Examples with AppConfigurationEntry javax.security.auth.login.AppConfigurationEntry used on opensource projects

Search in sources :

Example 56 with AppConfigurationEntry

use of javax.security.auth.login.AppConfigurationEntry in project OpenAM by OpenRock.

the class AuthUtils method isPureJAASModulePresent.

/**
     * Returns whether the auth module is or the auth chain contains pure JAAS
     * module(s).
     * @param configName a string of the configuratoin name.
     * @return 1 for pure JAAS module; -1 for module(s) provided by IS only.
     */
public static int isPureJAASModulePresent(String configName, AMLoginContext amlc) throws AuthLoginException {
    if (AuthD.isEnforceJAASThread()) {
        return 1;
    }
    int returnValue = -1;
    Configuration ISConfiguration = null;
    try {
        ISConfiguration = Configuration.getConfiguration();
    } catch (Exception e) {
        return 1;
    }
    AppConfigurationEntry[] entries = ISConfiguration.getAppConfigurationEntry(configName);
    if (entries == null) {
        throw new AuthLoginException("amAuth", AMAuthErrorCode.AUTH_CONFIG_NOT_FOUND, null);
    }
    // re-use the obtained configuration
    amlc.setConfigEntries(entries);
    for (int i = 0; i < entries.length; i++) {
        String className = entries[i].getLoginModuleName();
        if (utilDebug.messageEnabled()) {
            utilDebug.message("config entry: " + className);
        }
        if (pureJAASModuleClasses.contains(className)) {
            returnValue = 1;
            break;
        } else if (ISModuleClasses.contains(className)) {
            continue;
        }
        try {
            Object classObject = Class.forName(className, true, Thread.currentThread().getContextClassLoader()).newInstance();
            if (classObject instanceof AMLoginModule) {
                if (utilDebug.messageEnabled()) {
                    utilDebug.message(className + " is instance of AMLoginModule");
                }
                synchronized (ISModuleClasses) {
                    if (!ISModuleClasses.contains(className)) {
                        ISModuleClasses.add(className);
                    }
                }
            } else {
                if (utilDebug.messageEnabled()) {
                    utilDebug.message(className + " is a pure jaas module");
                }
                synchronized (pureJAASModuleClasses) {
                    if (!pureJAASModuleClasses.contains(className)) {
                        pureJAASModuleClasses.add(className);
                    }
                }
                returnValue = 1;
                break;
            }
        } catch (Exception e) {
            if (utilDebug.messageEnabled()) {
                utilDebug.message("fail to instantiate class for " + className);
            }
            synchronized (pureJAASModuleClasses) {
                if (!pureJAASModuleClasses.contains(className)) {
                    pureJAASModuleClasses.add(className);
                }
            }
            returnValue = 1;
            break;
        }
    }
    return returnValue;
}
Also used : AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) Configuration(javax.security.auth.login.Configuration) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) AMLoginModule(com.sun.identity.authentication.spi.AMLoginModule) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) SSOException(com.iplanet.sso.SSOException) SMSException(com.sun.identity.sm.SMSException) SessionException(com.iplanet.dpro.session.SessionException)

Example 57 with AppConfigurationEntry

use of javax.security.auth.login.AppConfigurationEntry in project OpenAM by OpenRock.

the class AMLoginContext method getModuleFromAuthConfiguration.

/** This method returns a Set with is the list of
     * modules for a Authentication Configuration.
     * Only modules with control flag REQUIRED and
     * REQUISITE are returned.
     * @param moduleListSet list of configured auth module
     * @return set of configured auth module with control flag REQUIRED and
     *         REQUISITE are returned
     */
private Set<String> getModuleFromAuthConfiguration(Set<String> moduleListSet, String orgDN) {
    Configuration config = Configuration.getConfiguration();
    if (configName == null) {
        configName = getConfigName(indexType, indexName, orgDN, loginState.getClientType());
    }
    AppConfigurationEntry[] moduleList = config.getAppConfigurationEntry(configName);
    if (debug.messageEnabled()) {
        debug.message("configName is : " + configName);
    }
    String moduleName;
    if (moduleList != null && moduleList.length > 0) {
        if (moduleList.length == 1) {
            moduleName = (String) moduleList[0].getOptions().get(ISAuthConstants.MODULE_INSTANCE_NAME);
            moduleListSet.add(moduleName);
        } else {
            for (AppConfigurationEntry moduleListEntry : moduleList) {
                LoginModuleControlFlag controlFlag = moduleListEntry.getControlFlag();
                moduleName = (String) moduleListEntry.getOptions().get(ISAuthConstants.MODULE_INSTANCE_NAME);
                if (isControlFlagMatchFound(controlFlag)) {
                    moduleListSet.add(moduleName);
                }
            }
        }
    }
    if (debug.messageEnabled()) {
        debug.message("ModuleSet is : " + moduleListSet);
    }
    return moduleListSet;
}
Also used : AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) AMConfiguration(com.sun.identity.authentication.config.AMConfiguration) Configuration(javax.security.auth.login.Configuration) LoginModuleControlFlag(javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag)

Example 58 with AppConfigurationEntry

use of javax.security.auth.login.AppConfigurationEntry in project wildfly by wildfly.

the class Util method getCLMLoginContext.

/**
     * Obtain a LoginContext configured for use with the ClientLoginModule.
     *
     * @return the configured LoginContext.
     */
public static LoginContext getCLMLoginContext(final String username, final String password) throws LoginException {
    final String configurationName = "Testing";
    CallbackHandler cbh = new CallbackHandler() {

        public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
            for (Callback current : callbacks) {
                if (current instanceof NameCallback) {
                    ((NameCallback) current).setName(username);
                } else if (current instanceof PasswordCallback) {
                    ((PasswordCallback) current).setPassword(password.toCharArray());
                } else {
                    throw new UnsupportedCallbackException(current);
                }
            }
        }
    };
    Configuration config = new Configuration() {

        @Override
        public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
            if (configurationName.equals(name) == false) {
                throw new IllegalArgumentException("Unexpected configuration name '" + name + "'");
            }
            Map<String, String> options = new HashMap<String, String>();
            options.put("multi-threaded", "true");
            options.put("restore-login-identity", "true");
            AppConfigurationEntry clmEntry = new AppConfigurationEntry(ClientLoginModule.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
            return new AppConfigurationEntry[] { clmEntry };
        }
    };
    return new LoginContext(configurationName, new Subject(), cbh, config);
}
Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler) ClientLoginModule(org.jboss.security.ClientLoginModule) Configuration(javax.security.auth.login.Configuration) HashMap(java.util.HashMap) Subject(javax.security.auth.Subject) AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) PasswordCallback(javax.security.auth.callback.PasswordCallback) NameCallback(javax.security.auth.callback.NameCallback) Callback(javax.security.auth.callback.Callback) NameCallback(javax.security.auth.callback.NameCallback) LoginContext(javax.security.auth.login.LoginContext) PasswordCallback(javax.security.auth.callback.PasswordCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)

Example 59 with AppConfigurationEntry

use of javax.security.auth.login.AppConfigurationEntry in project wildfly by wildfly.

the class SecurityDomainAdd method processJASPIAuth.

private boolean processJASPIAuth(OperationContext context, String securityDomain, ModelNode node, ApplicationPolicy applicationPolicy) throws OperationFailedException {
    node = peek(node, AUTHENTICATION, JASPI);
    if (node == null) {
        return false;
    }
    JASPIAuthenticationInfo authenticationInfo = new JASPIAuthenticationInfo(securityDomain);
    Map<String, LoginModuleStackHolder> holders = new HashMap<String, LoginModuleStackHolder>();
    if (node.hasDefined(LOGIN_MODULE_STACK)) {
        List<Property> stacks = node.get(LOGIN_MODULE_STACK).asPropertyList();
        for (Property stack : stacks) {
            String name = stack.getName();
            ModelNode stackNode = stack.getValue();
            final LoginModuleStackHolder holder = new LoginModuleStackHolder(name, null);
            holders.put(name, holder);
            authenticationInfo.add(holder);
            if (stackNode.hasDefined(LOGIN_MODULE)) {
                processLoginModules(context, stackNode.get(LOGIN_MODULE), authenticationInfo, new LoginModuleContainer() {

                    public void addAppConfigurationEntry(AppConfigurationEntry entry) {
                        holder.addAppConfigurationEntry(entry);
                    }
                });
            }
        }
    }
    for (Property moduleProperty : node.get(AUTH_MODULE).asPropertyList()) {
        ModelNode authModule = moduleProperty.getValue();
        String code = extractCode(context, authModule, ModulesMap.AUTHENTICATION_MAP);
        String loginStackRef = null;
        if (authModule.hasDefined(LOGIN_MODULE_STACK_REF)) {
            loginStackRef = JASPIMappingModuleDefinition.LOGIN_MODULE_STACK_REF.resolveModelAttribute(context, authModule).asString();
        }
        Map<String, Object> options = extractOptions(context, authModule);
        AuthModuleEntry entry = new AuthModuleEntry(code, options, loginStackRef);
        if (authModule.hasDefined(FLAG)) {
            String flag = LoginModuleResourceDefinition.FLAG.resolveModelAttribute(context, authModule).asString();
            entry.setControlFlag(ControlFlag.valueOf(flag));
        }
        if (loginStackRef != null) {
            if (!holders.containsKey(loginStackRef)) {
                throw SecurityLogger.ROOT_LOGGER.loginModuleStackIllegalArgument(loginStackRef);
            }
            entry.setLoginModuleStackHolder(holders.get(loginStackRef));
        }
        authenticationInfo.add(entry);
        ModelNode moduleName = LoginModuleResourceDefinition.MODULE.resolveModelAttribute(context, authModule);
        if (moduleName.isDefined() && !moduleName.asString().isEmpty()) {
            authenticationInfo.addJBossModuleName(moduleName.asString());
        } else {
            authenticationInfo.addJBossModuleName(DEFAULT_MODULE);
        }
    }
    applicationPolicy.setAuthenticationInfo(authenticationInfo);
    return true;
}
Also used : AuthModuleEntry(org.jboss.security.auth.container.config.AuthModuleEntry) HashMap(java.util.HashMap) LinkedHashMap(java.util.LinkedHashMap) JASPIAuthenticationInfo(org.jboss.security.auth.login.JASPIAuthenticationInfo) LoginModuleStackHolder(org.jboss.security.auth.login.LoginModuleStackHolder) AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) ModelNode(org.jboss.dmr.ModelNode) Property(org.jboss.dmr.Property)

Example 60 with AppConfigurationEntry

use of javax.security.auth.login.AppConfigurationEntry in project OpenAM by OpenRock.

the class AMConfiguration method getRoleBasedConfig.

/**
     * Processes role based authentication configuration. This method will
     * read the auth config xml string for the role, parse the XML string to
     * return the <code>AppConfigurationEntry[]</code>.
     *
     * @param orgDN Organization DN.
     * @param roleUniversalId Universal Id of Role.
     * @param name Auth config name.
     * @return Array of <code>AppConfigurationEntry</code>.
     */
private AppConfigurationEntry[] getRoleBasedConfig(String orgDN, String roleUniversalId, String name, AMAuthenticationManager amAM) {
    if (debug.messageEnabled()) {
        debug.message("RoleBasedConfig,  START " + orgDN + "|" + roleUniversalId);
    }
    try {
        AMIdentity identity = IdUtils.getIdentity(getAdminToken(), roleUniversalId);
        if (identity != null) {
            Set configNames = (Set) identity.getServiceAttributes(ISAuthConstants.AUTHCONFIG_SERVICE_NAME).get(ISAuthConstants.AUTHCONFIG_ROLE);
            if (configNames == null) {
                return null;
            }
            String configName = (String) configNames.iterator().next();
            if (debug.messageEnabled()) {
                debug.message("Named config for role " + roleUniversalId + " = " + configName);
            }
            AppConfigurationEntry[] ret = parseInstanceConfiguration(orgDN, configName, name, amAM);
            //TODO add listener for role
            return ret;
        } else {
            // role does not exists, return null config
            if (debug.warningEnabled()) {
                debug.warning("RoleBaseConfig, role not exist " + roleUniversalId);
            }
            return null;
        }
    } catch (Exception e) {
        // got exception, return null config
        debug.error("getRoleBasedConfig " + orgDN + "|" + roleUniversalId, e);
        return null;
    }
}
Also used : AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) Set(java.util.Set) HashSet(java.util.HashSet) AMIdentity(com.sun.identity.idm.AMIdentity) SMSException(com.sun.identity.sm.SMSException) SSOException(com.iplanet.sso.SSOException)

Aggregations

AppConfigurationEntry (javax.security.auth.login.AppConfigurationEntry)76 HashMap (java.util.HashMap)31 Configuration (javax.security.auth.login.Configuration)26 Map (java.util.Map)13 Test (org.junit.Test)11 Subject (javax.security.auth.Subject)10 LoginContext (javax.security.auth.login.LoginContext)10 SSOException (com.iplanet.sso.SSOException)7 SMSException (com.sun.identity.sm.SMSException)7 HashSet (java.util.HashSet)7 JaasRealm (org.apache.karaf.jaas.config.JaasRealm)7 Set (java.util.Set)6 LoginException (javax.security.auth.login.LoginException)5 IOException (java.io.IOException)4 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)4 CallbackHandler (javax.security.auth.callback.CallbackHandler)4 LoginModuleControlFlag (javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag)4 LoginModuleImpl (org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl)4 File (java.io.File)3 Principal (java.security.Principal)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial