Example 41 with AppConfigurationEntry
use of javax.security.auth.login.AppConfigurationEntry in project wildfly by wildfly.
the class SecurityDomainAdd method processClassicAuth.
private boolean processClassicAuth(OperationContext context, String securityDomain, ModelNode node, ApplicationPolicy applicationPolicy) throws OperationFailedException {
node = peek(node, AUTHENTICATION, CLASSIC);
if (node == null) {
return false;
}
final AuthenticationInfo authenticationInfo = new AuthenticationInfo(securityDomain);
if (node.hasDefined(Constants.LOGIN_MODULE)) {
processLoginModules(context, node.get(LOGIN_MODULE), authenticationInfo, new LoginModuleContainer() {
public void addAppConfigurationEntry(AppConfigurationEntry entry) {
authenticationInfo.add(entry);
}
});
}
//Check for module
applicationPolicy.setAuthenticationInfo(authenticationInfo);
return true;
}
Also used :
AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry)
BaseAuthenticationInfo(org.jboss.security.auth.login.BaseAuthenticationInfo)
JASPIAuthenticationInfo(org.jboss.security.auth.login.JASPIAuthenticationInfo)
AuthenticationInfo(org.jboss.security.auth.login.AuthenticationInfo)
Example 42 with AppConfigurationEntry
use of javax.security.auth.login.AppConfigurationEntry in project wildfly by wildfly.
the class SecurityDomainAdd method processLoginModules.
private void processLoginModules(OperationContext context, ModelNode node, BaseAuthenticationInfo authInfo, LoginModuleContainer container) throws OperationFailedException {
for (Property moduleProperty : node.asPropertyList()) {
ModelNode module = moduleProperty.getValue();
String codeName = extractCode(context, module, ModulesMap.AUTHENTICATION_MAP);
String flag = LoginModuleResourceDefinition.FLAG.resolveModelAttribute(context, module).asString();
LoginModuleControlFlag controlFlag = getControlFlag(flag);
Map<String, Object> options = extractOptions(context, module);
AppConfigurationEntry entry = new AppConfigurationEntry(codeName, controlFlag, options);
container.addAppConfigurationEntry(entry);
ModelNode moduleName = LoginModuleResourceDefinition.MODULE.resolveModelAttribute(context, module);
if (moduleName.isDefined() && !moduleName.asString().isEmpty()) {
authInfo.addJBossModuleName(moduleName.asString());
} else {
authInfo.addJBossModuleName(DEFAULT_MODULE);
}
}
}
Also used :
AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry)
LoginModuleControlFlag(javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag)
ModelNode(org.jboss.dmr.ModelNode)
Property(org.jboss.dmr.Property)
Example 43 with AppConfigurationEntry
use of javax.security.auth.login.AppConfigurationEntry in project simba-os by cegeka.
the class JaasLoginCommandTest method setupJAAS.
private void setupJAAS() {
Configuration configurationMock = mock(Configuration.class);
AppConfigurationEntry entry = new AppConfigurationEntry(TestLoginModule.class.getName(), LoginModuleControlFlag.REQUIRED, Collections.<String, Object>emptyMap());
when(configurationMock.getAppConfigurationEntry(LOGIN_MODULE_NAME)).thenReturn(new AppConfigurationEntry[] { entry });
Configuration.setConfiguration(configurationMock);
}
Also used :
AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry)
Configuration(javax.security.auth.login.Configuration)
Example 44 with AppConfigurationEntry
use of javax.security.auth.login.AppConfigurationEntry in project zookeeper by apache.
the class JaasConfiguration method addSection.
/**
* Add a section to the jaas.conf
* @param name Section name
* @param loginModuleName Login module name
* @param conf login key/value args
*/
public void addSection(String name, String loginModuleName, final Map<String, String> conf) {
AppConfigurationEntry[] entries = new AppConfigurationEntry[1];
entries[0] = new AppConfigurationEntry(loginModuleName, LoginModuleControlFlag.REQUIRED, conf);
this.sections.put(name, entries);
}
Also used :
AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry)
Example 45 with AppConfigurationEntry
use of javax.security.auth.login.AppConfigurationEntry in project zookeeper by apache.
the class ServerCnxnFactory method configureSaslLogin.
/**
* Initialize the server SASL if specified.
*
* If the user has specified a "ZooKeeperServer.LOGIN_CONTEXT_NAME_KEY"
* or a jaas.conf using "java.security.auth.login.config"
* the authentication is required and an exception is raised.
* Otherwise no authentication is configured and no exception is raised.
*
* @throws IOException if jaas.conf is missing or there's an error in it.
*/
protected void configureSaslLogin() throws IOException {
String serverSection = System.getProperty(ZooKeeperSaslServer.LOGIN_CONTEXT_NAME_KEY, ZooKeeperSaslServer.DEFAULT_LOGIN_CONTEXT_NAME);
// Note that 'Configuration' here refers to javax.security.auth.login.Configuration.
AppConfigurationEntry[] entries = null;
SecurityException securityException = null;
try {
entries = Configuration.getConfiguration().getAppConfigurationEntry(serverSection);
} catch (SecurityException e) {
// handle below: might be harmless if the user doesn't intend to use JAAS authentication.
securityException = e;
}
// we throw an exception otherwise we continue without authentication.
if (entries == null) {
String jaasFile = System.getProperty(Environment.JAAS_CONF_KEY);
String loginContextName = System.getProperty(ZooKeeperSaslServer.LOGIN_CONTEXT_NAME_KEY);
if (securityException != null && (loginContextName != null || jaasFile != null)) {
String errorMessage = "No JAAS configuration section named '" + serverSection + "' was found";
if (jaasFile != null) {
errorMessage += "in '" + jaasFile + "'.";
}
if (loginContextName != null) {
errorMessage += " But " + ZooKeeperSaslServer.LOGIN_CONTEXT_NAME_KEY + " was set.";
}
LOG.error(errorMessage);
throw new IOException(errorMessage);
}
return;
}
// jaas.conf entry available
try {
saslServerCallbackHandler = new SaslServerCallbackHandler(Configuration.getConfiguration());
login = new Login(serverSection, saslServerCallbackHandler, new ZKConfig());
login.startThreadIfNeeded();
} catch (LoginException e) {
throw new IOException("Could not configure server because SASL configuration did not allow the " + " ZooKeeper server to authenticate itself properly: " + e);
}
}
Also used :
AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry)
ZKConfig(org.apache.zookeeper.common.ZKConfig)
SaslServerCallbackHandler(org.apache.zookeeper.server.auth.SaslServerCallbackHandler)
LoginException(javax.security.auth.login.LoginException)
IOException(java.io.IOException)
Login(org.apache.zookeeper.Login)
Aggregations
AppConfigurationEntry (javax.security.auth.login.AppConfigurationEntry)76
HashMap (java.util.HashMap)31
Configuration (javax.security.auth.login.Configuration)26
Map (java.util.Map)13
Test (org.junit.Test)11
Subject (javax.security.auth.Subject)10
LoginContext (javax.security.auth.login.LoginContext)10
SSOException (com.iplanet.sso.SSOException)7
SMSException (com.sun.identity.sm.SMSException)7
HashSet (java.util.HashSet)7
JaasRealm (org.apache.karaf.jaas.config.JaasRealm)7
Set (java.util.Set)6
LoginException (javax.security.auth.login.LoginException)5
IOException (java.io.IOException)4
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)4
CallbackHandler (javax.security.auth.callback.CallbackHandler)4
LoginModuleControlFlag (javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag)4
LoginModuleImpl (org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl)4
File (java.io.File)3
Principal (java.security.Principal)3
