Example 1 with ServerAuthContext
use of jakarta.security.auth.message.config.ServerAuthContext in project tomcat by apache.
the class AuthenticatorBase method logout.
@Override
public void logout(Request request) {
AuthConfigProvider provider = getJaspicProvider();
if (provider != null) {
MessageInfo messageInfo = new MessageInfoImpl(request, request.getResponse(), true);
Subject client = (Subject) request.getNote(Constants.REQ_JASPIC_SUBJECT_NOTE);
if (client != null) {
ServerAuthContext serverAuthContext;
try {
ServerAuthConfig serverAuthConfig = provider.getServerAuthConfig("HttpServlet", jaspicAppContextID, getCallbackHandler());
String authContextID = serverAuthConfig.getAuthContextID(messageInfo);
serverAuthContext = serverAuthConfig.getAuthContext(authContextID, null, null);
serverAuthContext.cleanSubject(messageInfo, client);
} catch (AuthException e) {
log.debug(sm.getString("authenticator.jaspicCleanSubjectFail"), e);
}
}
}
Principal p = request.getPrincipal();
if (p instanceof TomcatPrincipal) {
try {
((TomcatPrincipal) p).logout();
} catch (Throwable t) {
ExceptionUtils.handleThrowable(t);
log.debug(sm.getString("authenticator.tomcatPrincipalLogoutFail"), t);
}
}
register(request, request.getResponse(), null, null, null, null);
}
Also used :
AuthConfigProvider(jakarta.security.auth.message.config.AuthConfigProvider)
MessageInfoImpl(org.apache.catalina.authenticator.jaspic.MessageInfoImpl)
AuthException(jakarta.security.auth.message.AuthException)
Subject(javax.security.auth.Subject)
ServerAuthConfig(jakarta.security.auth.message.config.ServerAuthConfig)
Principal(java.security.Principal)
TomcatPrincipal(org.apache.catalina.TomcatPrincipal)
GenericPrincipal(org.apache.catalina.realm.GenericPrincipal)
MessageInfo(jakarta.security.auth.message.MessageInfo)
ServerAuthContext(jakarta.security.auth.message.config.ServerAuthContext)
TomcatPrincipal(org.apache.catalina.TomcatPrincipal)
Example 2 with ServerAuthContext
use of jakarta.security.auth.message.config.ServerAuthContext in project tomcat by apache.
the class TestSimpleServerAuthConfig method testConfigOnGetAuthContext.
@Test
public void testConfigOnGetAuthContext() throws Exception {
ServerAuthConfig serverAuthConfig = new SimpleServerAuthConfig(null, null, null, null);
ServerAuthContext serverAuthContext = serverAuthConfig.getAuthContext(null, null, CONFIG_PROPERTIES);
validateServerAuthContext(serverAuthContext);
}
Also used :
ServerAuthConfig(jakarta.security.auth.message.config.ServerAuthConfig)
ServerAuthContext(jakarta.security.auth.message.config.ServerAuthContext)
Test(org.junit.Test)
Example 3 with ServerAuthContext
use of jakarta.security.auth.message.config.ServerAuthContext in project tomcat by apache.
the class SimpleServerAuthConfig method getAuthContext.
// JASPIC API uses raw types
@SuppressWarnings({ "rawtypes", "unchecked" })
@Override
public ServerAuthContext getAuthContext(String authContextID, Subject serviceSubject, Map properties) throws AuthException {
ServerAuthContext serverAuthContext = this.serverAuthContext;
if (serverAuthContext == null) {
synchronized (this) {
if (this.serverAuthContext == null) {
Map<String, String> mergedProperties = new HashMap<>();
if (this.properties != null) {
mergedProperties.putAll(this.properties);
}
if (properties != null) {
mergedProperties.putAll(properties);
}
List<ServerAuthModule> modules = new ArrayList<>();
int moduleIndex = 1;
String key = SERVER_AUTH_MODULE_KEY_PREFIX + moduleIndex;
String moduleClassName = mergedProperties.get(key);
while (moduleClassName != null) {
try {
Class<?> clazz = Class.forName(moduleClassName);
ServerAuthModule module = (ServerAuthModule) clazz.getConstructor().newInstance();
module.initialize(null, null, handler, mergedProperties);
modules.add(module);
} catch (ReflectiveOperationException | IllegalArgumentException | SecurityException e) {
AuthException ae = new AuthException();
ae.initCause(e);
throw ae;
}
// Look for the next module
moduleIndex++;
key = SERVER_AUTH_MODULE_KEY_PREFIX + moduleIndex;
moduleClassName = mergedProperties.get(key);
}
if (modules.size() == 0) {
throw new AuthException(sm.getString("simpleServerAuthConfig.noModules"));
}
this.serverAuthContext = createServerAuthContext(modules);
}
serverAuthContext = this.serverAuthContext;
}
}
return serverAuthContext;
}
Also used :
HashMap(java.util.HashMap)
ServerAuthModule(jakarta.security.auth.message.module.ServerAuthModule)
ArrayList(java.util.ArrayList)
AuthException(jakarta.security.auth.message.AuthException)
ServerAuthContext(jakarta.security.auth.message.config.ServerAuthContext)
Example 4 with ServerAuthContext
use of jakarta.security.auth.message.config.ServerAuthContext in project tomcat by apache.
the class TestSimpleServerAuthConfig method testConfigOnServerAuthConfig.
@Test
public void testConfigOnServerAuthConfig() throws Exception {
ServerAuthConfig serverAuthConfig = new SimpleServerAuthConfig(null, null, null, CONFIG_PROPERTIES);
ServerAuthContext serverAuthContext = serverAuthConfig.getAuthContext(null, null, null);
validateServerAuthContext(serverAuthContext);
}
Also used :
ServerAuthConfig(jakarta.security.auth.message.config.ServerAuthConfig)
ServerAuthContext(jakarta.security.auth.message.config.ServerAuthContext)
Test(org.junit.Test)
Aggregations
ServerAuthContext (jakarta.security.auth.message.config.ServerAuthContext)4
ServerAuthConfig (jakarta.security.auth.message.config.ServerAuthConfig)3
AuthException (jakarta.security.auth.message.AuthException)2
Test (org.junit.Test)2
MessageInfo (jakarta.security.auth.message.MessageInfo)1
AuthConfigProvider (jakarta.security.auth.message.config.AuthConfigProvider)1
ServerAuthModule (jakarta.security.auth.message.module.ServerAuthModule)1
Principal (java.security.Principal)1
ArrayList (java.util.ArrayList)1
HashMap (java.util.HashMap)1
Subject (javax.security.auth.Subject)1
TomcatPrincipal (org.apache.catalina.TomcatPrincipal)1
MessageInfoImpl (org.apache.catalina.authenticator.jaspic.MessageInfoImpl)1
GenericPrincipal (org.apache.catalina.realm.GenericPrincipal)1
