Example 61 with AppConfigurationEntry
use of javax.security.auth.login.AppConfigurationEntry in project OpenAM by OpenRock.
the class AuthUtils method isPureJAASModulePresent.
/**
* Returns whether the auth module is or the auth chain contains pure JAAS
* module(s).
* @param configName a string of the configuratoin name.
* @return 1 for pure JAAS module; -1 for module(s) provided by IS only.
*/
public static int isPureJAASModulePresent(String configName, AMLoginContext amlc) throws AuthLoginException {
if (AuthD.isEnforceJAASThread()) {
return 1;
}
int returnValue = -1;
Configuration ISConfiguration = null;
try {
ISConfiguration = Configuration.getConfiguration();
} catch (Exception e) {
return 1;
}
AppConfigurationEntry[] entries = ISConfiguration.getAppConfigurationEntry(configName);
if (entries == null) {
throw new AuthLoginException("amAuth", AMAuthErrorCode.AUTH_CONFIG_NOT_FOUND, null);
}
// re-use the obtained configuration
amlc.setConfigEntries(entries);
for (int i = 0; i < entries.length; i++) {
String className = entries[i].getLoginModuleName();
if (utilDebug.messageEnabled()) {
utilDebug.message("config entry: " + className);
}
if (pureJAASModuleClasses.contains(className)) {
returnValue = 1;
break;
} else if (ISModuleClasses.contains(className)) {
continue;
}
try {
Object classObject = Class.forName(className, true, Thread.currentThread().getContextClassLoader()).newInstance();
if (classObject instanceof AMLoginModule) {
if (utilDebug.messageEnabled()) {
utilDebug.message(className + " is instance of AMLoginModule");
}
synchronized (ISModuleClasses) {
if (!ISModuleClasses.contains(className)) {
ISModuleClasses.add(className);
}
}
} else {
if (utilDebug.messageEnabled()) {
utilDebug.message(className + " is a pure jaas module");
}
synchronized (pureJAASModuleClasses) {
if (!pureJAASModuleClasses.contains(className)) {
pureJAASModuleClasses.add(className);
}
}
returnValue = 1;
break;
}
} catch (Exception e) {
if (utilDebug.messageEnabled()) {
utilDebug.message("fail to instantiate class for " + className);
}
synchronized (pureJAASModuleClasses) {
if (!pureJAASModuleClasses.contains(className)) {
pureJAASModuleClasses.add(className);
}
}
returnValue = 1;
break;
}
}
return returnValue;
}
Also used :
AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry)
Configuration(javax.security.auth.login.Configuration)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
AMLoginModule(com.sun.identity.authentication.spi.AMLoginModule)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
SMSException(com.sun.identity.sm.SMSException)
SessionException(com.iplanet.dpro.session.SessionException)
Example 62 with AppConfigurationEntry
use of javax.security.auth.login.AppConfigurationEntry in project OpenAM by OpenRock.
the class AMLoginContext method getModuleFromAuthConfiguration.
/** This method returns a Set with is the list of
* modules for a Authentication Configuration.
* Only modules with control flag REQUIRED and
* REQUISITE are returned.
* @param moduleListSet list of configured auth module
* @return set of configured auth module with control flag REQUIRED and
* REQUISITE are returned
*/
private Set<String> getModuleFromAuthConfiguration(Set<String> moduleListSet, String orgDN) {
Configuration config = Configuration.getConfiguration();
if (configName == null) {
configName = getConfigName(indexType, indexName, orgDN, loginState.getClientType());
}
AppConfigurationEntry[] moduleList = config.getAppConfigurationEntry(configName);
if (debug.messageEnabled()) {
debug.message("configName is : " + configName);
}
String moduleName;
if (moduleList != null && moduleList.length > 0) {
if (moduleList.length == 1) {
moduleName = (String) moduleList[0].getOptions().get(ISAuthConstants.MODULE_INSTANCE_NAME);
moduleListSet.add(moduleName);
} else {
for (AppConfigurationEntry moduleListEntry : moduleList) {
LoginModuleControlFlag controlFlag = moduleListEntry.getControlFlag();
moduleName = (String) moduleListEntry.getOptions().get(ISAuthConstants.MODULE_INSTANCE_NAME);
if (isControlFlagMatchFound(controlFlag)) {
moduleListSet.add(moduleName);
}
}
}
}
if (debug.messageEnabled()) {
debug.message("ModuleSet is : " + moduleListSet);
}
return moduleListSet;
}
Also used :
AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry)
AMConfiguration(com.sun.identity.authentication.config.AMConfiguration)
Configuration(javax.security.auth.login.Configuration)
LoginModuleControlFlag(javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag)
Example 63 with AppConfigurationEntry
use of javax.security.auth.login.AppConfigurationEntry in project wildfly by wildfly.
the class SecurityDomainAdd method processJASPIAuth.
private boolean processJASPIAuth(OperationContext context, String securityDomain, ModelNode node, ApplicationPolicy applicationPolicy) throws OperationFailedException {
node = peek(node, AUTHENTICATION, JASPI);
if (node == null) {
return false;
}
JASPIAuthenticationInfo authenticationInfo = new JASPIAuthenticationInfo(securityDomain);
Map<String, LoginModuleStackHolder> holders = new HashMap<String, LoginModuleStackHolder>();
if (node.hasDefined(LOGIN_MODULE_STACK)) {
List<Property> stacks = node.get(LOGIN_MODULE_STACK).asPropertyList();
for (Property stack : stacks) {
String name = stack.getName();
ModelNode stackNode = stack.getValue();
final LoginModuleStackHolder holder = new LoginModuleStackHolder(name, null);
holders.put(name, holder);
authenticationInfo.add(holder);
if (stackNode.hasDefined(LOGIN_MODULE)) {
processLoginModules(context, stackNode.get(LOGIN_MODULE), authenticationInfo, new LoginModuleContainer() {
public void addAppConfigurationEntry(AppConfigurationEntry entry) {
holder.addAppConfigurationEntry(entry);
}
});
}
}
}
for (Property moduleProperty : node.get(AUTH_MODULE).asPropertyList()) {
ModelNode authModule = moduleProperty.getValue();
String code = extractCode(context, authModule, ModulesMap.AUTHENTICATION_MAP);
String loginStackRef = null;
if (authModule.hasDefined(LOGIN_MODULE_STACK_REF)) {
loginStackRef = JASPIMappingModuleDefinition.LOGIN_MODULE_STACK_REF.resolveModelAttribute(context, authModule).asString();
}
Map<String, Object> options = extractOptions(context, authModule);
AuthModuleEntry entry = new AuthModuleEntry(code, options, loginStackRef);
if (authModule.hasDefined(FLAG)) {
String flag = LoginModuleResourceDefinition.FLAG.resolveModelAttribute(context, authModule).asString();
entry.setControlFlag(ControlFlag.valueOf(flag));
}
if (loginStackRef != null) {
if (!holders.containsKey(loginStackRef)) {
throw SecurityLogger.ROOT_LOGGER.loginModuleStackIllegalArgument(loginStackRef);
}
entry.setLoginModuleStackHolder(holders.get(loginStackRef));
}
authenticationInfo.add(entry);
ModelNode moduleName = LoginModuleResourceDefinition.MODULE.resolveModelAttribute(context, authModule);
if (moduleName.isDefined() && !moduleName.asString().isEmpty()) {
authenticationInfo.addJBossModuleName(moduleName.asString());
} else {
authenticationInfo.addJBossModuleName(DEFAULT_MODULE);
}
}
applicationPolicy.setAuthenticationInfo(authenticationInfo);
return true;
}
Also used :
AuthModuleEntry(org.jboss.security.auth.container.config.AuthModuleEntry)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
JASPIAuthenticationInfo(org.jboss.security.auth.login.JASPIAuthenticationInfo)
LoginModuleStackHolder(org.jboss.security.auth.login.LoginModuleStackHolder)
AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry)
ModelNode(org.jboss.dmr.ModelNode)
Property(org.jboss.dmr.Property)
Example 64 with AppConfigurationEntry
use of javax.security.auth.login.AppConfigurationEntry in project wildfly by wildfly.
the class Util method getCLMLoginContext.
/**
* Obtain a LoginContext configured for use with the ClientLoginModule.
*
* @return the configured LoginContext.
*/
public static LoginContext getCLMLoginContext(final String username, final String password) throws LoginException {
final String configurationName = "Testing";
CallbackHandler cbh = new CallbackHandler() {
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback current : callbacks) {
if (current instanceof NameCallback) {
((NameCallback) current).setName(username);
} else if (current instanceof PasswordCallback) {
((PasswordCallback) current).setPassword(password.toCharArray());
} else {
throw new UnsupportedCallbackException(current);
}
}
}
};
Configuration config = new Configuration() {
@Override
public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
if (configurationName.equals(name) == false) {
throw new IllegalArgumentException("Unexpected configuration name '" + name + "'");
}
Map<String, String> options = new HashMap<String, String>();
options.put("multi-threaded", "true");
options.put("restore-login-identity", "true");
AppConfigurationEntry clmEntry = new AppConfigurationEntry(ClientLoginModule.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
return new AppConfigurationEntry[] { clmEntry };
}
};
return new LoginContext(configurationName, new Subject(), cbh, config);
}
Also used :
CallbackHandler(javax.security.auth.callback.CallbackHandler)
ClientLoginModule(org.jboss.security.ClientLoginModule)
Configuration(javax.security.auth.login.Configuration)
HashMap(java.util.HashMap)
Subject(javax.security.auth.Subject)
AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
LoginContext(javax.security.auth.login.LoginContext)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Example 65 with AppConfigurationEntry
use of javax.security.auth.login.AppConfigurationEntry in project jdk8u_jdk by JetBrains.
the class MyConfiguration method setupConfiguration.
private void setupConfiguration() {
ptAE[0] = new AppConfigurationEntry("SmartLoginModule", optionOrder ? OPTIONAL : REQUIRED, map);
ptAE[1] = new AppConfigurationEntry("DummyLoginModule", optionOrder ? SUFFICIENT : REQUIRED, map);
}
Also used :
AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry)
Aggregations
AppConfigurationEntry (javax.security.auth.login.AppConfigurationEntry)74
HashMap (java.util.HashMap)30
Configuration (javax.security.auth.login.Configuration)25
Map (java.util.Map)13
Test (org.junit.Test)11
Subject (javax.security.auth.Subject)10
LoginContext (javax.security.auth.login.LoginContext)10
SSOException (com.iplanet.sso.SSOException)7
SMSException (com.sun.identity.sm.SMSException)7
HashSet (java.util.HashSet)7
JaasRealm (org.apache.karaf.jaas.config.JaasRealm)7
Set (java.util.Set)6
LoginException (javax.security.auth.login.LoginException)5
IOException (java.io.IOException)4
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)4
CallbackHandler (javax.security.auth.callback.CallbackHandler)4
LoginModuleControlFlag (javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag)4
LoginModuleImpl (org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl)4
File (java.io.File)3
Principal (java.security.Principal)3
