Search in sources :

Example 41 with Configuration

use of javax.security.auth.login.Configuration in project OpenAM by OpenRock.

the class AuthUtils method isPureJAASModulePresent.

/**
     * Returns whether the auth module is or the auth chain contains pure JAAS
     * module(s).
     * @param configName a string of the configuratoin name.
     * @return 1 for pure JAAS module; -1 for module(s) provided by IS only.
     */
public static int isPureJAASModulePresent(String configName, AMLoginContext amlc) throws AuthLoginException {
    if (AuthD.isEnforceJAASThread()) {
        return 1;
    }
    int returnValue = -1;
    Configuration ISConfiguration = null;
    try {
        ISConfiguration = Configuration.getConfiguration();
    } catch (Exception e) {
        return 1;
    }
    AppConfigurationEntry[] entries = ISConfiguration.getAppConfigurationEntry(configName);
    if (entries == null) {
        throw new AuthLoginException("amAuth", AMAuthErrorCode.AUTH_CONFIG_NOT_FOUND, null);
    }
    // re-use the obtained configuration
    amlc.setConfigEntries(entries);
    for (int i = 0; i < entries.length; i++) {
        String className = entries[i].getLoginModuleName();
        if (utilDebug.messageEnabled()) {
            utilDebug.message("config entry: " + className);
        }
        if (pureJAASModuleClasses.contains(className)) {
            returnValue = 1;
            break;
        } else if (ISModuleClasses.contains(className)) {
            continue;
        }
        try {
            Object classObject = Class.forName(className, true, Thread.currentThread().getContextClassLoader()).newInstance();
            if (classObject instanceof AMLoginModule) {
                if (utilDebug.messageEnabled()) {
                    utilDebug.message(className + " is instance of AMLoginModule");
                }
                synchronized (ISModuleClasses) {
                    if (!ISModuleClasses.contains(className)) {
                        ISModuleClasses.add(className);
                    }
                }
            } else {
                if (utilDebug.messageEnabled()) {
                    utilDebug.message(className + " is a pure jaas module");
                }
                synchronized (pureJAASModuleClasses) {
                    if (!pureJAASModuleClasses.contains(className)) {
                        pureJAASModuleClasses.add(className);
                    }
                }
                returnValue = 1;
                break;
            }
        } catch (Exception e) {
            if (utilDebug.messageEnabled()) {
                utilDebug.message("fail to instantiate class for " + className);
            }
            synchronized (pureJAASModuleClasses) {
                if (!pureJAASModuleClasses.contains(className)) {
                    pureJAASModuleClasses.add(className);
                }
            }
            returnValue = 1;
            break;
        }
    }
    return returnValue;
}
Also used : AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) Configuration(javax.security.auth.login.Configuration) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) AMLoginModule(com.sun.identity.authentication.spi.AMLoginModule) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) SSOException(com.iplanet.sso.SSOException) SMSException(com.sun.identity.sm.SMSException) SessionException(com.iplanet.dpro.session.SessionException)

Example 42 with Configuration

use of javax.security.auth.login.Configuration in project OpenAM by OpenRock.

the class AMLoginContext method getModuleFromAuthConfiguration.

/** This method returns a Set with is the list of
     * modules for a Authentication Configuration.
     * Only modules with control flag REQUIRED and
     * REQUISITE are returned.
     * @param moduleListSet list of configured auth module
     * @return set of configured auth module with control flag REQUIRED and
     *         REQUISITE are returned
     */
private Set<String> getModuleFromAuthConfiguration(Set<String> moduleListSet, String orgDN) {
    Configuration config = Configuration.getConfiguration();
    if (configName == null) {
        configName = getConfigName(indexType, indexName, orgDN, loginState.getClientType());
    }
    AppConfigurationEntry[] moduleList = config.getAppConfigurationEntry(configName);
    if (debug.messageEnabled()) {
        debug.message("configName is : " + configName);
    }
    String moduleName;
    if (moduleList != null && moduleList.length > 0) {
        if (moduleList.length == 1) {
            moduleName = (String) moduleList[0].getOptions().get(ISAuthConstants.MODULE_INSTANCE_NAME);
            moduleListSet.add(moduleName);
        } else {
            for (AppConfigurationEntry moduleListEntry : moduleList) {
                LoginModuleControlFlag controlFlag = moduleListEntry.getControlFlag();
                moduleName = (String) moduleListEntry.getOptions().get(ISAuthConstants.MODULE_INSTANCE_NAME);
                if (isControlFlagMatchFound(controlFlag)) {
                    moduleListSet.add(moduleName);
                }
            }
        }
    }
    if (debug.messageEnabled()) {
        debug.message("ModuleSet is : " + moduleListSet);
    }
    return moduleListSet;
}
Also used : AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) AMConfiguration(com.sun.identity.authentication.config.AMConfiguration) Configuration(javax.security.auth.login.Configuration) LoginModuleControlFlag(javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag)

Example 43 with Configuration

use of javax.security.auth.login.Configuration in project wildfly by wildfly.

the class Util method getCLMLoginContext.

/**
     * Obtain a LoginContext configured for use with the ClientLoginModule.
     *
     * @return the configured LoginContext.
     */
public static LoginContext getCLMLoginContext(final String username, final String password) throws LoginException {
    final String configurationName = "Testing";
    CallbackHandler cbh = new CallbackHandler() {

        public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
            for (Callback current : callbacks) {
                if (current instanceof NameCallback) {
                    ((NameCallback) current).setName(username);
                } else if (current instanceof PasswordCallback) {
                    ((PasswordCallback) current).setPassword(password.toCharArray());
                } else {
                    throw new UnsupportedCallbackException(current);
                }
            }
        }
    };
    Configuration config = new Configuration() {

        @Override
        public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
            if (configurationName.equals(name) == false) {
                throw new IllegalArgumentException("Unexpected configuration name '" + name + "'");
            }
            Map<String, String> options = new HashMap<String, String>();
            options.put("multi-threaded", "true");
            options.put("restore-login-identity", "true");
            AppConfigurationEntry clmEntry = new AppConfigurationEntry(ClientLoginModule.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
            return new AppConfigurationEntry[] { clmEntry };
        }
    };
    return new LoginContext(configurationName, new Subject(), cbh, config);
}
Also used : CallbackHandler(javax.security.auth.callback.CallbackHandler) ClientLoginModule(org.jboss.security.ClientLoginModule) Configuration(javax.security.auth.login.Configuration) HashMap(java.util.HashMap) Subject(javax.security.auth.Subject) AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) PasswordCallback(javax.security.auth.callback.PasswordCallback) NameCallback(javax.security.auth.callback.NameCallback) Callback(javax.security.auth.callback.Callback) NameCallback(javax.security.auth.callback.NameCallback) LoginContext(javax.security.auth.login.LoginContext) PasswordCallback(javax.security.auth.callback.PasswordCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)

Example 44 with Configuration

use of javax.security.auth.login.Configuration in project OpenAM by OpenRock.

the class WindowsDesktopSSO method serviceLogin.

private synchronized void serviceLogin() throws AuthLoginException {
    if (debug.messageEnabled()) {
        debug.message("New Service Login ...");
    }
    System.setProperty("java.security.krb5.realm", kdcRealm);
    System.setProperty("java.security.krb5.kdc", kdcServer);
    System.setProperty("java.security.auth.login.config", "/dev/null");
    try {
        Configuration config = Configuration.getConfiguration();
        WindowsDesktopSSOConfig wtc = null;
        if (config instanceof WindowsDesktopSSOConfig) {
            wtc = (WindowsDesktopSSOConfig) config;
            wtc.setRefreshConfig("true");
        } else {
            wtc = new WindowsDesktopSSOConfig(config);
        }
        wtc.setPrincipalName(servicePrincipalName);
        wtc.setKeyTab(keyTabFile);
        Configuration.setConfiguration(wtc);
        // perform service authentication using JDK Kerberos module
        LoginContext lc = new LoginContext(WindowsDesktopSSOConfig.defaultAppName);
        lc.login();
        serviceSubject = lc.getSubject();
        if (debug.messageEnabled()) {
            debug.message("Service login succeeded.");
        }
    } catch (Exception e) {
        debug.error("Service Login Error: ");
        if (debug.messageEnabled()) {
            debug.message("Stack trace: ", e);
        }
        throw new AuthLoginException(amAuthWindowsDesktopSSO, "serviceAuth", null, e);
    }
}
Also used : LoginContext(javax.security.auth.login.LoginContext) Configuration(javax.security.auth.login.Configuration) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) IdRepoException(com.sun.identity.idm.IdRepoException) PrivilegedActionException(java.security.PrivilegedActionException) GSSException(org.ietf.jgss.GSSException) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) SSOException(com.iplanet.sso.SSOException)

Example 45 with Configuration

use of javax.security.auth.login.Configuration in project camel by apache.

the class HdfsComponent method getJAASConfiguration.

static Configuration getJAASConfiguration() {
    Configuration auth = null;
    try {
        auth = Configuration.getConfiguration();
        LOG.trace("Existing JAAS Configuration {}", auth);
    } catch (SecurityException e) {
        LOG.trace("Cannot load existing JAAS configuration", e);
    }
    return auth;
}
Also used : Configuration(javax.security.auth.login.Configuration)

Aggregations

Configuration (javax.security.auth.login.Configuration)89 AppConfigurationEntry (javax.security.auth.login.AppConfigurationEntry)42 LoginContext (javax.security.auth.login.LoginContext)27 HashMap (java.util.HashMap)23 Subject (javax.security.auth.Subject)20 Test (org.junit.Test)16 IOException (java.io.IOException)13 LoginException (javax.security.auth.login.LoginException)12 CallbackHandler (javax.security.auth.callback.CallbackHandler)8 File (java.io.File)7 Principal (java.security.Principal)7 URI (java.net.URI)6 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5 ArrayList (java.util.ArrayList)5 Test (org.junit.jupiter.api.Test)5 URIParameter (java.security.URIParameter)4 Map (java.util.Map)4 Callback (javax.security.auth.callback.Callback)4 PasswordCallback (javax.security.auth.callback.PasswordCallback)4 LoginModuleImpl (org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl)4