Examples with AttributeStatementDefault ddf.security.assertion.impl.AttributeStatementDefault used on opensource projects

Search in sources :

Example 1 with AttributeStatementDefault

use of ddf.security.assertion.impl.AttributeStatementDefault in project ddf by codice.

the class PKIRealm method createPrincipalCollectionFromCertificate.

private SimplePrincipalCollection createPrincipalCollectionFromCertificate(X500Principal principal) {
    SimplePrincipalCollection principals = new SimplePrincipalCollection();
    DefaultSecurityAssertionBuilder assertionBuilder = new DefaultSecurityAssertionBuilder();
    AttributeStatement attributeStatement = new AttributeStatementDefault();
    HashMap<String, Object> properties = createProperties(principal);
    for (ClaimsHandler claimsHandler : claimsHandlers) {
        ClaimsCollection claims = claimsHandler.retrieveClaims(new ClaimsParametersImpl(principal, Collections.singleton(principal), properties));
        mergeClaimsToAttributes(attributeStatement, claims);
    }
    final Instant now = Instant.now();
    SecurityAssertion assertion = assertionBuilder.addAttributeStatement(attributeStatement).userPrincipal(principal).weight(SecurityAssertion.LOCAL_AUTH_WEIGHT).issuer("DDF").notBefore(Date.from(now)).notOnOrAfter(Date.from(now.plus(fourHours))).tokenType(PKI_TOKEN_TYPE).build();
    principals.add(assertion, "PKI");
    return principals;
}
Also used : ClaimsHandler(ddf.security.claims.ClaimsHandler) DefaultSecurityAssertionBuilder(ddf.security.assertion.impl.DefaultSecurityAssertionBuilder) ClaimsParametersImpl(ddf.security.claims.impl.ClaimsParametersImpl) AttributeStatement(ddf.security.assertion.AttributeStatement) AttributeStatementDefault(ddf.security.assertion.impl.AttributeStatementDefault) Instant(java.time.Instant) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) ClaimsCollection(ddf.security.claims.ClaimsCollection) SecurityAssertion(ddf.security.assertion.SecurityAssertion)

Example 2 with AttributeStatementDefault

use of ddf.security.assertion.impl.AttributeStatementDefault in project ddf by codice.

the class UsernamePasswordRealm method createPrincipalCollectionFromSubject.

private SimplePrincipalCollection createPrincipalCollectionFromSubject(Subject subject) {
    SimplePrincipalCollection principals = new SimplePrincipalCollection();
    DefaultSecurityAssertionBuilder assertionBuilder = new DefaultSecurityAssertionBuilder();
    AttributeStatement attributeStatement = new AttributeStatementDefault();
    Principal userPrincipal = subject.getPrincipals().stream().filter(p -> p instanceof UserPrincipal).findFirst().orElseThrow(AuthenticationException::new);
    Set<Principal> rolePrincipals = subject.getPrincipals().stream().filter(p -> p instanceof RolePrincipal).collect(Collectors.toSet());
    for (ClaimsHandler claimsHandler : claimsHandlers) {
        ClaimsCollection claims = claimsHandler.retrieveClaims(new ClaimsParametersImpl(userPrincipal, rolePrincipals, new HashMap<>()));
        mergeClaimsToAttributes(attributeStatement, claims);
    }
    final Instant now = Instant.now();
    assertionBuilder.addAttributeStatement(attributeStatement).userPrincipal(userPrincipal).weight(SecurityAssertion.LOCAL_AUTH_WEIGHT).issuer("DDF").notBefore(Date.from(now)).notOnOrAfter(Date.from(now.plus(fourHours)));
    for (Principal principal : rolePrincipals) {
        assertionBuilder.addPrincipal(principal);
    }
    assertionBuilder.tokenType(USER_PASS_TOKEN_TYPE);
    SecurityAssertion assertion = assertionBuilder.build();
    principals.add(assertion, "UP");
    return principals;
}
Also used : LoginException(javax.security.auth.login.LoginException) NamePasswordCallbackHandler(org.apache.wss4j.common.NamePasswordCallbackHandler) Date(java.util.Date) LoggerFactory(org.slf4j.LoggerFactory) HashMap(java.util.HashMap) AuthenticationToken(org.apache.shiro.authc.AuthenticationToken) DefaultSecurityAssertionBuilder(ddf.security.assertion.impl.DefaultSecurityAssertionBuilder) AttributeStatement(ddf.security.assertion.AttributeStatement) LoginContext(javax.security.auth.login.LoginContext) ArrayList(java.util.ArrayList) JaasRealm(org.apache.karaf.jaas.config.JaasRealm) CallbackHandler(javax.security.auth.callback.CallbackHandler) Duration(java.time.Duration) AuthenticationTokenType(org.codice.ddf.security.handler.AuthenticationTokenType) Bundle(org.osgi.framework.Bundle) ClaimsHandler(ddf.security.claims.ClaimsHandler) ClaimsParametersImpl(ddf.security.claims.impl.ClaimsParametersImpl) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) ServiceReference(org.osgi.framework.ServiceReference) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) Claim(ddf.security.claims.Claim) SecurityAssertion(ddf.security.assertion.SecurityAssertion) AuthenticationInfo(org.apache.shiro.authc.AuthenticationInfo) Logger(org.slf4j.Logger) Attribute(ddf.security.assertion.Attribute) AttributeDefault(ddf.security.assertion.impl.AttributeDefault) Set(java.util.Set) Instant(java.time.Instant) Collectors(java.util.stream.Collectors) StandardCharsets(java.nio.charset.StandardCharsets) Subject(javax.security.auth.Subject) SimpleAuthenticationInfo(org.apache.shiro.authc.SimpleAuthenticationInfo) ClaimsCollection(ddf.security.claims.ClaimsCollection) Base64(java.util.Base64) List(java.util.List) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) Principal(java.security.Principal) AuthenticationException(org.apache.shiro.authc.AuthenticationException) AttributeStatementDefault(ddf.security.assertion.impl.AttributeStatementDefault) AuthenticatingRealm(org.apache.shiro.realm.AuthenticatingRealm) BaseAuthenticationToken(org.codice.ddf.security.handler.BaseAuthenticationToken) FrameworkUtil(org.osgi.framework.FrameworkUtil) CopyOnWriteArrayList(java.util.concurrent.CopyOnWriteArrayList) ClaimsHandler(ddf.security.claims.ClaimsHandler) DefaultSecurityAssertionBuilder(ddf.security.assertion.impl.DefaultSecurityAssertionBuilder) AuthenticationException(org.apache.shiro.authc.AuthenticationException) HashMap(java.util.HashMap) Instant(java.time.Instant) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) SecurityAssertion(ddf.security.assertion.SecurityAssertion) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) ClaimsParametersImpl(ddf.security.claims.impl.ClaimsParametersImpl) AttributeStatement(ddf.security.assertion.AttributeStatement) AttributeStatementDefault(ddf.security.assertion.impl.AttributeStatementDefault) ClaimsCollection(ddf.security.claims.ClaimsCollection) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) Principal(java.security.Principal)

Example 3 with AttributeStatementDefault

use of ddf.security.assertion.impl.AttributeStatementDefault in project ddf by codice.

the class GuestRealm method createPrincipalFromToken.

private SimplePrincipalCollection createPrincipalFromToken(BaseAuthenticationToken token) {
    SimplePrincipalCollection principals = new SimplePrincipalCollection();
    DefaultSecurityAssertionBuilder defaultSecurityAssertionBuilder = new DefaultSecurityAssertionBuilder();
    Set<Map.Entry<URI, List<String>>> entries = claimsMap.entrySet();
    AttributeStatementDefault attributeStatement = new AttributeStatementDefault();
    for (Map.Entry<URI, List<String>> entry : entries) {
        AttributeDefault attribute = new AttributeDefault();
        attribute.setName(entry.getKey().toString());
        for (String value : entry.getValue()) {
            attribute.addValue(value);
        }
        attributeStatement.addAttribute(attribute);
    }
    defaultSecurityAssertionBuilder.addAttributeStatement(attributeStatement);
    defaultSecurityAssertionBuilder.userPrincipal(new GuestPrincipal(token.getIpAddress()));
    defaultSecurityAssertionBuilder.issuer("local");
    defaultSecurityAssertionBuilder.notBefore(new Date());
    // We don't really care how long it is "valid" for
    defaultSecurityAssertionBuilder.notOnOrAfter(new Date(new Date().getTime() + 14400000L));
    defaultSecurityAssertionBuilder.token(token);
    defaultSecurityAssertionBuilder.tokenType(GUEST_TOKEN_TYPE);
    SecurityAssertion securityAssertion = defaultSecurityAssertionBuilder.build();
    Principal principal = securityAssertion.getPrincipal();
    if (principal != null) {
        principals.add(principal.getName(), getName());
    }
    principals.add(securityAssertion, getName());
    return principals;
}
Also used : DefaultSecurityAssertionBuilder(ddf.security.assertion.impl.DefaultSecurityAssertionBuilder) AttributeDefault(ddf.security.assertion.impl.AttributeDefault) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) SecurityAssertion(ddf.security.assertion.SecurityAssertion) URI(java.net.URI) Date(java.util.Date) AttributeStatementDefault(ddf.security.assertion.impl.AttributeStatementDefault) GuestPrincipal(ddf.security.principal.impl.GuestPrincipal) ArrayList(java.util.ArrayList) List(java.util.List) HashMap(java.util.HashMap) Map(java.util.Map) Principal(java.security.Principal) GuestPrincipal(ddf.security.principal.impl.GuestPrincipal)

Aggregations

SecurityAssertion (ddf.security.assertion.SecurityAssertion)3 AttributeStatementDefault (ddf.security.assertion.impl.AttributeStatementDefault)3 DefaultSecurityAssertionBuilder (ddf.security.assertion.impl.DefaultSecurityAssertionBuilder)3 SimplePrincipalCollection (org.apache.shiro.subject.SimplePrincipalCollection)3 AttributeStatement (ddf.security.assertion.AttributeStatement)2 AttributeDefault (ddf.security.assertion.impl.AttributeDefault)2 ClaimsCollection (ddf.security.claims.ClaimsCollection)2 ClaimsHandler (ddf.security.claims.ClaimsHandler)2 ClaimsParametersImpl (ddf.security.claims.impl.ClaimsParametersImpl)2 Principal (java.security.Principal)2 Instant (java.time.Instant)2 ArrayList (java.util.ArrayList)2 Date (java.util.Date)2 HashMap (java.util.HashMap)2 List (java.util.List)2 Attribute (ddf.security.assertion.Attribute)1 Claim (ddf.security.claims.Claim)1 GuestPrincipal (ddf.security.principal.impl.GuestPrincipal)1 URI (java.net.URI)1 StandardCharsets (java.nio.charset.StandardCharsets)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial