Example 61 with Configuration
use of javax.security.auth.login.Configuration in project felix by apache.
the class TCCLDemoServlet method doPost.
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// Demonstrates the JAAS authentication
// In following case the client code would have to
// 1. Manage the thread's context classloader
// 2. Add a DynamicImport for org.apache.felix.jaas.boot
// 3. Fetch the config using the Configuration.getInstance API and pass that on
PrintWriter pw = resp.getWriter();
CallbackHandler handler = new ServletRequestCallbackHandler(req);
Subject subject = new Subject();
final ClassLoader cl = Thread.currentThread().getContextClassLoader();
try {
Configuration config = Configuration.getInstance("JavaLoginConfig", null, "FelixJaasProvider");
Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
LoginContext lc = new LoginContext("sample", subject, handler, config);
lc.login();
pw.println("Principal authentication successful");
pw.println(subject);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
} catch (NoSuchProviderException e) {
throw new RuntimeException(e);
} catch (LoginException e) {
handleAuthenticationFailure(e, pw);
} finally {
Thread.currentThread().setContextClassLoader(cl);
}
}
Also used :
CallbackHandler(javax.security.auth.callback.CallbackHandler)
LoginContext(javax.security.auth.login.LoginContext)
Configuration(javax.security.auth.login.Configuration)
LoginException(javax.security.auth.login.LoginException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
NoSuchProviderException(java.security.NoSuchProviderException)
Subject(javax.security.auth.Subject)
PrintWriter(java.io.PrintWriter)
Example 62 with Configuration
use of javax.security.auth.login.Configuration in project felix by apache.
the class ITJaasWithBootClasspath method testJaasWithBoot.
/**
* Creates the scenario where jaas-boot jar is placed in bootclasspath. With this the client
* code need not switch the TCCL
*/
@Test
public void testJaasWithBoot() throws Exception {
String realmName = name.getMethodName();
createLoginModuleConfig(realmName);
delay();
CallbackHandler handler = new SimpleCallbackHandler("foo", "foo");
Configuration config = Configuration.getInstance("JavaLoginConfig", null, "FelixJaasProvider");
Subject s = new Subject();
LoginContext lc = new LoginContext(realmName, s, handler, config);
lc.login();
assertFalse(s.getPrincipals().isEmpty());
}
Also used :
SimpleCallbackHandler(org.apache.felix.jaas.integration.common.SimpleCallbackHandler)
CallbackHandler(javax.security.auth.callback.CallbackHandler)
LoginContext(javax.security.auth.login.LoginContext)
Configuration(javax.security.auth.login.Configuration)
SimpleCallbackHandler(org.apache.felix.jaas.integration.common.SimpleCallbackHandler)
Subject(javax.security.auth.Subject)
Test(org.junit.Test)
Example 63 with Configuration
use of javax.security.auth.login.Configuration in project felix by apache.
the class ITJaasWithConfigBasedLoginModule method testJaasConfigOrderedViaRanking.
@Test
public void testJaasConfigOrderedViaRanking() throws Exception {
String realmName = name.getMethodName();
List<Integer> ranks = Arrays.asList(1, 2, 3, 4, 5, 6);
Collections.shuffle(ranks);
// 1. Create LoginModule config with random rankings
for (Integer i : ranks) {
org.osgi.service.cm.Configuration config = ca.createFactoryConfiguration("org.apache.felix.jaas.Configuration.factory", null);
Dictionary<String, Object> p = new Hashtable<String, Object>();
p.put("jaas.classname", "org.apache.felix.jaas.integration.sample1.ConfigLoginModule");
p.put("jaas.realmName", realmName);
p.put("jaas.ranking", i);
p.put("order", i);
config.update(p);
}
delay();
Configuration jaasConfig = Configuration.getInstance("JavaLoginConfig", null, "FelixJaasProvider");
AppConfigurationEntry[] entries = jaasConfig.getAppConfigurationEntry(realmName);
assertEquals("No of entries does not match the no of created", ranks.size(), entries.length);
// Entries would be sorted via ranking. Higher ranking comes first
int ranking = 6;
for (AppConfigurationEntry e : entries) {
Integer order = (Integer) e.getOptions().get("order");
assertEquals(ranking--, order.intValue());
}
}
Also used :
Configuration(javax.security.auth.login.Configuration)
Hashtable(java.util.Hashtable)
AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry)
Test(org.junit.Test)
Example 64 with Configuration
use of javax.security.auth.login.Configuration in project felix by apache.
the class ITJaasWithConfigBasedLoginModule method testJaasWithTCCL.
@Test
public void testJaasWithTCCL() throws Exception {
String realmName = name.getMethodName();
createLoginModuleConfig(realmName);
delay();
CallbackHandler handler = new SimpleCallbackHandler("foo", "foo");
Configuration config = Configuration.getInstance("JavaLoginConfig", null, "FelixJaasProvider");
Subject s = new Subject();
final ClassLoader cl = Thread.currentThread().getContextClassLoader();
try {
Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
LoginContext lc = new LoginContext(realmName, s, handler, config);
lc.login();
} finally {
Thread.currentThread().setContextClassLoader(cl);
}
assertFalse(s.getPrincipals().isEmpty());
}
Also used :
SimpleCallbackHandler(org.apache.felix.jaas.integration.common.SimpleCallbackHandler)
CallbackHandler(javax.security.auth.callback.CallbackHandler)
LoginContext(javax.security.auth.login.LoginContext)
Configuration(javax.security.auth.login.Configuration)
SimpleCallbackHandler(org.apache.felix.jaas.integration.common.SimpleCallbackHandler)
Subject(javax.security.auth.Subject)
Test(org.junit.Test)
Example 65 with Configuration
use of javax.security.auth.login.Configuration in project tomcat70 by apache.
the class JAASRealm method authenticate.
// -------------------------------------------------------- Package Methods
// ------------------------------------------------------ Protected Methods
/**
* Perform the actual JAAS authentication
*/
protected Principal authenticate(String username, CallbackHandler callbackHandler) {
// Establish a LoginContext to use for authentication
try {
LoginContext loginContext = null;
if (appName == null)
appName = "Tomcat";
if (log.isDebugEnabled())
log.debug(sm.getString("jaasRealm.beginLogin", username, appName));
// What if the LoginModule is in the container class loader ?
ClassLoader ocl = null;
if (!isUseContextClassLoader()) {
ocl = Thread.currentThread().getContextClassLoader();
Thread.currentThread().setContextClassLoader(this.getClass().getClassLoader());
}
try {
Configuration config = getConfig();
loginContext = new LoginContext(appName, null, callbackHandler, config);
} catch (Throwable e) {
ExceptionUtils.handleThrowable(e);
log.error(sm.getString("jaasRealm.unexpectedError"), e);
return (null);
} finally {
if (!isUseContextClassLoader()) {
Thread.currentThread().setContextClassLoader(ocl);
}
}
if (log.isDebugEnabled())
log.debug("Login context created " + username);
// Negotiate a login via this LoginContext
Subject subject = null;
try {
loginContext.login();
subject = loginContext.getSubject();
if (subject == null) {
if (log.isDebugEnabled())
log.debug(sm.getString("jaasRealm.failedLogin", username));
return (null);
}
} catch (AccountExpiredException e) {
if (log.isDebugEnabled())
log.debug(sm.getString("jaasRealm.accountExpired", username));
return (null);
} catch (CredentialExpiredException e) {
if (log.isDebugEnabled())
log.debug(sm.getString("jaasRealm.credentialExpired", username));
return (null);
} catch (FailedLoginException e) {
if (log.isDebugEnabled())
log.debug(sm.getString("jaasRealm.failedLogin", username));
return (null);
} catch (LoginException e) {
log.warn(sm.getString("jaasRealm.loginException", username), e);
return (null);
} catch (Throwable e) {
ExceptionUtils.handleThrowable(e);
log.error(sm.getString("jaasRealm.unexpectedError"), e);
return (null);
}
if (log.isDebugEnabled())
log.debug(sm.getString("jaasRealm.loginContextCreated", username));
// Return the appropriate Principal for this authenticated Subject
Principal principal = createPrincipal(username, subject, loginContext);
if (principal == null) {
log.debug(sm.getString("jaasRealm.authenticateFailure", username));
return (null);
}
if (log.isDebugEnabled()) {
log.debug(sm.getString("jaasRealm.authenticateSuccess", username));
}
return (principal);
} catch (Throwable t) {
log.error("error ", t);
return null;
}
}
Also used :
LoginContext(javax.security.auth.login.LoginContext)
FailedLoginException(javax.security.auth.login.FailedLoginException)
Configuration(javax.security.auth.login.Configuration)
AccountExpiredException(javax.security.auth.login.AccountExpiredException)
LoginException(javax.security.auth.login.LoginException)
FailedLoginException(javax.security.auth.login.FailedLoginException)
CredentialExpiredException(javax.security.auth.login.CredentialExpiredException)
Subject(javax.security.auth.Subject)
Principal(java.security.Principal)
Aggregations
Configuration (javax.security.auth.login.Configuration)100
AppConfigurationEntry (javax.security.auth.login.AppConfigurationEntry)47
LoginContext (javax.security.auth.login.LoginContext)30
HashMap (java.util.HashMap)27
Subject (javax.security.auth.Subject)22
Test (org.junit.Test)17
IOException (java.io.IOException)15
LoginException (javax.security.auth.login.LoginException)13
File (java.io.File)8
Principal (java.security.Principal)7
CallbackHandler (javax.security.auth.callback.CallbackHandler)7
URI (java.net.URI)6
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)6
ArrayList (java.util.ArrayList)6
Test (org.junit.jupiter.api.Test)5
URIParameter (java.security.URIParameter)4
Map (java.util.Map)4
Callback (javax.security.auth.callback.Callback)4
LoginModuleImpl (org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl)4
NoSuchProviderException (java.security.NoSuchProviderException)3
