Examples with LoginConfiguration com.sun.enterprise.deployment.web.LoginConfiguration used on opensource projects

Example 6 with LoginConfiguration

use of com.sun.enterprise.deployment.web.LoginConfiguration in project Payara by payara.

the class SecurityDeployer method handleCNonceCacheBSInit.

private void handleCNonceCacheBSInit(String appName, Set<WebBundleDescriptor> webDesc, boolean isHA) {
    boolean hasDigest = false;
    for (WebBundleDescriptor webBD : webDesc) {
        LoginConfiguration lc = webBD.getLoginConfiguration();
        if (lc != null && LoginConfiguration.DIGEST_AUTHENTICATION.equals(lc.getAuthenticationMethod())) {
            hasDigest = true;
            break;
        }
    }
    if (!hasDigest) {
        return;
    }
    // initialize the backing stores as well for cnonce cache.
    if (isHaEnabled() && isHA) {
        final String clusterName = haUtil.getClusterName();
        final String instanceName = haUtil.getInstanceName();
        if (cnonceCacheFactory != null) {
            CNonceCache cache = cnonceCacheFactory.createCNonceCache(appName, clusterName, instanceName, HA_CNONCE_BS_NAME);
            this.appCnonceMap.put(appName, cache);
        }
    }
}

Example 7 with LoginConfiguration

use of com.sun.enterprise.deployment.web.LoginConfiguration in project Payara by payara.

the class JaccWebAuthorizationManager method initialise.

/**
 * Initialise this class and specifically load permissions into the JACC Policy Configuration.
 *
 * @param appName
 * @throws PolicyContextException
 */
private void initialise(String appName) throws PolicyContextException {
    logger.finest(() -> String.format("initialise(appName=%s)", appName));
    getPolicyFactory();
    CODEBASE = removeSpaces(CONTEXT_ID);
    if (ADMIN_VS.equals(getVirtualServers(appName))) {
        LoginConfiguration loginConfiguration = webBundleDescriptor.getLoginConfiguration();
        if (loginConfiguration != null) {
            String realmName = loginConfiguration.getRealmName();
            // Process mappings from sun-web.xml
            SunWebApp sunDes = webBundleDescriptor.getSunDescriptor();
            if (sunDes != null) {
                SecurityRoleMapping[] roleMappings = sunDes.getSecurityRoleMapping();
                if (roleMappings != null) {
                    for (SecurityRoleMapping roleMapping : roleMappings) {
                        for (String principal : roleMapping.getPrincipalName()) {
                            webSecurityManagerFactory.addAdminPrincipal(principal, realmName, new PrincipalImpl(principal));
                        }
                        for (String group : roleMapping.getGroupNames()) {
                            webSecurityManagerFactory.addAdminGroup(group, realmName, new Group(group));
                        }
                    }
                }
                SecurityRoleAssignment[] roleAssignments = sunDes.getSecurityRoleAssignments();
                if (roleAssignments != null) {
                    for (SecurityRoleAssignment roleAssignment : roleAssignments) {
                        if (roleAssignment.isExternallyDefined()) {
                            webSecurityManagerFactory.addAdminGroup(roleAssignment.getRoleName(), realmName, new Group(roleAssignment.getRoleName()));
                            continue;
                        }
                        for (String principal : roleAssignment.getPrincipalNames()) {
                            webSecurityManagerFactory.addAdminPrincipal(principal, realmName, new PrincipalImpl(principal));
                        }
                    }
                }
            }
        }
    }
    // Will require stuff in hash format for reference later on.
    try {
        try {
            logger.log(FINE, "[Web-Security] Creating a Codebase URI with = {0}", CODEBASE);
            URI uri = new URI("file:///" + CODEBASE);
            if (uri != null) {
                codesource = new CodeSource(new URL(uri.toString()), (Certificate[]) null);
            }
        } catch (URISyntaxException use) {
            // Manually create the URL
            logger.log(FINE, "[Web-Security] Error Creating URI ", use);
            throw new RuntimeException(use);
        }
    } catch (MalformedURLException mue) {
        logger.log(SEVERE, "[Web-Security] Exception while getting the CodeSource", mue);
        throw new RuntimeException(mue);
    }
    logger.log(FINE, "[Web-Security] Context id (id under which  WEB component in application will be created) = {0}", CONTEXT_ID);
    logger.log(FINE, "[Web-Security] Codebase (module id for web component) {0}", CODEBASE);
    // Generate permissions and store these into the JACC policyConfiguration
    // The JACC Policy (to which we delegate) will use these permissions later to make authorization decisions.
    loadPermissionsInToPolicyConfiguration();
    if (uncheckedPermissionCache == null) {
        if (register) {
            uncheckedPermissionCache = PermissionCacheFactory.createPermissionCache(CONTEXT_ID, codesource, protoPerms, null);
            allResourcesCachedPermission = new CachedPermissionImpl(uncheckedPermissionCache, allResources);
            allConnectionsCachedPermission = new CachedPermissionImpl(uncheckedPermissionCache, allConnections);
        }
    } else {
        uncheckedPermissionCache.reset();
    }
}

Example 8 with LoginConfiguration

use of com.sun.enterprise.deployment.web.LoginConfiguration in project Payara by payara.

the class EjbInvokerService method event.

@Override
public void event(EventListener.Event event) {
    if (event.is(Deployment.APPLICATION_PREPARED)) {
        DeploymentContext context = (DeploymentContext) event.hook();
        Application app = context.getModuleMetaData(Application.class);
        if (app != null && EJB_INVOKER_APP.equals(app.getAppName()) && Boolean.parseBoolean(config.getSecurityEnabled())) {
            for (WebBundleDescriptor descriptor : app.getBundleDescriptors(WebBundleDescriptor.class)) {
                SunWebAppImpl webApp = (SunWebAppImpl) descriptor.getSunDescriptor();
                String moduleName;
                if (StringUtils.ok(config.getAuthModuleClass()) && config.getAuthModuleClass().indexOf('.') != -1) {
                    moduleName = config.getAuthModuleClass().substring(config.getAuthModuleClass().lastIndexOf('.') + 1);
                    webApp.setAttributeValue(HTTPSERVLET_SECURITY_PROVIDER, moduleName);
                } else if (StringUtils.ok(config.getAuthModule())) {
                    moduleName = config.getAuthModule();
                    webApp.setAttributeValue(HTTPSERVLET_SECURITY_PROVIDER, moduleName);
                }
                LoginConfiguration loginConf = descriptor.getLoginConfiguration();
                String authType = config.getAuthType();
                String realmName = config.getRealmName();
                if (StringUtils.ok(authType)) {
                    loginConf.setAuthenticationMethod(authType);
                }
                if (StringUtils.ok(realmName)) {
                    loginConf.setRealmName(realmName);
                }
                if (FORM_AUTH.equals(config.getAuthType())) {
                    loginConf.setFormErrorPage("/error.xhtml");
                    loginConf.setFormLoginPage("/login.xhtml");
                }
            }
        }
    }
}