Example 1 with PasswordCallback
use of javax.security.auth.callback.PasswordCallback in project jetty.project by eclipse.
the class AbstractLoginModule method configureCallbacks.
public Callback[] configureCallbacks() {
Callback[] callbacks = new Callback[3];
callbacks[0] = new NameCallback("Enter user name");
callbacks[1] = new ObjectCallback();
//only used if framework does not support the ObjectCallback
callbacks[2] = new PasswordCallback("Enter password", false);
return callbacks;
}
Also used :
PasswordCallback(javax.security.auth.callback.PasswordCallback)
ObjectCallback(org.eclipse.jetty.jaas.callback.ObjectCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
ObjectCallback(org.eclipse.jetty.jaas.callback.ObjectCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Example 2 with PasswordCallback
use of javax.security.auth.callback.PasswordCallback in project OpenAM by OpenRock.
the class SystemAppTokenProvider method addLoginCallbackMessage.
/**
* Adds callback message
*
* @param callbacks array of callbacks
* @param appUserName application user name
* @param appPassword for application user
*/
private void addLoginCallbackMessage(Callback[] callbacks, String appUserName, String appPassword) throws UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof NameCallback) {
NameCallback nameCallback = (NameCallback) callbacks[i];
nameCallback.setName(appUserName);
} else if (callbacks[i] instanceof PasswordCallback) {
PasswordCallback pwdCallback = (PasswordCallback) callbacks[i];
pwdCallback.setPassword(appPassword.toCharArray());
}
}
}
Also used :
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Example 3 with PasswordCallback
use of javax.security.auth.callback.PasswordCallback in project OpenAM by OpenRock.
the class FilesRepo method authenticate.
public boolean authenticate(Callback[] credentials) throws IdRepoException, AuthLoginException {
debug.message("FilesRepo:authenticate called");
if (initializationException != null) {
debug.error("FilesRepo: throwing initialization exception");
throw (initializationException);
}
// Obtain user name and password from credentials and authenticate
String username = null;
String password = null;
for (int i = 0; i < credentials.length; i++) {
if (credentials[i] instanceof NameCallback) {
username = ((NameCallback) credentials[i]).getName();
if (debug.messageEnabled()) {
debug.message("FilesRepo:authenticate username: " + username);
}
} else if (credentials[i] instanceof PasswordCallback) {
char[] passwd = ((PasswordCallback) credentials[i]).getPassword();
if (passwd != null) {
password = new String(passwd);
debug.message("FilesRepo:authN passwd present");
}
}
}
if (username == null || password == null) {
return (false);
}
// Get user's password attribute
Map attrs = searchForAuthN(IdType.USER, username);
if (attrs == null) {
// Try agent
attrs = searchForAuthN(IdType.AGENT, username);
}
if ((attrs == null) || attrs.isEmpty() || !attrs.containsKey(passwordAttribute)) {
// Could not find user or agent, return false
debug.message("FilesRepo:authenticate did not found user/agent");
return (false);
}
Set storedPasswords = (Set) attrs.get(passwordAttribute);
if (storedPasswords == null || storedPasswords.isEmpty()) {
if (debug.messageEnabled()) {
debug.message("FilesRepo:authenticate no stored password");
}
return (false);
}
String storedPassword = (String) storedPasswords.iterator().next();
if (hashAttributes.contains(passwordAttribute)) {
password = Hash.hash(password);
}
if (debug.messageEnabled()) {
debug.message("FilesRepo:authenticate AuthN of " + username + "=" + password.equals(storedPassword));
}
return (password.equals(storedPassword));
}
Also used :
NameCallback(javax.security.auth.callback.NameCallback)
CaseInsensitiveHashSet(com.sun.identity.common.CaseInsensitiveHashSet)
HashSet(java.util.HashSet)
Set(java.util.Set)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
HashMap(java.util.HashMap)
CaseInsensitiveHashMap(com.sun.identity.common.CaseInsensitiveHashMap)
Map(java.util.Map)
Example 4 with PasswordCallback
use of javax.security.auth.callback.PasswordCallback in project OpenAM by OpenRock.
the class LoginViewBean method processLoginDisplay.
protected void processLoginDisplay() throws Exception {
loginDebug.message("In processLoginDisplay()");
String tmp = "";
try {
if (!onePageLogin) {
if (AuthUtils.isNewRequest(ac)) {
loginDebug.message("In processLoginDisplay() : Session New ");
getLoginDisplay();
return;
}
}
String page_state = request.getParameter("page_state");
if (loginDebug.messageEnabled()) {
loginDebug.message("Submit with Page State : " + page_state);
}
if ((page_state != null) && (page_state.length() != 0)) {
callbacks = AuthUtils.getCallbacksPerState(ac, page_state);
if (callbacks == null) {
errorCode = AMAuthErrorCode.AUTH_TIMEOUT;
ErrorMessage = AuthUtils.getErrorVal(AMAuthErrorCode.AUTH_TIMEOUT, AuthUtils.ERROR_MESSAGE);
errorTemplate = AuthUtils.getErrorVal(AMAuthErrorCode.AUTH_TIMEOUT, AuthUtils.ERROR_TEMPLATE);
return;
}
//Get Callbacks in order to set the page state
Callback[] callbacksForPageState = AuthUtils.getRecdCallback(ac);
for (int i = 0; i < callbacksForPageState.length; i++) {
if (loginDebug.messageEnabled()) {
loginDebug.message("In processLoginDisplay() callbacksForPageState : " + callbacksForPageState[i]);
}
if (callbacksForPageState[i] instanceof PagePropertiesCallback) {
PagePropertiesCallback ppc = (PagePropertiesCallback) callbacksForPageState[i];
if (loginDebug.messageEnabled()) {
loginDebug.message("setPageState in PPC to : " + page_state);
}
ppc.setPageState(page_state);
break;
}
}
} else {
callbacks = AuthUtils.getRecdCallback(ac);
}
indexType = AuthUtils.getIndexType(ac);
// Assign user specified values
for (int i = 0; i < callbacks.length; i++) {
if (loginDebug.messageEnabled()) {
loginDebug.message("In processLoginDisplay() callback : " + callbacks[i]);
}
if (callbacks[i] instanceof NameCallback) {
NameCallback nc = (NameCallback) callbacks[i];
tmp = (String) reqDataHash.get(TOKEN + Integer.toString(i));
if (tmp == null) {
tmp = (String) reqDataHash.get(TOKEN_OLD + Integer.toString(i));
}
if ((bAuthLevel) || (tmp == null)) {
tmp = "";
}
nc.setName(tmp.trim());
} else if (callbacks[i] instanceof PasswordCallback) {
PasswordCallback pc = (PasswordCallback) callbacks[i];
tmp = (String) reqDataHash.get(TOKEN + Integer.toString(i));
if (tmp == null) {
tmp = (String) reqDataHash.get(TOKEN_OLD + Integer.toString(i));
}
if (tmp == null) {
tmp = "";
}
pc.setPassword(tmp.toCharArray());
} else if (callbacks[i] instanceof ChoiceCallback) {
ChoiceCallback cc = (ChoiceCallback) callbacks[i];
choice = (String) reqDataHash.get(TOKEN + Integer.toString(i));
if (choice == null) {
choice = (String) reqDataHash.get(TOKEN_OLD + Integer.toString(i));
}
if (loginDebug.messageEnabled()) {
loginDebug.message("choice : " + choice);
}
String[] choices = cc.getChoices();
if (choice == null) {
if (loginDebug.messageEnabled()) {
loginDebug.message("No selected choice.");
}
} else if (choice.indexOf("|") != -1) {
StringTokenizer st = new StringTokenizer(choice, "|");
int cnt = st.countTokens();
int[] selectIndexs = new int[cnt];
int j = 0;
if (loginDebug.messageEnabled()) {
loginDebug.message("No of tokens : " + Integer.toString(cnt));
}
while (st.hasMoreTokens()) {
choice = st.nextToken();
if (choice != null && choice.length() != 0) {
int selected = Integer.parseInt(choice);
choice = choices[selected];
selectIndexs[j++] = selected;
if (loginDebug.messageEnabled()) {
loginDebug.message("selected choice : " + choice + " & selected index : " + selected);
}
}
}
cc.setSelectedIndexes(selectIndexs);
if (loginDebug.messageEnabled()) {
loginDebug.message("Selected indexes : " + selectIndexs);
}
} else {
int selected = Integer.parseInt(choice);
cc.setSelectedIndex(selected);
choice = choices[selected];
if (loginDebug.messageEnabled()) {
loginDebug.message("selected ONE choice : " + choice + " & selected ONE index : " + selected);
}
}
} else if (callbacks[i] instanceof ConfirmationCallback) {
ConfirmationCallback conc = (ConfirmationCallback) callbacks[i];
buttonOptions = conc.getOptions();
tmp = (String) reqDataHash.get(BUTTON);
if (tmp == null) {
tmp = (String) reqDataHash.get(BUTTON_OLD);
}
if (tmp == null) {
tmp = "";
}
int selectedIndex = 0;
for (int j = 0; j < buttonOptions.length; j++) {
if ((buttonOptions[j].trim()).equals(tmp.trim())) {
selectedIndex = j;
}
}
conc.setSelectedIndex(selectedIndex);
if (loginDebug.messageEnabled()) {
loginDebug.message("selected button : " + buttonOptions[selectedIndex] + " & selected button index : " + selectedIndex);
}
} else if (callbacks[i] instanceof RedirectCallback) {
RedirectCallback rc = (RedirectCallback) callbacks[i];
String status = request.getParameter(rc.getStatusParameter());
clearCookie(rc.getRedirectBackUrlCookieName());
loginDebug.message("Redirect callback : set status");
rc.setStatus(status);
}
}
// testing
if (loginDebug.messageEnabled()) {
loginDebug.message(" length 0f callbacks : " + callbacks.length);
loginDebug.message(" Index type : " + indexType + " Index name : " + indexName);
}
if ((indexType == AuthContext.IndexType.LEVEL) || (indexType == AuthContext.IndexType.COMPOSITE_ADVICE)) {
if (loginDebug.messageEnabled()) {
loginDebug.message("In processLoginDisplay(), Index type" + " is Auth Level or Composite Advice and selected Module " + "or Service is : " + choice);
}
indexName = AMAuthUtils.getDataFromRealmQualifiedData(choice);
String qualifiedRealm = AMAuthUtils.getRealmFromRealmQualifiedData(choice);
String orgDN = null;
if ((qualifiedRealm != null) && (qualifiedRealm.length() != 0)) {
orgDN = DNMapper.orgNameToDN(qualifiedRealm);
ac.setOrgDN(orgDN);
}
int type = AuthUtils.getCompositeAdviceType(ac);
if (type == AuthUtils.MODULE) {
indexType = AuthContext.IndexType.MODULE_INSTANCE;
} else if (type == AuthUtils.SERVICE) {
indexType = AuthContext.IndexType.SERVICE;
} else if (type == AuthUtils.REALM) {
indexType = AuthContext.IndexType.SERVICE;
orgDN = DNMapper.orgNameToDN(choice);
indexName = AuthUtils.getOrgConfiguredAuthenticationChain(orgDN);
ac.setOrgDN(orgDN);
} else {
indexType = AuthContext.IndexType.MODULE_INSTANCE;
}
bAuthLevel = true;
if ((indexName != null) && (indexType == AuthContext.IndexType.MODULE_INSTANCE)) {
if (indexName.equalsIgnoreCase("Application")) {
onePageLogin = true;
}
}
if (loginDebug.messageEnabled()) {
loginDebug.message("Index type : " + indexType);
loginDebug.message("Index name : " + indexName);
loginDebug.message("qualified orgDN : " + orgDN);
}
getLoginDisplay();
} else {
// Submit the information to auth module
ac.submitRequirements(callbacks);
// Check if more information is required
if (loginDebug.messageEnabled()) {
loginDebug.message("before hasMoreRequirements: Status is: " + ac.getStatus());
}
if (ac.hasMoreRequirements()) {
loginDebug.message("Has more requirements after Submit ");
callbacks = ac.getRequirements();
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof HttpCallback) {
processHttpCallback((HttpCallback) callbacks[i]);
return;
} else if (callbacks[i] instanceof RedirectCallback) {
processRedirectCallback((RedirectCallback) callbacks[i]);
return;
}
}
addLoginCallbackMessage(callbacks);
if (!LoginFail) {
//if the login already failed, then LoginState is already
//nullified, hence any attempt of calling this method
//the errormessage/code/template should be already set
//so a proper error page is shown.
AuthUtils.setCallbacksPerState(ac, pageState, callbacks);
}
} else {
if (loginDebug.messageEnabled()) {
loginDebug.message("No more Requirements : Status is : " + ac.getStatus());
}
if (ac.getStatus() == AuthContext.Status.SUCCESS) {
LoginSuccess = true;
ResultVal = rb.getString("authentication.successful");
/*
* redirect to 'goto' parameter or SPI hook or default
* redirect URL.
*/
redirect_url = AuthUtils.getLoginSuccessURL(ac);
if ((redirect_url != null) && (redirect_url.length() != 0)) {
if (loginDebug.messageEnabled()) {
loginDebug.message("LoginSuccessURL (in case of " + " successful auth) : " + redirect_url);
}
}
} else if (ac.getStatus() == AuthContext.Status.FAILED) {
handleAuthLoginException(null);
/*
* redirect to 'goto' parameter or SPI hook or default
* redirect URL.
*/
redirect_url = AuthUtils.getLoginFailedURL(ac);
if ((redirect_url != null) && (redirect_url.length() != 0)) {
if (loginDebug.messageEnabled()) {
loginDebug.message("LoginFailedURL : " + redirect_url);
}
}
} else {
/*
* redirect to 'goto' parameter or SPI hook or default
* redirect URL.
*/
redirect_url = AuthUtils.getLoginFailedURL(ac);
if (loginDebug.warningEnabled()) {
loginDebug.warning("Login Status is " + ac.getStatus() + " - redirect to loginFailedURL : " + redirect_url);
}
setErrorMessage(null);
}
}
}
} catch (Exception e) {
if (loginDebug.messageEnabled()) {
loginDebug.message("Error in processing LoginDisplay : ", e);
}
setErrorMessage(e);
throw new L10NMessageImpl(bundleName, "loginDisplay.process", new Object[] { e.getMessage() });
}
}
Also used :
RedirectCallback(com.sun.identity.authentication.spi.RedirectCallback)
ConfirmationCallback(javax.security.auth.callback.ConfirmationCallback)
PagePropertiesCallback(com.sun.identity.authentication.spi.PagePropertiesCallback)
L10NMessageImpl(com.sun.identity.shared.locale.L10NMessageImpl)
HttpCallback(com.sun.identity.authentication.spi.HttpCallback)
ModelControlException(com.iplanet.jato.model.ModelControlException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
IOException(java.io.IOException)
ChoiceCallback(javax.security.auth.callback.ChoiceCallback)
StringTokenizer(java.util.StringTokenizer)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Callback(javax.security.auth.callback.Callback)
PagePropertiesCallback(com.sun.identity.authentication.spi.PagePropertiesCallback)
HttpCallback(com.sun.identity.authentication.spi.HttpCallback)
RedirectCallback(com.sun.identity.authentication.spi.RedirectCallback)
ChoiceCallback(javax.security.auth.callback.ChoiceCallback)
NameCallback(javax.security.auth.callback.NameCallback)
ConfirmationCallback(javax.security.auth.callback.ConfirmationCallback)
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Example 5 with PasswordCallback
use of javax.security.auth.callback.PasswordCallback in project OpenAM by OpenRock.
the class LoginViewBean method getLoginDisplay.
protected void getLoginDisplay() throws Exception {
loginDebug.message("In getLoginDisplay()");
if (!bAuthLevel) {
prepareLoginParams();
}
if (loginDebug.messageEnabled()) {
loginDebug.message("Login Parameters : IndexType = " + indexType + " IndexName = " + indexName);
}
try {
if (indexType != null) {
if (indexType.equals(AuthContext.IndexType.RESOURCE)) {
ac.login(indexType, indexName, envMap, null);
} else {
ac.login(indexType, indexName);
}
} else {
ac.login();
}
} catch (AuthLoginException le) {
loginDebug.message("AuthContext()::login error ", le);
if ((ac.getStatus() == AuthContext.Status.RESET) || (ac.getStatus() == AuthContext.Status.ORG_MISMATCH)) {
loginDebug.message("getLoginDisplay(): Destroying current session!");
InternalSession oldSession = AuthUtils.getOldSession(ac);
if (AuthUtils.isSessionUpgrade(ac)) {
clearCookieAndDestroySession(ac);
loginDebug.message("getLoginDisplay(): Session upgrade - " + " Restoring original Session!");
if (oldSession != null) {
ac.getLoginState().setSession(oldSession);
String redirect_url = AuthUtils.getSuccessURL(request, ac);
if (loginDebug.messageEnabled()) {
loginDebug.message("Session Upgrade - redirect_url : " + redirect_url);
}
response.sendRedirect(redirect_url);
}
forward = false;
} else {
clearCookieAndDestroySession(ac);
if (oldSession != null) {
loginDebug.message("Destroy existing/old valid session");
AuthD authD = AuthD.getAuth();
authD.destroySession(oldSession.getID());
}
ac = null;
handleAuthLoginException(le);
}
} else {
handleAuthLoginException(le);
}
return;
}
try {
// Get the information requested by the respective auth module
if (ac.hasMoreRequirements()) {
loginDebug.message("In getLoginDisplay, has More Requirements");
callbacks = ac.getRequirements();
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof HttpCallback) {
processHttpCallback((HttpCallback) callbacks[i]);
return;
} else if (callbacks[i] instanceof RedirectCallback) {
processRedirectCallback((RedirectCallback) callbacks[i]);
return;
} else if (!bAuthLevel && !newOrgExist) {
// Auth Level login will never do one page login.
if (callbacks[i] instanceof NameCallback) {
if (reqDataHash.get(TOKEN + Integer.toString(i)) != null) {
onePageLogin = true;
break;
} else if (reqDataHash.get(TOKEN_OLD + Integer.toString(i)) != null) {
onePageLogin = true;
break;
}
} else if (callbacks[i] instanceof PasswordCallback) {
if (reqDataHash.get(TOKEN + Integer.toString(i)) != null) {
onePageLogin = true;
break;
} else if (reqDataHash.get(TOKEN_OLD + Integer.toString(i)) != null) {
onePageLogin = true;
break;
}
} else if (callbacks[i] instanceof ChoiceCallback) {
if (reqDataHash.get(TOKEN + Integer.toString(i)) != null) {
onePageLogin = true;
break;
} else if (reqDataHash.get(TOKEN_OLD + Integer.toString(i)) != null) {
onePageLogin = true;
break;
}
} else if (callbacks[i] instanceof ConfirmationCallback) {
if (reqDataHash.get(BUTTON) != null) {
onePageLogin = true;
break;
} else if (reqDataHash.get(BUTTON_OLD) != null) {
onePageLogin = true;
break;
}
}
}
}
if (onePageLogin && AuthUtils.isZeroPageLoginAllowed(ac.getLoginState().getZeroPageLoginConfig(), request)) {
// user input login info in URL
loginDebug.message("User input login information in URL!");
processLoginDisplay();
} else {
addLoginCallbackMessage(callbacks);
if (!LoginFail) {
//if the login already failed, then LoginState is already
//nullified, hence any attempt of calling this method
//the errormessage/code/template should be already set
//so a proper error page is shown.
AuthUtils.setCallbacksPerState(ac, pageState, callbacks);
}
}
} else {
if (loginDebug.messageEnabled()) {
loginDebug.message("No more Requirements in getLoginDisplay");
loginDebug.message("Status is : " + ac.getStatus());
}
if (ac.getStatus() == AuthContext.Status.SUCCESS) {
LoginSuccess = true;
ResultVal = rb.getString("authentication.successful");
/*
* redirect to 'goto' parameter or SPI hook or default
* redirect URL.
*/
redirect_url = AuthUtils.getLoginSuccessURL(ac);
if ((redirect_url != null) && (redirect_url.length() != 0)) {
if (loginDebug.messageEnabled()) {
loginDebug.message("LoginSuccessURL in getLoginDisplay " + "(in case of successful auth) : " + redirect_url);
}
}
} else if (ac.getStatus() == AuthContext.Status.FAILED) {
handleAuthLoginException(null);
/*
* redirect to 'goto' parameter or SPI hook or default
* redirect URL.
*/
redirect_url = AuthUtils.getLoginFailedURL(ac);
if ((redirect_url != null) && (redirect_url.length() != 0)) {
if (loginDebug.messageEnabled()) {
loginDebug.message("LoginFailedURL in getLoginDisplay : " + redirect_url);
}
}
} else {
/*
* redirect to 'goto' parameter or SPI hook or default
* redirect URL.
*/
redirect_url = AuthUtils.getLoginFailedURL(ac);
if (loginDebug.warningEnabled()) {
loginDebug.warning("Login Status is " + ac.getStatus() + " - redirect to loginFailedURL : " + redirect_url);
}
setErrorMessage(null);
}
}
} catch (Exception e) {
setErrorMessage(e);
throw new L10NMessageImpl(bundleName, "loginDisplay.get", new Object[] { e.getMessage() });
}
}
Also used :
RedirectCallback(com.sun.identity.authentication.spi.RedirectCallback)
ConfirmationCallback(javax.security.auth.callback.ConfirmationCallback)
L10NMessageImpl(com.sun.identity.shared.locale.L10NMessageImpl)
HttpCallback(com.sun.identity.authentication.spi.HttpCallback)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
ModelControlException(com.iplanet.jato.model.ModelControlException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
IOException(java.io.IOException)
ChoiceCallback(javax.security.auth.callback.ChoiceCallback)
NameCallback(javax.security.auth.callback.NameCallback)
InternalSession(com.iplanet.dpro.session.service.InternalSession)
AuthD(com.sun.identity.authentication.service.AuthD)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Aggregations
PasswordCallback (javax.security.auth.callback.PasswordCallback)312
NameCallback (javax.security.auth.callback.NameCallback)251
Callback (javax.security.auth.callback.Callback)203
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)163
IOException (java.io.IOException)101
LoginException (javax.security.auth.login.LoginException)71
CallbackHandler (javax.security.auth.callback.CallbackHandler)64
LoginContext (javax.security.auth.login.LoginContext)39
FailedLoginException (javax.security.auth.login.FailedLoginException)35
RealmCallback (javax.security.sasl.RealmCallback)35
Subject (javax.security.auth.Subject)31
Test (org.junit.Test)28
ConfirmationCallback (javax.security.auth.callback.ConfirmationCallback)26
AuthorizeCallback (javax.security.sasl.AuthorizeCallback)26
ChoiceCallback (javax.security.auth.callback.ChoiceCallback)24
Principal (java.security.Principal)21
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)18
TextOutputCallback (javax.security.auth.callback.TextOutputCallback)18
HashMap (java.util.HashMap)16
Test (org.testng.annotations.Test)15
