Example 26 with Configuration
use of javax.security.auth.login.Configuration in project storm by apache.
the class ClientAuthUtilsTest method getNonExistentSectionTest.
@Test
public void getNonExistentSectionTest() throws IOException {
Map<String, String> optionMap = new HashMap<String, String>();
AppConfigurationEntry entry = Mockito.mock(AppConfigurationEntry.class);
Mockito.<Map<String, ?>>when(entry.getOptions()).thenReturn(optionMap);
String section = "bogus-section";
Configuration mockConfig = Mockito.mock(Configuration.class);
Mockito.when(mockConfig.getAppConfigurationEntry(section)).thenReturn(new AppConfigurationEntry[] { entry });
Assert.assertNull(ClientAuthUtils.get(mockConfig, section, "nonexistent-key"));
}
Also used :
AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry)
Configuration(javax.security.auth.login.Configuration)
HashMap(java.util.HashMap)
Test(org.junit.Test)
Example 27 with Configuration
use of javax.security.auth.login.Configuration in project storm by apache.
the class ClientAuthUtilsTest method getFirstValueForValidKeyTest.
@Test
public void getFirstValueForValidKeyTest() throws IOException {
String k = "the-key";
String expected = "good-value";
Map<String, String> optionMap = new HashMap<String, String>();
optionMap.put(k, expected);
Map<String, String> badOptionMap = new HashMap<String, String>();
badOptionMap.put(k, "bad-value");
AppConfigurationEntry emptyEntry = Mockito.mock(AppConfigurationEntry.class);
AppConfigurationEntry badEntry = Mockito.mock(AppConfigurationEntry.class);
AppConfigurationEntry goodEntry = Mockito.mock(AppConfigurationEntry.class);
Mockito.<Map<String, ?>>when(emptyEntry.getOptions()).thenReturn(new HashMap<String, String>());
Mockito.<Map<String, ?>>when(badEntry.getOptions()).thenReturn(badOptionMap);
Mockito.<Map<String, ?>>when(goodEntry.getOptions()).thenReturn(optionMap);
String section = "bogus-section";
Configuration mockConfig = Mockito.mock(Configuration.class);
Mockito.when(mockConfig.getAppConfigurationEntry(section)).thenReturn(new AppConfigurationEntry[] { emptyEntry, goodEntry, badEntry });
Assert.assertEquals(ClientAuthUtils.get(mockConfig, section, k), expected);
}
Also used :
AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry)
Configuration(javax.security.auth.login.Configuration)
HashMap(java.util.HashMap)
Test(org.junit.Test)
Example 28 with Configuration
use of javax.security.auth.login.Configuration in project storm by apache.
the class ClientAuthUtilsTest method getOptionsThrowsOnMissingSectionTest.
@Test(expected = IOException.class)
public void getOptionsThrowsOnMissingSectionTest() throws IOException {
Configuration mockConfig = Mockito.mock(Configuration.class);
ClientAuthUtils.get(mockConfig, "bogus-section", "");
}
Also used :
Configuration(javax.security.auth.login.Configuration)
Test(org.junit.Test)
Example 29 with Configuration
use of javax.security.auth.login.Configuration in project tomcat by apache.
the class JAASRealm method authenticate.
// -------------------------------------------------------- Package Methods
// ------------------------------------------------------ Protected Methods
/**
* Perform the actual JAAS authentication.
* @param username The user name
* @param callbackHandler The callback handler
* @return the associated principal, or <code>null</code> if there is none.
*/
protected Principal authenticate(String username, CallbackHandler callbackHandler) {
// Establish a LoginContext to use for authentication
try {
LoginContext loginContext = null;
if (appName == null) {
appName = "Tomcat";
}
if (log.isDebugEnabled()) {
log.debug(sm.getString("jaasRealm.beginLogin", username, appName));
}
// What if the LoginModule is in the container class loader ?
ClassLoader ocl = null;
if (!isUseContextClassLoader()) {
ocl = Thread.currentThread().getContextClassLoader();
Thread.currentThread().setContextClassLoader(this.getClass().getClassLoader());
}
try {
Configuration config = getConfig();
loginContext = new LoginContext(appName, null, callbackHandler, config);
} catch (Throwable e) {
ExceptionUtils.handleThrowable(e);
log.error(sm.getString("jaasRealm.unexpectedError"), e);
// There is configuration issue with JAAS so mark the realm as
// unavailable
invocationSuccess = false;
return null;
} finally {
if (!isUseContextClassLoader()) {
Thread.currentThread().setContextClassLoader(ocl);
}
}
if (log.isDebugEnabled()) {
log.debug("Login context created " + username);
}
// Negotiate a login via this LoginContext
Subject subject = null;
try {
loginContext.login();
subject = loginContext.getSubject();
// We were able to perform login successfully so mark JAAS realm as
// available as it could have been set to false in prior attempts.
// Change invocationSuccess variable only when we know the outcome
// of the JAAS operation to keep variable consistent.
invocationSuccess = true;
if (subject == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("jaasRealm.failedLogin", username));
}
return null;
}
} catch (AccountExpiredException e) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("jaasRealm.accountExpired", username));
}
// JAAS checked LoginExceptions are successful authentication
// invocations so mark JAAS realm as available
invocationSuccess = true;
return null;
} catch (CredentialExpiredException e) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("jaasRealm.credentialExpired", username));
}
// JAAS checked LoginExceptions are successful authentication
// invocations so mark JAAS realm as available
invocationSuccess = true;
return null;
} catch (FailedLoginException e) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("jaasRealm.failedLogin", username));
}
// JAAS checked LoginExceptions are successful authentication
// invocations so mark JAAS realm as available
invocationSuccess = true;
return null;
} catch (LoginException e) {
log.warn(sm.getString("jaasRealm.loginException", username), e);
// JAAS checked LoginExceptions are successful authentication
// invocations so mark JAAS realm as available
invocationSuccess = true;
return null;
} catch (Throwable e) {
ExceptionUtils.handleThrowable(e);
log.error(sm.getString("jaasRealm.unexpectedError"), e);
// JAAS throws exception different than LoginException so mark the
// realm as unavailable
invocationSuccess = false;
return null;
}
if (log.isDebugEnabled()) {
log.debug(sm.getString("jaasRealm.loginContextCreated", username));
}
// Return the appropriate Principal for this authenticated Subject
Principal principal = createPrincipal(username, subject, loginContext);
if (principal == null) {
log.debug(sm.getString("jaasRealm.authenticateFailure", username));
return null;
}
if (log.isDebugEnabled()) {
log.debug(sm.getString("jaasRealm.authenticateSuccess", username, principal));
}
return principal;
} catch (Throwable t) {
log.error("error ", t);
// JAAS throws exception different than LoginException so mark the realm as unavailable
invocationSuccess = false;
return null;
}
}
Also used :
LoginContext(javax.security.auth.login.LoginContext)
FailedLoginException(javax.security.auth.login.FailedLoginException)
Configuration(javax.security.auth.login.Configuration)
AccountExpiredException(javax.security.auth.login.AccountExpiredException)
LoginException(javax.security.auth.login.LoginException)
FailedLoginException(javax.security.auth.login.FailedLoginException)
CredentialExpiredException(javax.security.auth.login.CredentialExpiredException)
Subject(javax.security.auth.Subject)
Principal(java.security.Principal)
Example 30 with Configuration
use of javax.security.auth.login.Configuration in project jstorm by alibaba.
the class ThriftClient method reconnect.
public synchronized void reconnect() {
close();
try {
TSocket socket = new TSocket(host, port);
if (timeout != null) {
socket.setTimeout(timeout);
} else {
// @@@ Todo
// set the socket default Timeout as xxxx
}
// locate login configuration
Configuration login_conf = AuthUtils.GetConfiguration(conf);
// construct a transport plugin
ITransportPlugin transportPlugin = AuthUtils.GetTransportPlugin(type, conf, login_conf);
final TTransport underlyingTransport = socket;
// TODO get this from type instead of hardcoding to Nimbus.
// establish client-server transport via plugin
// do retries if the connect fails
TBackoffConnect connectionRetry = new TBackoffConnect(Utils.getInt(conf.get(Config.STORM_NIMBUS_RETRY_TIMES)), Utils.getInt(conf.get(Config.STORM_NIMBUS_RETRY_INTERVAL)), Utils.getInt(conf.get(Config.STORM_NIMBUS_RETRY_INTERVAL_CEILING)));
_transport = connectionRetry.doConnectWithRetry(transportPlugin, underlyingTransport, host, asUser);
} catch (IOException ex) {
throw new RuntimeException(ex);
}
_protocol = null;
if (_transport != null) {
_protocol = new TBinaryProtocol(_transport);
}
}
Also used :
Configuration(javax.security.auth.login.Configuration)
TBinaryProtocol(org.apache.thrift.protocol.TBinaryProtocol)
TTransport(org.apache.thrift.transport.TTransport)
IOException(java.io.IOException)
TSocket(org.apache.thrift.transport.TSocket)
Aggregations
Configuration (javax.security.auth.login.Configuration)89
AppConfigurationEntry (javax.security.auth.login.AppConfigurationEntry)42
LoginContext (javax.security.auth.login.LoginContext)27
HashMap (java.util.HashMap)23
Subject (javax.security.auth.Subject)20
Test (org.junit.Test)16
IOException (java.io.IOException)13
LoginException (javax.security.auth.login.LoginException)12
CallbackHandler (javax.security.auth.callback.CallbackHandler)8
File (java.io.File)7
Principal (java.security.Principal)7
URI (java.net.URI)6
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5
ArrayList (java.util.ArrayList)5
Test (org.junit.jupiter.api.Test)5
URIParameter (java.security.URIParameter)4
Map (java.util.Map)4
Callback (javax.security.auth.callback.Callback)4
PasswordCallback (javax.security.auth.callback.PasswordCallback)4
LoginModuleImpl (org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl)4
