Search in sources :

Example 81 with UnsupportedCallbackException

use of javax.security.auth.callback.UnsupportedCallbackException in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    if (request.getAttribute("doLogin") != null) {
        // notice "getAttribute" here, this is set by the Servlet
        // For the test perform a login by directly "returning" the details of the authenticated user.
        // Normally credentials would be checked and the details fetched from some repository
        callbacks = new Callback[] { // The name of the authenticated user
        new CallerPrincipalCallback(clientSubject, "test"), // the roles of the authenticated user
        new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
    } else {
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        // Communicate the details of the authenticated user to the container. In many
        // cases the handler will just store the details and the container will actually handle
        // the login after we return from this method.
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) Callback(javax.security.auth.callback.Callback) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) Principal(java.security.Principal)

Example 82 with UnsupportedCallbackException

use of javax.security.auth.callback.UnsupportedCallbackException in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    if (request.getParameter("doLogin") != null) {
        // For the test perform a login by directly "returning" the details of the authenticated user.
        // Normally credentials would be checked and the details fetched from some repository
        callbacks = new Callback[] { // This is the main variant of this test vs basic-authentication
        new CallerPrincipalCallback(clientSubject, new MyPrincipal("test")), // the roles of the authenticated user
        new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
    } else {
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        // Communicate the details of the authenticated user to the container. In many
        // cases the handler will just store the details and the container will actually handle
        // the login after we return from this method.
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) Callback(javax.security.auth.callback.Callback) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) Principal(java.security.Principal)

Example 83 with UnsupportedCallbackException

use of javax.security.auth.callback.UnsupportedCallbackException in project javaee7-samples by javaee-samples.

the class TestLifecycleAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
    try {
        response.getWriter().write("validateRequest invoked\n");
        boolean isMandatory = Boolean.valueOf((String) messageInfo.getMap().get("javax.security.auth.message.MessagePolicy.isMandatory"));
        response.getWriter().write("isMandatory: " + isMandatory + "\n");
        handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) });
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}
Also used : CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)

Example 84 with UnsupportedCallbackException

use of javax.security.auth.callback.UnsupportedCallbackException in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    try {
        HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
        HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
        if ("include".equals(request.getParameter("dispatch"))) {
            request.getRequestDispatcher("/includedServlet").include(request, response);
            // "Do nothing", required protocol when returning SUCCESS
            handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) });
            // resource can also write to the response
            return SUCCESS;
        } else {
            request.getRequestDispatcher("/forwardedServlet").forward(request, response);
            // MUST NOT invoke the resource, so CAN NOT return SUCCESS here.
            return SEND_CONTINUE;
        }
    } catch (IOException | ServletException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) Principal(java.security.Principal)

Example 85 with UnsupportedCallbackException

use of javax.security.auth.callback.UnsupportedCallbackException in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    if (request.getParameter("doLogin") != null) {
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
    } else {
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) Callback(javax.security.auth.callback.Callback) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) Principal(java.security.Principal)

Aggregations

UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)332 Callback (javax.security.auth.callback.Callback)213 IOException (java.io.IOException)201 NameCallback (javax.security.auth.callback.NameCallback)182 PasswordCallback (javax.security.auth.callback.PasswordCallback)177 LoginException (javax.security.auth.login.LoginException)89 CallbackHandler (javax.security.auth.callback.CallbackHandler)63 FailedLoginException (javax.security.auth.login.FailedLoginException)45 LoginContext (javax.security.auth.login.LoginContext)43 Subject (javax.security.auth.Subject)36 Principal (java.security.Principal)34 AuthorizeCallback (javax.security.sasl.AuthorizeCallback)31 RealmCallback (javax.security.sasl.RealmCallback)27 HttpServletRequest (javax.servlet.http.HttpServletRequest)27 HashMap (java.util.HashMap)23 CallerPrincipalCallback (javax.security.auth.message.callback.CallerPrincipalCallback)23 Test (org.junit.Test)21 GroupPrincipalCallback (javax.security.auth.message.callback.GroupPrincipalCallback)20 SaslException (javax.security.sasl.SaslException)19 AuthException (javax.security.auth.message.AuthException)18