use of javax.security.auth.message.AuthException in project javaee7-samples by javaee-samples.
the class TestServerAuthModule method validateRequest.
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
Callback[] callbacks;
if (request.getParameter("doLogin") != null) {
callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
} else {
// The JASPIC protocol for "do nothing"
callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
}
try {
handler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw (AuthException) new AuthException().initCause(e);
}
return SUCCESS;
}
use of javax.security.auth.message.AuthException in project javaee7-samples by javaee-samples.
the class TestWrappingServerAuthModule method validateRequest.
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
try {
handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) });
} catch (IOException | UnsupportedCallbackException e) {
throw (AuthException) new AuthException().initCause(e);
}
// Wrap the request - the resource to be invoked should get to see this
messageInfo.setRequestMessage(new TestHttpServletRequestWrapper((HttpServletRequest) messageInfo.getRequestMessage()));
// Wrap the response - the resource to be invoked should get to see this
messageInfo.setResponseMessage(new TestHttpServletResponseWrapper((HttpServletResponse) messageInfo.getResponseMessage()));
return SUCCESS;
}
use of javax.security.auth.message.AuthException in project javaee7-samples by javaee-samples.
the class TestServerAuthModule method validateRequest.
@SuppressWarnings("unchecked")
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
Callback[] callbacks;
Principal userPrincipal = request.getUserPrincipal();
if (userPrincipal != null && request.getParameter("continueSession") != null) {
// ### If already authenticated before, continue this session
// Execute protocol to signal container registered authentication session be used.
callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, userPrincipal) };
} else if (request.getParameter("doLogin") != null) {
// ### If not authenticated before, do a new login if so requested
// For the test perform a login by directly "returning" the details of the authenticated user.
// Normally credentials would be checked and the details fetched from some repository
callbacks = new Callback[] { request.getParameter("customPrincipal") == null ? // Name based Callback
new CallerPrincipalCallback(clientSubject, "test") : // Custom principal based Callback
new CallerPrincipalCallback(clientSubject, new MyPrincipal("test")), // the roles of the authenticated user
new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
// Tell container to register an authentication session.
messageInfo.getMap().put("javax.servlet.http.registerSession", TRUE.toString());
} else {
// ### If no registered session and no login request "do nothing"
// The JASPIC protocol for "do nothing"
callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
}
try {
// Communicate the details of the authenticated user to the container. In many
// cases the handler will just store the details and the container will actually handle
// the login after we return from this method.
handler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw (AuthException) new AuthException().initCause(e);
}
return SUCCESS;
}
Aggregations