Example 1 with ServerAuthConfig
use of javax.security.auth.message.config.ServerAuthConfig in project jetty.project by eclipse.
the class JaspiAuthenticatorFactory method getAuthenticator.
/* ------------------------------------------------------------ */
public Authenticator getAuthenticator(Server server, ServletContext context, AuthConfiguration configuration, IdentityService identityService, LoginService loginService) {
Authenticator authenticator = null;
try {
AuthConfigFactory authConfigFactory = AuthConfigFactory.getFactory();
RegistrationListener listener = new RegistrationListener() {
public void notify(String layer, String appContext) {
}
};
Subject serviceSubject = findServiceSubject(server);
String serverName = findServerName(server, serviceSubject);
String contextPath = context.getContextPath();
if (contextPath == null || contextPath.length() == 0)
contextPath = "/";
String appContext = serverName + " " + context.getContextPath();
AuthConfigProvider authConfigProvider = authConfigFactory.getConfigProvider(MESSAGE_LAYER, appContext, listener);
if (authConfigProvider != null) {
ServletCallbackHandler servletCallbackHandler = new ServletCallbackHandler(loginService);
ServerAuthConfig serverAuthConfig = authConfigProvider.getServerAuthConfig(MESSAGE_LAYER, appContext, servletCallbackHandler);
if (serverAuthConfig != null) {
Map map = new HashMap();
for (String key : configuration.getInitParameterNames()) map.put(key, configuration.getInitParameter(key));
authenticator = new JaspiAuthenticator(serverAuthConfig, map, servletCallbackHandler, serviceSubject, true, identityService);
}
}
} catch (AuthException e) {
LOG.warn(e);
}
return authenticator;
}
Also used :
RegistrationListener(javax.security.auth.message.config.RegistrationListener)
AuthConfigProvider(javax.security.auth.message.config.AuthConfigProvider)
HashMap(java.util.HashMap)
AuthConfigFactory(javax.security.auth.message.config.AuthConfigFactory)
AuthException(javax.security.auth.message.AuthException)
HashMap(java.util.HashMap)
Map(java.util.Map)
Authenticator(org.eclipse.jetty.security.Authenticator)
Subject(javax.security.auth.Subject)
ServerAuthConfig(javax.security.auth.message.config.ServerAuthConfig)
Example 2 with ServerAuthConfig
use of javax.security.auth.message.config.ServerAuthConfig in project Payara by payara.
the class RealmAdapter method invokeAuthenticateDelegate.
/**
* Authenticates the user making this request, based on the specified login configuration. Return <code>true</code> if
* any specified requirements have been satisfied, or <code>false</code> if we have created a response challenge
* already.
*
* @param request Request we are processing
* @param response Response we are creating
* @param context The Context to which client of this class is attached.
* @param authenticator the current authenticator.
* @param calledFromAuthenticate
* @return
* @exception IOException if an input/output error occurs
*/
@Override
public boolean invokeAuthenticateDelegate(HttpRequest request, HttpResponse response, Context context, Authenticator authenticator, boolean calledFromAuthenticate) throws IOException {
boolean result = false;
LoginConfig loginConfig = context.getLoginConfig();
ServerAuthConfig serverAuthConfig = getServerAuthConfig();
if (serverAuthConfig != null) {
try {
context.fireContainerEvent(BEFORE_AUTHENTICATION, null);
// Get the WebPrincipal principal and add to the security context principals
RequestFacade requestFacade = (RequestFacade) request.getRequest();
setAdditionalPrincipalInContext(requestFacade);
if (requestTracing != null && requestTracing.isRequestTracingEnabled()) {
result = doTraced(serverAuthConfig, context, requestFacade, () -> validate(request, response, loginConfig, authenticator, calledFromAuthenticate));
} else {
result = validate(request, response, loginConfig, authenticator, calledFromAuthenticate);
}
} finally {
resetAdditionalPrincipalInContext();
context.fireContainerEvent(AFTER_AUTHENTICATION, null);
}
} else {
// JSR 196 is not enabled. Use the current authenticator.
result = ((AuthenticatorBase) authenticator).authenticate(request, response, loginConfig);
}
return result;
}
Also used :
LoginConfig(org.apache.catalina.deploy.LoginConfig)
RequestFacade(org.apache.catalina.connector.RequestFacade)
ServerAuthConfig(javax.security.auth.message.config.ServerAuthConfig)
Example 3 with ServerAuthConfig
use of javax.security.auth.message.config.ServerAuthConfig in project Payara by payara.
the class PipeHelper method getServerAuthContext.
@Override
public ServerAuthContext getServerAuthContext(MessageInfo info, Subject s) throws AuthException {
ServerAuthConfig c = (ServerAuthConfig) getAuthConfig(true);
if (c != null) {
addModel(info, map);
addPolicy(info, map);
return c.getAuthContext(c.getAuthContextID(info), s, map);
}
return null;
}
Also used :
ServerAuthConfig(javax.security.auth.message.config.ServerAuthConfig)
Example 4 with ServerAuthConfig
use of javax.security.auth.message.config.ServerAuthConfig in project cdap by caskdata.
the class JASPIAuthenticationHandler method getHandlerAuthenticator.
@Override
protected Authenticator getHandlerAuthenticator() {
JaspiAuthenticatorFactory jaspiAuthenticatorFactory = new JaspiAuthenticatorFactory();
jaspiAuthenticatorFactory.setLoginService(getHandlerLoginService());
HashMap<String, ServerAuthContext> serverAuthContextMap = new HashMap<>();
ServletCallbackHandler callbackHandler = new ServletCallbackHandler(getHandlerLoginService());
ServerAuthModule authModule = new BasicAuthModule(callbackHandler, "JAASRealm");
serverAuthContextMap.put("authContextID", new ServerAuthContextImpl(Collections.singletonList(authModule)));
ServerAuthContextType serverAuthContextType = new ServerAuthContextType("HTTP", "server *", "authContextID", new AuthModuleType<ServerAuthModule>());
ServerAuthConfigType serverAuthConfigType = new ServerAuthConfigType(serverAuthContextType, true);
ServerAuthConfig serverAuthConfig = new ServerAuthConfigImpl(serverAuthConfigType, serverAuthContextMap);
return new JaspiAuthenticator(serverAuthConfig, null, callbackHandler, new Subject(), true, getHandlerIdentityService());
}
Also used :
ServerAuthConfigImpl(org.apache.geronimo.components.jaspi.impl.ServerAuthConfigImpl)
JaspiAuthenticatorFactory(org.eclipse.jetty.security.jaspi.JaspiAuthenticatorFactory)
HashMap(java.util.HashMap)
ServerAuthModule(javax.security.auth.message.module.ServerAuthModule)
ServerAuthContextImpl(org.apache.geronimo.components.jaspi.impl.ServerAuthContextImpl)
JaspiAuthenticator(org.eclipse.jetty.security.jaspi.JaspiAuthenticator)
Subject(javax.security.auth.Subject)
ServerAuthContext(javax.security.auth.message.config.ServerAuthContext)
BasicAuthModule(org.eclipse.jetty.security.jaspi.modules.BasicAuthModule)
ServerAuthContextType(org.apache.geronimo.components.jaspi.model.ServerAuthContextType)
ServerAuthConfigType(org.apache.geronimo.components.jaspi.model.ServerAuthConfigType)
ServerAuthConfig(javax.security.auth.message.config.ServerAuthConfig)
ServletCallbackHandler(org.eclipse.jetty.security.jaspi.ServletCallbackHandler)
Example 5 with ServerAuthConfig
use of javax.security.auth.message.config.ServerAuthConfig in project jbossws-cxf by jbossws.
the class DefaultJASPIAuthenticationProvider method enableServerAuthentication.
public boolean enableServerAuthentication(Deployment dep, JBossWebservicesMetaData wsmd) {
String securityDomain = null;
if (wsmd != null) {
securityDomain = wsmd.getProperty(JaspiServerAuthenticator.JASPI_SECURITY_DOMAIN);
}
if (securityDomain == null) {
return false;
}
ApplicationPolicy appPolicy = SecurityConfiguration.getApplicationPolicy(securityDomain);
if (appPolicy == null) {
Loggers.ROOT_LOGGER.noApplicationPolicy(securityDomain);
return false;
}
BaseAuthenticationInfo bai = appPolicy.getAuthenticationInfo();
if (bai == null || bai instanceof AuthenticationInfo) {
Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(securityDomain);
return false;
}
JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
String contextRoot = dep.getService().getContextRoot();
String appId = "localhost " + contextRoot;
AuthConfigFactory factory = AuthConfigFactory.getFactory();
Properties properties = new Properties();
AuthConfigProvider provider = new JBossWSAuthConfigProvider(properties, factory);
provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId, null);
JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
try {
ServerAuthConfig serverConfig = provider.getServerAuthConfig(JBossWSAuthConstants.SOAP_LAYER, appId, callbackHandler);
Properties serverContextProperties = new Properties();
serverContextProperties.put("security-domain", securityDomain);
serverContextProperties.put("jaspi-policy", jai);
Bus bus = dep.getAttachment(Bus.class);
serverContextProperties.put(Bus.class, bus);
String authContextID = dep.getSimpleName();
ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, null, serverContextProperties);
JaspiServerAuthenticator serverAuthenticator = new JaspiServerAuthenticator(sctx);
bus.getInInterceptors().add(new JaspiSeverInInterceptor(serverAuthenticator));
bus.getOutInterceptors().add(new JaspiSeverOutInterceptor(serverAuthenticator));
return true;
} catch (Exception e) {
Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(securityDomain, e);
}
return false;
}
Also used :
Bus(org.apache.cxf.Bus)
JBossWSAuthConfigProvider(org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConfigProvider)
AuthConfigProvider(javax.security.auth.message.config.AuthConfigProvider)
JASPIAuthenticationInfo(org.jboss.security.auth.login.JASPIAuthenticationInfo)
JBossWSAuthConfigProvider(org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConfigProvider)
Properties(java.util.Properties)
BaseAuthenticationInfo(org.jboss.security.auth.login.BaseAuthenticationInfo)
JASPIAuthenticationInfo(org.jboss.security.auth.login.JASPIAuthenticationInfo)
AuthenticationInfo(org.jboss.security.auth.login.AuthenticationInfo)
ServerAuthContext(javax.security.auth.message.config.ServerAuthContext)
JaspiSeverInInterceptor(org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSeverInInterceptor)
JaspiSeverOutInterceptor(org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSeverOutInterceptor)
BaseAuthenticationInfo(org.jboss.security.auth.login.BaseAuthenticationInfo)
ApplicationPolicy(org.jboss.security.config.ApplicationPolicy)
AuthConfigFactory(javax.security.auth.message.config.AuthConfigFactory)
JBossCallbackHandler(org.jboss.security.auth.callback.JBossCallbackHandler)
ServerAuthConfig(javax.security.auth.message.config.ServerAuthConfig)
Aggregations
ServerAuthConfig (javax.security.auth.message.config.ServerAuthConfig)8
AuthConfigProvider (javax.security.auth.message.config.AuthConfigProvider)4
AuthConfigFactory (javax.security.auth.message.config.AuthConfigFactory)3
ServerAuthContext (javax.security.auth.message.config.ServerAuthContext)3
HashMap (java.util.HashMap)2
Properties (java.util.Properties)2
Subject (javax.security.auth.Subject)2
JBossCallbackHandler (org.jboss.security.auth.callback.JBossCallbackHandler)2
AuthenticationInfo (org.jboss.security.auth.login.AuthenticationInfo)2
BaseAuthenticationInfo (org.jboss.security.auth.login.BaseAuthenticationInfo)2
JASPIAuthenticationInfo (org.jboss.security.auth.login.JASPIAuthenticationInfo)2
ApplicationPolicy (org.jboss.security.config.ApplicationPolicy)2
JBossWSAuthConfigProvider (org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConfigProvider)2
JaspiSeverInInterceptor (org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSeverInInterceptor)2
JaspiSeverOutInterceptor (org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSeverOutInterceptor)2
Map (java.util.Map)1
AuthException (javax.security.auth.message.AuthException)1
RegistrationListener (javax.security.auth.message.config.RegistrationListener)1
ServerAuthModule (javax.security.auth.message.module.ServerAuthModule)1
CallbackHandlerImpl (org.apache.catalina.authenticator.jaspic.CallbackHandlerImpl)1
