Search in sources :

Example 71 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project Payara by payara.

the class AppClientContainerSecurityHelper method init.

void init(final TargetServer[] targetServers, final List<MessageSecurityConfig> msgSecConfigs, final Properties containerProperties, final ClientCredential clientCredential, final CallbackHandler callerSuppliedCallbackHandler, final ClassLoader classLoader, final ApplicationClientDescriptor acDesc, final boolean isTextAuth) throws InstantiationException, IllegalAccessException, InjectionException, ClassNotFoundException, IOException {
    this.classLoader = (classLoader == null) ? Thread.currentThread().getContextClassLoader() : classLoader;
    initLoginConfig();
    CallbackHandler callbackHandler = initSecurity(callerSuppliedCallbackHandler, acDesc);
    secInfo.initializeSecurity(Arrays.asList(targetServers), msgSecConfigs, callbackHandler, AppClientSecurityInfo.CredentialType.USERNAME_PASSWORD, (clientCredential == null ? null : clientCredential.getUserName()), (clientCredential == null || clientCredential.getPassword() == null || clientCredential.getPassword().get() == null ? null : clientCredential.getPassword().get()), false, /* isJWS */
    !isTextAuth);
    initHttpAuthenticator(AppClientSecurityInfo.CredentialType.USERNAME_PASSWORD);
}
Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler)

Example 72 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project Payara by payara.

the class AppClientContainerSecurityHelper method initSecurity.

/**
 * Sets the callback handler for future use.
 *
 * @param callbackHandler the callback handler to be used
 */
private CallbackHandler initSecurity(final CallbackHandler callerSuppliedCallbackHandler, final ApplicationClientDescriptor acDesc) throws InstantiationException, IllegalAccessException, InjectionException, ClassNotFoundException {
    /*
         * Choose a callback handler in this order:
         * 1. callback handler class set by the program that created the AppClientContainerBuilder.
         * 2. callback handler class name set in the app client descriptor
         * 3. null, in which case the security layer provides a default callback handler
         *
         * Our default handler uses no injection, but a user-provided one might.
         */
    CallbackHandler callbackHandler = callerSuppliedCallbackHandler;
    if (callerSuppliedCallbackHandler == null) {
        final String descriptorCallbackHandlerClassName;
        if (acDesc != null && ((descriptorCallbackHandlerClassName = acDesc.getCallbackHandler()) != null)) {
            callbackHandler = newCallbackHandlerInstance(descriptorCallbackHandlerClassName, acDesc, classLoader);
        } else {
            callbackHandler = null;
        }
    }
    logger.config("Callback handler class = " + (callbackHandler == null ? "(default)" : callbackHandler.getClass().getName()));
    return callbackHandler;
}
Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler)

Example 73 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project Payara by payara.

the class AppClientContainerBuilder method createContainer.

private AppClientContainer createContainer(final Launchable client, final CallbackHandler callerSuppliedCallbackHandler, final boolean isTextAuth) throws BootException, BootException, URISyntaxException, ClassNotFoundException, InstantiationException, IllegalAccessException, InjectionException, IOException, SAXParseException {
    AppClientContainer container = ACCModulesManager.getService(AppClientContainer.class);
    // process the packaged permissions.xml
    container.processPermissions();
    container.setClient(client);
    container.setBuilder(this);
    CallbackHandler callbackHandler = (callerSuppliedCallbackHandler != null ? callerSuppliedCallbackHandler : getCallbackHandlerFromDescriptor(client.getDescriptor(classLoader).getCallbackHandler()));
    container.prepareSecurity(targetServers, messageSecurityConfigs, containerProperties, clientCredential, callbackHandler, classLoader, isTextAuth);
    return container;
}
Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler)

Example 74 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project kie-wb-common by kiegroup.

the class WildflyBaseClient method createControllerClient.

public ModelControllerClient createControllerClient(boolean checkConnection) throws Exception {
    ModelControllerClient client = ModelControllerClient.Factory.create(protocol, InetAddress.getByName(host), port, new CallbackHandler() {

        public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
            for (Callback current : callbacks) {
                if (current instanceof NameCallback) {
                    NameCallback ncb = (NameCallback) current;
                    ncb.setName(admin);
                } else if (current instanceof PasswordCallback) {
                    PasswordCallback pcb = (PasswordCallback) current;
                    pcb.setPassword(password.toCharArray());
                } else if (current instanceof RealmCallback) {
                    RealmCallback rcb = (RealmCallback) current;
                    rcb.setText(realm);
                } else {
                    throw new UnsupportedCallbackException(current);
                }
            }
        }
    });
    if (checkConnection) {
        testConnection(client);
    }
    return client;
}
Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler) RealmCallback(javax.security.sasl.RealmCallback) PasswordCallback(javax.security.auth.callback.PasswordCallback) NameCallback(javax.security.auth.callback.NameCallback) Callback(javax.security.auth.callback.Callback) NameCallback(javax.security.auth.callback.NameCallback) ModelControllerClient(org.jboss.as.controller.client.ModelControllerClient) PasswordCallback(javax.security.auth.callback.PasswordCallback) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) RealmCallback(javax.security.sasl.RealmCallback)

Example 75 with CallbackHandler

use of javax.security.auth.callback.CallbackHandler in project athenz by yahoo.

the class KerberosAuthority method login.

@SuppressWarnings({ "unchecked", "rawtypes" })
public synchronized void login(boolean logoutFirst) {
    long now = System.currentTimeMillis();
    if ((now - lastLogin) < loginWindow) {
        // recently logged in so dont bother do it again
        return;
    }
    Subject subject = null;
    if (servicePrincipal != null) {
        Set<java.security.Principal> principals = new HashSet<java.security.Principal>(1);
        principals.add(new KerberosPrincipal(servicePrincipal));
        subject = new Subject(false, principals, new HashSet<Object>(), new HashSet<Object>());
    }
    LoginConfig loginConfig = new LoginConfig(keyTabConfFile, servicePrincipal);
    initState = null;
    try {
        // NOTE: if no callback handler specified
        // LoginContext uses the auth.login.defaultCallbackHandler security property for the fully
        // qualified class name of a default handler implementation
        LoginContext loginContext = null;
        CallbackHandler loginHandler = null;
        if (loginCallbackHandler != null) {
            Class cbhandlerClass = Class.forName(loginCallbackHandler);
            loginHandler = (CallbackHandler) cbhandlerClass.getConstructor(String.class, String.class).newInstance(servicePrincipal, null);
        }
        if (subject == null) {
            loginContext = new LoginContext(jaasConfigSection, loginHandler);
        } else {
            loginContext = new LoginContext(jaasConfigSection, subject, loginHandler, loginConfig);
        }
        if (logoutFirst) {
            loginContext.logout();
        }
        loginContext.login();
        subject = loginContext.getSubject();
        serviceSubject.set(subject);
        lastLogin = System.currentTimeMillis();
    } catch (Exception exc) {
        initState = exc;
        String params = "svc-princ=" + servicePrincipal + " login-callback=" + loginCallbackHandler + " keytab=" + keyTabConfFile + " jaas-section=" + jaasConfigSection;
        LOG.error("KerberosAuthority:initialize: Login context failure: config params=(" + params + ") exc: " + exc.getMessage());
    }
}
Also used : KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) CallbackHandler(javax.security.auth.callback.CallbackHandler) Subject(javax.security.auth.Subject) LoginContext(javax.security.auth.login.LoginContext) KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) Principal(com.yahoo.athenz.auth.Principal) HashSet(java.util.HashSet)

Aggregations

CallbackHandler (javax.security.auth.callback.CallbackHandler)274 Crypto (org.apache.wss4j.common.crypto.Crypto)82 IOException (java.io.IOException)75 Callback (javax.security.auth.callback.Callback)73 Element (org.w3c.dom.Element)70 Subject (javax.security.auth.Subject)68 PasswordCallback (javax.security.auth.callback.PasswordCallback)63 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)61 PasswordCallbackHandler (org.apache.cxf.sts.common.PasswordCallbackHandler)60 Document (org.w3c.dom.Document)60 LoginContext (javax.security.auth.login.LoginContext)55 NameCallback (javax.security.auth.callback.NameCallback)51 LoginException (javax.security.auth.login.LoginException)44 Principal (java.security.Principal)42 ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)42 TokenValidator (org.apache.cxf.sts.token.validator.TokenValidator)38 SAMLTokenValidator (org.apache.cxf.sts.token.validator.SAMLTokenValidator)36 STSPropertiesMBean (org.apache.cxf.sts.STSPropertiesMBean)34 Test (org.junit.Test)34 ArrayList (java.util.ArrayList)32