Example 86 with Callback
use of javax.security.auth.callback.Callback in project jackrabbit by apache.
the class CallbackHandlerImpl method handle.
/**
* @param callbacks
* @throws IOException
* @throws UnsupportedCallbackException
* @see CallbackHandler#handle(Callback[])
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof CredentialsCallback) {
((CredentialsCallback) callback).setCredentials(credentials);
} else if (callback instanceof RepositoryCallback) {
/*
if callback handler has been created with null session or
null principalProviderRegistry this handler cannot properly
deal with RepositoryCallback
*/
if (session == null || principalProviderRegistry == null) {
throw new UnsupportedCallbackException(callback);
}
RepositoryCallback rcb = (RepositoryCallback) callback;
rcb.setSession(session);
rcb.setPrincipalProviderRegistry(principalProviderRegistry);
rcb.setAdminId(adminId);
rcb.setAnonymousId(anonymousId);
} else if (credentials != null && credentials instanceof SimpleCredentials) {
SimpleCredentials simpleCreds = (SimpleCredentials) credentials;
if (callback instanceof NameCallback) {
String userId = simpleCreds.getUserID();
((NameCallback) callback).setName(userId);
} else if (callback instanceof PasswordCallback) {
char[] pw = simpleCreds.getPassword();
((PasswordCallback) callback).setPassword(pw);
} else if (callback instanceof ImpersonationCallback) {
Object impersAttr = simpleCreds.getAttribute(SecurityConstants.IMPERSONATOR_ATTRIBUTE);
((ImpersonationCallback) callback).setImpersonator(impersAttr);
} else {
throw new UnsupportedCallbackException(callback);
}
} else {
throw new UnsupportedCallbackException(callback);
}
}
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Example 87 with Callback
use of javax.security.auth.callback.Callback in project jackrabbit-oak by apache.
the class AbstractLoginModuleTest method testGetCredentialsFromCallbackHandler.
@Test
public void testGetCredentialsFromCallbackHandler() {
CallbackHandler cbh = new CallbackHandler() {
@Override
public void handle(Callback[] callbacks) {
for (Callback cb : callbacks) {
if (cb instanceof CredentialsCallback) {
((CredentialsCallback) cb).setCredentials(new TestCredentials());
}
}
}
};
AbstractLoginModule lm = initLoginModule(TestCredentials.class, cbh);
assertTrue(lm.getCredentials() instanceof TestCredentials);
lm = initLoginModule(SimpleCredentials.class, cbh);
assertNull(lm.getCredentials());
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
CallbackHandler(javax.security.auth.callback.CallbackHandler)
PrincipalProviderCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.PrincipalProviderCallback)
RepositoryCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.RepositoryCallback)
SecurityProviderCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.SecurityProviderCallback)
WhiteboardCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.WhiteboardCallback)
UserManagerCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.UserManagerCallback)
CredentialsCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback)
Callback(javax.security.auth.callback.Callback)
CredentialsCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback)
Test(org.junit.Test)
Example 88 with Callback
use of javax.security.auth.callback.Callback in project karaf by apache.
the class JaasTest method doLogin.
private void doLogin() throws Exception {
final String userPassRealm = "karaf";
LoginContext lc = new LoginContext(userPassRealm, callbacks -> {
for (Callback callback : callbacks) {
if (callback instanceof PasswordCallback) {
PasswordCallback passwordCallback = (PasswordCallback) callback;
passwordCallback.setPassword(userPassRealm.toCharArray());
} else if (callback instanceof NameCallback) {
NameCallback nameCallback = (NameCallback) callback;
nameCallback.setName(userPassRealm);
}
}
});
lc.login();
assertNotNull(lc.getSubject());
}
Also used :
LoginContext(javax.security.auth.login.LoginContext)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Example 89 with Callback
use of javax.security.auth.callback.Callback in project karaf by apache.
the class JaasSecurityProvider method doAuthenticate.
public Subject doAuthenticate(final String username, final String password) {
try {
Subject subject = new Subject();
LoginContext loginContext = new LoginContext(realm, subject, callbacks -> {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
((NameCallback) callback).setName(username);
} else if (callback instanceof PasswordCallback) {
((PasswordCallback) callback).setPassword(password.toCharArray());
} else {
throw new UnsupportedCallbackException(callback);
}
}
});
loginContext.login();
if (role != null && role.length() > 0) {
String clazz = "org.apache.karaf.jaas.boot.principal.RolePrincipal";
String name = role;
int idx = role.indexOf(':');
if (idx > 0) {
clazz = role.substring(0, idx);
name = role.substring(idx + 1);
}
boolean found = false;
for (Principal p : subject.getPrincipals()) {
if (p.getClass().getName().equals(clazz) && p.getName().equals(name)) {
found = true;
break;
}
}
if (!found) {
throw new FailedLoginException("User does not have the required role " + role);
}
}
return subject;
} catch (FailedLoginException e) {
LOG.debug("Login failed", e);
return null;
} catch (AccountException e) {
LOG.warn("Account failure", e);
return null;
} catch (GeneralSecurityException e) {
LOG.error("General Security Exception", e);
return null;
}
}
Also used :
GeneralSecurityException(java.security.GeneralSecurityException)
Subject(javax.security.auth.Subject)
LoginContext(javax.security.auth.login.LoginContext)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
FailedLoginException(javax.security.auth.login.FailedLoginException)
AccountException(javax.security.auth.login.AccountException)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Principal(java.security.Principal)
Example 90 with Callback
use of javax.security.auth.callback.Callback in project karaf by apache.
the class AbstractAuditLoginModule method login.
public boolean login() throws LoginException {
NameCallback user = new NameCallback("User name:");
Callback[] callbacks = new Callback[] { user };
try {
handler.handle(callbacks);
} catch (Exception e) {
throw (LoginException) new LoginException("Unable to process callback: " + e.getMessage()).initCause(e);
}
if (callbacks.length != 1) {
throw new IllegalStateException("Number of callbacks changed by server!");
}
user = (NameCallback) callbacks[0];
username = user.getName();
if (enabled && username != null) {
audit(Action.ATTEMPT, username);
}
return false;
}
Also used :
NameCallback(javax.security.auth.callback.NameCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
LoginException(javax.security.auth.login.LoginException)
LoginException(javax.security.auth.login.LoginException)
Aggregations
Callback (javax.security.auth.callback.Callback)274
NameCallback (javax.security.auth.callback.NameCallback)181
PasswordCallback (javax.security.auth.callback.PasswordCallback)173
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)127
IOException (java.io.IOException)84
LoginException (javax.security.auth.login.LoginException)54
ChoiceCallback (javax.security.auth.callback.ChoiceCallback)49
CallbackHandler (javax.security.auth.callback.CallbackHandler)43
Test (org.testng.annotations.Test)42
ConfirmationCallback (javax.security.auth.callback.ConfirmationCallback)38
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)31
Subject (javax.security.auth.Subject)31
HashMap (java.util.HashMap)28
HttpServletRequest (javax.servlet.http.HttpServletRequest)24
Principal (java.security.Principal)23
AuthContext (com.sun.identity.authentication.AuthContext)22
FailedLoginException (javax.security.auth.login.FailedLoginException)22
PagePropertiesCallback (com.sun.identity.authentication.spi.PagePropertiesCallback)19
TextOutputCallback (javax.security.auth.callback.TextOutputCallback)19
LoginContext (javax.security.auth.login.LoginContext)18
