Examples with GroupPrincipalCallback javax.security.auth.message.callback.GroupPrincipalCallback used on opensource projects

Example 16 with GroupPrincipalCallback

use of javax.security.auth.message.callback.GroupPrincipalCallback in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    if (request.getParameter("doLogin") != null) {
        // For the test perform a login by directly "returning" the details of the authenticated user.
        // Normally credentials would be checked and the details fetched from some repository
        callbacks = new Callback[] { // The name of the authenticated user
        new CallerPrincipalCallback(clientSubject, "test"), // the roles of the authenticated user
        new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
    } else {
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        // Communicate the details of the authenticated user to the container. In many
        // cases the handler will just store the details and the container will actually handle
        // the login after we return from this method.
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}

Example 17 with GroupPrincipalCallback

use of javax.security.auth.message.callback.GroupPrincipalCallback in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
    if ("cdi".equals(request.getParameter("tech"))) {
        callCDIBean(request, response, "validateRequest");
    } else if ("ejb".equals(request.getParameter("tech"))) {
        callEJBBean(response, "validateRequest");
    }
    try {
        handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) });
        return SUCCESS;
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
}

Example 18 with GroupPrincipalCallback

use of javax.security.auth.message.callback.GroupPrincipalCallback in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    if (request.getParameter("doLogin") != null) {
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
    } else {
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}

Example 19 with GroupPrincipalCallback

use of javax.security.auth.message.callback.GroupPrincipalCallback in project javaee7-samples by javaee-samples.

the class TestWrappingServerAuthModule method validateRequest.

@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    try {
        handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) });
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    // Wrap the request - the resource to be invoked should get to see this
    messageInfo.setRequestMessage(new TestHttpServletRequestWrapper((HttpServletRequest) messageInfo.getRequestMessage()));
    // Wrap the response - the resource to be invoked should get to see this
    messageInfo.setResponseMessage(new TestHttpServletResponseWrapper((HttpServletResponse) messageInfo.getResponseMessage()));
    return SUCCESS;
}

Example 20 with GroupPrincipalCallback

use of javax.security.auth.message.callback.GroupPrincipalCallback in project javaee7-samples by javaee-samples.

the class TestServerAuthModule method validateRequest.

@SuppressWarnings("unchecked")
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    Callback[] callbacks;
    Principal userPrincipal = request.getUserPrincipal();
    if (userPrincipal != null && request.getParameter("continueSession") != null) {
        // ### If already authenticated before, continue this session
        // Execute protocol to signal container registered authentication session be used.
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, userPrincipal) };
    } else if (request.getParameter("doLogin") != null) {
        // ### If not authenticated before, do a new login if so requested
        // For the test perform a login by directly "returning" the details of the authenticated user.
        // Normally credentials would be checked and the details fetched from some repository
        callbacks = new Callback[] { request.getParameter("customPrincipal") == null ? // Name based Callback 
        new CallerPrincipalCallback(clientSubject, "test") : // Custom principal based Callback
        new CallerPrincipalCallback(clientSubject, new MyPrincipal("test")), // the roles of the authenticated user
        new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) };
        // Tell container to register an authentication session.
        messageInfo.getMap().put("javax.servlet.http.registerSession", TRUE.toString());
    } else {
        // ### If no registered session and no login request "do nothing"
        // The JASPIC protocol for "do nothing"
        callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
    }
    try {
        // Communicate the details of the authenticated user to the container. In many
        // cases the handler will just store the details and the container will actually handle
        // the login after we return from this method.
        handler.handle(callbacks);
    } catch (IOException | UnsupportedCallbackException e) {
        throw (AuthException) new AuthException().initCause(e);
    }
    return SUCCESS;
}