use of javax.security.auth.message.config.ServerAuthContext in project Payara by payara.
the class JaspicRealm method cleanSubject.
public void cleanSubject(HttpRequest httpRequest) throws AuthException {
MessageInfo messageInfo = (MessageInfo) httpRequest.getRequest().getAttribute(MESSAGE_INFO);
if (messageInfo == null) {
messageInfo = new HttpMessageInfo((HttpServletRequest) httpRequest.getRequest(), (HttpServletResponse) httpRequest.getResponse().getResponse());
}
messageInfo.getMap().put(IS_MANDATORY, TRUE.toString());
ServerAuthContext serverAuthContext = jaspicServices.getServerAuthContext(messageInfo, null);
if (serverAuthContext != null) {
// Check for the default/server-generated/unauthenticated security context.
SecurityContext securityContext = SecurityContext.getCurrent();
Subject subject = securityContext.didServerGenerateCredentials() ? new Subject() : securityContext.getSubject();
if (subject == null) {
subject = new Subject();
}
if (subject.isReadOnly()) {
logger.log(WARNING, "Read-only subject found during logout processing");
}
try {
httpRequest.getContext().fireContainerEvent(BEFORE_LOGOUT, null);
serverAuthContext.cleanSubject(messageInfo, subject);
} finally {
httpRequest.getContext().fireContainerEvent(AFTER_LOGOUT, null);
}
}
}
use of javax.security.auth.message.config.ServerAuthContext in project jbossws-cxf by jbossws.
the class DefaultJASPIAuthenticationProvider method enableServerAuthentication.
public boolean enableServerAuthentication(Deployment dep, JBossWebservicesMetaData wsmd) {
String securityDomain = null;
if (wsmd != null) {
securityDomain = wsmd.getProperty(JaspiServerAuthenticator.JASPI_SECURITY_DOMAIN);
}
if (securityDomain == null) {
return false;
}
ApplicationPolicy appPolicy = SecurityConfiguration.getApplicationPolicy(securityDomain);
if (appPolicy == null) {
Loggers.ROOT_LOGGER.noApplicationPolicy(securityDomain);
return false;
}
BaseAuthenticationInfo bai = appPolicy.getAuthenticationInfo();
if (bai == null || bai instanceof AuthenticationInfo) {
Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(securityDomain);
return false;
}
JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
String contextRoot = dep.getService().getContextRoot();
String appId = "localhost " + contextRoot;
AuthConfigFactory factory = AuthConfigFactory.getFactory();
Properties properties = new Properties();
AuthConfigProvider provider = new JBossWSAuthConfigProvider(properties, factory);
provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId, null);
JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
try {
ServerAuthConfig serverConfig = provider.getServerAuthConfig(JBossWSAuthConstants.SOAP_LAYER, appId, callbackHandler);
Properties serverContextProperties = new Properties();
serverContextProperties.put("security-domain", securityDomain);
serverContextProperties.put("jaspi-policy", jai);
Bus bus = dep.getAttachment(Bus.class);
serverContextProperties.put(Bus.class, bus);
String authContextID = dep.getSimpleName();
ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, null, serverContextProperties);
JaspiServerAuthenticator serverAuthenticator = new JaspiServerAuthenticator(sctx);
bus.getInInterceptors().add(new JaspiSeverInInterceptor(serverAuthenticator));
bus.getOutInterceptors().add(new JaspiSeverOutInterceptor(serverAuthenticator));
return true;
} catch (Exception e) {
Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(securityDomain, e);
}
return false;
}
use of javax.security.auth.message.config.ServerAuthContext in project jbossws-cxf by jbossws.
the class DefaultJASPIAuthenticationProvider method enableServerAuthentication.
public boolean enableServerAuthentication(Object target, Endpoint endpoint) {
if (!(target instanceof EndpointImpl)) {
Loggers.ROOT_LOGGER.cannotEnableJASPIAuthentication(target.getClass().getSimpleName());
return false;
}
EndpointImpl endpointImpl = (EndpointImpl) target;
String securityDomain = (String) endpointImpl.getProperties().get(JaspiServerAuthenticator.JASPI_SECURITY_DOMAIN);
if (securityDomain == null) {
return false;
}
ApplicationPolicy appPolicy = SecurityConfiguration.getApplicationPolicy(securityDomain);
if (appPolicy == null) {
Loggers.ROOT_LOGGER.noApplicationPolicy(securityDomain);
return false;
}
BaseAuthenticationInfo bai = appPolicy.getAuthenticationInfo();
if (bai == null || bai instanceof AuthenticationInfo) {
Loggers.ROOT_LOGGER.noJaspiApplicationPolicy(securityDomain);
return false;
}
JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo) bai;
String contextRoot = endpoint.getService().getContextRoot();
String appId = "localhost " + contextRoot;
AuthConfigFactory factory = AuthConfigFactory.getFactory();
Properties properties = new Properties();
AuthConfigProvider provider = new JBossWSAuthConfigProvider(properties, factory);
provider = factory.getConfigProvider(JBossWSAuthConstants.SOAP_LAYER, appId, null);
JBossCallbackHandler callbackHandler = new JBossCallbackHandler();
JaspiServerAuthenticator serverAuthenticator = null;
try {
ServerAuthConfig serverConfig = provider.getServerAuthConfig(JBossWSAuthConstants.SOAP_LAYER, appId, callbackHandler);
Properties serverContextProperties = new Properties();
serverContextProperties.put("security-domain", securityDomain);
serverContextProperties.put("jaspi-policy", jai);
serverContextProperties.put(javax.xml.ws.Endpoint.class, endpointImpl);
String authContextID = endpointImpl.getBeanName();
ServerAuthContext sctx = serverConfig.getAuthContext(authContextID, null, serverContextProperties);
serverAuthenticator = new JaspiServerAuthenticator(sctx);
endpointImpl.getInInterceptors().add(new JaspiSeverInInterceptor(serverAuthenticator));
endpointImpl.getOutInterceptors().add(new JaspiSeverOutInterceptor(serverAuthenticator));
return true;
} catch (Exception e) {
Loggers.DEPLOYMENT_LOGGER.cannotCreateServerAuthContext(securityDomain, e);
}
return false;
}
Aggregations