Example 61 with NameCallback
use of javax.security.auth.callback.NameCallback in project jackrabbit by apache.
the class CallbackHandlerImpl method handle.
/**
* @param callbacks
* @throws IOException
* @throws UnsupportedCallbackException
* @see CallbackHandler#handle(Callback[])
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof CredentialsCallback) {
((CredentialsCallback) callback).setCredentials(credentials);
} else if (callback instanceof RepositoryCallback) {
/*
if callback handler has been created with null session or
null principalProviderRegistry this handler cannot properly
deal with RepositoryCallback
*/
if (session == null || principalProviderRegistry == null) {
throw new UnsupportedCallbackException(callback);
}
RepositoryCallback rcb = (RepositoryCallback) callback;
rcb.setSession(session);
rcb.setPrincipalProviderRegistry(principalProviderRegistry);
rcb.setAdminId(adminId);
rcb.setAnonymousId(anonymousId);
} else if (credentials != null && credentials instanceof SimpleCredentials) {
SimpleCredentials simpleCreds = (SimpleCredentials) credentials;
if (callback instanceof NameCallback) {
String userId = simpleCreds.getUserID();
((NameCallback) callback).setName(userId);
} else if (callback instanceof PasswordCallback) {
char[] pw = simpleCreds.getPassword();
((PasswordCallback) callback).setPassword(pw);
} else if (callback instanceof ImpersonationCallback) {
Object impersAttr = simpleCreds.getAttribute(SecurityConstants.IMPERSONATOR_ATTRIBUTE);
((ImpersonationCallback) callback).setImpersonator(impersAttr);
} else {
throw new UnsupportedCallbackException(callback);
}
} else {
throw new UnsupportedCallbackException(callback);
}
}
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Example 62 with NameCallback
use of javax.security.auth.callback.NameCallback in project karaf by apache.
the class JaasTest method doLogin.
private void doLogin() throws Exception {
final String userPassRealm = "karaf";
LoginContext lc = new LoginContext(userPassRealm, callbacks -> {
for (Callback callback : callbacks) {
if (callback instanceof PasswordCallback) {
PasswordCallback passwordCallback = (PasswordCallback) callback;
passwordCallback.setPassword(userPassRealm.toCharArray());
} else if (callback instanceof NameCallback) {
NameCallback nameCallback = (NameCallback) callback;
nameCallback.setName(userPassRealm);
}
}
});
lc.login();
assertNotNull(lc.getSubject());
}
Also used :
LoginContext(javax.security.auth.login.LoginContext)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Example 63 with NameCallback
use of javax.security.auth.callback.NameCallback in project karaf by apache.
the class JaasSecurityProvider method doAuthenticate.
public Subject doAuthenticate(final String username, final String password) {
try {
Subject subject = new Subject();
LoginContext loginContext = new LoginContext(realm, subject, callbacks -> {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
((NameCallback) callback).setName(username);
} else if (callback instanceof PasswordCallback) {
((PasswordCallback) callback).setPassword(password.toCharArray());
} else {
throw new UnsupportedCallbackException(callback);
}
}
});
loginContext.login();
if (role != null && role.length() > 0) {
String clazz = "org.apache.karaf.jaas.boot.principal.RolePrincipal";
String name = role;
int idx = role.indexOf(':');
if (idx > 0) {
clazz = role.substring(0, idx);
name = role.substring(idx + 1);
}
boolean found = false;
for (Principal p : subject.getPrincipals()) {
if (p.getClass().getName().equals(clazz) && p.getName().equals(name)) {
found = true;
break;
}
}
if (!found) {
throw new FailedLoginException("User does not have the required role " + role);
}
}
return subject;
} catch (FailedLoginException e) {
LOG.debug("Login failed", e);
return null;
} catch (AccountException e) {
LOG.warn("Account failure", e);
return null;
} catch (GeneralSecurityException e) {
LOG.error("General Security Exception", e);
return null;
}
}
Also used :
GeneralSecurityException(java.security.GeneralSecurityException)
Subject(javax.security.auth.Subject)
LoginContext(javax.security.auth.login.LoginContext)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
FailedLoginException(javax.security.auth.login.FailedLoginException)
AccountException(javax.security.auth.login.AccountException)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Principal(java.security.Principal)
Example 64 with NameCallback
use of javax.security.auth.callback.NameCallback in project karaf by apache.
the class AbstractAuditLoginModule method login.
public boolean login() throws LoginException {
NameCallback user = new NameCallback("User name:");
Callback[] callbacks = new Callback[] { user };
try {
handler.handle(callbacks);
} catch (Exception e) {
throw (LoginException) new LoginException("Unable to process callback: " + e.getMessage()).initCause(e);
}
if (callbacks.length != 1) {
throw new IllegalStateException("Number of callbacks changed by server!");
}
user = (NameCallback) callbacks[0];
username = user.getName();
if (enabled && username != null) {
audit(Action.ATTEMPT, username);
}
return false;
}
Also used :
NameCallback(javax.security.auth.callback.NameCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
LoginException(javax.security.auth.login.LoginException)
LoginException(javax.security.auth.login.LoginException)
Example 65 with NameCallback
use of javax.security.auth.callback.NameCallback in project karaf by apache.
the class JaasAuthenticator method authenticate.
public Subject authenticate(Object credentials) throws SecurityException {
if (!(credentials instanceof String[])) {
throw new IllegalArgumentException("Expected String[2], got " + (credentials != null ? credentials.getClass().getName() : null));
}
final String[] params = (String[]) credentials;
if (params.length != 2) {
throw new IllegalArgumentException("Expected String[2] but length was " + params.length);
}
try {
Subject subject = new Subject();
LoginContext loginContext = new LoginContext(realm, subject, callbacks -> {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof NameCallback) {
((NameCallback) callbacks[i]).setName(params[0]);
} else if (callbacks[i] instanceof PasswordCallback) {
((PasswordCallback) callbacks[i]).setPassword((params[1].toCharArray()));
} else {
throw new UnsupportedCallbackException(callbacks[i]);
}
}
});
loginContext.login();
int roleCount = 0;
for (Principal principal : subject.getPrincipals()) {
if (principal instanceof RolePrincipal) {
roleCount++;
}
}
if (roleCount == 0) {
throw new FailedLoginException("User doesn't have role defined");
}
return subject;
} catch (LoginException e) {
throw new SecurityException("Authentication failed", e);
}
}
Also used :
Subject(javax.security.auth.Subject)
LoginContext(javax.security.auth.login.LoginContext)
NameCallback(javax.security.auth.callback.NameCallback)
FailedLoginException(javax.security.auth.login.FailedLoginException)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
LoginException(javax.security.auth.login.LoginException)
FailedLoginException(javax.security.auth.login.FailedLoginException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal)
RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal)
Principal(java.security.Principal)
Aggregations
NameCallback (javax.security.auth.callback.NameCallback)203
PasswordCallback (javax.security.auth.callback.PasswordCallback)161
Callback (javax.security.auth.callback.Callback)140
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)101
IOException (java.io.IOException)60
LoginException (javax.security.auth.login.LoginException)51
CallbackHandler (javax.security.auth.callback.CallbackHandler)27
ChoiceCallback (javax.security.auth.callback.ChoiceCallback)22
ConfirmationCallback (javax.security.auth.callback.ConfirmationCallback)22
RealmCallback (javax.security.sasl.RealmCallback)22
Subject (javax.security.auth.Subject)19
FailedLoginException (javax.security.auth.login.FailedLoginException)19
LoginContext (javax.security.auth.login.LoginContext)18
AuthorizeCallback (javax.security.sasl.AuthorizeCallback)18
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)17
Test (org.testng.annotations.Test)15
HashMap (java.util.HashMap)14
Test (org.junit.Test)14
IdRepoException (com.sun.identity.idm.IdRepoException)13
TextOutputCallback (javax.security.auth.callback.TextOutputCallback)11
