Examples with NameCallback javax.security.auth.callback.NameCallback used on opensource projects

Example 36 with NameCallback

use of javax.security.auth.callback.NameCallback in project OpenAM by OpenRock.

the class Membership method loginUser.

private ModuleState loginUser(Callback[] callbacks) throws AuthLoginException {
    String password = null;
    Callback[] idCallbacks = new Callback[2];
    try {
        if (callbacks != null && callbacks.length == 0) {
            userName = (String) sharedState.get(getUserKey());
            password = (String) sharedState.get(getPwdKey());
            if (userName == null || password == null) {
                return ModuleState.LOGIN_START;
            }
            getCredentialsFromSharedState = true;
            NameCallback nameCallback = new NameCallback("dummy");
            nameCallback.setName(userName);
            idCallbacks[0] = nameCallback;
            PasswordCallback passwordCallback = new PasswordCallback("dummy", false);
            passwordCallback.setPassword(password.toCharArray());
            idCallbacks[1] = passwordCallback;
        } else {
            idCallbacks = callbacks;
            //callbacks is not null
            userName = ((NameCallback) callbacks[0]).getName();
            password = String.valueOf(((PasswordCallback) callbacks[1]).getPassword());
        }
        if (password == null || password.length() == 0) {
            if (debug.messageEnabled()) {
                debug.message("Membership.loginUser: Password is null/empty");
            }
            throw new InvalidPasswordException("amAuth", "invalidPasswd", null);
        }
        //store username password both in success and failure case
        storeUsernamePasswd(userName, password);
        initAuthConfig();
        AMIdentityRepository idrepo = getAMIdentityRepository(getRequestOrg());
        boolean success = idrepo.authenticate(idCallbacks);
        if (success) {
            validatedUserID = userName;
            return ModuleState.COMPLETE;
        } else {
            throw new AuthLoginException(amAuthMembership, "authFailed", null);
        }
    } catch (IdRepoException ex) {
        if (getCredentialsFromSharedState && !isUseFirstPassEnabled()) {
            getCredentialsFromSharedState = false;
            return ModuleState.LOGIN_START;
        }
        if (debug.warningEnabled()) {
            debug.warning("idRepo Exception");
        }
        setFailureID(userName);
        throw new AuthLoginException(amAuthMembership, "authFailed", null, ex);
    }
}

Example 37 with NameCallback

use of javax.security.auth.callback.NameCallback in project opennms by OpenNMS.

the class LoginModuleUtils method doLogin.

public static boolean doLogin(final OpenNMSLoginHandler handler, final Subject subject, final Map<String, ?> sharedState, final Map<String, ?> options) throws LoginException {
    LOG.debug("OpenNMSLoginModule: login(): handler={}, subject={}, sharedState={}, options={}", handler.getClass(), subject.getClass(), sharedState, options);
    final Callback[] callbacks = new Callback[2];
    callbacks[0] = new NameCallback("Username: ");
    callbacks[1] = new PasswordCallback("Password: ", false);
    try {
        handler.callbackHandler().handle(callbacks);
    } catch (final IOException ioe) {
        LOG.debug("IO exception while attempting to prompt for username and password.", ioe);
        throw new LoginException(ioe.getMessage());
    } catch (final UnsupportedCallbackException uce) {
        LOG.debug("Username or password prompt not supported.", uce);
        throw new LoginException(uce.getMessage() + " not available to obtain information from user.");
    }
    final String user = ((NameCallback) callbacks[0]).getName();
    handler.setUser(user);
    if (user == null) {
        final String msg = "Username can not be null.";
        LOG.debug(msg);
        throw new LoginException(msg);
    }
    // password callback get value
    if (((PasswordCallback) callbacks[1]).getPassword() == null) {
        final String msg = "Password can not be null.";
        LOG.debug(msg);
        throw new LoginException(msg);
    }
    final String password = new String(((PasswordCallback) callbacks[1]).getPassword());
    final User configUser;
    final SpringSecurityUser onmsUser;
    try {
        configUser = handler.userConfig().getUser(user);
        onmsUser = handler.springSecurityUserDao().getByUsername(user);
    } catch (final Exception e) {
        final String message = "Failed to retrieve user " + user + " from OpenNMS UserConfig.";
        LOG.debug(message, e);
        throw new LoginException(message);
    }
    if (configUser == null) {
        final String msg = "User  " + user + " does not exist.";
        LOG.debug(msg);
        throw new FailedLoginException(msg);
    }
    if (!handler.userConfig().comparePasswords(user, password)) {
        final String msg = "Login failed: passwords did not match.";
        LOG.debug(msg);
        throw new FailedLoginException(msg);
    }
    ;
    boolean allowed = true;
    final Set<Principal> principals = LoginModuleUtils.createPrincipals(handler, onmsUser.getAuthorities());
    handler.setPrincipals(principals);
    if (handler.requiresAdminRole()) {
        allowed = false;
        for (final Principal principal : principals) {
            final String name = principal.getName().toLowerCase().replaceAll("^role_", "");
            if ("admin".equals(name)) {
                allowed = true;
            }
        }
    }
    if (!allowed) {
        final String msg = "User " + user + " is not an administrator!  OSGi console access is forbidden.";
        LOG.debug(msg);
        throw new LoginException(msg);
    }
    LOG.debug("Successfully logged in {}.", user);
    return true;
}

Example 38 with NameCallback

use of javax.security.auth.callback.NameCallback in project OpenAM by OpenRock.

the class DevicePrintAuthenticationServiceTest method shouldLoginSuccessfullyWhenValidMatchingStoredDevicePrintProfilesFound.

/**
     * 3) first call ISAuthConstants.LOGIN_START - device print attr populated, with a valid stored profile - should return ISAuthConstants.LOGIN_SUCCEED
     */
@Test
public void shouldLoginSuccessfullyWhenValidMatchingStoredDevicePrintProfilesFound() throws AuthLoginException {
    //Given
    Callback[] callbacks = new Callback[1];
    NameCallback devicePrintCallback = mock(NameCallback.class);
    int state = ISAuthConstants.LOGIN_START;
    DevicePrint devicePrint = mock(DevicePrint.class);
    UserProfile validStoredMatchingProfile = mock(UserProfile.class);
    UserProfile selectedUserProfile = validStoredMatchingProfile;
    callbacks[0] = devicePrintCallback;
    given(devicePrintCallback.getName()).willReturn("DEVICE_PRINT_INFO");
    given(devicePrintService.getDevicePrint(request)).willReturn(devicePrint);
    given(devicePrintService.hasRequiredAttributes(devicePrint)).willReturn(true);
    given(devicePrintService.getBestMatchingUserProfile(devicePrint)).willReturn(selectedUserProfile);
    //When
    int nextState = devicePrintAuthenticationService.process(callbacks, state);
    //Then
    assertEquals(nextState, ISAuthConstants.LOGIN_SUCCEED);
}

Example 39 with NameCallback

use of javax.security.auth.callback.NameCallback in project OpenAM by OpenRock.

the class DevicePrintAuthenticationServiceTest method shouldSendOTPWhenDevicePrintInfoNotSufficient.

/*

    1) first call ISAuthConstants.LOGIN_START - device print attr populated, device print info not sufficient - should return ISAuthConstants.LOGIN_SUCCEED
    2) first call ISAuthConstants.LOGIN_START - device print attr populated, with invalid stored profiles using OTP - should return 2
    3) first call ISAuthConstants.LOGIN_START - device print attr populated, with a valid stored profile - should return ISAuthConstants.LOGIN_SUCCEED

    4) second call, using OPT, 2 - request OPT to be sent - should return 2
    5) third call, using OPT, 2 - OPT code submitted, with correct code - should return 3
    6) third call, using OPT, 2 - OPT code submitted, with incorrect code - should throw exception

    7) fourth call, 3 - don't save profile - should return ISAuthConstants.LOGIN_SUCCEED, with no profile saved
    8) fourth call, 3 - save profile, having no valid previous profiles - should create new profile, return ISAuthConstants.LOGIN_SUCCEED
    9) fourth call, 3 - save profile, having a valid previous profile - should update previous profile, return ISAuthConstants.LOGIN_SUCCEED

     */
/**
     * 1) first call ISAuthConstants.LOGIN_START - device print attr populated, device print info not sufficient - should return 2 (SEND_OPT)
     */
@Test
public void shouldSendOTPWhenDevicePrintInfoNotSufficient() throws AuthLoginException {
    //Given
    Callback[] callbacks = new Callback[1];
    NameCallback devicePrintCallback = mock(NameCallback.class);
    int state = ISAuthConstants.LOGIN_START;
    DevicePrint devicePrint = mock(DevicePrint.class);
    callbacks[0] = devicePrintCallback;
    given(devicePrintCallback.getName()).willReturn("DEVICE_PRINT_INFO");
    given(devicePrintService.getDevicePrint(request)).willReturn(devicePrint);
    given(devicePrintService.hasRequiredAttributes(devicePrint)).willReturn(false);
    //When
    int nextState = devicePrintAuthenticationService.process(callbacks, state);
    //Then
    assertEquals(nextState, 2);
}

Example 40 with NameCallback

use of javax.security.auth.callback.NameCallback in project ats-framework by Axway.

the class CredentialCallbackHandler method handle.

public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (int i = 0; i < callbacks.length; i++) {
        if (callbacks[i] instanceof NameCallback) {
            NameCallback nc = (NameCallback) callbacks[i];
            nc.setName(username);
        } else if (callbacks[i] instanceof PasswordCallback) {
            PasswordCallback pc = (PasswordCallback) callbacks[i];
            pc.setPassword(password);
        }
    }
}