Examples with PasswordValidationCallback javax.security.auth.message.callback.PasswordValidationCallback used on opensource projects

Search in sources :

Example 1 with PasswordValidationCallback

use of javax.security.auth.message.callback.PasswordValidationCallback in project jetty.project by eclipse.

the class ServletCallbackHandler method handle.

public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        // jaspi to server communication
        if (callback instanceof CallerPrincipalCallback) {
            _callerPrincipals.set((CallerPrincipalCallback) callback);
        } else if (callback instanceof GroupPrincipalCallback) {
            _groupPrincipals.set((GroupPrincipalCallback) callback);
        } else if (callback instanceof PasswordValidationCallback) {
            PasswordValidationCallback passwordValidationCallback = (PasswordValidationCallback) callback;
            Subject subject = passwordValidationCallback.getSubject();
            UserIdentity user = _loginService.login(passwordValidationCallback.getUsername(), passwordValidationCallback.getPassword(), null);
            if (user != null) {
                passwordValidationCallback.setResult(true);
                passwordValidationCallback.getSubject().getPrincipals().addAll(user.getSubject().getPrincipals());
                passwordValidationCallback.getSubject().getPrivateCredentials().add(user);
            }
        } else if (callback instanceof CredentialValidationCallback) {
            CredentialValidationCallback credentialValidationCallback = (CredentialValidationCallback) callback;
            Subject subject = credentialValidationCallback.getSubject();
            LoginCallback loginCallback = new LoginCallbackImpl(subject, credentialValidationCallback.getUsername(), credentialValidationCallback.getCredential());
            UserIdentity user = _loginService.login(credentialValidationCallback.getUsername(), credentialValidationCallback.getCredential(), null);
            if (user != null) {
                loginCallback.setUserPrincipal(user.getUserPrincipal());
                credentialValidationCallback.getSubject().getPrivateCredentials().add(loginCallback);
                credentialValidationCallback.setResult(true);
                credentialValidationCallback.getSubject().getPrincipals().addAll(user.getSubject().getPrincipals());
                credentialValidationCallback.getSubject().getPrivateCredentials().add(user);
            }
        } else // TODO implement these
        if (callback instanceof CertStoreCallback) {
        } else if (callback instanceof PrivateKeyCallback) {
        } else if (callback instanceof SecretKeyCallback) {
        } else if (callback instanceof TrustStoreCallback) {
        } else {
            throw new UnsupportedCallbackException(callback);
        }
    }
}
Also used : LoginCallback(org.eclipse.jetty.security.authentication.LoginCallback) SecretKeyCallback(javax.security.auth.message.callback.SecretKeyCallback) TrustStoreCallback(javax.security.auth.message.callback.TrustStoreCallback) CertStoreCallback(javax.security.auth.message.callback.CertStoreCallback) UserIdentity(org.eclipse.jetty.server.UserIdentity) CredentialValidationCallback(org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback) Subject(javax.security.auth.Subject) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) LoginCallbackImpl(org.eclipse.jetty.security.authentication.LoginCallbackImpl) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) TrustStoreCallback(javax.security.auth.message.callback.TrustStoreCallback) LoginCallback(org.eclipse.jetty.security.authentication.LoginCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback) CredentialValidationCallback(org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) CertStoreCallback(javax.security.auth.message.callback.CertStoreCallback) PrivateKeyCallback(javax.security.auth.message.callback.PrivateKeyCallback) SecretKeyCallback(javax.security.auth.message.callback.SecretKeyCallback) Callback(javax.security.auth.callback.Callback) PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback) PrivateKeyCallback(javax.security.auth.message.callback.PrivateKeyCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)

Example 2 with PasswordValidationCallback

use of javax.security.auth.message.callback.PasswordValidationCallback in project wildfly by wildfly.

the class ElytronCallbackHandler method handle.

/**
     * {@inheritDoc}
     */
public void handle(javax.security.auth.callback.Callback[] callbacks) throws UnsupportedCallbackException, IOException {
    if (SUBSYSTEM_RA_LOGGER.isTraceEnabled())
        SUBSYSTEM_RA_LOGGER.elytronHandlerHandle(Arrays.toString(callbacks));
    // is the anonymous one.
    if (this.executionSubject != null) {
        final SecurityIdentity subjectIdentity = this.getPrivateCredential(this.executionSubject, SecurityIdentity.class);
        if (subjectIdentity != null && !subjectIdentity.isAnonymous()) {
            return;
        }
    }
    if (callbacks != null && callbacks.length > 0) {
        if (this.mappings != null && this.mappings.isMappingRequired()) {
            callbacks = this.mappings.mapCallbacks(callbacks);
        }
        GroupPrincipalCallback groupPrincipalCallback = null;
        CallerPrincipalCallback callerPrincipalCallback = null;
        PasswordValidationCallback passwordValidationCallback = null;
        for (javax.security.auth.callback.Callback callback : callbacks) {
            if (callback instanceof GroupPrincipalCallback) {
                groupPrincipalCallback = (GroupPrincipalCallback) callback;
                if (this.executionSubject == null) {
                    this.executionSubject = groupPrincipalCallback.getSubject();
                } else if (!this.executionSubject.equals(groupPrincipalCallback.getSubject())) {
                // TODO merge the contents of the subjects?
                }
            } else if (callback instanceof CallerPrincipalCallback) {
                callerPrincipalCallback = (CallerPrincipalCallback) callback;
                if (this.executionSubject == null) {
                    this.executionSubject = callerPrincipalCallback.getSubject();
                } else if (!this.executionSubject.equals(callerPrincipalCallback.getSubject())) {
                // TODO merge the contents of the subjects?
                }
            } else if (callback instanceof PasswordValidationCallback) {
                passwordValidationCallback = (PasswordValidationCallback) callback;
                if (this.executionSubject == null) {
                    this.executionSubject = passwordValidationCallback.getSubject();
                } else if (!this.executionSubject.equals(passwordValidationCallback.getSubject())) {
                // TODO merge the contents of the subjects?
                }
            } else {
                throw new UnsupportedCallbackException(callback);
            }
        }
        this.handleInternal(callerPrincipalCallback, groupPrincipalCallback, passwordValidationCallback);
    }
}
Also used : SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)

Example 3 with PasswordValidationCallback

use of javax.security.auth.message.callback.PasswordValidationCallback in project tomee by apache.

the class ConnectorCallbackHandler method handle.

public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (final Callback callback : callbacks) {
        // jaspi to server communication
        if (callback instanceof CallerPrincipalCallback) {
            callerPrincipal = ((CallerPrincipalCallback) callback).getPrincipal();
        } else if (callback instanceof GroupPrincipalCallback) {
            groupsArray = ((GroupPrincipalCallback) callback).getGroups();
        } else if (callback instanceof PasswordValidationCallback) {
            final PasswordValidationCallback passwordValidationCallback = (PasswordValidationCallback) callback;
            final String userName = passwordValidationCallback.getUsername();
            final char[] password = passwordValidationCallback.getPassword();
            final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
            try {
                final Object loginObj = securityService.login(securityRealmName, userName, password == null ? "" : new String(password));
                securityService.associate(loginObj);
                callerPrincipal = securityService.getCallerPrincipal();
                passwordValidationCallback.setResult(true);
            } catch (final LoginException e) {
                passwordValidationCallback.setResult(false);
            }
        } else // server to jaspi communication
        if (callback instanceof CertStoreCallback) {
        //NOPMD
        // TODO implement me
        } else if (callback instanceof PrivateKeyCallback) {
        //NOPMD
        // TODO implement me
        } else if (callback instanceof SecretKeyCallback) {
        //NOPMD
        // TODO implement me
        } else if (callback instanceof TrustStoreCallback) {
        //NOPMD
        // TODO implement me
        } else {
            throw new UnsupportedCallbackException(callback);
        }
    }
}
Also used : SecretKeyCallback(javax.security.auth.message.callback.SecretKeyCallback) TrustStoreCallback(javax.security.auth.message.callback.TrustStoreCallback) CertStoreCallback(javax.security.auth.message.callback.CertStoreCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) TrustStoreCallback(javax.security.auth.message.callback.TrustStoreCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) CertStoreCallback(javax.security.auth.message.callback.CertStoreCallback) PrivateKeyCallback(javax.security.auth.message.callback.PrivateKeyCallback) SecretKeyCallback(javax.security.auth.message.callback.SecretKeyCallback) Callback(javax.security.auth.callback.Callback) SecurityService(org.apache.openejb.spi.SecurityService) PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback) LoginException(javax.security.auth.login.LoginException) PrivateKeyCallback(javax.security.auth.message.callback.PrivateKeyCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)

Aggregations

UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)3 CallerPrincipalCallback (javax.security.auth.message.callback.CallerPrincipalCallback)3 GroupPrincipalCallback (javax.security.auth.message.callback.GroupPrincipalCallback)3 PasswordValidationCallback (javax.security.auth.message.callback.PasswordValidationCallback)3 Callback (javax.security.auth.callback.Callback)2 CertStoreCallback (javax.security.auth.message.callback.CertStoreCallback)2 PrivateKeyCallback (javax.security.auth.message.callback.PrivateKeyCallback)2 SecretKeyCallback (javax.security.auth.message.callback.SecretKeyCallback)2 TrustStoreCallback (javax.security.auth.message.callback.TrustStoreCallback)2 Subject (javax.security.auth.Subject)1 LoginException (javax.security.auth.login.LoginException)1 SecurityService (org.apache.openejb.spi.SecurityService)1 LoginCallback (org.eclipse.jetty.security.authentication.LoginCallback)1 LoginCallbackImpl (org.eclipse.jetty.security.authentication.LoginCallbackImpl)1 CredentialValidationCallback (org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback)1 UserIdentity (org.eclipse.jetty.server.UserIdentity)1 SecurityIdentity (org.wildfly.security.auth.server.SecurityIdentity)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial