use of javax.security.auth.callback.CallbackHandler in project jackrabbit-oak by apache.
the class AbstractLoginModuleTest method testGetCredentialsFromCallbackHandler.
@Test
public void testGetCredentialsFromCallbackHandler() {
CallbackHandler cbh = new CallbackHandler() {
@Override
public void handle(Callback[] callbacks) {
for (Callback cb : callbacks) {
if (cb instanceof CredentialsCallback) {
((CredentialsCallback) cb).setCredentials(new TestCredentials());
}
}
}
};
AbstractLoginModule lm = initLoginModule(TestCredentials.class, cbh);
assertTrue(lm.getCredentials() instanceof TestCredentials);
lm = initLoginModule(SimpleCredentials.class, cbh);
assertNull(lm.getCredentials());
}
use of javax.security.auth.callback.CallbackHandler in project jackrabbit-oak by apache.
the class GuestLoginModuleTest method testGuestCredentials.
@Test
public void testGuestCredentials() throws LoginException {
Subject subject = new Subject();
CallbackHandler cbh = new TestCallbackHandler(new GuestCredentials());
Map sharedState = new HashMap();
guestLoginModule.initialize(subject, cbh, sharedState, Collections.<String, Object>emptyMap());
assertFalse(guestLoginModule.login());
assertFalse(sharedState.containsKey(AbstractLoginModule.SHARED_KEY_CREDENTIALS));
assertFalse(guestLoginModule.commit());
assertTrue(subject.getPrincipals().isEmpty());
assertTrue(subject.getPublicCredentials().isEmpty());
assertFalse(guestLoginModule.logout());
}
use of javax.security.auth.callback.CallbackHandler in project jackrabbit-oak by apache.
the class GuestLoginModuleTest method testThrowingCallbackhandler.
@Test
public void testThrowingCallbackhandler() throws LoginException {
Subject subject = new Subject();
CallbackHandler cbh = new ThrowingCallbackHandler(true);
Map sharedState = new HashMap();
guestLoginModule.initialize(subject, cbh, sharedState, Collections.<String, Object>emptyMap());
assertFalse(guestLoginModule.login());
assertFalse(sharedState.containsKey(AbstractLoginModule.SHARED_KEY_CREDENTIALS));
assertFalse(guestLoginModule.commit());
assertTrue(subject.getPublicCredentials(GuestCredentials.class).isEmpty());
assertFalse(guestLoginModule.logout());
}
use of javax.security.auth.callback.CallbackHandler in project jackrabbit-oak by apache.
the class GuestLoginModuleTest method testSimpleCredentials.
@Test
public void testSimpleCredentials() throws LoginException {
Subject subject = new Subject();
CallbackHandler cbh = new TestCallbackHandler(new SimpleCredentials("test", new char[0]));
Map sharedState = new HashMap();
guestLoginModule.initialize(subject, cbh, sharedState, Collections.<String, Object>emptyMap());
assertFalse(guestLoginModule.login());
assertFalse(sharedState.containsKey(AbstractLoginModule.SHARED_KEY_CREDENTIALS));
assertFalse(guestLoginModule.commit());
assertTrue(subject.getPrincipals().isEmpty());
assertTrue(subject.getPublicCredentials().isEmpty());
assertFalse(guestLoginModule.logout());
}
use of javax.security.auth.callback.CallbackHandler in project jspwiki by apache.
the class AuthenticationManager method login.
/**
* Attempts to perform a WikiSession login for the given username/password
* combination using JSPWiki's custom authentication mode. In order to log in,
* the JAAS LoginModule supplied by the WikiEngine property {@link #PROP_LOGIN_MODULE}
* will be instantiated, and its
* {@link javax.security.auth.spi.LoginModule#initialize(Subject, CallbackHandler, Map, Map)}
* method will be invoked. By default, the {@link org.apache.wiki.auth.login.UserDatabaseLoginModule}
* class will be used. When the LoginModule's <code>initialize</code> method is invoked,
* an options Map populated by properties keys prefixed by {@link #PREFIX_LOGIN_MODULE_OPTIONS}
* will be passed as a parameter.
* @param session the current wiki session; may not be <code>null</code>.
* @param request the user's HTTP request. This parameter may be <code>null</code>, but the configured
* LoginModule will not have access to the HTTP request in this case.
* @param username The user name. This is a login name, not a WikiName. In
* most cases they are the same, but in some cases, they might
* not be.
* @param password the password
* @return true, if the username/password is valid
* @throws org.apache.wiki.auth.WikiSecurityException if the Authorizer or UserManager cannot be obtained
*/
public boolean login(WikiSession session, HttpServletRequest request, String username, String password) throws WikiSecurityException {
if (session == null) {
log.error("No wiki session provided, cannot log in.");
return false;
}
// Protect against brute-force password guessing if configured to do so
if (m_throttleLogins) {
delayLogin(username);
}
CallbackHandler handler = new WikiCallbackHandler(m_engine, null, username, password);
// Execute the user's specified login module
Set<Principal> principals = doJAASLogin(m_loginModuleClass, handler, m_loginModuleOptions);
if (principals.size() > 0) {
fireEvent(WikiSecurityEvent.LOGIN_AUTHENTICATED, getLoginPrincipal(principals), session);
for (Principal principal : principals) {
fireEvent(WikiSecurityEvent.PRINCIPAL_ADD, principal, session);
}
// Add all appropriate Authorizer roles
injectAuthorizerRoles(session, m_engine.getAuthorizationManager().getAuthorizer(), null);
return true;
}
return false;
}
Aggregations