Search in sources :

Example 91 with Principal

use of java.security.Principal in project jdk8u_jdk by JetBrains.

the class SimpleStandard method checkSubject.

/*
     * ---------------
     * PRIVATE METHODS
     * ---------------
     */
/**
     * Check that the principal contained in the Subject is of
     * type JMXPrincipal and refers to the principalName identity.
     */
private void checkSubject(String op) {
    AccessControlContext acc = AccessController.getContext();
    Subject subject = Subject.getSubject(acc);
    Set principals = subject.getPrincipals();
    Principal principal = (Principal) principals.iterator().next();
    if (!(principal instanceof JMXPrincipal))
        throw new SecurityException(op + ": Authenticated subject contains " + "invalid principal type = " + principal.getClass().getName());
    String identity = principal.getName();
    if (!identity.equals(principalName))
        throw new SecurityException(op + ": Authenticated subject contains " + "invalid principal name = " + identity);
}
Also used : Set(java.util.Set) AccessControlContext(java.security.AccessControlContext) JMXPrincipal(javax.management.remote.JMXPrincipal) Subject(javax.security.auth.Subject) Principal(java.security.Principal) JMXPrincipal(javax.management.remote.JMXPrincipal)

Example 92 with Principal

use of java.security.Principal in project jdk8u_jdk by JetBrains.

the class Implies method main.

public static void main(String[] args) throws Exception {
    X500Principal duke = new X500Principal("CN=Duke");
    // should not throw NullPointerException
    testImplies(duke, (Subject) null, false);
    Set<Principal> principals = new HashSet<>();
    principals.add(duke);
    testImplies(duke, principals, true);
    X500Principal tux = new X500Principal("CN=Tux");
    principals.add(tux);
    testImplies(duke, principals, true);
    principals.add(new KerberosPrincipal("duke@java.com"));
    testImplies(duke, principals, true);
    principals.clear();
    principals.add(tux);
    testImplies(duke, principals, false);
    System.out.println("test passed");
}
Also used : KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) X500Principal(javax.security.auth.x500.X500Principal) Principal(java.security.Principal) X500Principal(javax.security.auth.x500.X500Principal) KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) HashSet(java.util.HashSet)

Example 93 with Principal

use of java.security.Principal in project jdk8u_jdk by JetBrains.

the class Synch method main.

public static void main(String[] args) {
    Subject subject = new Subject();
    final Set principals = subject.getPrincipals();
    principals.add(new X500Principal("CN=Alice"));
    new Thread() {

        public void run() {
            Principal last = new X500Principal("CN=Bob");
            for (int i = 0; !finished; i++) {
                Principal next = new X500Principal("CN=Bob" + i);
                principals.add(next);
                principals.remove(last);
                last = next;
            }
        }
    }.start();
    for (int i = 0; i < 1000; i++) {
        Subject.doAs(subject, new PrivilegedAction() {

            public Object run() {
                return Subject.doAs(new Subject(true, Collections.singleton(new X500Principal("CN=Claire")), Collections.EMPTY_SET, Collections.EMPTY_SET), new PrivilegedAction() {

                    public Object run() {
                        return null;
                    }
                });
            }
        });
    }
    finished = true;
}
Also used : Set(java.util.Set) PrivilegedAction(java.security.PrivilegedAction) X500Principal(javax.security.auth.x500.X500Principal) Subject(javax.security.auth.Subject) Principal(java.security.Principal) X500Principal(javax.security.auth.x500.X500Principal)

Example 94 with Principal

use of java.security.Principal in project jdk8u_jdk by JetBrains.

the class TestJMXAuthenticator method authenticate.

public Subject authenticate(Object credentials) {
    String credentials_username = "";
    String credentials_password = "";
    Principal aPrincipal = null;
    credentials_username = ((String[]) credentials)[0];
    credentials_password = ((String[]) credentials)[1];
    String authenticated_username = System.getProperty("susername");
    String authenticated_password = System.getProperty("spassword");
    String principal = System.getProperty("principal");
    System.out.println("TestJMXAuthenticator::authenticate: Start");
    System.out.println("TestJMXAuthenticator::authenticate: credentials username = " + credentials_username);
    System.out.println("TestJMXAuthenticator::authenticate: credentials password = " + credentials_password);
    System.out.println("TestJMXAuthenticator::authenticate: authenticated username = " + authenticated_username);
    System.out.println("TestJMXAuthenticator::authenticate: authenticated password = " + authenticated_password);
    System.out.println("TestJMXAuthenticator::authenticate: principal used for " + "authorization = " + principal);
    if (credentials_username.equals(authenticated_username) && credentials_password.equals(authenticated_password)) {
        System.out.println("TestJMXAuthenticator::authenticate: " + "Authenticator should succeed");
    } else {
        System.out.println("TestJMXAuthenticator::authenticate: " + "Authenticator should reject");
        throw new SecurityException("TestJMXAuthenticator throws EXCEPTION");
    }
    // At this point, authentication has succeeded
    // (no SecurityException thrown).
    //
    // If no authorization is required, the returned subject (empty or not)
    // is useless.
    // Otherwise, the returned subject must define a principal
    // and authorization will be performed against this principal.
    //
    // Note that this custom JMXAuthenticator is used for test purpose and
    // the username used to perform authentication may be different from the
    // username used to perform authorization.
    //
    Subject subject = new Subject();
    if (principal != null) {
        System.out.println("TestJMXAuthenticator::authenticate: " + "Add " + principal + " principal to the returned subject");
        subject.getPrincipals().add(new JMXPrincipal(principal));
    }
    return subject;
}
Also used : JMXPrincipal(javax.management.remote.JMXPrincipal) Principal(java.security.Principal) JMXPrincipal(javax.management.remote.JMXPrincipal) Subject(javax.security.auth.Subject)

Example 95 with Principal

use of java.security.Principal in project opennms by OpenNMS.

the class OpenNMSLoginModule method createPrincipals.

public Set<Principal> createPrincipals(final GrantedAuthority authority) {
    final String role = authority.getAuthority().replaceFirst("^[Rr][Oo][Ll][Ee]_", "");
    final Set<Principal> principals = new HashSet<Principal>();
    principals.add(new RolePrincipal(role));
    principals.add(new RolePrincipal(role.toLowerCase()));
    principals.add(new RolePrincipal(authority.getAuthority()));
    LOG.debug("created principals from authority {}: {}", authority, principals);
    return principals;
}
Also used : RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) Principal(java.security.Principal) HashSet(java.util.HashSet)

Aggregations

Principal (java.security.Principal)931 Test (org.junit.Test)243 Subject (javax.security.auth.Subject)114 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)114 HashSet (java.util.HashSet)89 User (org.apache.jackrabbit.api.security.user.User)75 Group (org.apache.jackrabbit.api.security.user.Group)74 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)58 Privilege (javax.jcr.security.Privilege)57 RepositoryException (javax.jcr.RepositoryException)51 IOException (java.io.IOException)50 ArrayList (java.util.ArrayList)48 HttpServletRequest (javax.servlet.http.HttpServletRequest)47 TestPrincipal (org.apache.jackrabbit.core.security.TestPrincipal)45 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)43 EveryonePrincipal (org.apache.jackrabbit.core.security.principal.EveryonePrincipal)42 PrincipalIterator (org.apache.jackrabbit.api.security.principal.PrincipalIterator)40 HashMap (java.util.HashMap)39 PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)39 X500Principal (javax.security.auth.x500.X500Principal)38