Example 71 with Subject
use of javax.security.auth.Subject in project jdk8u_jdk by JetBrains.
the class SimpleStandard method checkSubject.
/*
* ---------------
* PRIVATE METHODS
* ---------------
*/
/**
* Check that the principal contained in the Subject is of
* type JMXPrincipal and refers to the principalName identity.
*/
private void checkSubject(String op) {
AccessControlContext acc = AccessController.getContext();
Subject subject = Subject.getSubject(acc);
Set principals = subject.getPrincipals();
Principal principal = (Principal) principals.iterator().next();
if (!(principal instanceof JMXPrincipal))
throw new SecurityException(op + ": Authenticated subject contains " + "invalid principal type = " + principal.getClass().getName());
String identity = principal.getName();
if (!identity.equals(principalName))
throw new SecurityException(op + ": Authenticated subject contains " + "invalid principal name = " + identity);
}
Also used :
Set(java.util.Set)
AccessControlContext(java.security.AccessControlContext)
JMXPrincipal(javax.management.remote.JMXPrincipal)
Subject(javax.security.auth.Subject)
Principal(java.security.Principal)
JMXPrincipal(javax.management.remote.JMXPrincipal)
Example 72 with Subject
use of javax.security.auth.Subject in project jdk8u_jdk by JetBrains.
the class Basic method module.
private static void module() throws Exception {
// perform Security.addProvider of P11 provider
ProviderLoader.go(System.getProperty("CUSTOM_P11_CONFIG"));
String KS_PROVIDER = "SunPKCS11-" + System.getProperty("TOKEN");
KeyStoreLoginModule m = new KeyStoreLoginModule();
Subject s = new Subject();
Map options = new HashMap();
options.put("keyStoreURL", "NONE");
options.put("keyStoreType", KS_TYPE);
options.put("keyStoreProvider", KS_PROVIDER);
options.put("debug", "true");
m.initialize(s, new TextCallbackHandler(), new HashMap(), options);
m.login();
m.commit();
System.out.println("authenticated subject = " + s);
m.logout();
System.out.println("authenticated subject = " + s);
}
Also used :
Subject(javax.security.auth.Subject)
Example 73 with Subject
use of javax.security.auth.Subject in project jdk8u_jdk by JetBrains.
the class MyAction method main.
public static void main(String[] args) throws Exception {
// try setting the local hostname
InetAddress localHost = InetAddress.getLocalHost();
if (localHost.isLoopbackAddress()) {
System.err.println("Local host name is resolved into a loopback address. Quit now!");
return;
}
System.setProperty("host.name", localHost.getHostName());
String policyFileName = System.getProperty("test.src", ".") + "/" + "policy.file";
System.setProperty("java.security.policy", policyFileName);
System.setSecurityManager(new SecurityManager());
InetAddress localHost1 = null;
InetAddress localHost2 = null;
localHost1 = InetAddress.getLocalHost();
Subject mySubject = new Subject();
MyPrincipal userPrincipal = new MyPrincipal("test");
mySubject.getPrincipals().add(userPrincipal);
localHost2 = (InetAddress) Subject.doAsPrivileged(mySubject, new MyAction(), null);
if (localHost1.equals(localHost2)) {
System.out.println("localHost1 = " + localHost1);
throw new RuntimeException("InetAddress.getLocalHost() test " + " fails. localHost2 should be " + " the real address instead of " + " the loopback address." + localHost2);
}
}
Also used :
Subject(javax.security.auth.Subject)
Example 74 with Subject
use of javax.security.auth.Subject in project jdk8u_jdk by JetBrains.
the class PreserveCombiner method main.
public static void main(String[] args) throws Exception {
Subject s = new Subject();
s.getPrincipals().add(new X500Principal("cn=duke"));
String result = (String) Subject.doAs(s, new PrivilegedAction() {
public Object run() {
// get subject from current ACC - this always worked
Subject doAsSubject = Subject.getSubject(AccessController.getContext());
if (doAsSubject == null) {
return "test 1 failed";
} else {
System.out.println(doAsSubject);
System.out.println("test 1 passed");
}
// try doPriv (PrivilegedAction) test
String result = AccessController.doPrivilegedWithCombiner(new PrivilegedAction<String>() {
public String run() {
// get subject after doPriv
Subject doPrivSubject = Subject.getSubject(AccessController.getContext());
if (doPrivSubject == null) {
return "test 2 failed";
} else {
System.out.println(doPrivSubject);
return "test 2 passed";
}
}
});
if ("test 2 failed".equals(result)) {
return result;
} else {
System.out.println(result);
}
// try doPriv (PrivilegedExceptionAction) test
try {
result = AccessController.doPrivilegedWithCombiner(new PrivilegedExceptionAction<String>() {
public String run() throws PrivilegedActionException {
// get subject after doPriv
Subject doPrivSubject = Subject.getSubject(AccessController.getContext());
if (doPrivSubject == null) {
return "test 3 failed";
} else {
System.out.println(doPrivSubject);
return "test 3 passed";
}
}
});
} catch (PrivilegedActionException pae) {
result = "test 3 failed";
}
if ("test 3 failed".equals(result)) {
return result;
} else {
System.out.println(result);
}
// tests passed
return result;
}
});
if (result.indexOf("passed") <= 0) {
throw new SecurityException("overall test failed");
}
}
Also used :
X500Principal(javax.security.auth.x500.X500Principal)
Subject(javax.security.auth.Subject)
Example 75 with Subject
use of javax.security.auth.Subject in project jdk8u_jdk by JetBrains.
the class LoginModuleOptions method login.
static void login(CallbackHandler callback, Object... options) throws Exception {
Krb5LoginModule krb5 = new Krb5LoginModule();
Subject subject = new Subject();
Map<String, String> map = new HashMap<>();
Map<String, Object> shared = new HashMap<>();
int count = options.length / 2;
for (int i = 0; i < count; i++) {
String key = (String) options[2 * i];
Object value = options[2 * i + 1];
if (key.startsWith("javax")) {
shared.put(key, value);
} else {
map.put(key, (String) value);
}
}
krb5.initialize(subject, callback, shared, map);
krb5.login();
krb5.commit();
if (!subject.getPrincipals().iterator().next().getName().startsWith(OneKDC.USER)) {
throw new Exception("The authenticated is not " + OneKDC.USER);
}
}
Also used :
Krb5LoginModule(com.sun.security.auth.module.Krb5LoginModule)
HashMap(java.util.HashMap)
Subject(javax.security.auth.Subject)
Aggregations
Subject (javax.security.auth.Subject)669
Test (org.testng.annotations.Test)131
Test (org.junit.Test)122
HashMap (java.util.HashMap)120
Principal (java.security.Principal)114
HashSet (java.util.HashSet)109
Set (java.util.Set)82
EntitlementException (com.sun.identity.entitlement.EntitlementException)64
LoginContext (javax.security.auth.login.LoginContext)62
LoginException (javax.security.auth.login.LoginException)49
ConditionDecision (com.sun.identity.entitlement.ConditionDecision)47
ResourceResponse (org.forgerock.json.resource.ResourceResponse)47
RealmContext (org.forgerock.openam.rest.RealmContext)46
Context (org.forgerock.services.context.Context)41
SSOToken (com.iplanet.sso.SSOToken)40
IOException (java.io.IOException)40
ClientContext (org.forgerock.services.context.ClientContext)40
Map (java.util.Map)38
SSOTokenContext (org.forgerock.openam.rest.resource.SSOTokenContext)38
ResourceException (org.forgerock.json.resource.ResourceException)37
