Example 41 with NameCallback
use of javax.security.auth.callback.NameCallback in project OpenAM by OpenRock.
the class ServerConfigMgr method authenticateDsameUser.
private static boolean authenticateDsameUser(SSOToken ssoToken, String oldPassword, String newPassword) {
Callback[] idCallbacks = new Callback[2];
NameCallback nameCallback = new NameCallback("dummy");
nameCallback.setName("dsameuser");
idCallbacks[0] = nameCallback;
PasswordCallback passwordCallback = new PasswordCallback("dummy", false);
passwordCallback.setPassword(oldPassword.toCharArray());
idCallbacks[1] = passwordCallback;
try {
AMIdentityRepository amir = new AMIdentityRepository("/", ssoToken);
if (!amir.authenticate(idCallbacks)) {
passwordCallback.setPassword(newPassword.toCharArray());
return amir.authenticate(idCallbacks);
}
return true;
} catch (AuthLoginException ex) {
return false;
} catch (IdRepoException ex) {
return false;
}
}
Also used :
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
NameCallback(javax.security.auth.callback.NameCallback)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdRepoException(com.sun.identity.idm.IdRepoException)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
Example 42 with NameCallback
use of javax.security.auth.callback.NameCallback in project alluxio by Alluxio.
the class PlainSaslServer method evaluateResponse.
@Override
public byte[] evaluateResponse(byte[] response) throws SaslException {
Preconditions.checkState(!mCompleted, "PLAIN authentication has completed");
Preconditions.checkArgument(response != null, "Received null response");
try {
// parse the response
// message = [authorizationId] UTF8NUL authenticationId UTF8NUL passwd'
// authorizationId may be empty,then the authorizationId = authenticationId
String payload;
try {
payload = new String(response, "UTF-8");
} catch (Exception e) {
throw new IllegalArgumentException("Received corrupt response", e);
}
String[] parts = payload.split("�", 3);
// validate response
if (parts.length != 3) {
throw new IllegalArgumentException("Invalid message format, parts must contain 3 items");
}
String authorizationId = parts[0];
String authenticationId = parts[1];
String passwd = parts[2];
Preconditions.checkState(authenticationId != null && !authenticationId.isEmpty(), "No authentication identity provided");
Preconditions.checkState(passwd != null && !passwd.isEmpty(), "No password provided");
if (authorizationId == null || authorizationId.isEmpty()) {
authorizationId = authenticationId;
} else if (!authorizationId.equals(authenticationId)) {
// TODO(dong): support impersonation
throw new UnsupportedOperationException("Impersonation is not supported now.");
}
NameCallback nameCallback = new NameCallback("User");
nameCallback.setName(authenticationId);
PasswordCallback passwordCallback = new PasswordCallback("Password", false);
passwordCallback.setPassword(passwd.toCharArray());
AuthorizeCallback authCallback = new AuthorizeCallback(authenticationId, authorizationId);
Callback[] cbList = { nameCallback, passwordCallback, authCallback };
mHandler.handle(cbList);
if (!authCallback.isAuthorized()) {
throw new SaslException("AuthorizeCallback authorized failure");
}
mAuthorizationId = authCallback.getAuthorizedID();
} catch (Exception e) {
throw new SaslException("Plain authentication failed: " + e.getMessage(), e);
}
mCompleted = true;
return null;
}
Also used :
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
AuthorizeCallback(javax.security.sasl.AuthorizeCallback)
Callback(javax.security.auth.callback.Callback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
SaslException(javax.security.sasl.SaslException)
SaslException(javax.security.sasl.SaslException)
AuthorizeCallback(javax.security.sasl.AuthorizeCallback)
Example 43 with NameCallback
use of javax.security.auth.callback.NameCallback in project alluxio by Alluxio.
the class PlainSaslClientCallbackHandlerTest method clientCallbackHandler.
/**
* Tests that the callback is handled correctly.
*/
@Test
public void clientCallbackHandler() throws Exception {
Callback[] callbacks = new Callback[2];
callbacks[0] = new NameCallback("Username:");
callbacks[1] = new PasswordCallback("Password:", true);
String user = "alluxio-user-1";
String password = "alluxio-user-1-password";
CallbackHandler clientCBHandler = new PlainSaslClientCallbackHandler(user, password);
clientCBHandler.handle(callbacks);
validateCallbacks(user, password, callbacks);
}
Also used :
CallbackHandler(javax.security.auth.callback.CallbackHandler)
RealmCallback(javax.security.sasl.RealmCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Test(org.junit.Test)
Example 44 with NameCallback
use of javax.security.auth.callback.NameCallback in project alluxio by Alluxio.
the class PlainSaslClientCallbackHandlerTest method unsupportCallback.
/**
* Tests that an exception is thrown in case an unsupported callback is used.
*/
@Test
public void unsupportCallback() throws Exception {
mThrown.expect(UnsupportedCallbackException.class);
mThrown.expectMessage(RealmCallback.class + " is unsupported.");
Callback[] callbacks = new Callback[3];
callbacks[0] = new NameCallback("Username:");
callbacks[1] = new PasswordCallback("Password:", true);
callbacks[2] = new RealmCallback("Realm:");
String user = "alluxio-user-2";
String password = "alluxio-user-2-password";
CallbackHandler clientCBHandler = new PlainSaslClientCallbackHandler(user, password);
clientCBHandler.handle(callbacks);
}
Also used :
CallbackHandler(javax.security.auth.callback.CallbackHandler)
RealmCallback(javax.security.sasl.RealmCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
RealmCallback(javax.security.sasl.RealmCallback)
Test(org.junit.Test)
Example 45 with NameCallback
use of javax.security.auth.callback.NameCallback in project alluxio by Alluxio.
the class PlainSaslServerCallbackHandlerTest method authenticateNameMatch.
/**
* Tests that the authentication callbacks matches.
*
* @throws Exception thrown if the handler fails
*/
@Test
public void authenticateNameMatch() throws Exception {
String authenticateId = "alluxio-1";
NameCallback ncb = new NameCallback(" authentication id: ");
ncb.setName(authenticateId);
PasswordCallback pcb = new PasswordCallback(" password: ", false);
pcb.setPassword("password".toCharArray());
Callback[] callbacks = new Callback[] { ncb, pcb, new AuthorizeCallback(authenticateId, authenticateId) };
mPlainServerCBHandler.handle(callbacks);
}
Also used :
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
AuthorizeCallback(javax.security.sasl.AuthorizeCallback)
Callback(javax.security.auth.callback.Callback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
AuthorizeCallback(javax.security.sasl.AuthorizeCallback)
Test(org.junit.Test)
Aggregations
NameCallback (javax.security.auth.callback.NameCallback)203
PasswordCallback (javax.security.auth.callback.PasswordCallback)161
Callback (javax.security.auth.callback.Callback)140
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)101
IOException (java.io.IOException)60
LoginException (javax.security.auth.login.LoginException)51
CallbackHandler (javax.security.auth.callback.CallbackHandler)27
ChoiceCallback (javax.security.auth.callback.ChoiceCallback)22
ConfirmationCallback (javax.security.auth.callback.ConfirmationCallback)22
RealmCallback (javax.security.sasl.RealmCallback)22
Subject (javax.security.auth.Subject)19
FailedLoginException (javax.security.auth.login.FailedLoginException)19
LoginContext (javax.security.auth.login.LoginContext)18
AuthorizeCallback (javax.security.sasl.AuthorizeCallback)18
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)17
Test (org.testng.annotations.Test)15
HashMap (java.util.HashMap)14
Test (org.junit.Test)14
IdRepoException (com.sun.identity.idm.IdRepoException)13
TextOutputCallback (javax.security.auth.callback.TextOutputCallback)11
