Examples with Configuration javax.security.auth.login.Configuration used on opensource projects

Search in sources :

Example 31 with Configuration

use of javax.security.auth.login.Configuration in project SSM by Intel-bigdata.

the class SecurityUtil method loginUsingKeytab.

public static Subject loginUsingKeytab(String principal, File keytabFile) throws IOException {
    Set<Principal> principals = new HashSet<Principal>();
    principals.add(new KerberosPrincipal(principal));
    Subject subject = new Subject(false, principals, new HashSet<Object>(), new HashSet<Object>());
    Configuration conf = useKeytab(principal, keytabFile);
    String confName = "KeytabConf";
    LoginContext loginContext = null;
    try {
        loginContext = new LoginContext(confName, subject, null, conf);
        LOG.info("Login successful for user " + subject.getPrincipals().iterator().next().getName());
    } catch (LoginException e) {
        throw new IOException("Faill to create LoginContext for " + e);
    }
    try {
        loginContext.login();
    } catch (LoginException e) {
        throw new IOException("Login failure for " + e);
    }
    return loginContext.getSubject();
}
Also used : KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) LoginContext(javax.security.auth.login.LoginContext) Configuration(javax.security.auth.login.Configuration) LoginException(javax.security.auth.login.LoginException) IOException(java.io.IOException) KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) Principal(java.security.Principal) Subject(javax.security.auth.Subject) HashSet(java.util.HashSet)

Example 32 with Configuration

use of javax.security.auth.login.Configuration in project kafka by apache.

the class JaasUtils method isZkSaslEnabled.

public static boolean isZkSaslEnabled() {
    // Technically a client must also check if TLS mutual authentication has been configured,
    // but we will leave that up to the client code to determine since direct connectivity to ZooKeeper
    // has been deprecated in many clients and we don't wish to re-introduce a ZooKeeper jar dependency here.
    boolean zkSaslEnabled = Boolean.parseBoolean(System.getProperty(ZK_SASL_CLIENT, DEFAULT_ZK_SASL_CLIENT));
    String zkLoginContextName = System.getProperty(ZK_LOGIN_CONTEXT_NAME_KEY, DEFAULT_ZK_LOGIN_CONTEXT_NAME);
    LOG.debug("Checking login config for Zookeeper JAAS context {}", zkSecuritySysConfigString());
    boolean foundLoginConfigEntry;
    try {
        Configuration loginConf = Configuration.getConfiguration();
        foundLoginConfigEntry = loginConf.getAppConfigurationEntry(zkLoginContextName) != null;
    } catch (Exception e) {
        throw new KafkaException("Exception while loading Zookeeper JAAS login context " + zkSecuritySysConfigString(), e);
    }
    if (foundLoginConfigEntry && !zkSaslEnabled) {
        LOG.error("JAAS configuration is present, but system property " + ZK_SASL_CLIENT + " is set to false, which disables " + "SASL in the ZooKeeper client");
        throw new KafkaException("Exception while determining if ZooKeeper is secure " + zkSecuritySysConfigString());
    }
    return foundLoginConfigEntry;
}
Also used : Configuration(javax.security.auth.login.Configuration) KafkaException(org.apache.kafka.common.KafkaException) KafkaException(org.apache.kafka.common.KafkaException)

Example 33 with Configuration

use of javax.security.auth.login.Configuration in project kafka by apache.

the class JaasContextTest method testMultipleLoginModules.

@Test
public void testMultipleLoginModules() throws Exception {
    StringBuilder builder = new StringBuilder();
    int moduleCount = 3;
    Map<Integer, Map<String, Object>> moduleOptions = new HashMap<>();
    for (int i = 0; i < moduleCount; i++) {
        Map<String, Object> options = new HashMap<>();
        options.put("index", "Index" + i);
        options.put("module", "Module" + i);
        moduleOptions.put(i, options);
        String module = jaasConfigProp("test.Module" + i, LoginModuleControlFlag.REQUIRED, options);
        builder.append(' ');
        builder.append(module);
    }
    String jaasConfigProp = builder.toString();
    String clientContextName = "CLIENT";
    Configuration configuration = new JaasConfig(clientContextName, jaasConfigProp);
    AppConfigurationEntry[] dynamicEntries = configuration.getAppConfigurationEntry(clientContextName);
    assertEquals(moduleCount, dynamicEntries.length);
    for (int i = 0; i < moduleCount; i++) {
        AppConfigurationEntry entry = dynamicEntries[i];
        checkEntry(entry, "test.Module" + i, LoginModuleControlFlag.REQUIRED, moduleOptions.get(i));
    }
    String serverContextName = "SERVER";
    writeConfiguration(serverContextName, jaasConfigProp);
    AppConfigurationEntry[] staticEntries = Configuration.getConfiguration().getAppConfigurationEntry(serverContextName);
    for (int i = 0; i < moduleCount; i++) {
        AppConfigurationEntry staticEntry = staticEntries[i];
        checkEntry(staticEntry, dynamicEntries[i].getLoginModuleName(), LoginModuleControlFlag.REQUIRED, dynamicEntries[i].getOptions());
    }
}
Also used : Configuration(javax.security.auth.login.Configuration) HashMap(java.util.HashMap) AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) HashMap(java.util.HashMap) Map(java.util.Map) Test(org.junit.jupiter.api.Test)

Example 34 with Configuration

use of javax.security.auth.login.Configuration in project kafka by apache.

the class BasicAuthSecurityRestExtensionTest method testJaasConfigurationNotOverwritten.

@SuppressWarnings("unchecked")
@Test
public void testJaasConfigurationNotOverwritten() {
    ArgumentCaptor<JaasBasicAuthFilter> jaasFilter = ArgumentCaptor.forClass(JaasBasicAuthFilter.class);
    Configurable<? extends Configurable<?>> configurable = mock(Configurable.class);
    when(configurable.register(jaasFilter.capture())).thenReturn(null);
    ConnectRestExtensionContext context = mock(ConnectRestExtensionContext.class);
    when(context.configurable()).thenReturn((Configurable) configurable);
    BasicAuthSecurityRestExtension extension = new BasicAuthSecurityRestExtension();
    Configuration overwrittenConfiguration = mock(Configuration.class);
    Configuration.setConfiguration(overwrittenConfiguration);
    extension.register(context);
    assertNotEquals(overwrittenConfiguration, jaasFilter.getValue().configuration, "Overwritten JAAS configuration should not be used by basic auth REST extension");
}
Also used : Configuration(javax.security.auth.login.Configuration) ConnectRestExtensionContext(org.apache.kafka.connect.rest.ConnectRestExtensionContext) Test(org.junit.jupiter.api.Test)

Example 35 with Configuration

use of javax.security.auth.login.Configuration in project incubator-atlas by apache.

the class AtlasPamAuthenticationProvider method init.

private void init() {
    try {
        AppConfigurationEntry appConfigurationEntry = new AppConfigurationEntry(loginModuleName, controlFlag, options);
        AppConfigurationEntry[] appConfigurationEntries = new AppConfigurationEntry[] { appConfigurationEntry };
        Map<String, AppConfigurationEntry[]> appConfigurationEntriesOptions = new HashMap<String, AppConfigurationEntry[]>();
        appConfigurationEntriesOptions.put("SPRINGSECURITY", appConfigurationEntries);
        Configuration configuration = new InMemoryConfiguration(appConfigurationEntriesOptions);
        jaasAuthenticationProvider.setConfiguration(configuration);
        UserAuthorityGranter authorityGranter = new UserAuthorityGranter();
        UserAuthorityGranter[] authorityGranters = new UserAuthorityGranter[] { authorityGranter };
        jaasAuthenticationProvider.setAuthorityGranters(authorityGranters);
        jaasAuthenticationProvider.afterPropertiesSet();
    } catch (Exception e) {
        LOG.error("Failed to init PAM Authentication", e);
    }
}
Also used : AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) InMemoryConfiguration(org.springframework.security.authentication.jaas.memory.InMemoryConfiguration) Configuration(javax.security.auth.login.Configuration) InMemoryConfiguration(org.springframework.security.authentication.jaas.memory.InMemoryConfiguration) HashMap(java.util.HashMap) AuthenticationException(org.springframework.security.core.AuthenticationException)

Aggregations

Configuration (javax.security.auth.login.Configuration)89 AppConfigurationEntry (javax.security.auth.login.AppConfigurationEntry)42 LoginContext (javax.security.auth.login.LoginContext)27 HashMap (java.util.HashMap)23 Subject (javax.security.auth.Subject)20 Test (org.junit.Test)16 IOException (java.io.IOException)13 LoginException (javax.security.auth.login.LoginException)12 CallbackHandler (javax.security.auth.callback.CallbackHandler)8 File (java.io.File)7 Principal (java.security.Principal)7 URI (java.net.URI)6 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5 ArrayList (java.util.ArrayList)5 Test (org.junit.jupiter.api.Test)5 URIParameter (java.security.URIParameter)4 Map (java.util.Map)4 Callback (javax.security.auth.callback.Callback)4 PasswordCallback (javax.security.auth.callback.PasswordCallback)4 LoginModuleImpl (org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial