use of javax.security.auth.login.AppConfigurationEntry in project OpenAM by OpenRock.
the class AMConfiguration method cloneConfigurationEntry.
/**
* There is a problem here in JAAS or our framework,
* AppConfigurationEntry[] could not be reused, Auth will hang.
* This method is used to create a clone copy of given config entry.
*/
private AppConfigurationEntry[] cloneConfigurationEntry(AppConfigurationEntry[] entries, String orgDN, AMAuthenticationManager amAM) {
if (debug.messageEnabled()) {
debug.message("AMConfiguration.cloneConfigurationEntry, orgDN=" + orgDN + ", entries=" + entries);
}
// clone the entry
List list = new ArrayList();
// get supported modules for this org
Set supportedModules = null;
if (AuthD.revisionNumber < ISAuthConstants.AUTHSERVICE_REVISION7_0) {
supportedModules = amAM.getAllowedModuleNames();
if (supportedModules.isEmpty()) {
return null;
}
}
synchronized (entries) {
int len = entries.length;
for (int i = 0; i < len; i++) {
String tmp = entries[i].getLoginModuleName();
if (AuthD.revisionNumber < ISAuthConstants.AUTHSERVICE_REVISION7_0 && !tmp.equals(ISAuthConstants.APPLICATION_MODULE) && !supportedModules.contains(AMAuthConfigUtils.getModuleName(tmp))) {
if (debug.messageEnabled()) {
debug.message("skip module " + tmp);
}
continue;
}
list.add(new AppConfigurationEntry(entries[i].getLoginModuleName(), entries[i].getControlFlag(), entries[i].getOptions()));
}
}
int len = list.size();
if (len == 0) {
return null;
}
// convert list to AppConfigurationEntry[]
AppConfigurationEntry[] clone = new AppConfigurationEntry[len];
for (int i = 0; i < len; i++) {
clone[i] = (AppConfigurationEntry) list.get(i);
}
return clone;
}
use of javax.security.auth.login.AppConfigurationEntry in project OpenAM by OpenRock.
the class AMConfiguration method getModuleBasedConfig.
/**
* Returns module based authentication configuration.
* This method will read the auth config xml string for the module
* defined in the specified organization,
* parse the xml string to return the AppConfigurationEntry[].
*
* @param orgDN Organization DN.
* @param module auth module name.
* @param name Authentication configuration name.
* @return module based authentication configuration.
*/
private AppConfigurationEntry[] getModuleBasedConfig(String orgDN, String module, String name, AMAuthenticationManager amAM) {
if (debug.messageEnabled()) {
debug.message("ModuleBasedConfig, START " + orgDN + "|" + module + ", name = " + name);
}
try {
AMAuthenticationInstance instance = amAM.getAuthenticationInstance(module);
if (instance == null) {
return null;
}
Map attribs = instance.getAttributeValues();
attribs.put(ISAuthConstants.MODULE_INSTANCE_NAME, module);
String type = instance.getType();
// construct AppConfigurationEntry
AppConfigurationEntry[] ret = new AppConfigurationEntry[1];
ret[0] = new AppConfigurationEntry(getLoginModuleClassName(type), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, attribs);
// add SM ServiceListener on module
addServiceListener(AuthUtils.getModuleServiceName(type), name);
if (debug.messageEnabled()) {
debug.message("ModuleBaseConfig, return config " + module + ", " + orgDN);
}
return ret;
} catch (Exception e) {
// got exception, return null config
debug.error("getModuleBasedConfig " + orgDN + "|" + module, e);
return null;
}
}
use of javax.security.auth.login.AppConfigurationEntry in project OpenAM by OpenRock.
the class AMAuthConfigUtils method processValue.
/**
* Processes value of the Auth Configuration.
* The value consists of thress part :
* module_name flag options
* there could only be one A/V pair in options, e.g. instance=/iplanet/ldap
*/
private static AppConfigurationEntry processValue(Node node) {
if (debug.messageEnabled()) {
debug.message("ConfigUtils.processValue, value=" + node.toString());
}
String value = node.getFirstChild().getNodeValue();
if (value == null || value.length() == 0) {
debug.error("ConfigUtils.processValue, invalid value=" + value);
return null;
}
// construct string tokenizer
StringTokenizer st = new StringTokenizer(value);
int len = st.countTokens();
if (len < 2) {
debug.error("ConfigUtils.processValue, wrong config : " + value);
return null;
}
// set module & flag
String moduleName = st.nextToken();
String flag = st.nextToken();
Map options = new HashMap();
// check control flag
AppConfigurationEntry.LoginModuleControlFlag cFlag = null;
if (flag.equals("REQUIRED")) {
cFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
} else if (flag.equals("OPTIONAL")) {
cFlag = AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL;
} else if (flag.equals("REQUISITE")) {
cFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUISITE;
} else if (flag.equals("SUFFICIENT")) {
cFlag = AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT;
} else {
debug.error("ConfigUtils.processValue, invalid flag : " + value);
return null;
}
// process options if any
while (st.hasMoreElements()) {
// process next options
String opt = st.nextToken();
int k = opt.indexOf("=");
if (k != -1) {
HashSet set = new HashSet();
//set.add("Empty");
set.add(opt.substring(k + 1));
options.put(opt.substring(0, k), set);
}
}
return new AppConfigurationEntry(moduleName, cFlag, options);
}
use of javax.security.auth.login.AppConfigurationEntry in project OpenAM by OpenRock.
the class LoginContextTest method setUp.
/**
* This test sets up four mock login modules, each with different control flags. The modules are created with
* control flags in the following order: required, requisite, sufficient and optional.
*
* @throws LoginException
* Can be thrown by invocation of the authentication framework.
*/
@BeforeMethod
public void setUp() throws LoginException {
optionCache = new HashMap<LoginModule, Map<String, Object>>();
// Create required delegate login module.
requiredDelegate = mock(LoginModule.class);
Map<String, Object> requiredOptions = new HashMap<String, Object>();
requiredOptions.put(DELEGATE_MODULE, requiredDelegate);
optionCache.put(requiredDelegate, requiredOptions);
AppConfigurationEntry requiredEntry = new AppConfigurationEntry(LOGIN_MODULE, LoginModuleControlFlag.REQUIRED, requiredOptions);
// Create requisite delegate login module.
requisiteDelegate = mock(LoginModule.class);
Map<String, Object> requisiteOptions = new HashMap<String, Object>();
requisiteOptions.put(DELEGATE_MODULE, requisiteDelegate);
optionCache.put(requisiteDelegate, requisiteOptions);
AppConfigurationEntry requisiteEntry = new AppConfigurationEntry(LOGIN_MODULE, LoginModuleControlFlag.REQUISITE, requisiteOptions);
// Create sufficient delegate login module.
sufficientDelegate = mock(LoginModule.class);
Map<String, Object> sufficientOptions = new HashMap<String, Object>();
sufficientOptions.put(DELEGATE_MODULE, sufficientDelegate);
optionCache.put(sufficientDelegate, sufficientOptions);
AppConfigurationEntry sufficientEntry = new AppConfigurationEntry(LOGIN_MODULE, LoginModuleControlFlag.SUFFICIENT, sufficientOptions);
// Create optional delegate login module.
optionalDelegate = mock(LoginModule.class);
Map<String, Object> optionalOptions = new HashMap<String, Object>();
optionalOptions.put(DELEGATE_MODULE, optionalDelegate);
optionCache.put(optionalDelegate, optionalOptions);
AppConfigurationEntry optionalEntry = new AppConfigurationEntry(LOGIN_MODULE, LoginModuleControlFlag.OPTIONAL, optionalOptions);
AppConfigurationEntry[] entries = new AppConfigurationEntry[] { requiredEntry, requisiteEntry, sufficientEntry, optionalEntry };
subject = new Subject();
handler = mock(CallbackHandler.class);
// Initialise class under test.
context = new LoginContext(entries, subject, handler);
}
use of javax.security.auth.login.AppConfigurationEntry in project zm-mailbox by Zimbra.
the class SaslAuthenticator method getLoginContext.
private LoginContext getLoginContext() throws LoginException {
Map<String, String> options = new HashMap<String, String>();
options.put("debug", Boolean.toString(config.getLogger().isDebugEnabled()));
options.put("principal", getPrincipal());
// options.put("useTicketCache", "true");
// options.put("storeKey", "true");
final AppConfigurationEntry ace = new AppConfigurationEntry(LOGIN_MODULE_NAME, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
Configuration config = new Configuration() {
@Override
public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
return new AppConfigurationEntry[] { ace };
}
@Override
public void refresh() {
}
};
return new LoginContext("krb5", null, new SaslCallbackHandler(), config);
}
Aggregations