Example 51 with UnsupportedCallbackException
use of javax.security.auth.callback.UnsupportedCallbackException in project jackrabbit-oak by apache.
the class AbstractLoginModule method getRoot.
/**
* Tries to obtain a {@code Root} object from the callback handler using
* a new RepositoryCallback and keeps the value as private field.
* If the callback handler isn't able to handle the RepositoryCallback
* this method returns {@code null}.
*
* @return The {@code Root} associated with this {@code LoginModule} or
* {@code null}.
*/
@CheckForNull
protected Root getRoot() {
if (root == null && callbackHandler != null) {
try {
final RepositoryCallback rcb = new RepositoryCallback();
callbackHandler.handle(new Callback[] { rcb });
final ContentRepository repository = rcb.getContentRepository();
if (repository != null) {
systemSession = Subject.doAs(SystemSubject.INSTANCE, new PrivilegedExceptionAction<ContentSession>() {
@Override
public ContentSession run() throws LoginException, NoSuchWorkspaceException {
return repository.login(null, rcb.getWorkspaceName());
}
});
root = systemSession.getLatestRoot();
} else {
log.debug("Unable to retrieve the Root via RepositoryCallback; ContentRepository not available.");
}
} catch (UnsupportedCallbackException | PrivilegedActionException | IOException e) {
log.debug(e.getMessage());
}
}
return root;
}
Also used :
RepositoryCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.RepositoryCallback)
PrivilegedActionException(java.security.PrivilegedActionException)
ContentRepository(org.apache.jackrabbit.oak.api.ContentRepository)
PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
IOException(java.io.IOException)
CheckForNull(javax.annotation.CheckForNull)
Example 52 with UnsupportedCallbackException
use of javax.security.auth.callback.UnsupportedCallbackException in project jackrabbit-oak by apache.
the class AbstractLoginModule method getCredentials.
/**
* Tries to retrieve valid (supported) Credentials:
* <ol>
* <li>using a {@link CredentialsCallback},</li>
* <li>looking for a {@link #SHARED_KEY_CREDENTIALS} entry in the
* shared state (see also {@link #getSharedCredentials()} and finally by</li>
* <li>searching for valid credentials in the subject.</li>
* </ol>
*
* @return Valid (supported) credentials or {@code null}.
*/
@CheckForNull
protected Credentials getCredentials() {
Set<Class> supported = getSupportedCredentials();
if (callbackHandler != null) {
log.debug("Login: retrieving Credentials using callback.");
try {
CredentialsCallback callback = new CredentialsCallback();
callbackHandler.handle(new Callback[] { callback });
Credentials creds = callback.getCredentials();
if (creds != null && supported.contains(creds.getClass())) {
log.debug("Login: Credentials '{}' obtained from callback", creds);
return creds;
} else {
log.debug("Login: No supported credentials obtained from callback; trying shared state.");
}
} catch (UnsupportedCallbackException e) {
log.warn(e.getMessage());
} catch (IOException e) {
log.error(e.getMessage());
}
}
Credentials creds = getSharedCredentials();
if (creds != null && supported.contains(creds.getClass())) {
log.debug("Login: Credentials obtained from shared state.");
return creds;
} else {
log.debug("Login: No supported credentials found in shared state; looking for credentials in subject.");
for (Class clz : getSupportedCredentials()) {
Set<Credentials> cds = subject.getPublicCredentials(clz);
if (!cds.isEmpty()) {
log.debug("Login: Credentials found in subject.");
return cds.iterator().next();
}
}
}
log.debug("No credentials found.");
return null;
}
Also used :
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
IOException(java.io.IOException)
Credentials(javax.jcr.Credentials)
CredentialsCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback)
CheckForNull(javax.annotation.CheckForNull)
Example 53 with UnsupportedCallbackException
use of javax.security.auth.callback.UnsupportedCallbackException in project jspwiki by apache.
the class WebContainerLoginModule method login.
/**
* Logs in the user.
* @see javax.security.auth.spi.LoginModule#login()
*
* @return {@inheritDoc}
* @throws {@inheritDoc}
*/
public boolean login() throws LoginException {
HttpRequestCallback rcb = new HttpRequestCallback();
Callback[] callbacks = new Callback[] { rcb };
String userId = null;
try {
// First, try to extract a Principal object out of the request
// directly. If we find one, we're done.
m_handler.handle(callbacks);
HttpServletRequest request = rcb.getRequest();
if (request == null) {
throw new LoginException("No Http request supplied.");
}
HttpSession session = request.getSession(false);
String sid = (session == null) ? NULL : session.getId();
Principal principal = request.getUserPrincipal();
if (principal == null) {
// If no Principal in request, try the remoteUser
if (log.isDebugEnabled()) {
log.debug("No userPrincipal found for session ID=" + sid);
}
userId = request.getRemoteUser();
if (userId == null) {
if (log.isDebugEnabled()) {
log.debug("No remoteUser found for session ID=" + sid);
}
throw new FailedLoginException("No remote user found");
}
principal = new WikiPrincipal(userId, WikiPrincipal.LOGIN_NAME);
}
if (log.isDebugEnabled()) {
log.debug("Logged in container principal " + principal.getName() + ".");
}
m_principals.add(principal);
return true;
} catch (IOException e) {
log.error("IOException: " + e.getMessage());
return false;
} catch (UnsupportedCallbackException e) {
log.error("UnsupportedCallbackException: " + e.getMessage());
return false;
}
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
Callback(javax.security.auth.callback.Callback)
FailedLoginException(javax.security.auth.login.FailedLoginException)
WikiPrincipal(org.apache.wiki.auth.WikiPrincipal)
HttpSession(javax.servlet.http.HttpSession)
LoginException(javax.security.auth.login.LoginException)
FailedLoginException(javax.security.auth.login.FailedLoginException)
IOException(java.io.IOException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
WikiPrincipal(org.apache.wiki.auth.WikiPrincipal)
Principal(java.security.Principal)
Example 54 with UnsupportedCallbackException
use of javax.security.auth.callback.UnsupportedCallbackException in project jbossws-cxf by jbossws.
the class SamlCallbackHandler method handle.
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof SAMLCallback) {
SAMLCallback callback = (SAMLCallback) callbacks[i];
if (saml2) {
callback.setSamlVersion(Version.SAML_20);
}
callback.setIssuer("sts");
String subjectName = "uid=sts-client,o=jbws-cxf-sts.com";
String subjectQualifier = "www.jbws-cxf-sts.org";
SubjectBean subjectBean = new SubjectBean(subjectName, subjectQualifier, confirmationMethod);
if (SAML2Constants.CONF_HOLDER_KEY.equals(confirmationMethod) || SAML1Constants.CONF_HOLDER_KEY.equals(confirmationMethod)) {
try {
KeyInfoBean keyInfo = createKeyInfo();
subjectBean.setKeyInfo(keyInfo);
} catch (Exception ex) {
throw new IOException("Problem creating KeyInfo: " + ex.getMessage());
}
}
callback.setSubject(subjectBean);
AttributeStatementBean attrBean = new AttributeStatementBean();
attrBean.setSubject(subjectBean);
AttributeBean attributeBean = new AttributeBean();
if (saml2) {
attributeBean.setQualifiedName("subject-role");
} else {
attributeBean.setSimpleName("subject-role");
attributeBean.setQualifiedName("http://custom-ns");
}
attributeBean.addAttributeValue("system-user");
attrBean.setSamlAttributes(Collections.singletonList(attributeBean));
callback.setAttributeStatementData(Collections.singletonList(attrBean));
try {
String file = "META-INF/alice.properties";
Crypto crypto = CryptoFactory.getInstance(file);
callback.setIssuerCrypto(crypto);
callback.setIssuerKeyName("alice");
callback.setIssuerKeyPassword("password");
callback.setSignAssertion(signed);
} catch (WSSecurityException e) {
throw new IOException(e);
}
}
}
}
Also used :
SubjectBean(org.apache.wss4j.common.saml.bean.SubjectBean)
KeyInfoBean(org.apache.wss4j.common.saml.bean.KeyInfoBean)
AttributeStatementBean(org.apache.wss4j.common.saml.bean.AttributeStatementBean)
Crypto(org.apache.wss4j.common.crypto.Crypto)
SAMLCallback(org.apache.wss4j.common.saml.SAMLCallback)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
IOException(java.io.IOException)
AttributeBean(org.apache.wss4j.common.saml.bean.AttributeBean)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
IOException(java.io.IOException)
WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException)
Example 55 with UnsupportedCallbackException
use of javax.security.auth.callback.UnsupportedCallbackException in project wildfly-swarm by wildfly-swarm.
the class AuthCallbackHandler method handle.
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback current : callbacks) {
if (current instanceof NameCallback) {
NameCallback ncb = (NameCallback) current;
ncb.setName(this.userName);
} else if (current instanceof RealmCallback) {
RealmCallback rcb = (RealmCallback) current;
rcb.setText(rcb.getDefaultText());
} else if (current instanceof CredentialCallback) {
CredentialCallback ccb = (CredentialCallback) current;
try {
DigestPasswordAlgorithmSpec algoSpec = new DigestPasswordAlgorithmSpec(this.userName, this.realm);
EncryptablePasswordSpec passwordSpec = new EncryptablePasswordSpec(this.password.toCharArray(), algoSpec);
Password passwd = PasswordFactory.getInstance(ALGORITHM_DIGEST_MD5).generatePassword(passwordSpec);
Credential creds = new PasswordCredential(passwd);
ccb.setCredential(creds);
} catch (InvalidKeySpecException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
} else if (current instanceof PasswordCallback) {
PasswordCallback pcb = (PasswordCallback) current;
pcb.setPassword(this.password.toCharArray());
} else {
throw new UnsupportedCallbackException(current);
}
}
}
Also used :
PasswordCredential(org.wildfly.security.credential.PasswordCredential)
Credential(org.wildfly.security.credential.Credential)
PasswordCredential(org.wildfly.security.credential.PasswordCredential)
CredentialCallback(org.wildfly.security.auth.callback.CredentialCallback)
EncryptablePasswordSpec(org.wildfly.security.password.spec.EncryptablePasswordSpec)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
RealmCallback(javax.security.sasl.RealmCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
CredentialCallback(org.wildfly.security.auth.callback.CredentialCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
DigestPasswordAlgorithmSpec(org.wildfly.security.password.spec.DigestPasswordAlgorithmSpec)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
RealmCallback(javax.security.sasl.RealmCallback)
Password(org.wildfly.security.password.Password)
Aggregations
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)332
Callback (javax.security.auth.callback.Callback)213
IOException (java.io.IOException)201
NameCallback (javax.security.auth.callback.NameCallback)182
PasswordCallback (javax.security.auth.callback.PasswordCallback)177
LoginException (javax.security.auth.login.LoginException)89
CallbackHandler (javax.security.auth.callback.CallbackHandler)63
FailedLoginException (javax.security.auth.login.FailedLoginException)45
LoginContext (javax.security.auth.login.LoginContext)43
Subject (javax.security.auth.Subject)36
Principal (java.security.Principal)34
AuthorizeCallback (javax.security.sasl.AuthorizeCallback)31
RealmCallback (javax.security.sasl.RealmCallback)27
HttpServletRequest (javax.servlet.http.HttpServletRequest)27
HashMap (java.util.HashMap)23
CallerPrincipalCallback (javax.security.auth.message.callback.CallerPrincipalCallback)23
Test (org.junit.Test)21
GroupPrincipalCallback (javax.security.auth.message.callback.GroupPrincipalCallback)20
SaslException (javax.security.sasl.SaslException)19
AuthException (javax.security.auth.message.AuthException)18
