use of javax.security.auth.message.AuthException in project javaee7-samples by javaee-samples.
the class TestServerAuthModule method validateRequest.
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
if ("cdi".equals(request.getParameter("tech"))) {
callCDIBean(request, response, "validateRequest");
} else if ("ejb".equals(request.getParameter("tech"))) {
callEJBBean(response, "validateRequest");
}
try {
handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) });
return SUCCESS;
} catch (IOException | UnsupportedCallbackException e) {
throw (AuthException) new AuthException().initCause(e);
}
}
use of javax.security.auth.message.AuthException in project javaee7-samples by javaee-samples.
the class TestServerAuthModule method validateRequest.
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
Callback[] callbacks;
if (request.getParameter("doLogin") != null) {
callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
} else {
// The JASPIC protocol for "do nothing"
callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
}
try {
handler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw (AuthException) new AuthException().initCause(e);
}
return SUCCESS;
}
use of javax.security.auth.message.AuthException in project javaee7-samples by javaee-samples.
the class TestWrappingServerAuthModule method validateRequest.
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
try {
handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) });
} catch (IOException | UnsupportedCallbackException e) {
throw (AuthException) new AuthException().initCause(e);
}
// Wrap the request - the resource to be invoked should get to see this
messageInfo.setRequestMessage(new TestHttpServletRequestWrapper((HttpServletRequest) messageInfo.getRequestMessage()));
// Wrap the response - the resource to be invoked should get to see this
messageInfo.setResponseMessage(new TestHttpServletResponseWrapper((HttpServletResponse) messageInfo.getResponseMessage()));
return SUCCESS;
}
use of javax.security.auth.message.AuthException in project jetty.project by eclipse.
the class BasicAuthModule method validateRequest.
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
String credentials = request.getHeader(HttpHeader.AUTHORIZATION.asString());
try {
if (credentials != null) {
if (LOG.isDebugEnabled())
LOG.debug("Credentials: " + credentials);
if (login(clientSubject, credentials, Constraint.__BASIC_AUTH, messageInfo)) {
return AuthStatus.SUCCESS;
}
}
if (!isMandatory(messageInfo)) {
return AuthStatus.SUCCESS;
}
response.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "basic realm=\"" + realmName + '"');
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return AuthStatus.SEND_CONTINUE;
} catch (IOException e) {
throw new AuthException(e.getMessage());
} catch (UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
}
}
use of javax.security.auth.message.AuthException in project jetty.project by eclipse.
the class ClientCertAuthModule method validateRequest.
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
java.security.cert.X509Certificate[] certs = (java.security.cert.X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
try {
// Need certificates.
if (certs == null || certs.length == 0 || certs[0] == null) {
response.sendError(HttpServletResponse.SC_FORBIDDEN, "A client certificate is required for accessing this web application but the server's listener is not configured for mutual authentication (or the client did not provide a certificate).");
return AuthStatus.SEND_FAILURE;
}
Principal principal = certs[0].getSubjectDN();
if (principal == null)
principal = certs[0].getIssuerDN();
final String username = principal == null ? "clientcert" : principal.getName();
// TODO no idea if this is correct
final String password = new String(B64Code.encode(certs[0].getSignature()));
// TODO is cert_auth correct?
if (login(clientSubject, username, new Password(password), Constraint.__CERT_AUTH, messageInfo)) {
return AuthStatus.SUCCESS;
}
if (!isMandatory(messageInfo)) {
return AuthStatus.SUCCESS;
}
response.sendError(HttpServletResponse.SC_FORBIDDEN, "The provided client certificate does not correspond to a trusted user.");
return AuthStatus.SEND_FAILURE;
} catch (IOException e) {
throw new AuthException(e.getMessage());
} catch (UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
}
}
Aggregations