Example 6 with UnsupportedCallbackException
use of javax.security.auth.callback.UnsupportedCallbackException in project tomcat by apache.
the class JAASMemoryLoginModule method getCatalinaBase.
private String getCatalinaBase() {
if (callbackHandler == null) {
return null;
}
Callback[] callbacks = new Callback[1];
callbacks[0] = new TextInputCallback("catalinaBase");
String result = null;
try {
callbackHandler.handle(callbacks);
result = ((TextInputCallback) callbacks[0]).getText();
} catch (IOException | UnsupportedCallbackException e) {
return null;
}
return result;
}
Also used :
TextInputCallback(javax.security.auth.callback.TextInputCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
IOException(java.io.IOException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
TextInputCallback(javax.security.auth.callback.TextInputCallback)
Example 7 with UnsupportedCallbackException
use of javax.security.auth.callback.UnsupportedCallbackException in project jetty.project by eclipse.
the class ServletCallbackHandler method handle.
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback callback : callbacks) {
// jaspi to server communication
if (callback instanceof CallerPrincipalCallback) {
_callerPrincipals.set((CallerPrincipalCallback) callback);
} else if (callback instanceof GroupPrincipalCallback) {
_groupPrincipals.set((GroupPrincipalCallback) callback);
} else if (callback instanceof PasswordValidationCallback) {
PasswordValidationCallback passwordValidationCallback = (PasswordValidationCallback) callback;
Subject subject = passwordValidationCallback.getSubject();
UserIdentity user = _loginService.login(passwordValidationCallback.getUsername(), passwordValidationCallback.getPassword(), null);
if (user != null) {
passwordValidationCallback.setResult(true);
passwordValidationCallback.getSubject().getPrincipals().addAll(user.getSubject().getPrincipals());
passwordValidationCallback.getSubject().getPrivateCredentials().add(user);
}
} else if (callback instanceof CredentialValidationCallback) {
CredentialValidationCallback credentialValidationCallback = (CredentialValidationCallback) callback;
Subject subject = credentialValidationCallback.getSubject();
LoginCallback loginCallback = new LoginCallbackImpl(subject, credentialValidationCallback.getUsername(), credentialValidationCallback.getCredential());
UserIdentity user = _loginService.login(credentialValidationCallback.getUsername(), credentialValidationCallback.getCredential(), null);
if (user != null) {
loginCallback.setUserPrincipal(user.getUserPrincipal());
credentialValidationCallback.getSubject().getPrivateCredentials().add(loginCallback);
credentialValidationCallback.setResult(true);
credentialValidationCallback.getSubject().getPrincipals().addAll(user.getSubject().getPrincipals());
credentialValidationCallback.getSubject().getPrivateCredentials().add(user);
}
} else // TODO implement these
if (callback instanceof CertStoreCallback) {
} else if (callback instanceof PrivateKeyCallback) {
} else if (callback instanceof SecretKeyCallback) {
} else if (callback instanceof TrustStoreCallback) {
} else {
throw new UnsupportedCallbackException(callback);
}
}
}
Also used :
LoginCallback(org.eclipse.jetty.security.authentication.LoginCallback)
SecretKeyCallback(javax.security.auth.message.callback.SecretKeyCallback)
TrustStoreCallback(javax.security.auth.message.callback.TrustStoreCallback)
CertStoreCallback(javax.security.auth.message.callback.CertStoreCallback)
UserIdentity(org.eclipse.jetty.server.UserIdentity)
CredentialValidationCallback(org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback)
Subject(javax.security.auth.Subject)
CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback)
LoginCallbackImpl(org.eclipse.jetty.security.authentication.LoginCallbackImpl)
GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback)
TrustStoreCallback(javax.security.auth.message.callback.TrustStoreCallback)
LoginCallback(org.eclipse.jetty.security.authentication.LoginCallback)
GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback)
PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback)
CredentialValidationCallback(org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback)
CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback)
CertStoreCallback(javax.security.auth.message.callback.CertStoreCallback)
PrivateKeyCallback(javax.security.auth.message.callback.PrivateKeyCallback)
SecretKeyCallback(javax.security.auth.message.callback.SecretKeyCallback)
Callback(javax.security.auth.callback.Callback)
PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback)
PrivateKeyCallback(javax.security.auth.message.callback.PrivateKeyCallback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Example 8 with UnsupportedCallbackException
use of javax.security.auth.callback.UnsupportedCallbackException in project jetty.project by eclipse.
the class LdapLoginModule method login.
/**
* since ldap uses a context bind for valid authentication checking, we override login()
* <p>
* if credentials are not available from the users context or if we are forcing the binding check
* then we try a binding authentication check, otherwise if we have the users encoded password then
* we can try authentication via that mechanic
*
* @return true if authenticated, false otherwise
* @throws LoginException if unable to login
*/
public boolean login() throws LoginException {
try {
if (getCallbackHandler() == null) {
throw new LoginException("No callback handler");
}
Callback[] callbacks = configureCallbacks();
getCallbackHandler().handle(callbacks);
String webUserName = ((NameCallback) callbacks[0]).getName();
Object webCredential = ((ObjectCallback) callbacks[1]).getObject();
if (webUserName == null || webCredential == null) {
setAuthenticated(false);
return isAuthenticated();
}
boolean authed = false;
if (_forceBindingLogin) {
authed = bindingLogin(webUserName, webCredential);
} else {
// This sets read and the credential
UserInfo userInfo = getUserInfo(webUserName);
if (userInfo == null) {
setAuthenticated(false);
return false;
}
setCurrentUser(new JAASUserInfo(userInfo));
if (webCredential instanceof String)
authed = credentialLogin(Credential.getCredential((String) webCredential));
else
authed = credentialLogin(webCredential);
}
//only fetch roles if authenticated
if (authed)
getCurrentUser().fetchRoles();
return authed;
} catch (UnsupportedCallbackException e) {
throw new LoginException("Error obtaining callback information.");
} catch (IOException e) {
if (_debug) {
e.printStackTrace();
}
throw new LoginException("IO Error performing login.");
} catch (Exception e) {
if (_debug) {
e.printStackTrace();
}
throw new LoginException("Error obtaining user info.");
}
}
Also used :
ObjectCallback(org.eclipse.jetty.jaas.callback.ObjectCallback)
IOException(java.io.IOException)
LoginException(javax.security.auth.login.LoginException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
NamingException(javax.naming.NamingException)
IOException(java.io.IOException)
ObjectCallback(org.eclipse.jetty.jaas.callback.ObjectCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
LoginException(javax.security.auth.login.LoginException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Example 9 with UnsupportedCallbackException
use of javax.security.auth.callback.UnsupportedCallbackException in project jetty.project by eclipse.
the class FormAuthModule method validateRequest.
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
String uri = request.getRequestURI();
if (uri == null)
uri = URIUtil.SLASH;
boolean mandatory = isMandatory(messageInfo);
mandatory |= isJSecurityCheck(uri);
HttpSession session = request.getSession(mandatory);
// not mandatory or its the login or login error page don't authenticate
if (!mandatory || isLoginOrErrorPage(URIUtil.addPaths(request.getServletPath(), request.getPathInfo())))
// TODO return null for do nothing?
return AuthStatus.SUCCESS;
try {
// Handle a request for authentication.
if (isJSecurityCheck(uri)) {
final String username = request.getParameter(__J_USERNAME);
final String password = request.getParameter(__J_PASSWORD);
boolean success = tryLogin(messageInfo, clientSubject, response, session, username, new Password(password));
if (success) {
// Redirect to original request
String nuri = null;
synchronized (session) {
nuri = (String) session.getAttribute(__J_URI);
}
if (nuri == null || nuri.length() == 0) {
nuri = request.getContextPath();
if (nuri.length() == 0)
nuri = URIUtil.SLASH;
}
response.setContentLength(0);
response.sendRedirect(response.encodeRedirectURL(nuri));
return AuthStatus.SEND_CONTINUE;
}
// not authenticated
if (LOG.isDebugEnabled())
LOG.debug("Form authentication FAILED for " + StringUtil.printable(username));
if (_formErrorPage == null) {
if (response != null)
response.sendError(HttpServletResponse.SC_FORBIDDEN);
} else {
response.setContentLength(0);
response.sendRedirect(response.encodeRedirectURL(URIUtil.addPaths(request.getContextPath(), _formErrorPage)));
}
// that occur?
return AuthStatus.SEND_FAILURE;
}
// Check if the session is already authenticated.
SessionAuthentication sessionAuth = (SessionAuthentication) session.getAttribute(SessionAuthentication.__J_AUTHENTICATED);
if (sessionAuth != null) {
//to FormAuthModule
if (sessionAuth.getUserIdentity().getSubject() == null)
return AuthStatus.SEND_FAILURE;
Set<Object> credentials = sessionAuth.getUserIdentity().getSubject().getPrivateCredentials();
if (credentials == null || credentials.isEmpty())
//if no private credentials, assume it cannot be authenticated
return AuthStatus.SEND_FAILURE;
clientSubject.getPrivateCredentials().addAll(credentials);
clientSubject.getPrivateCredentials().add(sessionAuth.getUserIdentity());
return AuthStatus.SUCCESS;
}
// if we can't send challenge
if (DeferredAuthentication.isDeferred(response))
return AuthStatus.SUCCESS;
// redirect to login page
StringBuffer buf = request.getRequestURL();
if (request.getQueryString() != null)
buf.append("?").append(request.getQueryString());
synchronized (session) {
session.setAttribute(__J_URI, buf.toString());
}
response.setContentLength(0);
response.sendRedirect(response.encodeRedirectURL(URIUtil.addPaths(request.getContextPath(), _formLoginPage)));
return AuthStatus.SEND_CONTINUE;
} catch (IOException e) {
throw new AuthException(e.getMessage());
} catch (UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
}
}
Also used :
HttpSession(javax.servlet.http.HttpSession)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
AuthException(javax.security.auth.message.AuthException)
SessionAuthentication(org.eclipse.jetty.security.authentication.SessionAuthentication)
IOException(java.io.IOException)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Password(org.eclipse.jetty.util.security.Password)
Example 10 with UnsupportedCallbackException
use of javax.security.auth.callback.UnsupportedCallbackException in project javaee7-samples by javaee-samples.
the class TestLifecycleAuthModule method validateRequest.
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
try {
response.getWriter().write("validateRequest invoked\n");
boolean isMandatory = Boolean.valueOf((String) messageInfo.getMap().get("javax.security.auth.message.MessagePolicy.isMandatory"));
response.getWriter().write("isMandatory: " + isMandatory + "\n");
handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) });
} catch (IOException | UnsupportedCallbackException e) {
throw (AuthException) new AuthException().initCause(e);
}
return SUCCESS;
}
Also used :
CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback)
GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
AuthException(javax.security.auth.message.AuthException)
IOException(java.io.IOException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Aggregations
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)162
Callback (javax.security.auth.callback.Callback)105
IOException (java.io.IOException)102
NameCallback (javax.security.auth.callback.NameCallback)93
PasswordCallback (javax.security.auth.callback.PasswordCallback)85
LoginException (javax.security.auth.login.LoginException)44
CallbackHandler (javax.security.auth.callback.CallbackHandler)26
FailedLoginException (javax.security.auth.login.FailedLoginException)19
Principal (java.security.Principal)18
HashMap (java.util.HashMap)17
AuthException (javax.security.auth.message.AuthException)17
CallerPrincipalCallback (javax.security.auth.message.callback.CallerPrincipalCallback)17
HttpServletRequest (javax.servlet.http.HttpServletRequest)17
Subject (javax.security.auth.Subject)15
GroupPrincipalCallback (javax.security.auth.message.callback.GroupPrincipalCallback)15
LoginContext (javax.security.auth.login.LoginContext)14
AuthorizeCallback (javax.security.sasl.AuthorizeCallback)13
RealmCallback (javax.security.sasl.RealmCallback)13
TextOutputCallback (javax.security.auth.callback.TextOutputCallback)10
SaslException (javax.security.sasl.SaslException)10
