Example 96 with NameCallback
use of javax.security.auth.callback.NameCallback in project hive by apache.
the class PlainSaslServer method evaluateResponse.
@Override
public byte[] evaluateResponse(byte[] response) throws SaslException {
try {
// parse the response
// message = [authzid] UTF8NUL authcid UTF8NUL passwd'
Deque<String> tokenList = new ArrayDeque<String>();
StringBuilder messageToken = new StringBuilder();
for (byte b : response) {
if (b == 0) {
tokenList.addLast(messageToken.toString());
messageToken = new StringBuilder();
} else {
messageToken.append((char) b);
}
}
tokenList.addLast(messageToken.toString());
// validate response
if (tokenList.size() < 2 || tokenList.size() > 3) {
throw new SaslException("Invalid message format");
}
String passwd = tokenList.removeLast();
user = tokenList.removeLast();
// optional authzid
String authzId;
if (tokenList.isEmpty()) {
authzId = user;
} else {
authzId = tokenList.removeLast();
}
if (user == null || user.isEmpty()) {
throw new SaslException("No user name provided");
}
if (passwd == null || passwd.isEmpty()) {
throw new SaslException("No password name provided");
}
NameCallback nameCallback = new NameCallback("User");
nameCallback.setName(user);
PasswordCallback pcCallback = new PasswordCallback("Password", false);
pcCallback.setPassword(passwd.toCharArray());
AuthorizeCallback acCallback = new AuthorizeCallback(user, authzId);
Callback[] cbList = { nameCallback, pcCallback, acCallback };
handler.handle(cbList);
if (!acCallback.isAuthorized()) {
throw new SaslException("Authentication failed");
}
} catch (IllegalStateException eL) {
throw new SaslException("Invalid message format", eL);
} catch (IOException eI) {
throw new SaslException("Error validating the login", eI);
} catch (UnsupportedCallbackException eU) {
throw new SaslException("Error validating the login", eU);
}
return null;
}
Also used :
IOException(java.io.IOException)
SaslException(javax.security.sasl.SaslException)
ArrayDeque(java.util.ArrayDeque)
AuthorizeCallback(javax.security.sasl.AuthorizeCallback)
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
AuthorizeCallback(javax.security.sasl.AuthorizeCallback)
Callback(javax.security.auth.callback.Callback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Example 97 with NameCallback
use of javax.security.auth.callback.NameCallback in project storm by apache.
the class AbstractSaslClientCallbackHandler method handle.
/**
* This method is invoked by SASL for authentication challenges
* @param callbacks a collection of challenge callbacks
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback c : callbacks) {
if (c instanceof NameCallback) {
LOG.debug("name callback");
NameCallback nc = (NameCallback) c;
nc.setName(_username);
} else if (c instanceof PasswordCallback) {
LOG.debug("password callback");
PasswordCallback pc = (PasswordCallback) c;
if (_password != null) {
pc.setPassword(_password.toCharArray());
}
} else if (c instanceof AuthorizeCallback) {
LOG.debug("authorization callback");
AuthorizeCallback ac = (AuthorizeCallback) c;
String authid = ac.getAuthenticationID();
String authzid = ac.getAuthorizationID();
if (authid.equals(authzid)) {
ac.setAuthorized(true);
} else {
ac.setAuthorized(false);
}
if (ac.isAuthorized()) {
ac.setAuthorizedID(authzid);
}
} else if (c instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) c;
((RealmCallback) c).setText(rc.getDefaultText());
} else {
throw new UnsupportedCallbackException(c);
}
}
}
Also used :
RealmCallback(javax.security.sasl.RealmCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
AuthorizeCallback(javax.security.sasl.AuthorizeCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
AuthorizeCallback(javax.security.sasl.AuthorizeCallback)
RealmCallback(javax.security.sasl.RealmCallback)
Example 98 with NameCallback
use of javax.security.auth.callback.NameCallback in project jetty.project by eclipse.
the class JAASLoginService method getUserName.
/* ------------------------------------------------------------ */
private String getUserName(CallbackHandler callbackHandler) throws IOException, UnsupportedCallbackException {
NameCallback nameCallback = new NameCallback("foo");
callbackHandler.handle(new Callback[] { nameCallback });
return nameCallback.getName();
}
Also used :
NameCallback(javax.security.auth.callback.NameCallback)
Example 99 with NameCallback
use of javax.security.auth.callback.NameCallback in project jetty.project by eclipse.
the class JAASLoginService method login.
/* ------------------------------------------------------------ */
@Override
public UserIdentity login(final String username, final Object credentials, final ServletRequest request) {
try {
CallbackHandler callbackHandler = null;
if (_callbackHandlerClass == null) {
callbackHandler = new CallbackHandler() {
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
((NameCallback) callback).setName(username);
} else if (callback instanceof PasswordCallback) {
((PasswordCallback) callback).setPassword((char[]) credentials.toString().toCharArray());
} else if (callback instanceof ObjectCallback) {
((ObjectCallback) callback).setObject(credentials);
} else if (callback instanceof RequestParameterCallback) {
RequestParameterCallback rpc = (RequestParameterCallback) callback;
if (request != null)
rpc.setParameterValues(Arrays.asList(request.getParameterValues(rpc.getParameterName())));
} else
throw new UnsupportedCallbackException(callback);
}
}
};
} else {
Class<?> clazz = Loader.loadClass(_callbackHandlerClass);
callbackHandler = (CallbackHandler) clazz.newInstance();
}
//set up the login context
//TODO jaspi requires we provide the Configuration parameter
Subject subject = new Subject();
LoginContext loginContext = new LoginContext(_loginModuleName, subject, callbackHandler);
loginContext.login();
//login success
JAASUserPrincipal userPrincipal = new JAASUserPrincipal(getUserName(callbackHandler), subject, loginContext);
subject.getPrincipals().add(userPrincipal);
return _identityService.newUserIdentity(subject, userPrincipal, getGroups(subject));
} catch (LoginException e) {
LOG.warn(e);
} catch (IOException e) {
LOG.warn(e);
} catch (UnsupportedCallbackException e) {
LOG.warn(e);
} catch (InstantiationException e) {
LOG.warn(e);
} catch (IllegalAccessException e) {
LOG.warn(e);
} catch (ClassNotFoundException e) {
LOG.warn(e);
}
return null;
}
Also used :
CallbackHandler(javax.security.auth.callback.CallbackHandler)
ObjectCallback(org.eclipse.jetty.jaas.callback.ObjectCallback)
IOException(java.io.IOException)
Subject(javax.security.auth.Subject)
ObjectCallback(org.eclipse.jetty.jaas.callback.ObjectCallback)
RequestParameterCallback(org.eclipse.jetty.jaas.callback.RequestParameterCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
LoginContext(javax.security.auth.login.LoginContext)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
LoginException(javax.security.auth.login.LoginException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
RequestParameterCallback(org.eclipse.jetty.jaas.callback.RequestParameterCallback)
Example 100 with NameCallback
use of javax.security.auth.callback.NameCallback in project jetty.project by eclipse.
the class AbstractLoginModule method login.
/**
* @see javax.security.auth.spi.LoginModule#login()
* @return true if is authenticated, false otherwise
* @throws LoginException if unable to login
*/
public boolean login() throws LoginException {
try {
if (isIgnored())
return false;
if (callbackHandler == null)
throw new LoginException("No callback handler");
Callback[] callbacks = configureCallbacks();
callbackHandler.handle(callbacks);
String webUserName = ((NameCallback) callbacks[0]).getName();
Object webCredential = null;
//first check if ObjectCallback has the credential
webCredential = ((ObjectCallback) callbacks[1]).getObject();
if (webCredential == null)
//use standard PasswordCallback
webCredential = ((PasswordCallback) callbacks[2]).getPassword();
if ((webUserName == null) || (webCredential == null)) {
setAuthenticated(false);
throw new FailedLoginException();
}
UserInfo userInfo = getUserInfo(webUserName);
if (userInfo == null) {
setAuthenticated(false);
throw new FailedLoginException();
}
currentUser = new JAASUserInfo(userInfo);
setAuthenticated(currentUser.checkCredential(webCredential));
if (isAuthenticated()) {
currentUser.fetchRoles();
return true;
} else
throw new FailedLoginException();
} catch (IOException e) {
throw new LoginException(e.toString());
} catch (UnsupportedCallbackException e) {
throw new LoginException(e.toString());
} catch (Exception e) {
if (e instanceof LoginException)
throw (LoginException) e;
throw new LoginException(e.toString());
}
}
Also used :
IOException(java.io.IOException)
LoginException(javax.security.auth.login.LoginException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
IOException(java.io.IOException)
FailedLoginException(javax.security.auth.login.FailedLoginException)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
ObjectCallback(org.eclipse.jetty.jaas.callback.ObjectCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
FailedLoginException(javax.security.auth.login.FailedLoginException)
LoginException(javax.security.auth.login.LoginException)
FailedLoginException(javax.security.auth.login.FailedLoginException)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Aggregations
NameCallback (javax.security.auth.callback.NameCallback)185
PasswordCallback (javax.security.auth.callback.PasswordCallback)145
Callback (javax.security.auth.callback.Callback)126
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)89
IOException (java.io.IOException)53
LoginException (javax.security.auth.login.LoginException)46
CallbackHandler (javax.security.auth.callback.CallbackHandler)22
ConfirmationCallback (javax.security.auth.callback.ConfirmationCallback)21
ChoiceCallback (javax.security.auth.callback.ChoiceCallback)20
RealmCallback (javax.security.sasl.RealmCallback)20
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)17
FailedLoginException (javax.security.auth.login.FailedLoginException)17
Subject (javax.security.auth.Subject)16
LoginContext (javax.security.auth.login.LoginContext)15
AuthorizeCallback (javax.security.sasl.AuthorizeCallback)15
Test (org.testng.annotations.Test)15
HashMap (java.util.HashMap)14
Test (org.junit.Test)14
IdRepoException (com.sun.identity.idm.IdRepoException)13
SaslException (javax.security.sasl.SaslException)11
