Example 41 with UnsupportedCallbackException
use of javax.security.auth.callback.UnsupportedCallbackException in project wildfly by wildfly.
the class ElytronCallbackHandler method handle.
/**
* {@inheritDoc}
*/
public void handle(javax.security.auth.callback.Callback[] callbacks) throws UnsupportedCallbackException, IOException {
if (SUBSYSTEM_RA_LOGGER.isTraceEnabled())
SUBSYSTEM_RA_LOGGER.elytronHandlerHandle(Arrays.toString(callbacks));
// is the anonymous one.
if (this.executionSubject != null) {
final SecurityIdentity subjectIdentity = this.getPrivateCredential(this.executionSubject, SecurityIdentity.class);
if (subjectIdentity != null && !subjectIdentity.isAnonymous()) {
return;
}
}
if (callbacks != null && callbacks.length > 0) {
if (this.mappings != null && this.mappings.isMappingRequired()) {
callbacks = this.mappings.mapCallbacks(callbacks);
}
GroupPrincipalCallback groupPrincipalCallback = null;
CallerPrincipalCallback callerPrincipalCallback = null;
PasswordValidationCallback passwordValidationCallback = null;
for (javax.security.auth.callback.Callback callback : callbacks) {
if (callback instanceof GroupPrincipalCallback) {
groupPrincipalCallback = (GroupPrincipalCallback) callback;
if (this.executionSubject == null) {
this.executionSubject = groupPrincipalCallback.getSubject();
} else if (!this.executionSubject.equals(groupPrincipalCallback.getSubject())) {
// TODO merge the contents of the subjects?
}
} else if (callback instanceof CallerPrincipalCallback) {
callerPrincipalCallback = (CallerPrincipalCallback) callback;
if (this.executionSubject == null) {
this.executionSubject = callerPrincipalCallback.getSubject();
} else if (!this.executionSubject.equals(callerPrincipalCallback.getSubject())) {
// TODO merge the contents of the subjects?
}
} else if (callback instanceof PasswordValidationCallback) {
passwordValidationCallback = (PasswordValidationCallback) callback;
if (this.executionSubject == null) {
this.executionSubject = passwordValidationCallback.getSubject();
} else if (!this.executionSubject.equals(passwordValidationCallback.getSubject())) {
// TODO merge the contents of the subjects?
}
} else {
throw new UnsupportedCallbackException(callback);
}
}
this.handleInternal(callerPrincipalCallback, groupPrincipalCallback, passwordValidationCallback);
}
}
Also used :
SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity)
CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback)
GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback)
PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Example 42 with UnsupportedCallbackException
use of javax.security.auth.callback.UnsupportedCallbackException in project adempiere by adempiere.
the class EMailOAuth2SaslClient method evaluateChallenge.
@Override
public byte[] evaluateChallenge(byte[] challenge) throws SaslException {
if (isComplete) {
return new byte[] {};
}
NameCallback nameCallback = new NameCallback("Enter name");
Callback[] callbacks = new Callback[] { nameCallback };
try {
callback.handle(callbacks);
} catch (UnsupportedCallbackException e) {
throw new SaslException("Unsupported callback: " + e);
} catch (IOException e) {
throw new SaslException("Failed to execute callback: " + e);
}
String email = nameCallback.getName();
byte[] response = String.format("user=%s\1auth=Bearer %s\1\1", email, token).getBytes();
isComplete = true;
return response;
}
Also used :
NameCallback(javax.security.auth.callback.NameCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
IOException(java.io.IOException)
SaslException(javax.security.sasl.SaslException)
Example 43 with UnsupportedCallbackException
use of javax.security.auth.callback.UnsupportedCallbackException in project zm-mailbox by Zimbra.
the class OAuth2SaslClient method evaluateChallenge.
public byte[] evaluateChallenge(byte[] challenge) throws SaslException {
if (isComplete) {
// Empty final response from server, just ignore it.
return new byte[] {};
}
NameCallback nameCallback = new NameCallback("Enter name");
Callback[] callbacks = new Callback[] { nameCallback };
try {
callbackHandler.handle(callbacks);
} catch (UnsupportedCallbackException e) {
throw new SaslException("Unsupported callback: " + e);
} catch (IOException e) {
throw new SaslException("Failed to execute callback: " + e);
}
String username = nameCallback.getName();
byte[] response = String.format("user=%s\1auth=Bearer %s\1\1", username, oauthToken).getBytes();
isComplete = true;
return response;
}
Also used :
NameCallback(javax.security.auth.callback.NameCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
IOException(java.io.IOException)
SaslException(javax.security.sasl.SaslException)
Example 44 with UnsupportedCallbackException
use of javax.security.auth.callback.UnsupportedCallbackException in project jackrabbit by apache.
the class AbstractLoginModule method getCredentials.
/**
* Method tries to resolve the {@link Credentials} used for login. It takes
* authentication-extension of an already authenticated {@link Subject} into
* account.
* <p>
* Therefore the credentials are retrieved as follows:
* <ol>
* <li>Test if the shared state contains credentials.</li>
* <li>Ask CallbackHandler for Credentials with using a {@link
* CredentialsCallback}. Expects {@link CredentialsCallback#getCredentials}
* to return an instance of {@link Credentials}.</li>
* <li>Ask the Subject for its public <code>SimpleCredentials</code> see
* {@link Subject#getPublicCredentials(Class)}, thus enabling to
* pre-authenticate the Subject.</li>
* </ol>
*
* @return Credentials or null if not found
* @see #login()
*/
protected Credentials getCredentials() {
Credentials credentials = null;
if (sharedState.containsKey(KEY_CREDENTIALS)) {
credentials = (Credentials) sharedState.get(KEY_CREDENTIALS);
} else {
try {
CredentialsCallback callback = new CredentialsCallback();
callbackHandler.handle(new Callback[] { callback });
credentials = callback.getCredentials();
if (credentials != null && supportsCredentials(credentials)) {
sharedState.put(KEY_CREDENTIALS, credentials);
}
} catch (UnsupportedCallbackException e) {
log.warn("Credentials-Callback not supported try Name-Callback");
} catch (IOException e) {
log.error("Credentials-Callback failed: " + e.getMessage() + ": try Name-Callback");
}
}
// if still no credentials -> try to retrieve them from the subject.
if (null == credentials) {
// try if subject contains SimpleCredentials
Set<SimpleCredentials> preAuthCreds = subject.getPublicCredentials(SimpleCredentials.class);
if (!preAuthCreds.isEmpty()) {
credentials = preAuthCreds.iterator().next();
}
}
if (null == credentials) {
// try if subject contains GuestCredentials
Set<GuestCredentials> preAuthCreds = subject.getPublicCredentials(GuestCredentials.class);
if (!preAuthCreds.isEmpty()) {
credentials = preAuthCreds.iterator().next();
}
}
return credentials;
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
IOException(java.io.IOException)
GuestCredentials(javax.jcr.GuestCredentials)
SimpleCredentials(javax.jcr.SimpleCredentials)
Credentials(javax.jcr.Credentials)
GuestCredentials(javax.jcr.GuestCredentials)
Example 45 with UnsupportedCallbackException
use of javax.security.auth.callback.UnsupportedCallbackException in project jackrabbit by apache.
the class CallbackHandlerImpl method handle.
/**
* @param callbacks
* @throws IOException
* @throws UnsupportedCallbackException
* @see CallbackHandler#handle(Callback[])
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof CredentialsCallback) {
((CredentialsCallback) callback).setCredentials(credentials);
} else if (callback instanceof RepositoryCallback) {
/*
if callback handler has been created with null session or
null principalProviderRegistry this handler cannot properly
deal with RepositoryCallback
*/
if (session == null || principalProviderRegistry == null) {
throw new UnsupportedCallbackException(callback);
}
RepositoryCallback rcb = (RepositoryCallback) callback;
rcb.setSession(session);
rcb.setPrincipalProviderRegistry(principalProviderRegistry);
rcb.setAdminId(adminId);
rcb.setAnonymousId(anonymousId);
} else if (credentials != null && credentials instanceof SimpleCredentials) {
SimpleCredentials simpleCreds = (SimpleCredentials) credentials;
if (callback instanceof NameCallback) {
String userId = simpleCreds.getUserID();
((NameCallback) callback).setName(userId);
} else if (callback instanceof PasswordCallback) {
char[] pw = simpleCreds.getPassword();
((PasswordCallback) callback).setPassword(pw);
} else if (callback instanceof ImpersonationCallback) {
Object impersAttr = simpleCreds.getAttribute(SecurityConstants.IMPERSONATOR_ATTRIBUTE);
((ImpersonationCallback) callback).setImpersonator(impersAttr);
} else {
throw new UnsupportedCallbackException(callback);
}
} else {
throw new UnsupportedCallbackException(callback);
}
}
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Aggregations
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)197
IOException (java.io.IOException)123
Callback (javax.security.auth.callback.Callback)123
NameCallback (javax.security.auth.callback.NameCallback)105
PasswordCallback (javax.security.auth.callback.PasswordCallback)96
LoginException (javax.security.auth.login.LoginException)51
CallbackHandler (javax.security.auth.callback.CallbackHandler)31
FailedLoginException (javax.security.auth.login.FailedLoginException)24
CallerPrincipalCallback (javax.security.auth.message.callback.CallerPrincipalCallback)20
Principal (java.security.Principal)19
Subject (javax.security.auth.Subject)18
AuthException (javax.security.auth.message.AuthException)18
HttpServletRequest (javax.servlet.http.HttpServletRequest)18
HashMap (java.util.HashMap)17
LoginContext (javax.security.auth.login.LoginContext)17
GroupPrincipalCallback (javax.security.auth.message.callback.GroupPrincipalCallback)17
AuthorizeCallback (javax.security.sasl.AuthorizeCallback)16
RealmCallback (javax.security.sasl.RealmCallback)15
WSPasswordCallback (org.apache.wss4j.common.ext.WSPasswordCallback)11
TextOutputCallback (javax.security.auth.callback.TextOutputCallback)10
