use of javax.jcr.Credentials in project jackrabbit-oak by apache.
the class L11_PasswordTest method testGetCredentials.
public void testGetCredentials() throws RepositoryException {
testUser = userManager.createUser(testId, TEST_PW);
Credentials creds = testUser.getCredentials();
// EXERCISE fix the expectation
Credentials expected = null;
assertEquals(expected, creds);
// EXERCISE : complete and explain the expected behavior
getHelper().getRepository().login(creds).logout();
}
use of javax.jcr.Credentials in project jackrabbit-oak by apache.
the class L11_PasswordTest method testCreateUserAndLogin.
public void testCreateUserAndLogin() throws RepositoryException {
testUser = userManager.createUser(testId, TEST_PW);
superuser.save();
// EXERCISE build the credentials
Credentials creds = null;
getHelper().getRepository().login(creds).logout();
}
use of javax.jcr.Credentials in project jackrabbit-oak by apache.
the class UserTest method testLoginWithGetCredentials.
@Test
public void testLoginWithGetCredentials() throws RepositoryException, NotExecutableException {
try {
Credentials creds = user.getCredentials();
Session s = getHelper().getRepository().login(creds);
s.logout();
fail("Login using credentials exposed on user must fail.");
} catch (UnsupportedRepositoryOperationException e) {
throw new NotExecutableException(e.getMessage());
} catch (LoginException e) {
// success
}
}
use of javax.jcr.Credentials in project sling by apache.
the class FormLoginModule method login.
@SuppressWarnings("unchecked")
public boolean login() throws LoginException {
Credentials credentials = getCredentials();
if (credentials instanceof FormCredentials) {
FormCredentials cred = (FormCredentials) credentials;
userId = cred.getUserId();
if (!authHandler.isValid(cred)) {
log.debug("Invalid credentials");
return false;
}
if (userId == null) {
log.debug("Could not extract userId/credentials");
} else {
// we just set the login name and rely on the following login modules to populate the subject
sharedState.put(SHARED_KEY_PRE_AUTH_LOGIN, new PreAuthenticatedLogin(userId));
sharedState.put(SHARED_KEY_CREDENTIALS, new SimpleCredentials(userId, EMPTY_PWD));
sharedState.put(SHARED_KEY_LOGIN_NAME, userId);
log.debug("login succeeded with trusted user: {}", userId);
}
}
return false;
}
use of javax.jcr.Credentials in project sling by apache.
the class SlingWebConsoleSecurityProvider method authenticate.
// ---------- SCR integration
/**
* Authenticates and authorizes the user identified by the user name and
* password. The check applied to authorize access consists of the following
* steps:
* <ol>
* <li>User name and password are able to create a JCR session with the
* default repository workspace. If such a session cannot be created, the
* user is denied access.</li>
* <li>If the user is listed in the configured set of granted users, access
* is granted to all of the Web Console.</li>
* <li>If the user is a member of one of the groups configured to grant
* access to their members, access is granted to all of the Web Console.</li>
* </ol>
* <p>
* If the user name and password cannot be used to login to the default
* workspace of the repository or if the user neither one of the configured
* set of granted users or is not a member of the configured set of groups
* access is denied to the Web Console.
*
* @param userName The name of the user to grant access for
* @param password The password to authenticate the user. This may be
* <code>null</code> to assume an empty password.
* @return The <code>userName</code> is currently returned to indicate
* successfull authentication.
* @throws NullPointerException if <code>userName</code> is
* <code>null</code>.
*/
@Override
public Object authenticate(String userName, String password) {
final Credentials creds = new SimpleCredentials(userName, (password == null) ? new char[0] : password.toCharArray());
Session session = null;
try {
session = repository.login(creds);
if (session instanceof JackrabbitSession) {
UserManager umgr = ((JackrabbitSession) session).getUserManager();
String userId = session.getUserID();
Authorizable a = umgr.getAuthorizable(userId);
if (a instanceof User) {
// check users
if (users.contains(userId)) {
return true;
}
// check groups
Iterator<Group> gi = a.memberOf();
while (gi.hasNext()) {
if (groups.contains(gi.next().getID())) {
return userName;
}
}
logger.debug("authenticate: User {} is denied Web Console access", userName);
} else {
logger.error("authenticate: Expected user ID {} to refer to a user", userId);
}
} else {
logger.info("authenticate: Jackrabbit Session required to grant access to the Web Console for {}; got {}", userName, session.getClass());
}
} catch (final LoginException re) {
logger.info("authenticate: User " + userName + " failed to authenticate with the repository for Web Console access", re);
} catch (final Exception re) {
logger.info("authenticate: Generic problem trying grant User " + userName + " access to the Web Console", re);
} finally {
if (session != null) {
session.logout();
}
}
// no success (see log)
return null;
}
Aggregations