Example 1 with LoginCallbackImpl
use of org.eclipse.jetty.security.authentication.LoginCallbackImpl in project jetty.project by eclipse.
the class ServletCallbackHandler method handle.
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback callback : callbacks) {
// jaspi to server communication
if (callback instanceof CallerPrincipalCallback) {
_callerPrincipals.set((CallerPrincipalCallback) callback);
} else if (callback instanceof GroupPrincipalCallback) {
_groupPrincipals.set((GroupPrincipalCallback) callback);
} else if (callback instanceof PasswordValidationCallback) {
PasswordValidationCallback passwordValidationCallback = (PasswordValidationCallback) callback;
Subject subject = passwordValidationCallback.getSubject();
UserIdentity user = _loginService.login(passwordValidationCallback.getUsername(), passwordValidationCallback.getPassword(), null);
if (user != null) {
passwordValidationCallback.setResult(true);
passwordValidationCallback.getSubject().getPrincipals().addAll(user.getSubject().getPrincipals());
passwordValidationCallback.getSubject().getPrivateCredentials().add(user);
}
} else if (callback instanceof CredentialValidationCallback) {
CredentialValidationCallback credentialValidationCallback = (CredentialValidationCallback) callback;
Subject subject = credentialValidationCallback.getSubject();
LoginCallback loginCallback = new LoginCallbackImpl(subject, credentialValidationCallback.getUsername(), credentialValidationCallback.getCredential());
UserIdentity user = _loginService.login(credentialValidationCallback.getUsername(), credentialValidationCallback.getCredential(), null);
if (user != null) {
loginCallback.setUserPrincipal(user.getUserPrincipal());
credentialValidationCallback.getSubject().getPrivateCredentials().add(loginCallback);
credentialValidationCallback.setResult(true);
credentialValidationCallback.getSubject().getPrincipals().addAll(user.getSubject().getPrincipals());
credentialValidationCallback.getSubject().getPrivateCredentials().add(user);
}
} else // TODO implement these
if (callback instanceof CertStoreCallback) {
} else if (callback instanceof PrivateKeyCallback) {
} else if (callback instanceof SecretKeyCallback) {
} else if (callback instanceof TrustStoreCallback) {
} else {
throw new UnsupportedCallbackException(callback);
}
}
}
Also used :
LoginCallback(org.eclipse.jetty.security.authentication.LoginCallback)
SecretKeyCallback(javax.security.auth.message.callback.SecretKeyCallback)
TrustStoreCallback(javax.security.auth.message.callback.TrustStoreCallback)
CertStoreCallback(javax.security.auth.message.callback.CertStoreCallback)
UserIdentity(org.eclipse.jetty.server.UserIdentity)
CredentialValidationCallback(org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback)
Subject(javax.security.auth.Subject)
CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback)
LoginCallbackImpl(org.eclipse.jetty.security.authentication.LoginCallbackImpl)
GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback)
TrustStoreCallback(javax.security.auth.message.callback.TrustStoreCallback)
LoginCallback(org.eclipse.jetty.security.authentication.LoginCallback)
GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback)
PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback)
CredentialValidationCallback(org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback)
CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback)
CertStoreCallback(javax.security.auth.message.callback.CertStoreCallback)
PrivateKeyCallback(javax.security.auth.message.callback.PrivateKeyCallback)
SecretKeyCallback(javax.security.auth.message.callback.SecretKeyCallback)
Callback(javax.security.auth.callback.Callback)
PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback)
PrivateKeyCallback(javax.security.auth.message.callback.PrivateKeyCallback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Example 2 with LoginCallbackImpl
use of org.eclipse.jetty.security.authentication.LoginCallbackImpl in project jetty.project by eclipse.
the class FormAuthModule method tryLogin.
private boolean tryLogin(MessageInfo messageInfo, Subject clientSubject, HttpServletResponse response, HttpSession session, String username, Password password) throws AuthException, IOException, UnsupportedCallbackException {
if (login(clientSubject, username, password, Constraint.__FORM_AUTH, messageInfo)) {
char[] pwdChars = password.toString().toCharArray();
Set<LoginCallbackImpl> loginCallbacks = clientSubject.getPrivateCredentials(LoginCallbackImpl.class);
if (!loginCallbacks.isEmpty()) {
LoginCallbackImpl loginCallback = loginCallbacks.iterator().next();
Set<UserIdentity> userIdentities = clientSubject.getPrivateCredentials(UserIdentity.class);
if (!userIdentities.isEmpty()) {
UserIdentity userIdentity = userIdentities.iterator().next();
SessionAuthentication sessionAuth = new SessionAuthentication(Constraint.__FORM_AUTH, userIdentity, password);
session.setAttribute(SessionAuthentication.__J_AUTHENTICATED, sessionAuth);
}
}
return true;
}
return false;
}
Also used :
LoginCallbackImpl(org.eclipse.jetty.security.authentication.LoginCallbackImpl)
UserIdentity(org.eclipse.jetty.server.UserIdentity)
SessionAuthentication(org.eclipse.jetty.security.authentication.SessionAuthentication)
Example 3 with LoginCallbackImpl
use of org.eclipse.jetty.security.authentication.LoginCallbackImpl in project jetty.project by eclipse.
the class BaseAuthModule method login.
protected boolean login(Subject clientSubject, String username, Credential credential, String authMethod, MessageInfo messageInfo) throws IOException, UnsupportedCallbackException {
CredentialValidationCallback credValidationCallback = new CredentialValidationCallback(clientSubject, username, credential);
callbackHandler.handle(new Callback[] { credValidationCallback });
if (credValidationCallback.getResult()) {
Set<LoginCallbackImpl> loginCallbacks = clientSubject.getPrivateCredentials(LoginCallbackImpl.class);
if (!loginCallbacks.isEmpty()) {
LoginCallbackImpl loginCallback = loginCallbacks.iterator().next();
CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(clientSubject, loginCallback.getUserPrincipal());
GroupPrincipalCallback groupPrincipalCallback = new GroupPrincipalCallback(clientSubject, loginCallback.getRoles());
callbackHandler.handle(new Callback[] { callerPrincipalCallback, groupPrincipalCallback });
}
messageInfo.getMap().put(JaspiMessageInfo.AUTH_METHOD_KEY, authMethod);
}
return credValidationCallback.getResult();
}
Also used :
LoginCallbackImpl(org.eclipse.jetty.security.authentication.LoginCallbackImpl)
CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback)
GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback)
CredentialValidationCallback(org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback)
Aggregations
LoginCallbackImpl (org.eclipse.jetty.security.authentication.LoginCallbackImpl)3
CallerPrincipalCallback (javax.security.auth.message.callback.CallerPrincipalCallback)2
GroupPrincipalCallback (javax.security.auth.message.callback.GroupPrincipalCallback)2
CredentialValidationCallback (org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback)2
UserIdentity (org.eclipse.jetty.server.UserIdentity)2
Subject (javax.security.auth.Subject)1
Callback (javax.security.auth.callback.Callback)1
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)1
CertStoreCallback (javax.security.auth.message.callback.CertStoreCallback)1
PasswordValidationCallback (javax.security.auth.message.callback.PasswordValidationCallback)1
PrivateKeyCallback (javax.security.auth.message.callback.PrivateKeyCallback)1
SecretKeyCallback (javax.security.auth.message.callback.SecretKeyCallback)1
TrustStoreCallback (javax.security.auth.message.callback.TrustStoreCallback)1
LoginCallback (org.eclipse.jetty.security.authentication.LoginCallback)1
SessionAuthentication (org.eclipse.jetty.security.authentication.SessionAuthentication)1
