Example 16 with CallerPrincipalCallback
use of javax.security.auth.message.callback.CallerPrincipalCallback in project tomee by apache.
the class TheServerAuthModule method validateRequest.
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
Callback[] callbacks;
if (request.getParameter("doLogin") != null) {
callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
} else {
callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
}
try {
handler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw (AuthException) new AuthException().initCause(e);
}
cdi(messageInfo, "vr");
return SUCCESS;
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback)
GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback)
GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback)
CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback)
Callback(javax.security.auth.callback.Callback)
AuthException(javax.security.auth.message.AuthException)
IOException(java.io.IOException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Principal(java.security.Principal)
Example 17 with CallerPrincipalCallback
use of javax.security.auth.message.callback.CallerPrincipalCallback in project tomee by apache.
the class ConnectorCallbackHandler method handle.
public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (final Callback callback : callbacks) {
// jaspi to server communication
if (callback instanceof CallerPrincipalCallback) {
callerPrincipal = ((CallerPrincipalCallback) callback).getPrincipal();
} else if (callback instanceof GroupPrincipalCallback) {
groupsArray = ((GroupPrincipalCallback) callback).getGroups();
} else if (callback instanceof PasswordValidationCallback) {
final PasswordValidationCallback passwordValidationCallback = (PasswordValidationCallback) callback;
final String userName = passwordValidationCallback.getUsername();
final char[] password = passwordValidationCallback.getPassword();
final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
try {
final Object loginObj = securityService.login(securityRealmName, userName, password == null ? "" : new String(password));
securityService.associate(loginObj);
callerPrincipal = securityService.getCallerPrincipal();
passwordValidationCallback.setResult(true);
} catch (final LoginException e) {
passwordValidationCallback.setResult(false);
}
} else // server to jaspi communication
if (callback instanceof CertStoreCallback) {
// NOPMD
// TODO implement me
} else if (callback instanceof PrivateKeyCallback) {
// NOPMD
// TODO implement me
} else if (callback instanceof SecretKeyCallback) {
// NOPMD
// TODO implement me
} else if (callback instanceof TrustStoreCallback) {
// NOPMD
// TODO implement me
} else {
throw new UnsupportedCallbackException(callback);
}
}
}
Also used :
SecretKeyCallback(javax.security.auth.message.callback.SecretKeyCallback)
TrustStoreCallback(javax.security.auth.message.callback.TrustStoreCallback)
CertStoreCallback(javax.security.auth.message.callback.CertStoreCallback)
CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback)
GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback)
TrustStoreCallback(javax.security.auth.message.callback.TrustStoreCallback)
GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback)
PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback)
CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback)
CertStoreCallback(javax.security.auth.message.callback.CertStoreCallback)
PrivateKeyCallback(javax.security.auth.message.callback.PrivateKeyCallback)
SecretKeyCallback(javax.security.auth.message.callback.SecretKeyCallback)
Callback(javax.security.auth.callback.Callback)
SecurityService(org.apache.openejb.spi.SecurityService)
PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback)
LoginException(javax.security.auth.login.LoginException)
PrivateKeyCallback(javax.security.auth.message.callback.PrivateKeyCallback)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Example 18 with CallerPrincipalCallback
use of javax.security.auth.message.callback.CallerPrincipalCallback in project tomee by apache.
the class CallbackHandlerImpl method handle.
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
String name = null;
Principal principal = null;
Subject subject = null;
String[] groups = null;
if (callbacks != null) {
// Process the callbacks
for (Callback callback : callbacks) {
if (callback instanceof CallerPrincipalCallback) {
CallerPrincipalCallback cpc = (CallerPrincipalCallback) callback;
name = cpc.getName();
principal = cpc.getPrincipal();
subject = cpc.getSubject();
} else if (callback instanceof GroupPrincipalCallback) {
GroupPrincipalCallback gpc = (GroupPrincipalCallback) callback;
groups = gpc.getGroups();
} else if (callback instanceof PasswordValidationCallback) {
if (container == null) {
log.warn(sm.getString("callbackHandlerImpl.containerMissing", callback.getClass().getName()));
} else if (container.getRealm() == null) {
log.warn(sm.getString("callbackHandlerImpl.realmMissing", callback.getClass().getName(), container.getName()));
} else {
PasswordValidationCallback pvc = (PasswordValidationCallback) callback;
principal = container.getRealm().authenticate(pvc.getUsername(), String.valueOf(pvc.getPassword()));
pvc.setResult(principal != null);
subject = pvc.getSubject();
}
} else {
log.error(sm.getString("callbackHandlerImpl.jaspicCallbackMissing", callback.getClass().getName()));
}
}
// Create the GenericPrincipal
Principal gp = getPrincipal(principal, name, groups);
if (subject != null && gp != null) {
// merge if needed
String mergeName = gp.getName();
List<String> mergeRoles = new ArrayList<>(Arrays.asList(((GenericPrincipal) gp).getRoles()));
Principal mergePrincipal = ((GenericPrincipal) gp).getUserPrincipal();
for (Object oPrincipal : subject.getPrivateCredentials()) {
if (!(oPrincipal instanceof GenericPrincipal)) {
continue;
}
final GenericPrincipal privateCredential = (GenericPrincipal) oPrincipal;
if (mergeName != null && mergeName.equals(privateCredential.getName())) {
mergeRoles.addAll(Arrays.asList(privateCredential.getRoles()));
subject.getPrivateCredentials().remove(oPrincipal);
}
}
subject.getPrivateCredentials().add(new GenericPrincipal(mergeName, null, mergeRoles, mergePrincipal));
// may come from CallerPrincipalCallback and we need to being to get it from the Subject
if (principal != null) {
subject.getPrincipals().add(principal);
}
}
}
}
Also used :
CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback)
GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback)
GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback)
PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback)
CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback)
Callback(javax.security.auth.callback.Callback)
GenericPrincipal(org.apache.catalina.realm.GenericPrincipal)
ArrayList(java.util.ArrayList)
PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback)
GenericPrincipal(org.apache.catalina.realm.GenericPrincipal)
Principal(java.security.Principal)
Subject(javax.security.auth.Subject)
Example 19 with CallerPrincipalCallback
use of javax.security.auth.message.callback.CallerPrincipalCallback in project tomee by apache.
the class AutoApplySessionInterceptor method validateRequest.
private AuthenticationStatus validateRequest(final InvocationContext invocationContext) throws Exception {
final HttpMessageContext httpMessageContext = (HttpMessageContext) invocationContext.getParameters()[2];
final Principal principal = httpMessageContext.getRequest().getUserPrincipal();
if (principal == null) {
final Object authenticationStatus = invocationContext.proceed();
if (AuthenticationStatus.SUCCESS.equals(authenticationStatus)) {
httpMessageContext.getMessageInfo().getMap().put("javax.servlet.http.registerSession", "true");
}
return (AuthenticationStatus) authenticationStatus;
} else {
final CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(httpMessageContext.getClientSubject(), principal);
httpMessageContext.getHandler().handle(new Callback[] { callerPrincipalCallback });
return AuthenticationStatus.SUCCESS;
}
}
Also used :
AuthenticationStatus(javax.security.enterprise.AuthenticationStatus)
CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback)
HttpMessageContext(javax.security.enterprise.authentication.mechanism.http.HttpMessageContext)
Principal(java.security.Principal)
Example 20 with CallerPrincipalCallback
use of javax.security.auth.message.callback.CallerPrincipalCallback in project tomee by apache.
the class TomEEHttpMessageContext method doNothing.
@Override
public AuthenticationStatus doNothing() {
this.principal = null;
this.groups = null;
try {
handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, (String) null), new GroupPrincipalCallback(clientSubject, null) });
} catch (final IOException | UnsupportedCallbackException e) {
e.printStackTrace();
}
TomEESecurityContext.registerContainerAboutLogin(new CallerPrincipal(null), null);
return NOT_DONE;
}
Also used :
CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback)
GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback)
IOException(java.io.IOException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
CallerPrincipal(javax.security.enterprise.CallerPrincipal)
Aggregations
CallerPrincipalCallback (javax.security.auth.message.callback.CallerPrincipalCallback)30
GroupPrincipalCallback (javax.security.auth.message.callback.GroupPrincipalCallback)24
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)21
IOException (java.io.IOException)18
Principal (java.security.Principal)17
AuthException (javax.security.auth.message.AuthException)16
HttpServletRequest (javax.servlet.http.HttpServletRequest)16
Callback (javax.security.auth.callback.Callback)14
PasswordValidationCallback (javax.security.auth.message.callback.PasswordValidationCallback)8
HttpServletResponse (javax.servlet.http.HttpServletResponse)7
Subject (javax.security.auth.Subject)4
CertStoreCallback (javax.security.auth.message.callback.CertStoreCallback)3
PrivateKeyCallback (javax.security.auth.message.callback.PrivateKeyCallback)3
SecretKeyCallback (javax.security.auth.message.callback.SecretKeyCallback)3
TrustStoreCallback (javax.security.auth.message.callback.TrustStoreCallback)3
Map (java.util.Map)2
HttpSession (javax.servlet.http.HttpSession)2
LoginCallbackImpl (org.eclipse.jetty.security.authentication.LoginCallbackImpl)2
CredentialValidationCallback (org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback)2
UserIdentity (org.eclipse.jetty.server.UserIdentity)2
