15 Map (java.util.Map)10 URL (java.net.URL)8 RealmCallback (javax.security.sasl.RealmCallback)7 QName (javax.xml.namespace.QName)6 Service (javax.xml.ws.Service)6 WSS4JOutInterceptor (org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor)6 STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)5 ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)5 TokenValidatorResponse (org.apache.cxf.sts.token.validator.TokenValidatorResponse)5