Example 86 with Subject
use of javax.security.auth.Subject in project jdk8u_jdk by JetBrains.
the class TestJMXAuthenticator method authenticate.
public Subject authenticate(Object credentials) {
String credentials_username = "";
String credentials_password = "";
Principal aPrincipal = null;
credentials_username = ((String[]) credentials)[0];
credentials_password = ((String[]) credentials)[1];
String authenticated_username = System.getProperty("susername");
String authenticated_password = System.getProperty("spassword");
String principal = System.getProperty("principal");
System.out.println("TestJMXAuthenticator::authenticate: Start");
System.out.println("TestJMXAuthenticator::authenticate: credentials username = " + credentials_username);
System.out.println("TestJMXAuthenticator::authenticate: credentials password = " + credentials_password);
System.out.println("TestJMXAuthenticator::authenticate: authenticated username = " + authenticated_username);
System.out.println("TestJMXAuthenticator::authenticate: authenticated password = " + authenticated_password);
System.out.println("TestJMXAuthenticator::authenticate: principal used for " + "authorization = " + principal);
if (credentials_username.equals(authenticated_username) && credentials_password.equals(authenticated_password)) {
System.out.println("TestJMXAuthenticator::authenticate: " + "Authenticator should succeed");
} else {
System.out.println("TestJMXAuthenticator::authenticate: " + "Authenticator should reject");
throw new SecurityException("TestJMXAuthenticator throws EXCEPTION");
}
// At this point, authentication has succeeded
// (no SecurityException thrown).
//
// If no authorization is required, the returned subject (empty or not)
// is useless.
// Otherwise, the returned subject must define a principal
// and authorization will be performed against this principal.
//
// Note that this custom JMXAuthenticator is used for test purpose and
// the username used to perform authentication may be different from the
// username used to perform authorization.
//
Subject subject = new Subject();
if (principal != null) {
System.out.println("TestJMXAuthenticator::authenticate: " + "Add " + principal + " principal to the returned subject");
subject.getPrincipals().add(new JMXPrincipal(principal));
}
return subject;
}
Also used :
JMXPrincipal(javax.management.remote.JMXPrincipal)
Principal(java.security.Principal)
JMXPrincipal(javax.management.remote.JMXPrincipal)
Subject(javax.security.auth.Subject)
Example 87 with Subject
use of javax.security.auth.Subject in project jdk8u_jdk by JetBrains.
the class TwoOrThree method main.
public static void main(String[] args) throws Exception {
String server = args[0].equals("-") ? null : args[0];
String target = args[1];
OneKDC kdc = new OneKDC(null);
kdc.addPrincipal("first", "first".toCharArray());
kdc.addPrincipal("second", "second".toCharArray());
kdc.addPrincipal("third", "third".toCharArray());
kdc.writeKtab(OneKDC.KTAB);
Context c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
// Using keytabs
Subject sub4s = new Subject();
Context.fromUserKtab(sub4s, "first", OneKDC.KTAB, true);
Context s = Context.fromUserKtab(sub4s, "second", OneKDC.KTAB, true);
c.startAsClient(target, GSSUtil.GSS_KRB5_MECH_OID);
s.startAsServer(server, GSSUtil.GSS_KRB5_MECH_OID);
Context.handshake(c, s);
// Using keys
sub4s = new Subject();
Context.fromUserPass(sub4s, "first", "first".toCharArray(), true);
s = Context.fromUserPass(sub4s, "second", "second".toCharArray(), true);
c.startAsClient(target, GSSUtil.GSS_KRB5_MECH_OID);
s.startAsServer(server, GSSUtil.GSS_KRB5_MECH_OID);
Context.handshake(c, s);
s.dispose();
c.dispose();
}
Also used :
Subject(javax.security.auth.Subject)
Example 88 with Subject
use of javax.security.auth.Subject in project opennms by OpenNMS.
the class OpenNMSJaasAuthenticationBroker method authenticate.
@Override
public SecurityContext authenticate(String username, String password, X509Certificate[] certificates) throws SecurityException {
SecurityContext result = null;
JassCredentialCallbackHandler callback = new JassCredentialCallbackHandler(username, password);
try {
LoginContext lc = new LoginContext(JAAS_CONTEXT_NAME, callback);
lc.login();
Subject subject = lc.getSubject();
result = new JaasSecurityContext(username, subject);
} catch (Exception ex) {
throw new SecurityException("User name [" + username + "] or password is invalid.", ex);
}
return result;
}
Also used :
JassCredentialCallbackHandler(org.apache.activemq.jaas.JassCredentialCallbackHandler)
LoginContext(javax.security.auth.login.LoginContext)
SecurityContext(org.apache.activemq.security.SecurityContext)
Subject(javax.security.auth.Subject)
LoginException(javax.security.auth.login.LoginException)
UnknownHostException(java.net.UnknownHostException)
Example 89 with Subject
use of javax.security.auth.Subject in project opennms by OpenNMS.
the class KarafTestCase method executeCommand.
/**
* Executes a shell command and returns output as a String.
* Commands have a default timeout of 10 seconds.
*
* @param command
* @return
*/
protected String executeCommand(final String command) {
try (final ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
final PrintStream printStream = new PrintStream(byteArrayOutputStream)) {
Subject subject = new Subject();
subject.getPrincipals().add(new RolePrincipal("admin"));
return Subject.doAs(subject, new PrivilegedExceptionAction<String>() {
@Override
public String run() throws Exception {
final CommandProcessor commandProcessor = getOsgiService(CommandProcessor.class);
final CommandSession commandSession = commandProcessor.createSession(System.in, printStream, System.err);
LOG.info("{}", command);
Object response = commandSession.execute(command);
LOG.info("Response: {}", response);
printStream.flush();
return byteArrayOutputStream.toString();
}
});
} catch (Exception e) {
LOG.error("Error while executing command", e);
throw new RuntimeException(e);
}
}
Also used :
PrintStream(java.io.PrintStream)
CommandSession(org.apache.felix.service.command.CommandSession)
CommandProcessor(org.apache.felix.service.command.CommandProcessor)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal)
Subject(javax.security.auth.Subject)
Example 90 with Subject
use of javax.security.auth.Subject in project OpenAM by OpenRock.
the class UpdateApplicationPrivilege method handleRequest.
/**
* Services a Commandline Request.
*
* @param rc Request Context.
* @throws CLIException if the request cannot serviced.
*/
@Override
public void handleRequest(RequestContext rc) throws CLIException {
super.handleRequest(rc);
String realm = getStringOptionValue(IArgument.REALM_NAME);
String name = getStringOptionValue(PARAM_NAME);
String[] params = { realm, name };
String description = getStringOptionValue(PARAM_DESCRIPTION);
boolean hasDescription = (description != null) && description.trim().length() > 0;
String actions = getStringOptionValue(PARAM_ACTIONS);
ApplicationPrivilege.PossibleAction action = (actions != null) ? getActions() : null;
if (!hasDescription && (action == null)) {
throw new CLIException(getResourceString("update-application-privilege-invalid"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
Subject userSubject = SubjectUtils.createSubject(getAdminSSOToken());
ApplicationPrivilegeManager apm = ApplicationPrivilegeManager.getInstance(realm, userSubject);
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_UPDATE_APPLICATION_PRIVILEGE", params);
try {
ApplicationPrivilege appPrivilege = apm.getPrivilege(name);
if (hasDescription) {
appPrivilege.setDescription(description);
}
if (action != null) {
appPrivilege.setActionValues(action);
}
apm.replacePrivilege(appPrivilege);
Object[] msgParam = { name };
getOutputWriter().printlnMessage(MessageFormat.format(getResourceString("update-application-privilege-succeeded"), msgParam));
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEEDED_UPDATE_APPLICATION_PRIVILEGE", params);
} catch (EntitlementException ex) {
String[] paramExs = { realm, name, ex.getMessage() };
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_UPDATE_APPLICATION_PRIVILEGE", paramExs);
throw new CLIException(ex, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
}
Also used :
EntitlementException(com.sun.identity.entitlement.EntitlementException)
ApplicationPrivilege(com.sun.identity.entitlement.ApplicationPrivilege)
CLIException(com.sun.identity.cli.CLIException)
ApplicationPrivilegeManager(com.sun.identity.entitlement.ApplicationPrivilegeManager)
Subject(javax.security.auth.Subject)
Aggregations
Subject (javax.security.auth.Subject)669
Test (org.testng.annotations.Test)131
Test (org.junit.Test)122
HashMap (java.util.HashMap)120
Principal (java.security.Principal)114
HashSet (java.util.HashSet)109
Set (java.util.Set)82
EntitlementException (com.sun.identity.entitlement.EntitlementException)64
LoginContext (javax.security.auth.login.LoginContext)62
LoginException (javax.security.auth.login.LoginException)49
ConditionDecision (com.sun.identity.entitlement.ConditionDecision)47
ResourceResponse (org.forgerock.json.resource.ResourceResponse)47
RealmContext (org.forgerock.openam.rest.RealmContext)46
Context (org.forgerock.services.context.Context)41
SSOToken (com.iplanet.sso.SSOToken)40
IOException (java.io.IOException)40
ClientContext (org.forgerock.services.context.ClientContext)40
Map (java.util.Map)38
SSOTokenContext (org.forgerock.openam.rest.resource.SSOTokenContext)38
ResourceException (org.forgerock.json.resource.ResourceException)37
