Search in sources :

Example 16 with UnsupportedCallbackException

use of javax.security.auth.callback.UnsupportedCallbackException in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    if (request.getAttribute("doLogin") != null) {
        // notice "getAttribute" here, this is set by the Servlet
        // For the test perform a login by directly "returning" the details of the authenticated user.
        // Normally credentials would be checked and the details fetched from some repository
        callbacks = new Callback[] { // The name of the authenticated user
        new CallerPrincipalCallback(clientSubject, "test"), // the roles of the authenticated user
        new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
    } else {
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        // Communicate the details of the authenticated user to the container. In many
        // cases the handler will just store the details and the container will actually handle
        // the login after we return from this method.
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) Callback(javax.security.auth.callback.Callback) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) Principal(java.security.Principal)

Example 17 with UnsupportedCallbackException

use of javax.security.auth.callback.UnsupportedCallbackException in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    if (request.getParameter("doLogin") != null) {
        // For the test perform a login by directly "returning" the details of the authenticated user.
        // Normally credentials would be checked and the details fetched from some repository
        callbacks = new Callback[] { // The name of the authenticated user
        new CallerPrincipalCallback(clientSubject, "test"), // the roles of the authenticated user
        new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
    } else {
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        // Communicate the details of the authenticated user to the container. In many
        // cases the handler will just store the details and the container will actually handle
        // the login after we return from this method.
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) Callback(javax.security.auth.callback.Callback) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) Principal(java.security.Principal)

Example 18 with UnsupportedCallbackException

use of javax.security.auth.callback.UnsupportedCallbackException in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    if (request.getParameter("doLogin") != null) {
        // For the test perform a login by directly "returning" the details of the authenticated user.
        // Normally credentials would be checked and the details fetched from some repository
        callbacks = new Callback[] { // This is the main variant of this test vs basic-authentication
        new CallerPrincipalCallback(clientSubject, new MyPrincipal("test")), // the roles of the authenticated user
        new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
    } else {
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        // Communicate the details of the authenticated user to the container. In many
        // cases the handler will just store the details and the container will actually handle
        // the login after we return from this method.
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) Callback(javax.security.auth.callback.Callback) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) Principal(java.security.Principal)

Example 19 with UnsupportedCallbackException

use of javax.security.auth.callback.UnsupportedCallbackException in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    if (request.getParameter("doLogin") != null) {
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
    } else {
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) Callback(javax.security.auth.callback.Callback) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) Principal(java.security.Principal)

Example 20 with UnsupportedCallbackException

use of javax.security.auth.callback.UnsupportedCallbackException in project Openfire by igniterealtime.

the class SaslServerPlainImpl method evaluateResponse.

/**
     * Evaluates the response data and generates a challenge.
     *
     * If a response is received from the client during the authentication
     * process, this method is called to prepare an appropriate next
     * challenge to submit to the client. The challenge is null if the
     * authentication has succeeded and no more challenge data is to be sent
     * to the client. It is non-null if the authentication must be continued
     * by sending a challenge to the client, or if the authentication has
     * succeeded but challenge data needs to be processed by the client.
     * <tt>isComplete()</tt> should be called
     * after each call to <tt>evaluateResponse()</tt>,to determine if any further
     * response is needed from the client.
     *
     * @param response The non-null (but possibly empty) response sent
     * by the client.
     *
     * @return The possibly null challenge to send to the client.
     * It is null if the authentication has succeeded and there is
     * no more challenge data to be sent to the client.
     * @exception SaslException If an error occurred while processing
     * the response or generating a challenge.
     */
@Override
public byte[] evaluateResponse(byte[] response) throws SaslException {
    if (completed) {
        throw new IllegalStateException("PLAIN authentication already completed");
    }
    if (aborted) {
        throw new IllegalStateException("PLAIN authentication previously aborted due to error");
    }
    try {
        if (response.length != 0) {
            String data = new String(response, StandardCharsets.UTF_8);
            StringTokenizer tokens = new StringTokenizer(data, "\0");
            if (tokens.countTokens() > 2) {
                username = tokens.nextToken();
                principal = tokens.nextToken();
            } else {
                username = tokens.nextToken();
                principal = username;
            }
            password = tokens.nextToken();
            NameCallback ncb = new NameCallback("PLAIN authentication ID: ", principal);
            VerifyPasswordCallback vpcb = new VerifyPasswordCallback(password.toCharArray());
            cbh.handle(new Callback[] { ncb, vpcb });
            if (vpcb.getVerified()) {
                vpcb.clearPassword();
                AuthorizeCallback acb = new AuthorizeCallback(principal, username);
                cbh.handle(new Callback[] { acb });
                if (acb.isAuthorized()) {
                    username = acb.getAuthorizedID();
                    completed = true;
                } else {
                    completed = true;
                    username = null;
                    throw new SaslException("PLAIN: user not authorized: " + principal);
                }
            } else {
                throw new SaslException("PLAIN: user not authorized: " + principal);
            }
        } else {
            //Client gave no initial response
            if (counter++ > 1) {
                throw new SaslException("PLAIN expects a response");
            }
            return null;
        }
    } catch (UnsupportedCallbackException | IOException e) {
        aborted = true;
        throw new SaslException("PLAIN authentication failed for: " + username, e);
    }
    return null;
}
Also used : StringTokenizer(java.util.StringTokenizer) NameCallback(javax.security.auth.callback.NameCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) IOException(java.io.IOException) SaslException(javax.security.sasl.SaslException) AuthorizeCallback(javax.security.sasl.AuthorizeCallback)

Aggregations

UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)197 IOException (java.io.IOException)123 Callback (javax.security.auth.callback.Callback)123 NameCallback (javax.security.auth.callback.NameCallback)105 PasswordCallback (javax.security.auth.callback.PasswordCallback)96 LoginException (javax.security.auth.login.LoginException)51 CallbackHandler (javax.security.auth.callback.CallbackHandler)31 FailedLoginException (javax.security.auth.login.FailedLoginException)24 CallerPrincipalCallback (javax.security.auth.message.callback.CallerPrincipalCallback)20 Principal (java.security.Principal)19 Subject (javax.security.auth.Subject)18 AuthException (javax.security.auth.message.AuthException)18 HttpServletRequest (javax.servlet.http.HttpServletRequest)18 HashMap (java.util.HashMap)17 LoginContext (javax.security.auth.login.LoginContext)17 GroupPrincipalCallback (javax.security.auth.message.callback.GroupPrincipalCallback)17 AuthorizeCallback (javax.security.sasl.AuthorizeCallback)16 RealmCallback (javax.security.sasl.RealmCallback)15 WSPasswordCallback (org.apache.wss4j.common.ext.WSPasswordCallback)11 TextOutputCallback (javax.security.auth.callback.TextOutputCallback)10