Search in sources :

Example 11 with ServerAuthContext

use of javax.security.auth.message.config.ServerAuthContext in project Payara by payara.

the class JaspicRealm method cleanSubject.

public void cleanSubject(HttpRequest httpRequest) throws AuthException {
    MessageInfo messageInfo = (MessageInfo) httpRequest.getRequest().getAttribute(MESSAGE_INFO);
    if (messageInfo == null) {
        messageInfo = new HttpMessageInfo((HttpServletRequest) httpRequest.getRequest(), (HttpServletResponse) httpRequest.getResponse().getResponse());
    }
    messageInfo.getMap().put(IS_MANDATORY, TRUE.toString());
    ServerAuthContext serverAuthContext = jaspicServices.getServerAuthContext(messageInfo, null);
    if (serverAuthContext != null) {
        // Check for the default/server-generated/unauthenticated security context.
        SecurityContext securityContext = SecurityContext.getCurrent();
        Subject subject = securityContext.didServerGenerateCredentials() ? new Subject() : securityContext.getSubject();
        if (subject == null) {
            subject = new Subject();
        }
        if (subject.isReadOnly()) {
            logger.log(WARNING, "Read-only subject found during logout processing");
        }
        try {
            httpRequest.getContext().fireContainerEvent(BEFORE_LOGOUT, null);
            serverAuthContext.cleanSubject(messageInfo, subject);
        } finally {
            httpRequest.getContext().fireContainerEvent(AFTER_LOGOUT, null);
        }
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) SecurityContext(com.sun.enterprise.security.SecurityContext) HttpServletResponse(javax.servlet.http.HttpServletResponse) HttpMessageInfo(com.sun.jaspic.config.servlet.HttpMessageInfo) Subject(javax.security.auth.Subject) HttpMessageInfo(com.sun.jaspic.config.servlet.HttpMessageInfo) MessageInfo(javax.security.auth.message.MessageInfo) ServerAuthContext(javax.security.auth.message.config.ServerAuthContext)

Example 12 with ServerAuthContext

use of javax.security.auth.message.config.ServerAuthContext in project jbossws-cxf by jbossws.

the class DefaultJASPIAuthenticationProvider method enableServerAuthentication.

public boolean enableServerAuthentication(Deployment dep, JBossWebservicesMetaData wsmd) {
    String securityDomain = null;
    if (wsmd != null) {
        securityDomain = wsmd.getProperty(JaspiServerAuthenticator.JASPI_SECURITY_DOMAIN);
    }
    if (securityDomain == null) {
        return false;
    }
    ApplicationPolicy appPolicy = SecurityConfiguration.getApplicationPolicy(securityDomain);
    if (appPolicy == null) {
        Loggers.ROOT_LOGGER.noApplicationPolicy(securityDomain);
        return false;
    }
    BaseAuthenticationInfo bai = appPolicy.getAuthenticationInfo();
    if (bai == null || bai instanceof AuthenticationInfo) {
        Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(securityDomain);
        return false;
    }
    JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
    String contextRoot = dep.getService().getContextRoot();
    String appId = "localhost " + contextRoot;
    AuthConfigFactory factory = AuthConfigFactory.getFactory();
    Properties properties = new Properties();
    AuthConfigProvider provider = new JBossWSAuthConfigProvider(properties, factory);
    provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId, null);
    JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
    try {
        ServerAuthConfig serverConfig = provider.getServerAuthConfig(JBossWSAuthConstants.SOAP_LAYER, appId, callbackHandler);
        Properties serverContextProperties = new Properties();
        serverContextProperties.put("security-domain", securityDomain);
        serverContextProperties.put("jaspi-policy", jai);
        Bus bus = dep.getAttachment(Bus.class);
        serverContextProperties.put(Bus.class, bus);
        String authContextID = dep.getSimpleName();
        ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, null, serverContextProperties);
        JaspiServerAuthenticator serverAuthenticator = new JaspiServerAuthenticator(sctx);
        bus.getInInterceptors().add(new JaspiSeverInInterceptor(serverAuthenticator));
        bus.getOutInterceptors().add(new JaspiSeverOutInterceptor(serverAuthenticator));
        return true;
    } catch (Exception e) {
        Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(securityDomain, e);
    }
    return false;
}
Also used : Bus(org.apache.cxf.Bus) JBossWSAuthConfigProvider(org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConfigProvider) AuthConfigProvider(javax.security.auth.message.config.AuthConfigProvider) JASPIAuthenticationInfo(org.jboss.security.auth.login.JASPIAuthenticationInfo) JBossWSAuthConfigProvider(org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConfigProvider) Properties(java.util.Properties) BaseAuthenticationInfo(org.jboss.security.auth.login.BaseAuthenticationInfo) JASPIAuthenticationInfo(org.jboss.security.auth.login.JASPIAuthenticationInfo) AuthenticationInfo(org.jboss.security.auth.login.AuthenticationInfo) ServerAuthContext(javax.security.auth.message.config.ServerAuthContext) JaspiSeverInInterceptor(org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSeverInInterceptor) JaspiSeverOutInterceptor(org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSeverOutInterceptor) BaseAuthenticationInfo(org.jboss.security.auth.login.BaseAuthenticationInfo) ApplicationPolicy(org.jboss.security.config.ApplicationPolicy) AuthConfigFactory(javax.security.auth.message.config.AuthConfigFactory) JBossCallbackHandler(org.jboss.security.auth.callback.JBossCallbackHandler) ServerAuthConfig(javax.security.auth.message.config.ServerAuthConfig)

Example 13 with ServerAuthContext

use of javax.security.auth.message.config.ServerAuthContext in project jbossws-cxf by jbossws.

the class DefaultJASPIAuthenticationProvider method enableServerAuthentication.

public boolean enableServerAuthentication(Object target, Endpoint endpoint) {
    if (!(target instanceof EndpointImpl)) {
        Loggers.ROOT_LOGGER.cannotEnableJASPIAuthentication(target.getClass().getSimpleName());
        return false;
    }
    EndpointImpl endpointImpl = (EndpointImpl) target;
    String securityDomain = (String) endpointImpl.getProperties().get(JaspiServerAuthenticator.JASPI_SECURITY_DOMAIN);
    if (securityDomain == null) {
        return false;
    }
    ApplicationPolicy appPolicy = SecurityConfiguration.getApplicationPolicy(securityDomain);
    if (appPolicy == null) {
        Loggers.ROOT_LOGGER.noApplicationPolicy(securityDomain);
        return false;
    }
    BaseAuthenticationInfo bai = appPolicy.getAuthenticationInfo();
    if (bai == null || bai instanceof AuthenticationInfo) {
        Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(securityDomain);
        return false;
    }
    JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
    String contextRoot = endpoint.getService().getContextRoot();
    String appId = "localhost " + contextRoot;
    AuthConfigFactory factory = AuthConfigFactory.getFactory();
    Properties properties = new Properties();
    AuthConfigProvider provider = new JBossWSAuthConfigProvider(properties, factory);
    provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId, null);
    JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
    JaspiServerAuthenticator serverAuthenticator = null;
    try {
        ServerAuthConfig serverConfig = provider.getServerAuthConfig(JBossWSAuthConstants.SOAP_LAYER, appId, callbackHandler);
        Properties serverContextProperties = new Properties();
        serverContextProperties.put("security-domain", securityDomain);
        serverContextProperties.put("jaspi-policy", jai);
        serverContextProperties.put(javax.xml.ws.Endpoint.class, endpointImpl);
        String authContextID = endpointImpl.getBeanName();
        ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, null, serverContextProperties);
        serverAuthenticator = new JaspiServerAuthenticator(sctx);
        endpointImpl.getInInterceptors().add(new JaspiSeverInInterceptor(serverAuthenticator));
        endpointImpl.getOutInterceptors().add(new JaspiSeverOutInterceptor(serverAuthenticator));
        return true;
    } catch (Exception e) {
        Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(securityDomain, e);
    }
    return false;
}
Also used : JBossWSAuthConfigProvider(org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConfigProvider) AuthConfigProvider(javax.security.auth.message.config.AuthConfigProvider) EndpointImpl(org.apache.cxf.jaxws.EndpointImpl) JASPIAuthenticationInfo(org.jboss.security.auth.login.JASPIAuthenticationInfo) JBossWSAuthConfigProvider(org.jboss.wsf.stack.cxf.jaspi.config.JBossWSAuthConfigProvider) Properties(java.util.Properties) BaseAuthenticationInfo(org.jboss.security.auth.login.BaseAuthenticationInfo) JASPIAuthenticationInfo(org.jboss.security.auth.login.JASPIAuthenticationInfo) AuthenticationInfo(org.jboss.security.auth.login.AuthenticationInfo) ServerAuthContext(javax.security.auth.message.config.ServerAuthContext) JaspiSeverInInterceptor(org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSeverInInterceptor) JaspiSeverOutInterceptor(org.jboss.wsf.stack.cxf.jaspi.interceptor.JaspiSeverOutInterceptor) BaseAuthenticationInfo(org.jboss.security.auth.login.BaseAuthenticationInfo) ApplicationPolicy(org.jboss.security.config.ApplicationPolicy) AuthConfigFactory(javax.security.auth.message.config.AuthConfigFactory) JBossCallbackHandler(org.jboss.security.auth.callback.JBossCallbackHandler) ServerAuthConfig(javax.security.auth.message.config.ServerAuthConfig)

Aggregations

ServerAuthContext (javax.security.auth.message.config.ServerAuthContext)13 AuthException (javax.security.auth.message.AuthException)9 Subject (javax.security.auth.Subject)8 MessageInfo (javax.security.auth.message.MessageInfo)6 HttpServletRequest (javax.servlet.http.HttpServletRequest)6 AuthStatus (javax.security.auth.message.AuthStatus)4 HttpServletResponse (javax.servlet.http.HttpServletResponse)4 HttpMessageInfo (com.sun.jaspic.config.servlet.HttpMessageInfo)3 IOException (java.io.IOException)3 ServerAuthConfig (javax.security.auth.message.config.ServerAuthConfig)3 SecurityContext (com.sun.enterprise.security.SecurityContext)2 PacketMapMessageInfo (com.sun.enterprise.security.jauth.jaspic.provider.PacketMapMessageInfo)2 PacketMessageInfo (com.sun.enterprise.security.jauth.jaspic.provider.PacketMessageInfo)2 Packet (com.sun.xml.ws.api.message.Packet)2 Principal (java.security.Principal)2 PrivilegedActionException (java.security.PrivilegedActionException)2 Properties (java.util.Properties)2 AuthConfigFactory (javax.security.auth.message.config.AuthConfigFactory)2 AuthConfigProvider (javax.security.auth.message.config.AuthConfigProvider)2 WebServiceException (javax.xml.ws.WebServiceException)2