use of com.sun.enterprise.deployment.web.LoginConfiguration in project Payara by payara.
the class SecurityDeployer method handleCNonceCacheBSInit.
private void handleCNonceCacheBSInit(String appName, Set<WebBundleDescriptor> webDesc, boolean isHA) {
boolean hasDigest = false;
for (WebBundleDescriptor webBD : webDesc) {
LoginConfiguration lc = webBD.getLoginConfiguration();
if (lc != null && LoginConfiguration.DIGEST_AUTHENTICATION.equals(lc.getAuthenticationMethod())) {
hasDigest = true;
break;
}
}
if (!hasDigest) {
return;
}
// initialize the backing stores as well for cnonce cache.
if (isHaEnabled() && isHA) {
final String clusterName = haUtil.getClusterName();
final String instanceName = haUtil.getInstanceName();
if (cnonceCacheFactory != null) {
CNonceCache cache = cnonceCacheFactory.createCNonceCache(appName, clusterName, instanceName, HA_CNONCE_BS_NAME);
this.appCnonceMap.put(appName, cache);
}
}
}
use of com.sun.enterprise.deployment.web.LoginConfiguration in project Payara by payara.
the class JaccWebAuthorizationManager method initialise.
/**
* Initialise this class and specifically load permissions into the JACC Policy Configuration.
*
* @param appName
* @throws PolicyContextException
*/
private void initialise(String appName) throws PolicyContextException {
logger.finest(() -> String.format("initialise(appName=%s)", appName));
getPolicyFactory();
CODEBASE = removeSpaces(CONTEXT_ID);
if (ADMIN_VS.equals(getVirtualServers(appName))) {
LoginConfiguration loginConfiguration = webBundleDescriptor.getLoginConfiguration();
if (loginConfiguration != null) {
String realmName = loginConfiguration.getRealmName();
// Process mappings from sun-web.xml
SunWebApp sunDes = webBundleDescriptor.getSunDescriptor();
if (sunDes != null) {
SecurityRoleMapping[] roleMappings = sunDes.getSecurityRoleMapping();
if (roleMappings != null) {
for (SecurityRoleMapping roleMapping : roleMappings) {
for (String principal : roleMapping.getPrincipalName()) {
webSecurityManagerFactory.addAdminPrincipal(principal, realmName, new PrincipalImpl(principal));
}
for (String group : roleMapping.getGroupNames()) {
webSecurityManagerFactory.addAdminGroup(group, realmName, new Group(group));
}
}
}
SecurityRoleAssignment[] roleAssignments = sunDes.getSecurityRoleAssignments();
if (roleAssignments != null) {
for (SecurityRoleAssignment roleAssignment : roleAssignments) {
if (roleAssignment.isExternallyDefined()) {
webSecurityManagerFactory.addAdminGroup(roleAssignment.getRoleName(), realmName, new Group(roleAssignment.getRoleName()));
continue;
}
for (String principal : roleAssignment.getPrincipalNames()) {
webSecurityManagerFactory.addAdminPrincipal(principal, realmName, new PrincipalImpl(principal));
}
}
}
}
}
}
// Will require stuff in hash format for reference later on.
try {
try {
logger.log(FINE, "[Web-Security] Creating a Codebase URI with = {0}", CODEBASE);
URI uri = new URI("file:///" + CODEBASE);
if (uri != null) {
codesource = new CodeSource(new URL(uri.toString()), (Certificate[]) null);
}
} catch (URISyntaxException use) {
// Manually create the URL
logger.log(FINE, "[Web-Security] Error Creating URI ", use);
throw new RuntimeException(use);
}
} catch (MalformedURLException mue) {
logger.log(SEVERE, "[Web-Security] Exception while getting the CodeSource", mue);
throw new RuntimeException(mue);
}
logger.log(FINE, "[Web-Security] Context id (id under which WEB component in application will be created) = {0}", CONTEXT_ID);
logger.log(FINE, "[Web-Security] Codebase (module id for web component) {0}", CODEBASE);
// Generate permissions and store these into the JACC policyConfiguration
// The JACC Policy (to which we delegate) will use these permissions later to make authorization decisions.
loadPermissionsInToPolicyConfiguration();
if (uncheckedPermissionCache == null) {
if (register) {
uncheckedPermissionCache = PermissionCacheFactory.createPermissionCache(CONTEXT_ID, codesource, protoPerms, null);
allResourcesCachedPermission = new CachedPermissionImpl(uncheckedPermissionCache, allResources);
allConnectionsCachedPermission = new CachedPermissionImpl(uncheckedPermissionCache, allConnections);
}
} else {
uncheckedPermissionCache.reset();
}
}
use of com.sun.enterprise.deployment.web.LoginConfiguration in project Payara by payara.
the class EjbInvokerService method event.
@Override
public void event(EventListener.Event event) {
if (event.is(Deployment.APPLICATION_PREPARED)) {
DeploymentContext context = (DeploymentContext) event.hook();
Application app = context.getModuleMetaData(Application.class);
if (app != null && EJB_INVOKER_APP.equals(app.getAppName()) && Boolean.parseBoolean(config.getSecurityEnabled())) {
for (WebBundleDescriptor descriptor : app.getBundleDescriptors(WebBundleDescriptor.class)) {
SunWebAppImpl webApp = (SunWebAppImpl) descriptor.getSunDescriptor();
String moduleName;
if (StringUtils.ok(config.getAuthModuleClass()) && config.getAuthModuleClass().indexOf('.') != -1) {
moduleName = config.getAuthModuleClass().substring(config.getAuthModuleClass().lastIndexOf('.') + 1);
webApp.setAttributeValue(HTTPSERVLET_SECURITY_PROVIDER, moduleName);
} else if (StringUtils.ok(config.getAuthModule())) {
moduleName = config.getAuthModule();
webApp.setAttributeValue(HTTPSERVLET_SECURITY_PROVIDER, moduleName);
}
LoginConfiguration loginConf = descriptor.getLoginConfiguration();
String authType = config.getAuthType();
String realmName = config.getRealmName();
if (StringUtils.ok(authType)) {
loginConf.setAuthenticationMethod(authType);
}
if (StringUtils.ok(realmName)) {
loginConf.setRealmName(realmName);
}
if (FORM_AUTH.equals(config.getAuthType())) {
loginConf.setFormErrorPage("/error.xhtml");
loginConf.setFormLoginPage("/login.xhtml");
}
}
}
}
}
Aggregations