use of java.security.Principal in project tomcat by apache.
the class TestJNDIRealm method testAuthenticateWithUserPassword.
@Test
public void testAuthenticateWithUserPassword() throws Exception {
// GIVEN
JNDIRealm realm = buildRealm(PASSWORD);
realm.setUserPassword(USER_PASSWORD_ATTR);
// WHEN
String expectedResponse = MD5Encoder.encode(md5Helper.digest((ha1() + ":" + NONCE + ":" + HA2).getBytes()));
Principal principal = realm.authenticate(USER, expectedResponse, NONCE, null, null, null, REALM, HA2);
// THEN
Assert.assertTrue(principal instanceof GenericPrincipal);
Assert.assertEquals(PASSWORD, ((GenericPrincipal) principal).getPassword());
}
use of java.security.Principal in project tomcat by apache.
the class TestJNDIRealm method testAuthenticateWithUserPasswordAndCredentialHandler.
@Test
public void testAuthenticateWithUserPasswordAndCredentialHandler() throws Exception {
// GIVEN
JNDIRealm realm = buildRealm(ha1());
realm.setCredentialHandler(buildCredentialHandler());
realm.setUserPassword(USER_PASSWORD_ATTR);
// WHEN
String expectedResponse = MD5Encoder.encode(md5Helper.digest((ha1() + ":" + NONCE + ":" + HA2).getBytes()));
Principal principal = realm.authenticate(USER, expectedResponse, NONCE, null, null, null, REALM, HA2);
// THEN
Assert.assertTrue(principal instanceof GenericPrincipal);
Assert.assertEquals(ha1(), ((GenericPrincipal) principal).getPassword());
}
use of java.security.Principal in project tomcat by apache.
the class TestRealmBase method doTestDigestDigestPasswords.
private void doTestDigestDigestPasswords(String password, String digest, String digestedPassword) throws Exception {
Context context = new TesterContext();
TesterMapRealm realm = new TesterMapRealm();
realm.setContainer(context);
MessageDigestCredentialHandler ch = new MessageDigestCredentialHandler();
ch.setAlgorithm(digest);
realm.setCredentialHandler(ch);
realm.start();
realm.addUser(USER1, digestedPassword);
Principal p = realm.authenticate(USER1, password);
Assert.assertNotNull(p);
Assert.assertEquals(USER1, p.getName());
}
use of java.security.Principal in project che by eclipse.
the class ServerContainerInitializeListener method createSecurityContext.
protected SecurityContext createSecurityContext(final HandshakeRequest req) {
//todo: get somehow from request
final boolean isSecure = false;
final String authType = "BASIC";
final Subject subject = EnvironmentContext.getCurrent().getSubject();
final Principal principal = new SimplePrincipal(subject.getUserName());
return new SecurityContext() {
@Override
public Principal getUserPrincipal() {
return principal;
}
@Override
public boolean isUserInRole(String role) {
return false;
}
@Override
public boolean isSecure() {
return isSecure;
}
@Override
public String getAuthenticationScheme() {
return authType;
}
};
}
use of java.security.Principal in project dropwizard by dropwizard.
the class AuthFilter method authenticate.
/**
* Authenticates a request with user credentials and setup the security context.
*
* @param requestContext the context of the request
* @param credentials the user credentials
* @param scheme the authentication scheme; one of {@code BASIC_AUTH, FORM_AUTH, CLIENT_CERT_AUTH, DIGEST_AUTH}.
* See {@link SecurityContext}
* @return {@code true}, if the request is authenticated, otherwise {@code false}
*/
protected boolean authenticate(ContainerRequestContext requestContext, C credentials, String scheme) {
try {
if (credentials == null) {
return false;
}
final Optional<P> principal = authenticator.authenticate(credentials);
if (!principal.isPresent()) {
return false;
}
final SecurityContext securityContext = requestContext.getSecurityContext();
final boolean secure = securityContext != null && securityContext.isSecure();
requestContext.setSecurityContext(new SecurityContext() {
@Override
public Principal getUserPrincipal() {
return principal.get();
}
@Override
public boolean isUserInRole(String role) {
return authorizer.authorize(principal.get(), role);
}
@Override
public boolean isSecure() {
return secure;
}
@Override
public String getAuthenticationScheme() {
return scheme;
}
});
return true;
} catch (AuthenticationException e) {
logger.warn("Error authenticating credentials", e);
throw new InternalServerErrorException();
}
}
Aggregations