Examples with PasswordCredential io.undertow.security.idm.PasswordCredential used on opensource projects

Example 1 with PasswordCredential

use of io.undertow.security.idm.PasswordCredential in project wildfly by wildfly.

the class JAASIdentityManagerImpl method verify.

@Override
public Account verify(String id, Credential credential) {
    AccountImpl account = getAccount(id);
    if (credential instanceof DigestCredential) {
        DigestCredential digestCredential = (DigestCredential) credential;
        DigestCallbackHandler handler = new DigestCallbackHandler(id, digestCredential.getNonce(), digestCredential.getNonceCount(), digestCredential.getClientNonce(), digestCredential.getQop(), digestCredential.getRealm(), digestCredential.getHA2());
        CallbackHandlerPolicyContextHandler.setCallbackHandler(handler);
        return verifyCredential(account, digestCredential.getClientDigest());
    } else if (credential instanceof PasswordCredential) {
        final char[] password = ((PasswordCredential) credential).getPassword();
        // The original array may be cleared, this integration relies on it being cached for use later.
        final char[] duplicate = Arrays.copyOf(password, password.length);
        return verifyCredential(account, duplicate);
    } else {
        return verifyCredential(account, credential);
    }
}

Example 2 with PasswordCredential

use of io.undertow.security.idm.PasswordCredential in project undertow by undertow-io.

the class FormAuthenticationMechanism method runFormAuth.

public AuthenticationMechanismOutcome runFormAuth(final HttpServerExchange exchange, final SecurityContext securityContext) {
    final FormDataParser parser = formParserFactory.createParser(exchange);
    if (parser == null) {
        UndertowLogger.SECURITY_LOGGER.debug("Could not authenticate as no form parser is present");
        // TODO - May need a better error signaling mechanism here to prevent repeated attempts.
        return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
    }
    Throwable original = null;
    AuthenticationMechanismOutcome retValue = null;
    try {
        final FormData data = parser.parseBlocking();
        final FormData.FormValue jUsername = data.getFirst("j_username");
        final FormData.FormValue jPassword = data.getFirst("j_password");
        if (jUsername == null || jPassword == null) {
            UndertowLogger.SECURITY_LOGGER.debugf("Could not authenticate as username or password was not present in the posted result for %s", exchange);
            return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
        }
        final String userName = jUsername.getValue();
        final String password = jPassword.getValue();
        AuthenticationMechanismOutcome outcome = null;
        PasswordCredential credential = new PasswordCredential(password.toCharArray());
        try {
            IdentityManager identityManager = getIdentityManager(securityContext);
            Account account = identityManager.verify(userName, credential);
            if (account != null) {
                securityContext.authenticationComplete(account, name, true);
                UndertowLogger.SECURITY_LOGGER.debugf("Authenticated user %s using for auth for %s", account.getPrincipal().getName(), exchange);
                outcome = AuthenticationMechanismOutcome.AUTHENTICATED;
            } else {
                securityContext.authenticationFailed(MESSAGES.authenticationFailed(userName), name);
            }
        } catch (Throwable t) {
            original = t;
        } finally {
            try {
                if (outcome == AuthenticationMechanismOutcome.AUTHENTICATED) {
                    handleRedirectBack(exchange);
                    exchange.endExchange();
                }
                retValue = outcome != null ? outcome : AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
            } catch (Throwable t) {
                if (original != null) {
                    original.addSuppressed(t);
                } else {
                    original = t;
                }
            }
        }
    } catch (IOException e) {
        original = new UncheckedIOException(e);
    }
    if (original != null) {
        if (original instanceof RuntimeException) {
            throw (RuntimeException) original;
        }
        if (original instanceof Error) {
            throw (Error) original;
        }
    }
    return retValue;
}

Example 3 with PasswordCredential

use of io.undertow.security.idm.PasswordCredential in project undertow by undertow-io.

the class GenericHeaderAuthenticationMechanism method authenticate.

@Override
public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) {
    String principal = getPrincipal(exchange);
    if (principal == null) {
        return NOT_ATTEMPTED;
    }
    String session = getSession(exchange);
    if (session == null) {
        return NOT_ATTEMPTED;
    }
    Account account = identityManager.verify(principal, new PasswordCredential(session.toCharArray()));
    if (account == null) {
        securityContext.authenticationFailed(UndertowMessages.MESSAGES.authenticationFailed(principal), mechanismName);
        return NOT_AUTHENTICATED;
    }
    securityContext.authenticationComplete(account, mechanismName, false);
    return AUTHENTICATED;
}

Example 4 with PasswordCredential

use of io.undertow.security.idm.PasswordCredential in project undertow by undertow-io.

the class SecurityContextImpl method login.

@Override
public boolean login(final String username, final String password) {
    UndertowLogger.SECURITY_LOGGER.debugf("Attempting programatic login for user %s for request %s", username, exchange);
    final Account account;
    if (System.getSecurityManager() == null) {
        account = identityManager.verify(username, new PasswordCredential(password.toCharArray()));
    } else {
        account = AccessController.doPrivileged(new PrivilegedAction<Account>() {

            @Override
            public Account run() {
                return identityManager.verify(username, new PasswordCredential(password.toCharArray()));
            }
        });
    }
    if (account == null) {
        return false;
    }
    authenticationComplete(account, programaticMechName, true);
    this.authenticationState = AuthenticationState.AUTHENTICATED;
    return true;
}

Example 5 with PasswordCredential

use of io.undertow.security.idm.PasswordCredential in project openremote by openremote.

the class BasicIdentityProvider method secureDeployment.

@Override
public void secureDeployment(DeploymentInfo deploymentInfo) {
    LoginConfig loginConfig = new LoginConfig("BASIC", "OpenRemote");
    deploymentInfo.setLoginConfig(loginConfig);
    deploymentInfo.setIdentityManager(new IdentityManager() {

        @Override
        public Account verify(Account account) {
            return null;
        }

        @Override
        public Account verify(String id, Credential credential) {
            if (credential instanceof PasswordCredential) {
                PasswordCredential passwordCredential = (PasswordCredential) credential;
                return verifyAccount(id, passwordCredential.getPassword());
            } else {
                LOG.fine("Verification of '" + id + "' failed, no password credentials found, but: " + credential);
                return null;
            }
        }

        @Override
        public Account verify(Credential credential) {
            return null;
        }
    });
}