use of com.sun.messaging.jmq.auth.jaas.MQAdminGroup in project openmq by eclipse-ee4j.
the class JMQFileUserRepository method getSubject.
private Subject getSubject(String user, HashMap userRTable) {
Subject subject = null;
final String rolestr = (String) userRTable.get(user);
final String tempUser = user;
subject = (Subject) java.security.AccessController.doPrivileged(new PrivilegedAction<Object>() {
@Override
public Object run() {
Subject tempSubject = new Subject();
tempSubject.getPrincipals().add(new MQUser(tempUser));
if (rolestr != null && !rolestr.trim().equals("")) {
tempSubject.getPrincipals().add(new MQGroup(rolestr));
}
if (rolestr != null && rolestr.equals(ADMINGROUP)) {
tempSubject.getPrincipals().add(new MQAdminGroup(ADMINGROUP));
}
return tempSubject;
}
});
return subject;
}
use of com.sun.messaging.jmq.auth.jaas.MQAdminGroup in project openmq by eclipse-ee4j.
the class JMQAdminKeyAuthenticationHandler method handleResponse.
/**
* @param authResponse the authentication response data. This is the AUTHENCATE_RESPONSE packet body.
* @param sequence packet sequence number
*
* @return next request data if any; null if no more request. The request data will be sent as packet body in
* AUTHENTICATE_REQUEST
*/
@Override
public byte[] handleResponse(byte[] authResponse, int sequence) throws LoginException {
Subject subject = null;
acc = null;
if (authProps == null) {
throw new LoginException(Globals.getBrokerResources().getKString(BrokerResources.X_ILLEGAL_AUTHSTATE, getType()));
}
try {
ByteArrayInputStream bis = new ByteArrayInputStream(authResponse);
DataInputStream dis = new DataInputStream(bis);
String username = dis.readUTF();
BASE64Decoder decoder = new BASE64Decoder();
String pass = dis.readUTF();
String password = new String(decoder.decodeBuffer(pass), "UTF8");
dis.close();
String adminkey = authProps.getProperty(AccessController.PROP_ADMINKEY);
if (DEBUG) {
logger.log(Logger.DEBUG, AccessController.PROP_ADMINKEY + ":" + adminkey + ":" + " password:" + password + ":");
}
if (adminkey != null) {
if (username.equals(ADMINKEYNAME) && password.equals(adminkey)) {
final String tempUserName = username;
subject = (Subject) java.security.AccessController.doPrivileged(new PrivilegedAction<Object>() {
@Override
public Object run() {
Subject tempSubject = new Subject();
tempSubject.getPrincipals().add(new MQUser(tempUserName));
tempSubject.getPrincipals().add(new MQAdminGroup(ADMINKEYNAME));
return tempSubject;
}
});
/*
* // subject = new Subject(); // subject.getPrincipals().add(new MQUser(username)); // subject.getPrincipals().add(new
* MQAdminGroup(ADMINKEYNAME));
*/
acc = new JMQAccessControlContext(new MQUser(username), subject, authProps);
return null;
}
FailedLoginException ex = new FailedLoginException(Globals.getBrokerResources().getKString(BrokerResources.X_FORBIDDEN, username));
ex.setUser(username);
throw ex;
}
throw new LoginException(Globals.getBrokerResources().getKString(BrokerResources.X_ADMINKEY_NOT_EXIST));
} catch (IOException e) {
throw new LoginException(Globals.getBrokerResources().getString(BrokerResources.X_INTERNAL_EXCEPTION, "IOException: " + e.getMessage()));
}
}
Aggregations