Example 1 with CallerPrincipalCallback
use of jakarta.security.auth.message.callback.CallerPrincipalCallback in project tomcat by apache.
the class TestCallbackHandlerImpl method testGroupPrincipalCallback.
@Test
public void testGroupPrincipalCallback() throws Exception {
CallbackHandler callbackHandler = createCallbackHandler(null);
Subject clientSubject = new Subject();
CallerPrincipalCallback cpc = new CallerPrincipalCallback(clientSubject, "name");
GroupPrincipalCallback gpc = new GroupPrincipalCallback(clientSubject, new String[] { "group1", "group2" });
callbackHandler.handle(new Callback[] { cpc, gpc });
Set<Object> credentials = clientSubject.getPrivateCredentials();
Assert.assertTrue(credentials.size() == 1);
GenericPrincipal gp = (GenericPrincipal) credentials.iterator().next();
Assert.assertEquals("name", gp.getName());
Assert.assertTrue(gp.hasRole("group1"));
Assert.assertTrue(gp.hasRole("group2"));
}
Also used :
CallerPrincipalCallback(jakarta.security.auth.message.callback.CallerPrincipalCallback)
CallbackHandler(javax.security.auth.callback.CallbackHandler)
GroupPrincipalCallback(jakarta.security.auth.message.callback.GroupPrincipalCallback)
GenericPrincipal(org.apache.catalina.realm.GenericPrincipal)
Subject(javax.security.auth.Subject)
Test(org.junit.Test)
Example 2 with CallerPrincipalCallback
use of jakarta.security.auth.message.callback.CallerPrincipalCallback in project tomcat by apache.
the class CallbackHandlerImpl method handle.
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
String name = null;
Principal principal = null;
Subject subject = null;
String[] groups = null;
if (callbacks != null) {
// Process the callbacks
for (Callback callback : callbacks) {
if (callback instanceof CallerPrincipalCallback) {
CallerPrincipalCallback cpc = (CallerPrincipalCallback) callback;
name = cpc.getName();
principal = cpc.getPrincipal();
subject = cpc.getSubject();
} else if (callback instanceof GroupPrincipalCallback) {
GroupPrincipalCallback gpc = (GroupPrincipalCallback) callback;
groups = gpc.getGroups();
} else if (callback instanceof PasswordValidationCallback) {
if (container == null) {
log.warn(sm.getString("callbackHandlerImpl.containerMissing", callback.getClass().getName()));
} else if (container.getRealm() == null) {
log.warn(sm.getString("callbackHandlerImpl.realmMissing", callback.getClass().getName(), container.getName()));
} else {
PasswordValidationCallback pvc = (PasswordValidationCallback) callback;
principal = container.getRealm().authenticate(pvc.getUsername(), String.valueOf(pvc.getPassword()));
pvc.setResult(principal != null);
subject = pvc.getSubject();
}
} else {
log.error(sm.getString("callbackHandlerImpl.jaspicCallbackMissing", callback.getClass().getName()));
}
}
// Create the GenericPrincipal
Principal gp = getPrincipal(principal, name, groups);
if (subject != null && gp != null) {
subject.getPrivateCredentials().add(gp);
}
}
}
Also used :
CallerPrincipalCallback(jakarta.security.auth.message.callback.CallerPrincipalCallback)
GroupPrincipalCallback(jakarta.security.auth.message.callback.GroupPrincipalCallback)
PasswordValidationCallback(jakarta.security.auth.message.callback.PasswordValidationCallback)
GroupPrincipalCallback(jakarta.security.auth.message.callback.GroupPrincipalCallback)
CallerPrincipalCallback(jakarta.security.auth.message.callback.CallerPrincipalCallback)
Callback(javax.security.auth.callback.Callback)
PasswordValidationCallback(jakarta.security.auth.message.callback.PasswordValidationCallback)
GenericPrincipal(org.apache.catalina.realm.GenericPrincipal)
Principal(java.security.Principal)
Subject(javax.security.auth.Subject)
Example 3 with CallerPrincipalCallback
use of jakarta.security.auth.message.callback.CallerPrincipalCallback in project tomcat by apache.
the class TestCallbackHandlerImpl method testCallerPrincipalCallback.
@Test
public void testCallerPrincipalCallback() throws Exception {
CallbackHandler callbackHandler = createCallbackHandler(null);
Subject clientSubject = new Subject();
CallerPrincipalCallback cpc1 = new CallerPrincipalCallback(clientSubject, "name1");
callbackHandler.handle(new Callback[] { cpc1 });
CallerPrincipalCallback cpc2 = new CallerPrincipalCallback(clientSubject, new Principal() {
@Override
public String getName() {
return "name2";
}
});
callbackHandler.handle(new Callback[] { cpc2 });
Set<Object> credentials = clientSubject.getPrivateCredentials();
Assert.assertTrue(credentials.size() == 2);
Set<String> names = new HashSet<>(Arrays.asList(new String[] { "name1", "name2" }));
for (Object o : credentials) {
names.remove(((GenericPrincipal) o).getName());
}
Assert.assertTrue(names.isEmpty());
}
Also used :
CallerPrincipalCallback(jakarta.security.auth.message.callback.CallerPrincipalCallback)
CallbackHandler(javax.security.auth.callback.CallbackHandler)
Subject(javax.security.auth.Subject)
GenericPrincipal(org.apache.catalina.realm.GenericPrincipal)
Principal(java.security.Principal)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Aggregations
CallerPrincipalCallback (jakarta.security.auth.message.callback.CallerPrincipalCallback)3
Subject (javax.security.auth.Subject)3
GenericPrincipal (org.apache.catalina.realm.GenericPrincipal)3
GroupPrincipalCallback (jakarta.security.auth.message.callback.GroupPrincipalCallback)2
Principal (java.security.Principal)2
CallbackHandler (javax.security.auth.callback.CallbackHandler)2
Test (org.junit.Test)2
PasswordValidationCallback (jakarta.security.auth.message.callback.PasswordValidationCallback)1
HashSet (java.util.HashSet)1
Callback (javax.security.auth.callback.Callback)1
