Example 1 with AuthModule
use of com.evolveum.midpoint.authentication.api.AuthModule in project midpoint by Evolveum.
the class AuthSequenceUtil method getSpecificModuleFilter.
private static List<AuthModule> getSpecificModuleFilter(AuthModuleRegistryImpl authRegistry, String urlSuffix, HttpServletRequest httpRequest, Map<Class<?>, Object> sharedObjects, AuthenticationModulesType authenticationModulesType, CredentialsPolicyType credentialPolicy) {
String localePath = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length());
String channel = searchChannelByPath(localePath);
if (LOCAL_PATH_AND_CHANNEL.get("ws").equals(channel)) {
String header = httpRequest.getHeader("Authorization");
if (header != null) {
String type = header.split(" ")[0];
if (AuthenticationModuleNameConstants.CLUSTER.equalsIgnoreCase(type)) {
List<AuthModule> authModules = new ArrayList<>();
HttpClusterModuleFactory factory = authRegistry.findModelFactoryByClass(HttpClusterModuleFactory.class);
AbstractAuthenticationModuleType module = new AbstractAuthenticationModuleType() {
};
module.setName(AuthenticationModuleNameConstants.CLUSTER.toLowerCase() + "-module");
try {
authModules.add(factory.createModuleFilter(module, urlSuffix, httpRequest, sharedObjects, authenticationModulesType, credentialPolicy, null));
} catch (Exception e) {
LOGGER.error("Couldn't create module for cluster authentication");
return null;
}
return authModules;
}
}
}
return null;
}
Also used :
AuthModule(com.evolveum.midpoint.authentication.api.AuthModule)
HttpClusterModuleFactory(com.evolveum.midpoint.authentication.impl.factory.module.HttpClusterModuleFactory)
ServletException(javax.servlet.ServletException)
AuthenticationException(org.springframework.security.core.AuthenticationException)
AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException)
IOException(java.io.IOException)
Example 2 with AuthModule
use of com.evolveum.midpoint.authentication.api.AuthModule in project midpoint by Evolveum.
the class AuthSequenceUtil method buildModuleFilters.
public static List<AuthModule> buildModuleFilters(AuthModuleRegistryImpl authRegistry, AuthenticationSequenceType sequence, HttpServletRequest request, AuthenticationModulesType authenticationModulesType, CredentialsPolicyType credentialPolicy, Map<Class<?>, Object> sharedObjects, AuthenticationChannel authenticationChannel) {
Validate.notNull(authRegistry, "Registry for module factories is null");
if (isSpecificSequence(request)) {
return getSpecificModuleFilter(authRegistry, sequence.getChannel().getUrlSuffix(), request, sharedObjects, authenticationModulesType, credentialPolicy);
}
Validate.notEmpty(sequence.getModule(), "Sequence " + sequence.getName() + " don't contains authentication modules");
List<AuthenticationSequenceModuleType> sequenceModules = SecurityPolicyUtil.getSortedModules(sequence);
List<AuthModule> authModules = new ArrayList<>();
sequenceModules.forEach(sequenceModule -> {
try {
AbstractAuthenticationModuleType module = getModuleByName(sequenceModule.getName(), authenticationModulesType);
AbstractModuleFactory moduleFactory = authRegistry.findModelFactory(module, authenticationChannel);
AuthModule authModule = moduleFactory.createModuleFilter(module, sequence.getChannel().getUrlSuffix(), request, sharedObjects, authenticationModulesType, credentialPolicy, authenticationChannel);
authModules.add(authModule);
} catch (Exception e) {
LOGGER.error("Couldn't build filter for module moduleFactory", e);
}
});
if (authModules.isEmpty()) {
return null;
}
return authModules;
}
Also used :
AuthModule(com.evolveum.midpoint.authentication.api.AuthModule)
AbstractModuleFactory(com.evolveum.midpoint.authentication.impl.factory.module.AbstractModuleFactory)
ServletException(javax.servlet.ServletException)
AuthenticationException(org.springframework.security.core.AuthenticationException)
AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException)
IOException(java.io.IOException)
Example 3 with AuthModule
use of com.evolveum.midpoint.authentication.api.AuthModule in project midpoint by Evolveum.
the class MidpointAuthFilter method initAuthenticationModule.
private void initAuthenticationModule(MidpointAuthentication mpAuthentication, AuthenticationWrapper authWrapper, HttpServletRequest httpRequest) {
if (AuthSequenceUtil.isSpecificSequence(httpRequest)) {
if (authModulesOfSpecificSequences.containsKey(authWrapper.sequence.getName())) {
authWrapper.authModules = authModulesOfSpecificSequences.get(authWrapper.sequence.getName());
if (authWrapper.authModules != null) {
for (AuthModule authModule : authWrapper.authModules) {
if (authModule != null && ((AuthModuleImpl) authModule).getConfiguration() != null) {
authenticationManager.getProviders().clear();
for (AuthenticationProvider authenticationProvider : ((AuthModuleImpl) authModule).getConfiguration().getAuthenticationProviders()) {
authenticationManager.getProviders().add(authenticationProvider);
}
}
}
}
} else {
authWrapper.authModules = createAuthenticationModuleBySequence(mpAuthentication, authWrapper.sequence, httpRequest, authWrapper.authenticationsPolicy.getModules(), authWrapper.authenticationChannel, authWrapper.credentialsPolicy);
authModulesOfSpecificSequences.put(authWrapper.sequence.getName(), authWrapper.authModules);
}
} else {
authWrapper.authModules = createAuthenticationModuleBySequence(mpAuthentication, authWrapper.sequence, httpRequest, authWrapper.authenticationsPolicy.getModules(), authWrapper.authenticationChannel, authWrapper.credentialsPolicy);
}
}
Also used :
AuthenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
AuthModule(com.evolveum.midpoint.authentication.api.AuthModule)
AuthModuleImpl(com.evolveum.midpoint.authentication.impl.util.AuthModuleImpl)
Example 4 with AuthModule
use of com.evolveum.midpoint.authentication.api.AuthModule in project midpoint by Evolveum.
the class MidpointAnonymousAuthenticationFilter method createAuthentication.
protected Authentication createAuthentication(HttpServletRequest request) {
Authentication auth = createBasicAuthentication(request);
MidpointAuthentication authentication = new MidpointAuthentication(SecurityPolicyUtil.createDefaultSequence());
AuthenticationsPolicyType authenticationsPolicy;
try {
authenticationsPolicy = SecurityPolicyUtil.createDefaultAuthenticationPolicy(NO_CUSTOM_IGNORED_LOCAL_PATH, prismContext.getSchemaRegistry());
} catch (SchemaException e) {
LOGGER.error("Couldn't get default authentication policy");
throw new IllegalArgumentException("Couldn't get default authentication policy", e);
}
AuthenticationSequenceType sequence = SecurityPolicyUtil.createDefaultSequence();
AuthenticationChannel authenticationChannel = AuthSequenceUtil.buildAuthChannel(authChannelRegistry, sequence);
List<AuthModule> authModules = AuthSequenceUtil.buildModuleFilters(authRegistry, sequence, request, authenticationsPolicy.getModules(), null, new HashMap<>(), authenticationChannel);
authentication.setAuthModules(authModules);
if (authModules != null) {
ModuleAuthenticationImpl module = (ModuleAuthenticationImpl) authModules.get(0).getBaseModuleAuthentication();
module.setAuthentication(auth);
authentication.addAuthentications(module);
}
authentication.setPrincipal(auth.getPrincipal());
return authentication;
}
Also used :
SchemaException(com.evolveum.midpoint.util.exception.SchemaException)
ModuleAuthenticationImpl(com.evolveum.midpoint.authentication.impl.module.authentication.ModuleAuthenticationImpl)
AuthenticationChannel(com.evolveum.midpoint.authentication.api.AuthenticationChannel)
MidpointAuthentication(com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)
Authentication(org.springframework.security.core.Authentication)
AuthenticationSequenceType(com.evolveum.midpoint.xml.ns._public.common.common_3.AuthenticationSequenceType)
AuthModule(com.evolveum.midpoint.authentication.api.AuthModule)
AuthenticationsPolicyType(com.evolveum.midpoint.xml.ns._public.common.common_3.AuthenticationsPolicyType)
MidpointAuthentication(com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)
Aggregations
AuthModule (com.evolveum.midpoint.authentication.api.AuthModule)4
IOException (java.io.IOException)2
ServletException (javax.servlet.ServletException)2
AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)2
AuthenticationException (org.springframework.security.core.AuthenticationException)2
AuthenticationChannel (com.evolveum.midpoint.authentication.api.AuthenticationChannel)1
MidpointAuthentication (com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)1
AbstractModuleFactory (com.evolveum.midpoint.authentication.impl.factory.module.AbstractModuleFactory)1
HttpClusterModuleFactory (com.evolveum.midpoint.authentication.impl.factory.module.HttpClusterModuleFactory)1
ModuleAuthenticationImpl (com.evolveum.midpoint.authentication.impl.module.authentication.ModuleAuthenticationImpl)1
AuthModuleImpl (com.evolveum.midpoint.authentication.impl.util.AuthModuleImpl)1
SchemaException (com.evolveum.midpoint.util.exception.SchemaException)1
AuthenticationSequenceType (com.evolveum.midpoint.xml.ns._public.common.common_3.AuthenticationSequenceType)1
AuthenticationsPolicyType (com.evolveum.midpoint.xml.ns._public.common.common_3.AuthenticationsPolicyType)1
AuthenticationProvider (org.springframework.security.authentication.AuthenticationProvider)1
Authentication (org.springframework.security.core.Authentication)1
