Example 1 with NameCallback
use of javax.security.auth.callback.NameCallback in project jetty.project by eclipse.
the class AbstractLoginModule method configureCallbacks.
public Callback[] configureCallbacks() {
Callback[] callbacks = new Callback[3];
callbacks[0] = new NameCallback("Enter user name");
callbacks[1] = new ObjectCallback();
//only used if framework does not support the ObjectCallback
callbacks[2] = new PasswordCallback("Enter password", false);
return callbacks;
}
Also used :
PasswordCallback(javax.security.auth.callback.PasswordCallback)
ObjectCallback(org.eclipse.jetty.jaas.callback.ObjectCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
ObjectCallback(org.eclipse.jetty.jaas.callback.ObjectCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Example 2 with NameCallback
use of javax.security.auth.callback.NameCallback in project jetty.project by eclipse.
the class LdapLoginModule method login.
/**
* since ldap uses a context bind for valid authentication checking, we override login()
* <p>
* if credentials are not available from the users context or if we are forcing the binding check
* then we try a binding authentication check, otherwise if we have the users encoded password then
* we can try authentication via that mechanic
*
* @return true if authenticated, false otherwise
* @throws LoginException if unable to login
*/
public boolean login() throws LoginException {
try {
if (getCallbackHandler() == null) {
throw new LoginException("No callback handler");
}
Callback[] callbacks = configureCallbacks();
getCallbackHandler().handle(callbacks);
String webUserName = ((NameCallback) callbacks[0]).getName();
Object webCredential = ((ObjectCallback) callbacks[1]).getObject();
if (webUserName == null || webCredential == null) {
setAuthenticated(false);
return isAuthenticated();
}
boolean authed = false;
if (_forceBindingLogin) {
authed = bindingLogin(webUserName, webCredential);
} else {
// This sets read and the credential
UserInfo userInfo = getUserInfo(webUserName);
if (userInfo == null) {
setAuthenticated(false);
return false;
}
setCurrentUser(new JAASUserInfo(userInfo));
if (webCredential instanceof String)
authed = credentialLogin(Credential.getCredential((String) webCredential));
else
authed = credentialLogin(webCredential);
}
//only fetch roles if authenticated
if (authed)
getCurrentUser().fetchRoles();
return authed;
} catch (UnsupportedCallbackException e) {
throw new LoginException("Error obtaining callback information.");
} catch (IOException e) {
if (_debug) {
e.printStackTrace();
}
throw new LoginException("IO Error performing login.");
} catch (Exception e) {
if (_debug) {
e.printStackTrace();
}
throw new LoginException("Error obtaining user info.");
}
}
Also used :
ObjectCallback(org.eclipse.jetty.jaas.callback.ObjectCallback)
IOException(java.io.IOException)
LoginException(javax.security.auth.login.LoginException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
NamingException(javax.naming.NamingException)
IOException(java.io.IOException)
ObjectCallback(org.eclipse.jetty.jaas.callback.ObjectCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
LoginException(javax.security.auth.login.LoginException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Example 3 with NameCallback
use of javax.security.auth.callback.NameCallback in project OpenAM by OpenRock.
the class SystemAppTokenProvider method addLoginCallbackMessage.
/**
* Adds callback message
*
* @param callbacks array of callbacks
* @param appUserName application user name
* @param appPassword for application user
*/
private void addLoginCallbackMessage(Callback[] callbacks, String appUserName, String appPassword) throws UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof NameCallback) {
NameCallback nameCallback = (NameCallback) callbacks[i];
nameCallback.setName(appUserName);
} else if (callbacks[i] instanceof PasswordCallback) {
PasswordCallback pwdCallback = (PasswordCallback) callbacks[i];
pwdCallback.setPassword(appPassword.toCharArray());
}
}
}
Also used :
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Example 4 with NameCallback
use of javax.security.auth.callback.NameCallback in project OpenAM by OpenRock.
the class FilesRepo method authenticate.
public boolean authenticate(Callback[] credentials) throws IdRepoException, AuthLoginException {
debug.message("FilesRepo:authenticate called");
if (initializationException != null) {
debug.error("FilesRepo: throwing initialization exception");
throw (initializationException);
}
// Obtain user name and password from credentials and authenticate
String username = null;
String password = null;
for (int i = 0; i < credentials.length; i++) {
if (credentials[i] instanceof NameCallback) {
username = ((NameCallback) credentials[i]).getName();
if (debug.messageEnabled()) {
debug.message("FilesRepo:authenticate username: " + username);
}
} else if (credentials[i] instanceof PasswordCallback) {
char[] passwd = ((PasswordCallback) credentials[i]).getPassword();
if (passwd != null) {
password = new String(passwd);
debug.message("FilesRepo:authN passwd present");
}
}
}
if (username == null || password == null) {
return (false);
}
// Get user's password attribute
Map attrs = searchForAuthN(IdType.USER, username);
if (attrs == null) {
// Try agent
attrs = searchForAuthN(IdType.AGENT, username);
}
if ((attrs == null) || attrs.isEmpty() || !attrs.containsKey(passwordAttribute)) {
// Could not find user or agent, return false
debug.message("FilesRepo:authenticate did not found user/agent");
return (false);
}
Set storedPasswords = (Set) attrs.get(passwordAttribute);
if (storedPasswords == null || storedPasswords.isEmpty()) {
if (debug.messageEnabled()) {
debug.message("FilesRepo:authenticate no stored password");
}
return (false);
}
String storedPassword = (String) storedPasswords.iterator().next();
if (hashAttributes.contains(passwordAttribute)) {
password = Hash.hash(password);
}
if (debug.messageEnabled()) {
debug.message("FilesRepo:authenticate AuthN of " + username + "=" + password.equals(storedPassword));
}
return (password.equals(storedPassword));
}
Also used :
NameCallback(javax.security.auth.callback.NameCallback)
CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet)
HashSet(java.util.HashSet)
Set(java.util.Set)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
HashMap(java.util.HashMap)
CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap)
Map(java.util.Map)
Example 5 with NameCallback
use of javax.security.auth.callback.NameCallback in project OpenAM by OpenRock.
the class LoginViewBean method processLoginDisplay.
protected void processLoginDisplay() throws Exception {
loginDebug.message("In processLoginDisplay()");
String tmp = "";
try {
if (!onePageLogin) {
if (AuthUtils.isNewRequest(ac)) {
loginDebug.message("In processLoginDisplay() : Session New ");
getLoginDisplay();
return;
}
}
String page_state = request.getParameter("page_state");
if (loginDebug.messageEnabled()) {
loginDebug.message("Submit with Page State : " + page_state);
}
if ((page_state != null) && (page_state.length() != 0)) {
callbacks = AuthUtils.getCallbacksPerState(ac, page_state);
if (callbacks == null) {
errorCode = AMAuthErrorCode.AUTH_TIMEOUT;
ErrorMessage = AuthUtils.getErrorVal(AMAuthErrorCode.AUTH_TIMEOUT, AuthUtils.ERROR_MESSAGE);
errorTemplate = AuthUtils.getErrorVal(AMAuthErrorCode.AUTH_TIMEOUT, AuthUtils.ERROR_TEMPLATE);
return;
}
//Get Callbacks in order to set the page state
Callback[] callbacksForPageState = AuthUtils.getRecdCallback(ac);
for (int i = 0; i < callbacksForPageState.length; i++) {
if (loginDebug.messageEnabled()) {
loginDebug.message("In processLoginDisplay() callbacksForPageState : " + callbacksForPageState[i]);
}
if (callbacksForPageState[i] instanceof PagePropertiesCallback) {
PagePropertiesCallback ppc = (PagePropertiesCallback) callbacksForPageState[i];
if (loginDebug.messageEnabled()) {
loginDebug.message("setPageState in PPC to : " + page_state);
}
ppc.setPageState(page_state);
break;
}
}
} else {
callbacks = AuthUtils.getRecdCallback(ac);
}
indexType = AuthUtils.getIndexType(ac);
// Assign user specified values
for (int i = 0; i < callbacks.length; i++) {
if (loginDebug.messageEnabled()) {
loginDebug.message("In processLoginDisplay() callback : " + callbacks[i]);
}
if (callbacks[i] instanceof NameCallback) {
NameCallback nc = (NameCallback) callbacks[i];
tmp = (String) reqDataHash.get(TOKEN + Integer.toString(i));
if (tmp == null) {
tmp = (String) reqDataHash.get(TOKEN_OLD + Integer.toString(i));
}
if ((bAuthLevel) || (tmp == null)) {
tmp = "";
}
nc.setName(tmp.trim());
} else if (callbacks[i] instanceof PasswordCallback) {
PasswordCallback pc = (PasswordCallback) callbacks[i];
tmp = (String) reqDataHash.get(TOKEN + Integer.toString(i));
if (tmp == null) {
tmp = (String) reqDataHash.get(TOKEN_OLD + Integer.toString(i));
}
if (tmp == null) {
tmp = "";
}
pc.setPassword(tmp.toCharArray());
} else if (callbacks[i] instanceof ChoiceCallback) {
ChoiceCallback cc = (ChoiceCallback) callbacks[i];
choice = (String) reqDataHash.get(TOKEN + Integer.toString(i));
if (choice == null) {
choice = (String) reqDataHash.get(TOKEN_OLD + Integer.toString(i));
}
if (loginDebug.messageEnabled()) {
loginDebug.message("choice : " + choice);
}
String[] choices = cc.getChoices();
if (choice == null) {
if (loginDebug.messageEnabled()) {
loginDebug.message("No selected choice.");
}
} else if (choice.indexOf("|") != -1) {
StringTokenizer st = new StringTokenizer(choice, "|");
int cnt = st.countTokens();
int[] selectIndexs = new int[cnt];
int j = 0;
if (loginDebug.messageEnabled()) {
loginDebug.message("No of tokens : " + Integer.toString(cnt));
}
while (st.hasMoreTokens()) {
choice = st.nextToken();
if (choice != null && choice.length() != 0) {
int selected = Integer.parseInt(choice);
choice = choices[selected];
selectIndexs[j++] = selected;
if (loginDebug.messageEnabled()) {
loginDebug.message("selected choice : " + choice + " & selected index : " + selected);
}
}
}
cc.setSelectedIndexes(selectIndexs);
if (loginDebug.messageEnabled()) {
loginDebug.message("Selected indexes : " + selectIndexs);
}
} else {
int selected = Integer.parseInt(choice);
cc.setSelectedIndex(selected);
choice = choices[selected];
if (loginDebug.messageEnabled()) {
loginDebug.message("selected ONE choice : " + choice + " & selected ONE index : " + selected);
}
}
} else if (callbacks[i] instanceof ConfirmationCallback) {
ConfirmationCallback conc = (ConfirmationCallback) callbacks[i];
buttonOptions = conc.getOptions();
tmp = (String) reqDataHash.get(BUTTON);
if (tmp == null) {
tmp = (String) reqDataHash.get(BUTTON_OLD);
}
if (tmp == null) {
tmp = "";
}
int selectedIndex = 0;
for (int j = 0; j < buttonOptions.length; j++) {
if ((buttonOptions[j].trim()).equals(tmp.trim())) {
selectedIndex = j;
}
}
conc.setSelectedIndex(selectedIndex);
if (loginDebug.messageEnabled()) {
loginDebug.message("selected button : " + buttonOptions[selectedIndex] + " & selected button index : " + selectedIndex);
}
} else if (callbacks[i] instanceof RedirectCallback) {
RedirectCallback rc = (RedirectCallback) callbacks[i];
String status = request.getParameter(rc.getStatusParameter());
clearCookie(rc.getRedirectBackUrlCookieName());
loginDebug.message("Redirect callback : set status");
rc.setStatus(status);
}
}
// testing
if (loginDebug.messageEnabled()) {
loginDebug.message(" length 0f callbacks : " + callbacks.length);
loginDebug.message(" Index type : " + indexType + " Index name : " + indexName);
}
if ((indexType == AuthContext.IndexType.LEVEL) || (indexType == AuthContext.IndexType.COMPOSITE_ADVICE)) {
if (loginDebug.messageEnabled()) {
loginDebug.message("In processLoginDisplay(), Index type" + " is Auth Level or Composite Advice and selected Module " + "or Service is : " + choice);
}
indexName = AMAuthUtils.getDataFromRealmQualifiedData(choice);
String qualifiedRealm = AMAuthUtils.getRealmFromRealmQualifiedData(choice);
String orgDN = null;
if ((qualifiedRealm != null) && (qualifiedRealm.length() != 0)) {
orgDN = DNMapper.orgNameToDN(qualifiedRealm);
ac.setOrgDN(orgDN);
}
int type = AuthUtils.getCompositeAdviceType(ac);
if (type == AuthUtils.MODULE) {
indexType = AuthContext.IndexType.MODULE_INSTANCE;
} else if (type == AuthUtils.SERVICE) {
indexType = AuthContext.IndexType.SERVICE;
} else if (type == AuthUtils.REALM) {
indexType = AuthContext.IndexType.SERVICE;
orgDN = DNMapper.orgNameToDN(choice);
indexName = AuthUtils.getOrgConfiguredAuthenticationChain(orgDN);
ac.setOrgDN(orgDN);
} else {
indexType = AuthContext.IndexType.MODULE_INSTANCE;
}
bAuthLevel = true;
if ((indexName != null) && (indexType == AuthContext.IndexType.MODULE_INSTANCE)) {
if (indexName.equalsIgnoreCase("Application")) {
onePageLogin = true;
}
}
if (loginDebug.messageEnabled()) {
loginDebug.message("Index type : " + indexType);
loginDebug.message("Index name : " + indexName);
loginDebug.message("qualified orgDN : " + orgDN);
}
getLoginDisplay();
} else {
// Submit the information to auth module
ac.submitRequirements(callbacks);
// Check if more information is required
if (loginDebug.messageEnabled()) {
loginDebug.message("before hasMoreRequirements: Status is: " + ac.getStatus());
}
if (ac.hasMoreRequirements()) {
loginDebug.message("Has more requirements after Submit ");
callbacks = ac.getRequirements();
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof HttpCallback) {
processHttpCallback((HttpCallback) callbacks[i]);
return;
} else if (callbacks[i] instanceof RedirectCallback) {
processRedirectCallback((RedirectCallback) callbacks[i]);
return;
}
}
addLoginCallbackMessage(callbacks);
if (!LoginFail) {
//if the login already failed, then LoginState is already
//nullified, hence any attempt of calling this method
//the errormessage/code/template should be already set
//so a proper error page is shown.
AuthUtils.setCallbacksPerState(ac, pageState, callbacks);
}
} else {
if (loginDebug.messageEnabled()) {
loginDebug.message("No more Requirements : Status is : " + ac.getStatus());
}
if (ac.getStatus() == AuthContext.Status.SUCCESS) {
LoginSuccess = true;
ResultVal = rb.getString("authentication.successful");
/*
* redirect to 'goto' parameter or SPI hook or default
* redirect URL.
*/
redirect_url = AuthUtils.getLoginSuccessURL(ac);
if ((redirect_url != null) && (redirect_url.length() != 0)) {
if (loginDebug.messageEnabled()) {
loginDebug.message("LoginSuccessURL (in case of " + " successful auth) : " + redirect_url);
}
}
} else if (ac.getStatus() == AuthContext.Status.FAILED) {
handleAuthLoginException(null);
/*
* redirect to 'goto' parameter or SPI hook or default
* redirect URL.
*/
redirect_url = AuthUtils.getLoginFailedURL(ac);
if ((redirect_url != null) && (redirect_url.length() != 0)) {
if (loginDebug.messageEnabled()) {
loginDebug.message("LoginFailedURL : " + redirect_url);
}
}
} else {
/*
* redirect to 'goto' parameter or SPI hook or default
* redirect URL.
*/
redirect_url = AuthUtils.getLoginFailedURL(ac);
if (loginDebug.warningEnabled()) {
loginDebug.warning("Login Status is " + ac.getStatus() + " - redirect to loginFailedURL : " + redirect_url);
}
setErrorMessage(null);
}
}
}
} catch (Exception e) {
if (loginDebug.messageEnabled()) {
loginDebug.message("Error in processing LoginDisplay : ", e);
}
setErrorMessage(e);
throw new L10NMessageImpl(bundleName, "loginDisplay.process", new Object[] { e.getMessage() });
}
}
Also used :
RedirectCallback(com.sun.identity.authentication.spi.RedirectCallback)
ConfirmationCallback(javax.security.auth.callback.ConfirmationCallback)
PagePropertiesCallback(com.sun.identity.authentication.spi.PagePropertiesCallback)
L10NMessageImpl(com.sun.identity.shared.locale.L10NMessageImpl)
HttpCallback(com.sun.identity.authentication.spi.HttpCallback)
ModelControlException(com.iplanet.jato.model.ModelControlException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
IOException(java.io.IOException)
ChoiceCallback(javax.security.auth.callback.ChoiceCallback)
StringTokenizer(java.util.StringTokenizer)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Callback(javax.security.auth.callback.Callback)
PagePropertiesCallback(com.sun.identity.authentication.spi.PagePropertiesCallback)
HttpCallback(com.sun.identity.authentication.spi.HttpCallback)
RedirectCallback(com.sun.identity.authentication.spi.RedirectCallback)
ChoiceCallback(javax.security.auth.callback.ChoiceCallback)
NameCallback(javax.security.auth.callback.NameCallback)
ConfirmationCallback(javax.security.auth.callback.ConfirmationCallback)
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Aggregations
NameCallback (javax.security.auth.callback.NameCallback)284
PasswordCallback (javax.security.auth.callback.PasswordCallback)236
Callback (javax.security.auth.callback.Callback)194
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)159
IOException (java.io.IOException)96
LoginException (javax.security.auth.login.LoginException)77
CallbackHandler (javax.security.auth.callback.CallbackHandler)46
LoginContext (javax.security.auth.login.LoginContext)37
RealmCallback (javax.security.sasl.RealmCallback)36
FailedLoginException (javax.security.auth.login.FailedLoginException)34
Subject (javax.security.auth.Subject)31
AuthorizeCallback (javax.security.sasl.AuthorizeCallback)27
Test (org.junit.Test)24
ConfirmationCallback (javax.security.auth.callback.ConfirmationCallback)23
ChoiceCallback (javax.security.auth.callback.ChoiceCallback)22
Principal (java.security.Principal)19
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)17
HashMap (java.util.HashMap)17
SaslException (javax.security.sasl.SaslException)17
Test (org.testng.annotations.Test)15
