Example 1 with SimpleCredentials
use of javax.jcr.SimpleCredentials in project camel by apache.
the class JcrAuthTestBase method createJndiContext.
@Override
protected Context createJndiContext() throws Exception {
Context context = super.createJndiContext();
repository = new TransientRepository(new File(REPO_PATH));
// set up a user to authenticate
SessionImpl session = (SessionImpl) repository.login(new SimpleCredentials("admin", "admin".toCharArray()));
UserManager userManager = session.getUserManager();
User user = (User) userManager.getAuthorizable("test");
if (user == null) {
user = userManager.createUser("test", "quatloos");
}
// set up permissions
String path = session.getRootNode().getPath();
AccessControlManager accessControlManager = session.getAccessControlManager();
AccessControlPolicyIterator acls = accessControlManager.getApplicablePolicies(path);
AccessControlList acl = null;
if (acls.hasNext()) {
acl = (AccessControlList) acls.nextAccessControlPolicy();
} else {
acl = (AccessControlList) accessControlManager.getPolicies(path)[0];
}
acl.addAccessControlEntry(user.getPrincipal(), accessControlManager.getSupportedPrivileges(path));
accessControlManager.setPolicy(path, acl);
session.save();
session.logout();
context.bind("repository", repository);
return context;
}
Also used :
Context(javax.naming.Context)
AccessControlManager(javax.jcr.security.AccessControlManager)
AccessControlList(javax.jcr.security.AccessControlList)
SimpleCredentials(javax.jcr.SimpleCredentials)
User(org.apache.jackrabbit.api.security.user.User)
TransientRepository(org.apache.jackrabbit.core.TransientRepository)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
AccessControlPolicyIterator(javax.jcr.security.AccessControlPolicyIterator)
SessionImpl(org.apache.jackrabbit.core.SessionImpl)
File(java.io.File)
Example 2 with SimpleCredentials
use of javax.jcr.SimpleCredentials in project jackrabbit by apache.
the class SessionImpl method impersonate.
/**
* {@inheritDoc}
*/
@Override
public Session impersonate(Credentials otherCredentials) throws LoginException, RepositoryException {
// check sanity of this session
sanityCheck();
if (!(otherCredentials instanceof SimpleCredentials)) {
String msg = "impersonate failed: incompatible credentials, SimpleCredentials expected";
log.debug(msg);
throw new RepositoryException(msg);
}
// set IMPERSONATOR_ATTRIBUTE attribute of given credentials
// with subject of current session
SimpleCredentials creds = (SimpleCredentials) otherCredentials;
creds.setAttribute(SecurityConstants.IMPERSONATOR_ATTRIBUTE, subject);
try {
return getRepository().login(otherCredentials, getWorkspace().getName());
} catch (NoSuchWorkspaceException nswe) {
// should never get here...
String msg = "impersonate failed";
log.error(msg, nswe);
throw new RepositoryException(msg, nswe);
} finally {
// make sure IMPERSONATOR_ATTRIBUTE is removed
creds.removeAttribute(SecurityConstants.IMPERSONATOR_ATTRIBUTE);
}
}
Also used :
NoSuchWorkspaceException(javax.jcr.NoSuchWorkspaceException)
SimpleCredentials(javax.jcr.SimpleCredentials)
RepositoryException(javax.jcr.RepositoryException)
Example 3 with SimpleCredentials
use of javax.jcr.SimpleCredentials in project jackrabbit by apache.
the class BasicCredentialsProvider method getCredentials.
/**
* {@inheritDoc}
*
* Build a {@link Credentials} object for the given authorization header.
* The creds may be used to login to the repository. If the specified header
* string is <code>null</code> the behaviour depends on the
* {@link #defaultHeaderValue} field:<br>
* <ul>
* <li> if this field is <code>null</code>, a LoginException is thrown.
* This is suitable for clients (eg. webdav clients) for with
* sending a proper authorization header is not possible, if the
* server never send a 401.
* <li> if this an empty string, null-credentials are returned, thus
* forcing an null login on the repository
* <li> if this field has a 'user:password' value, the respective
* simple credentials are generated.
* </ul>
* <p>
* If the request header is present but cannot be parsed a
* <code>ServletException</code> is thrown.
*
* @param request the servlet request
* @return credentials or <code>null</code>.
* @throws ServletException If the Authorization header cannot be decoded.
* @throws LoginException if no suitable auth header and missing-auth-mapping
* is not present
*/
public Credentials getCredentials(HttpServletRequest request) throws LoginException, ServletException {
try {
String authHeader = request.getHeader(DavConstants.HEADER_AUTHORIZATION);
if (authHeader != null) {
String[] authStr = authHeader.split(" ");
if (authStr.length >= 2 && authStr[0].equalsIgnoreCase(HttpServletRequest.BASIC_AUTH)) {
ByteArrayOutputStream out = new ByteArrayOutputStream();
Base64.decode(authStr[1].toCharArray(), out);
String decAuthStr = out.toString("ISO-8859-1");
int pos = decAuthStr.indexOf(':');
String userid = decAuthStr.substring(0, pos);
String passwd = decAuthStr.substring(pos + 1);
return new SimpleCredentials(userid, passwd.toCharArray());
}
throw new ServletException("Unable to decode authorization.");
} else {
// check special handling
if (defaultHeaderValue == null) {
throw new LoginException();
} else if (EMPTY_DEFAULT_HEADER_VALUE.equals(defaultHeaderValue)) {
return null;
} else if (GUEST_DEFAULT_HEADER_VALUE.equals(defaultHeaderValue)) {
return new GuestCredentials();
} else {
int pos = defaultHeaderValue.indexOf(':');
if (pos < 0) {
return new SimpleCredentials(defaultHeaderValue, new char[0]);
} else {
return new SimpleCredentials(defaultHeaderValue.substring(0, pos), defaultHeaderValue.substring(pos + 1).toCharArray());
}
}
}
} catch (IOException e) {
throw new ServletException("Unable to decode authorization: " + e.toString());
}
}
Also used :
ServletException(javax.servlet.ServletException)
SimpleCredentials(javax.jcr.SimpleCredentials)
LoginException(javax.jcr.LoginException)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
GuestCredentials(javax.jcr.GuestCredentials)
Example 4 with SimpleCredentials
use of javax.jcr.SimpleCredentials in project jackrabbit by apache.
the class Login method execute.
/**
* {@inheritDoc}
*/
public boolean execute(Context ctx) throws Exception {
String anon = "anonymous";
String user = (String) ctx.get(this.userKey);
String password = (String) ctx.get(this.passwordKey);
String workspace = (String) ctx.get(this.workspaceKey);
if (user == null) {
user = anon;
}
if (password == null || (password.equals(anon) && !user.equals(anon))) {
ConsoleReader reader = new ConsoleReader();
password = reader.readLine("Password: ", (char) 0);
}
if (log.isDebugEnabled()) {
log.debug("logging in as " + user);
}
Session session = null;
Repository repo = CommandHelper.getRepository(ctx);
Credentials credentials = new SimpleCredentials(user, password.toCharArray());
if (workspace == null) {
session = repo.login(credentials);
} else {
session = repo.login(credentials, workspace);
}
CommandHelper.setSession(ctx, session);
CommandHelper.setCurrentNode(ctx, session.getRootNode());
return false;
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
Repository(javax.jcr.Repository)
ConsoleReader(jline.ConsoleReader)
SimpleCredentials(javax.jcr.SimpleCredentials)
Credentials(javax.jcr.Credentials)
Session(javax.jcr.Session)
Example 5 with SimpleCredentials
use of javax.jcr.SimpleCredentials in project jackrabbit-oak by apache.
the class CustomCredentialsSupportTest method testLoginWithUnsupportedCredentials.
@Test
public void testLoginWithUnsupportedCredentials() throws Exception {
List<Credentials> creds = ImmutableList.of(new SimpleCredentials("testUser", new char[0]), new GuestCredentials());
for (Credentials c : creds) {
try {
login(c).close();
fail("login must fail for credentials " + c);
} catch (LoginException e) {
// success
}
}
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
LoginException(javax.security.auth.login.LoginException)
GuestCredentials(javax.jcr.GuestCredentials)
GuestCredentials(javax.jcr.GuestCredentials)
SimpleCredentials(javax.jcr.SimpleCredentials)
Credentials(javax.jcr.Credentials)
Test(org.junit.Test)
Aggregations
SimpleCredentials (javax.jcr.SimpleCredentials)289
Test (org.junit.Test)142
Session (javax.jcr.Session)83
ContentSession (org.apache.jackrabbit.oak.api.ContentSession)60
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)53
User (org.apache.jackrabbit.api.security.user.User)41
Credentials (javax.jcr.Credentials)39
JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)35
UserManager (org.apache.jackrabbit.api.security.user.UserManager)34
LoginException (javax.security.auth.login.LoginException)30
Node (javax.jcr.Node)28
RepositoryException (javax.jcr.RepositoryException)25
Principal (java.security.Principal)22
Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)21
GuestCredentials (javax.jcr.GuestCredentials)20
LoginException (javax.jcr.LoginException)19
TokenCredentials (org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)19
AuthInfo (org.apache.jackrabbit.oak.api.AuthInfo)18
Before (org.junit.Before)18
ImpersonationCredentials (org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials)17
