Search in sources :

Example 11 with CallerPrincipalCallback

use of javax.security.auth.message.callback.CallerPrincipalCallback in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    if (request.getParameter("doLogin") != null) {
        // For the test perform a login by directly "returning" the details of the authenticated user.
        // Normally credentials would be checked and the details fetched from some repository
        callbacks = new Callback[] { // This is the main variant of this test vs basic-authentication
        new CallerPrincipalCallback(clientSubject, new MyPrincipal("test")), // the roles of the authenticated user
        new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
    } else {
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        // Communicate the details of the authenticated user to the container. In many
        // cases the handler will just store the details and the container will actually handle
        // the login after we return from this method.
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) Callback(javax.security.auth.callback.Callback) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) Principal(java.security.Principal)

Example 12 with CallerPrincipalCallback

use of javax.security.auth.message.callback.CallerPrincipalCallback in project javaee7-samples by javaee-samples.

the class TestLifecycleAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
    try {
        response.getWriter().write("validateRequest invoked\n");
        boolean isMandatory = Boolean.valueOf((String) messageInfo.getMap().get("javax.security.auth.message.MessagePolicy.isMandatory"));
        response.getWriter().write("isMandatory: " + isMandatory + "\n");
        handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) });
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}
Also used : CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)

Example 13 with CallerPrincipalCallback

use of javax.security.auth.message.callback.CallerPrincipalCallback in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    try {
        HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
        HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
        if ("include".equals(request.getParameter("dispatch"))) {
            request.getRequestDispatcher("/includedServlet").include(request, response);
            // "Do nothing", required protocol when returning SUCCESS
            handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) });
            // resource can also write to the response
            return SUCCESS;
        } else {
            request.getRequestDispatcher("/forwardedServlet").forward(request, response);
            // MUST NOT invoke the resource, so CAN NOT return SUCCESS here.
            return SEND_CONTINUE;
        }
    } catch (IOException | ServletException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) Principal(java.security.Principal)

Example 14 with CallerPrincipalCallback

use of javax.security.auth.message.callback.CallerPrincipalCallback in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    if (request.getParameter("doLogin") != null) {
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
    } else {
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) Callback(javax.security.auth.callback.Callback) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) Principal(java.security.Principal)

Example 15 with CallerPrincipalCallback

use of javax.security.auth.message.callback.CallerPrincipalCallback in project wildfly by wildfly.

the class ElytronCallbackHandler method handle.

/**
 * {@inheritDoc}
 */
public void handle(javax.security.auth.callback.Callback[] callbacks) throws UnsupportedCallbackException, IOException {
    if (SUBSYSTEM_RA_LOGGER.isTraceEnabled())
        SUBSYSTEM_RA_LOGGER.elytronHandlerHandle(Arrays.toString(callbacks));
    // is the anonymous one.
    if (this.executionSubject != null) {
        final SecurityIdentity subjectIdentity = this.getPrivateCredential(this.executionSubject, SecurityIdentity.class);
        if (subjectIdentity != null && !subjectIdentity.isAnonymous()) {
            return;
        }
    }
    if (callbacks != null && callbacks.length > 0) {
        if (this.mappings != null && this.mappings.isMappingRequired()) {
            callbacks = this.mappings.mapCallbacks(callbacks);
        }
        GroupPrincipalCallback groupPrincipalCallback = null;
        CallerPrincipalCallback callerPrincipalCallback = null;
        PasswordValidationCallback passwordValidationCallback = null;
        for (javax.security.auth.callback.Callback callback : callbacks) {
            if (callback instanceof GroupPrincipalCallback) {
                groupPrincipalCallback = (GroupPrincipalCallback) callback;
                if (this.executionSubject == null) {
                    this.executionSubject = groupPrincipalCallback.getSubject();
                } else if (!this.executionSubject.equals(groupPrincipalCallback.getSubject())) {
                // TODO merge the contents of the subjects?
                }
            } else if (callback instanceof CallerPrincipalCallback) {
                callerPrincipalCallback = (CallerPrincipalCallback) callback;
                if (this.executionSubject == null) {
                    this.executionSubject = callerPrincipalCallback.getSubject();
                } else if (!this.executionSubject.equals(callerPrincipalCallback.getSubject())) {
                // TODO merge the contents of the subjects?
                }
            } else if (callback instanceof PasswordValidationCallback) {
                passwordValidationCallback = (PasswordValidationCallback) callback;
                if (this.executionSubject == null) {
                    this.executionSubject = passwordValidationCallback.getSubject();
                } else if (!this.executionSubject.equals(passwordValidationCallback.getSubject())) {
                // TODO merge the contents of the subjects?
                }
            } else {
                throw new UnsupportedCallbackException(callback);
            }
        }
        this.handleInternal(callerPrincipalCallback, groupPrincipalCallback, passwordValidationCallback);
    }
}
Also used : SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)

Aggregations

CallerPrincipalCallback (javax.security.auth.message.callback.CallerPrincipalCallback)30 GroupPrincipalCallback (javax.security.auth.message.callback.GroupPrincipalCallback)24 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)21 IOException (java.io.IOException)18 Principal (java.security.Principal)17 AuthException (javax.security.auth.message.AuthException)16 HttpServletRequest (javax.servlet.http.HttpServletRequest)16 Callback (javax.security.auth.callback.Callback)14 PasswordValidationCallback (javax.security.auth.message.callback.PasswordValidationCallback)8 HttpServletResponse (javax.servlet.http.HttpServletResponse)7 Subject (javax.security.auth.Subject)4 CertStoreCallback (javax.security.auth.message.callback.CertStoreCallback)3 PrivateKeyCallback (javax.security.auth.message.callback.PrivateKeyCallback)3 SecretKeyCallback (javax.security.auth.message.callback.SecretKeyCallback)3 TrustStoreCallback (javax.security.auth.message.callback.TrustStoreCallback)3 Map (java.util.Map)2 HttpSession (javax.servlet.http.HttpSession)2 LoginCallbackImpl (org.eclipse.jetty.security.authentication.LoginCallbackImpl)2 CredentialValidationCallback (org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback)2 UserIdentity (org.eclipse.jetty.server.UserIdentity)2