Search in sources :

Example 6 with GroupPrincipalCallback

use of javax.security.auth.message.callback.GroupPrincipalCallback in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    if (request.getAttribute("doLogin") != null) {
        // notice "getAttribute" here, this is set by the Servlet
        // For the test perform a login by directly "returning" the details of the authenticated user.
        // Normally credentials would be checked and the details fetched from some repository
        callbacks = new Callback[] { // The name of the authenticated user
        new CallerPrincipalCallback(clientSubject, "test"), // the roles of the authenticated user
        new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
    } else {
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        // Communicate the details of the authenticated user to the container. In many
        // cases the handler will just store the details and the container will actually handle
        // the login after we return from this method.
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) Callback(javax.security.auth.callback.Callback) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) Principal(java.security.Principal)

Example 7 with GroupPrincipalCallback

use of javax.security.auth.message.callback.GroupPrincipalCallback in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    if (request.getParameter("doLogin") != null) {
        // For the test perform a login by directly "returning" the details of the authenticated user.
        // Normally credentials would be checked and the details fetched from some repository
        callbacks = new Callback[] { // The name of the authenticated user
        new CallerPrincipalCallback(clientSubject, "test"), // the roles of the authenticated user
        new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
    } else {
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        // Communicate the details of the authenticated user to the container. In many
        // cases the handler will just store the details and the container will actually handle
        // the login after we return from this method.
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) Callback(javax.security.auth.callback.Callback) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) Principal(java.security.Principal)

Example 8 with GroupPrincipalCallback

use of javax.security.auth.message.callback.GroupPrincipalCallback in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    if (request.getParameter("doLogin") != null) {
        // For the test perform a login by directly "returning" the details of the authenticated user.
        // Normally credentials would be checked and the details fetched from some repository
        callbacks = new Callback[] { // This is the main variant of this test vs basic-authentication
        new CallerPrincipalCallback(clientSubject, new MyPrincipal("test")), // the roles of the authenticated user
        new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
    } else {
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        // Communicate the details of the authenticated user to the container. In many
        // cases the handler will just store the details and the container will actually handle
        // the login after we return from this method.
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) Callback(javax.security.auth.callback.Callback) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) Principal(java.security.Principal)

Example 9 with GroupPrincipalCallback

use of javax.security.auth.message.callback.GroupPrincipalCallback in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    if (request.getParameter("doLogin") != null) {
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
    } else {
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) Callback(javax.security.auth.callback.Callback) AuthException(javax.security.auth.message.AuthException) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) Principal(java.security.Principal)

Example 10 with GroupPrincipalCallback

use of javax.security.auth.message.callback.GroupPrincipalCallback in project wildfly by wildfly.

the class ElytronCallbackHandler method handle.

/**
     * {@inheritDoc}
     */
public void handle(javax.security.auth.callback.Callback[] callbacks) throws UnsupportedCallbackException, IOException {
    if (SUBSYSTEM_RA_LOGGER.isTraceEnabled())
        SUBSYSTEM_RA_LOGGER.elytronHandlerHandle(Arrays.toString(callbacks));
    // is the anonymous one.
    if (this.executionSubject != null) {
        final SecurityIdentity subjectIdentity = this.getPrivateCredential(this.executionSubject, SecurityIdentity.class);
        if (subjectIdentity != null && !subjectIdentity.isAnonymous()) {
            return;
        }
    }
    if (callbacks != null && callbacks.length > 0) {
        if (this.mappings != null && this.mappings.isMappingRequired()) {
            callbacks = this.mappings.mapCallbacks(callbacks);
        }
        GroupPrincipalCallback groupPrincipalCallback = null;
        CallerPrincipalCallback callerPrincipalCallback = null;
        PasswordValidationCallback passwordValidationCallback = null;
        for (javax.security.auth.callback.Callback callback : callbacks) {
            if (callback instanceof GroupPrincipalCallback) {
                groupPrincipalCallback = (GroupPrincipalCallback) callback;
                if (this.executionSubject == null) {
                    this.executionSubject = groupPrincipalCallback.getSubject();
                } else if (!this.executionSubject.equals(groupPrincipalCallback.getSubject())) {
                // TODO merge the contents of the subjects?
                }
            } else if (callback instanceof CallerPrincipalCallback) {
                callerPrincipalCallback = (CallerPrincipalCallback) callback;
                if (this.executionSubject == null) {
                    this.executionSubject = callerPrincipalCallback.getSubject();
                } else if (!this.executionSubject.equals(callerPrincipalCallback.getSubject())) {
                // TODO merge the contents of the subjects?
                }
            } else if (callback instanceof PasswordValidationCallback) {
                passwordValidationCallback = (PasswordValidationCallback) callback;
                if (this.executionSubject == null) {
                    this.executionSubject = passwordValidationCallback.getSubject();
                } else if (!this.executionSubject.equals(passwordValidationCallback.getSubject())) {
                // TODO merge the contents of the subjects?
                }
            } else {
                throw new UnsupportedCallbackException(callback);
            }
        }
        this.handleInternal(callerPrincipalCallback, groupPrincipalCallback, passwordValidationCallback);
    }
}
Also used : SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) PasswordValidationCallback(javax.security.auth.message.callback.PasswordValidationCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)

Aggregations

GroupPrincipalCallback (javax.security.auth.message.callback.GroupPrincipalCallback)20 CallerPrincipalCallback (javax.security.auth.message.callback.CallerPrincipalCallback)19 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)15 AuthException (javax.security.auth.message.AuthException)14 IOException (java.io.IOException)13 HttpServletRequest (javax.servlet.http.HttpServletRequest)13 Callback (javax.security.auth.callback.Callback)12 Principal (java.security.Principal)11 HttpServletResponse (javax.servlet.http.HttpServletResponse)4 Subject (javax.security.auth.Subject)3 PasswordValidationCallback (javax.security.auth.message.callback.PasswordValidationCallback)3 CertStoreCallback (javax.security.auth.message.callback.CertStoreCallback)2 PrivateKeyCallback (javax.security.auth.message.callback.PrivateKeyCallback)2 SecretKeyCallback (javax.security.auth.message.callback.SecretKeyCallback)2 TrustStoreCallback (javax.security.auth.message.callback.TrustStoreCallback)2 LoginCallbackImpl (org.eclipse.jetty.security.authentication.LoginCallbackImpl)2 CredentialValidationCallback (org.eclipse.jetty.security.jaspi.callback.CredentialValidationCallback)2 UserIdentity (org.eclipse.jetty.server.UserIdentity)2 LoginException (javax.security.auth.login.LoginException)1 AuthStatus (javax.security.auth.message.AuthStatus)1