Example 1 with AuthorizationPolicy
use of org.apache.cxf.configuration.security.AuthorizationPolicy in project midpoint by Evolveum.
the class MidpointRestAuthenticationHandler method filter.
@Override
public void filter(ContainerRequestContext requestCtx) throws IOException {
Message m = JAXRSUtils.getCurrentMessage();
AuthorizationPolicy policy = (AuthorizationPolicy) m.get(AuthorizationPolicy.class);
if (policy != null) {
passwordAuthenticator.handleRequest(policy, m, requestCtx);
return;
}
String authorization = requestCtx.getHeaderString("Authorization");
if (StringUtils.isBlank(authorization)) {
RestServiceUtil.createAbortMessage(requestCtx);
return;
}
String[] parts = authorization.split(" ");
String authenticationType = parts[0];
if (parts.length == 1) {
if (RestAuthenticationMethod.SECURITY_QUESTIONS.equals(authenticationType)) {
RestServiceUtil.createSecurityQuestionAbortMessage(requestCtx, "{\"user\" : \"username\"}");
return;
}
}
if (parts.length != 2 || (!RestAuthenticationMethod.SECURITY_QUESTIONS.equals(authenticationType))) {
RestServiceUtil.createAbortMessage(requestCtx);
return;
}
String base64Credentials = (parts.length == 2) ? parts[1] : null;
try {
String decodedCredentials = new String(Base64Utility.decode(base64Credentials));
if (RestAuthenticationMethod.SECURITY_QUESTIONS.equals(authenticationType)) {
policy = new AuthorizationPolicy();
policy.setAuthorizationType(RestAuthenticationMethod.SECURITY_QUESTIONS.getMethod());
policy.setAuthorization(decodedCredentials);
}
securityQuestionAuthenticator.handleRequest(policy, m, requestCtx);
} catch (Base64Exception e) {
RestServiceUtil.createSecurityQuestionAbortMessage(requestCtx, "{\"user\" : \"username\"}");
return;
}
}
Also used :
AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy)
Message(org.apache.cxf.message.Message)
Base64Exception(org.apache.cxf.common.util.Base64Exception)
Example 2 with AuthorizationPolicy
use of org.apache.cxf.configuration.security.AuthorizationPolicy in project cxf by apache.
the class HTTPSConduitTest method verifyBethalClient.
// we just verify the configurations are loaded successfully
private void verifyBethalClient(Greeter bethal) {
Client client = ClientProxy.getClient(bethal);
HTTPConduit http = (HTTPConduit) client.getConduit();
HTTPClientPolicy httpClientPolicy = http.getClient();
assertEquals("the httpClientPolicy's autoRedirect should be true", true, httpClientPolicy.isAutoRedirect());
TLSClientParameters tlsParameters = http.getTlsClientParameters();
assertNotNull("the http conduit's tlsParameters should not be null", tlsParameters);
// If we set any name, but Edward, Mary, or George,
// and a password of "password" we will get through
// Bethal.
AuthorizationPolicy authPolicy = http.getAuthorization();
assertEquals("Set the wrong user name from the configuration", "Betty", authPolicy.getUserName());
assertEquals("Set the wrong pass word form the configuration", "password", authPolicy.getPassword());
configureProxy(ClientProxy.getClient(bethal));
String answer = bethal.sayHi();
answer = bethal.sayHi();
answer = bethal.sayHi();
answer = bethal.sayHi();
answer = bethal.sayHi();
assertTrue("Unexpected answer: " + answer, "Bonjour from Bethal".equals(answer));
// With HTTPS, it will just be a CONNECT to the proxy and all the
// data is encrypted. Thus, the proxy cannot distinquish the requests
assertProxyRequestCount(0);
}
Also used :
HTTPConduit(org.apache.cxf.transport.http.HTTPConduit)
TLSClientParameters(org.apache.cxf.configuration.jsse.TLSClientParameters)
AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy)
HTTPClientPolicy(org.apache.cxf.transports.http.configuration.HTTPClientPolicy)
Client(org.apache.cxf.endpoint.Client)
Example 3 with AuthorizationPolicy
use of org.apache.cxf.configuration.security.AuthorizationPolicy in project cxf by apache.
the class HTTPSConduitTest method testHttpsTrust.
@Test
public void testHttpsTrust() throws Exception {
startServer("Bethal");
URL wsdl = getClass().getResource("greeting.wsdl");
assertNotNull("WSDL is null", wsdl);
SOAPService service = new SOAPService(wsdl, serviceName);
assertNotNull("Service is null", service);
Greeter bethal = service.getPort(bethalQ, Greeter.class);
assertNotNull("Port is null", bethal);
updateAddressPort(bethal, getPort("PORT4"));
// Okay, I'm sick of configuration files.
// This also tests dynamic configuration of the conduit.
Client client = ClientProxy.getClient(bethal);
HTTPConduit http = (HTTPConduit) client.getConduit();
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
httpClientPolicy.setAutoRedirect(false);
// If we set any name, but Edward, Mary, or George,
// and a password of "password" we will get through
// Bethal.
AuthorizationPolicy authPolicy = new AuthorizationPolicy();
authPolicy.setUserName("Betty");
authPolicy.setPassword("password");
http.setClient(httpClientPolicy);
http.setTlsClientParameters(tlsClientParameters);
http.setAuthorization(authPolicy);
// Our expected server should be OU=Bethal
http.setTrustDecider(new MyHttpsTrustDecider("Bethal"));
configureProxy(client);
String answer = bethal.sayHi();
assertTrue("Unexpected answer: " + answer, "Bonjour from Bethal".equals(answer));
assertProxyRequestCount(0);
// Nobody will not equal OU=Bethal
MyHttpsTrustDecider trustDecider = new MyHttpsTrustDecider("Nobody");
http.setTrustDecider(trustDecider);
try {
answer = bethal.sayHi();
fail("Unexpected answer from Bethal: " + answer);
} catch (Exception e) {
// e.printStackTrace();
// assertTrue("Trust Decider was not called",
// 0 > trustDecider.wasCalled());
}
assertProxyRequestCount(0);
}
Also used :
SOAPService(org.apache.hello_world.services.SOAPService)
HTTPConduit(org.apache.cxf.transport.http.HTTPConduit)
AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy)
Greeter(org.apache.hello_world.Greeter)
HTTPClientPolicy(org.apache.cxf.transports.http.configuration.HTTPClientPolicy)
Client(org.apache.cxf.endpoint.Client)
URL(java.net.URL)
GeneralSecurityException(java.security.GeneralSecurityException)
UntrustedURLConnectionIOException(org.apache.cxf.transport.http.UntrustedURLConnectionIOException)
IOException(java.io.IOException)
Test(org.junit.Test)
Example 4 with AuthorizationPolicy
use of org.apache.cxf.configuration.security.AuthorizationPolicy in project cxf by apache.
the class JAASLoginInterceptorTest method addAuthPolicy.
private void addAuthPolicy(Message message, String username, String password) {
AuthorizationPolicy authPol = new AuthorizationPolicy();
authPol.setUserName(username);
authPol.setPassword(password);
message.put(AuthorizationPolicy.class, authPol);
}
Also used :
AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy)
Example 5 with AuthorizationPolicy
use of org.apache.cxf.configuration.security.AuthorizationPolicy in project cxf by apache.
the class JAASResourceOwnerLoginHandler method setupMessage.
private Message setupMessage(String name, String password) {
AuthorizationPolicy policy = new AuthorizationPolicy();
policy.setUserName(name);
policy.setPassword(password);
Message message = new MessageImpl();
message.put(AuthorizationPolicy.class, policy);
return message;
}
Also used :
AuthorizationPolicy(org.apache.cxf.configuration.security.AuthorizationPolicy)
Message(org.apache.cxf.message.Message)
MessageImpl(org.apache.cxf.message.MessageImpl)
Aggregations
AuthorizationPolicy (org.apache.cxf.configuration.security.AuthorizationPolicy)74
Test (org.junit.Test)22
Message (org.apache.cxf.message.Message)21
HTTPConduit (org.apache.cxf.transport.http.HTTPConduit)15
IOException (java.io.IOException)12
Client (org.apache.cxf.endpoint.Client)10
ArrayList (java.util.ArrayList)9
HTTPClientPolicy (org.apache.cxf.transports.http.configuration.HTTPClientPolicy)8
URL (java.net.URL)7
List (java.util.List)7
ProxyAuthorizationPolicy (org.apache.cxf.configuration.security.ProxyAuthorizationPolicy)7
SecurityContext (org.apache.cxf.security.SecurityContext)6
Bus (org.apache.cxf.Bus)5
WebClient (org.apache.cxf.jaxrs.client.WebClient)5
MessageImpl (org.apache.cxf.message.MessageImpl)5
EndpointInfo (org.apache.cxf.service.model.EndpointInfo)5
Principal (java.security.Principal)4
HashMap (java.util.HashMap)4
Map (java.util.Map)4
Endpoint (org.apache.cxf.endpoint.Endpoint)4
