Example 6 with FailedLoginException
use of com.sun.messaging.jmq.auth.api.FailedLoginException in project openmq by eclipse-ee4j.
the class JMQBasicAuthenticationHandler method handleResponse.
/**
* @param authResponse the authentication response data. This is the AUTHENCATE_RESPONSE packet body.
* @param sequence packet sequence number
*
* @return next request data if any; null if no more request. The request data will be sent as packet body in
* AUTHENTICATE_REQUEST
*/
@Override
public synchronized byte[] handleResponse(byte[] authResponse, int sequence) throws LoginException {
if (repository == null && logout) {
throw new LoginException(Globals.getBrokerResources().getKString(BrokerResources.X_CONNECTION_LOGGEDOUT));
}
if (repository != null) {
repository.close();
}
Subject subject = null;
acc = null;
try {
ByteArrayInputStream bis = new ByteArrayInputStream(authResponse);
DataInputStream dis = new DataInputStream(bis);
String username = dis.readUTF();
BASE64Decoder decoder = new BASE64Decoder();
String pass = dis.readUTF();
String password = new String(decoder.decodeBuffer(pass), "UTF8");
dis.close();
String rep = authProps.getProperty(AccessController.PROP_AUTHENTICATION_PREFIX + getType() + AccessController.PROP_USER_REPOSITORY_SUFFIX);
if (rep == null || rep.trim().equals("")) {
throw new LoginException(Globals.getBrokerResources().getKString(BrokerResources.X_USER_REPOSITORY_NOT_DEFINED, getType()));
}
String className = authProps.getProperty(AccessController.PROP_USER_REPOSITORY_PREFIX + rep + ".class");
if (className == null) {
throw new LoginException(Globals.getBrokerResources().getKString(BrokerResources.X_USER_REPOSITORY_CLASS_NOT_DEFINED, rep, getType()));
}
repository = (UserRepository) Class.forName(className).getDeclaredConstructor().newInstance();
repository.open(getType(), authProps, cacheData);
subject = repository.findMatch(username, password, null, getMatchType());
cacheData = repository.getCacheData();
if (subject == null) {
FailedLoginException ex = new FailedLoginException(Globals.getBrokerResources().getKString(BrokerResources.X_FORBIDDEN, username));
ex.setUser(username);
throw ex;
}
acc = new JMQAccessControlContext(new MQUser(username), subject, authProps);
return null;
} catch (ClassNotFoundException e) {
throw new LoginException(Globals.getBrokerResources().getString(BrokerResources.X_INTERNAL_EXCEPTION, "ClassNotFoundException: " + e.getMessage()));
} catch (IOException e) {
throw new LoginException(Globals.getBrokerResources().getString(BrokerResources.X_INTERNAL_EXCEPTION, "IOException: " + e.getMessage()));
} catch (InstantiationException e) {
throw new LoginException(Globals.getBrokerResources().getString(BrokerResources.X_INTERNAL_EXCEPTION, "InstantiationException: " + e.getMessage()));
} catch (IllegalAccessException e) {
throw new LoginException(Globals.getBrokerResources().getString(BrokerResources.X_INTERNAL_EXCEPTION, "IllegalAccessException: " + e.getMessage()));
} catch (ClassCastException e) {
throw new LoginException(Globals.getBrokerResources().getString(BrokerResources.X_INTERNAL_EXCEPTION, "ClassCastException: " + e.getMessage()));
} catch (NoSuchMethodException e) {
throw new LoginException(Globals.getBrokerResources().getString(BrokerResources.X_INTERNAL_EXCEPTION, "NoSuchMethodException: " + e.getMessage()));
} catch (InvocationTargetException e) {
throw new LoginException(Globals.getBrokerResources().getString(BrokerResources.X_INTERNAL_EXCEPTION, "InvocationTargetException: " + e.getMessage()));
}
}
Also used :
MQUser(com.sun.messaging.jmq.auth.jaas.MQUser)
Subject(javax.security.auth.Subject)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
FailedLoginException(com.sun.messaging.jmq.auth.api.FailedLoginException)
LoginException(javax.security.auth.login.LoginException)
FailedLoginException(com.sun.messaging.jmq.auth.api.FailedLoginException)
BASE64Decoder(com.sun.messaging.jmq.util.BASE64Decoder)
Example 7 with FailedLoginException
use of com.sun.messaging.jmq.auth.api.FailedLoginException in project openmq by eclipse-ee4j.
the class JMQAdminKeyAuthenticationHandler method handleResponse.
/**
* @param authResponse the authentication response data. This is the AUTHENCATE_RESPONSE packet body.
* @param sequence packet sequence number
*
* @return next request data if any; null if no more request. The request data will be sent as packet body in
* AUTHENTICATE_REQUEST
*/
@Override
public byte[] handleResponse(byte[] authResponse, int sequence) throws LoginException {
Subject subject = null;
acc = null;
if (authProps == null) {
throw new LoginException(Globals.getBrokerResources().getKString(BrokerResources.X_ILLEGAL_AUTHSTATE, getType()));
}
try {
ByteArrayInputStream bis = new ByteArrayInputStream(authResponse);
DataInputStream dis = new DataInputStream(bis);
String username = dis.readUTF();
BASE64Decoder decoder = new BASE64Decoder();
String pass = dis.readUTF();
String password = new String(decoder.decodeBuffer(pass), "UTF8");
dis.close();
String adminkey = authProps.getProperty(AccessController.PROP_ADMINKEY);
if (DEBUG) {
logger.log(Logger.DEBUG, AccessController.PROP_ADMINKEY + ":" + adminkey + ":" + " password:" + password + ":");
}
if (adminkey != null) {
if (username.equals(ADMINKEYNAME) && password.equals(adminkey)) {
final String tempUserName = username;
subject = (Subject) java.security.AccessController.doPrivileged(new PrivilegedAction<Object>() {
@Override
public Object run() {
Subject tempSubject = new Subject();
tempSubject.getPrincipals().add(new MQUser(tempUserName));
tempSubject.getPrincipals().add(new MQAdminGroup(ADMINKEYNAME));
return tempSubject;
}
});
/*
* // subject = new Subject(); // subject.getPrincipals().add(new MQUser(username)); // subject.getPrincipals().add(new
* MQAdminGroup(ADMINKEYNAME));
*/
acc = new JMQAccessControlContext(new MQUser(username), subject, authProps);
return null;
}
FailedLoginException ex = new FailedLoginException(Globals.getBrokerResources().getKString(BrokerResources.X_FORBIDDEN, username));
ex.setUser(username);
throw ex;
}
throw new LoginException(Globals.getBrokerResources().getKString(BrokerResources.X_ADMINKEY_NOT_EXIST));
} catch (IOException e) {
throw new LoginException(Globals.getBrokerResources().getString(BrokerResources.X_INTERNAL_EXCEPTION, "IOException: " + e.getMessage()));
}
}
Also used :
MQUser(com.sun.messaging.jmq.auth.jaas.MQUser)
Subject(javax.security.auth.Subject)
FailedLoginException(com.sun.messaging.jmq.auth.api.FailedLoginException)
LoginException(javax.security.auth.login.LoginException)
FailedLoginException(com.sun.messaging.jmq.auth.api.FailedLoginException)
MQAdminGroup(com.sun.messaging.jmq.auth.jaas.MQAdminGroup)
BASE64Decoder(com.sun.messaging.jmq.util.BASE64Decoder)
Aggregations
FailedLoginException (com.sun.messaging.jmq.auth.api.FailedLoginException)7
LoginException (javax.security.auth.login.LoginException)5
MQUser (com.sun.messaging.jmq.auth.jaas.MQUser)4
Subject (javax.security.auth.Subject)4
AccessController (com.sun.messaging.jmq.jmsserver.auth.AccessController)2
AuthCacheData (com.sun.messaging.jmq.jmsserver.auth.AuthCacheData)2
IMQService (com.sun.messaging.jmq.jmsserver.service.imq.IMQService)2
BASE64Decoder (com.sun.messaging.jmq.util.BASE64Decoder)2
InvocationTargetException (java.lang.reflect.InvocationTargetException)2
NamingException (javax.naming.NamingException)2
DirContext (javax.naming.directory.DirContext)2
InitialDirContext (javax.naming.directory.InitialDirContext)2
UserRepository (com.sun.messaging.jmq.auth.api.server.model.UserRepository)1
MQAdminGroup (com.sun.messaging.jmq.auth.jaas.MQAdminGroup)1
HAMonitorService (com.sun.messaging.jmq.jmsserver.cluster.api.ha.HAMonitorService)1
Agent (com.sun.messaging.jmq.jmsserver.management.agent.Agent)1
CoreLifecycleSpi (com.sun.messaging.jmq.jmsserver.plugin.spi.CoreLifecycleSpi)1
Connection (com.sun.messaging.jmq.jmsserver.service.Connection)1
ConnectionUID (com.sun.messaging.jmq.jmsserver.service.ConnectionUID)1
IMQBasicConnection (com.sun.messaging.jmq.jmsserver.service.imq.IMQBasicConnection)1
