Examples with ServerAuthModule javax.security.auth.message.module.ServerAuthModule used on opensource projects

Example 1 with ServerAuthModule

use of javax.security.auth.message.module.ServerAuthModule in project OpenAM by OpenRock.

the class JaspiAuthModuleWrapperTest method setUp.

@BeforeMethod
public void setUp() {
    amLoginModuleBinder = mock(AMLoginModuleBinder.class);
    serverAuthModule = mock(ServerAuthModule.class);
    jaspiAuthModuleWrapper = new JaspiAuthModuleWrapper<ServerAuthModule>(serverAuthModule, "amAuthPersistentCookie") {

        @Override
        protected Map<String, Object> initialize(Subject subject, Map sharedState, Map options) {
            return config;
        }

        @Override
        protected boolean process(MessageInfo messageInfo, Subject clientSubject, Callback[] callbacks) throws LoginException {
            processMethodCalled = true;
            return true;
        }

        @Override
        protected Map<String, Object> initialize(Map requestParamsMap, HttpServletRequest request, HttpServletResponse response, SSOToken ssoToken) throws AuthenticationException {
            return config;
        }

        @Override
        protected void onLoginSuccess(MessageInfo messageInfo, Map requestParamsMap, HttpServletRequest request, HttpServletResponse response, SSOToken ssoToken) throws AuthenticationException {
            onLoginSuccessMethodCalled = true;
        }

        @Override
        public Principal getPrincipal() {
            return null;
        }
    };
    jaspiAuthModuleWrapper.setAMLoginModule(amLoginModuleBinder);
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse response = mock(HttpServletResponse.class);
    given(amLoginModuleBinder.getHttpServletRequest()).willReturn(request);
    given(amLoginModuleBinder.getHttpServletResponse()).willReturn(response);
}

Example 2 with ServerAuthModule

use of javax.security.auth.message.module.ServerAuthModule in project Payara by payara.

the class SimpleSAMConfig method getAuthContext.

@Override
public ServerAuthContext getAuthContext(String authContextID, Subject serviceSubject, Map properties) throws AuthException {
    // combine constructed properties with passed in properties
    if (constructedProperties != null)
        properties.putAll(constructedProperties);
    ServerAuthModule localSam = sam;
    if (localSam == null || properties.containsKey(JASPICWebListenerHelper.SAM_PER_REQUEST_PROPERTY)) {
        try {
            localSam = (ServerAuthModule) samClass.newInstance();
        } catch (InstantiationException | IllegalAccessException ex) {
            Logger.getLogger(SimpleSAMConfig.class.getName()).log(Level.SEVERE, null, ex);
            AuthException ae = new AuthException("Unable to instantiate an instance of the provided SAM class");
            ae.initCause(ex);
            throw ae;
        }
    }
    ServerAuthModule sam = this.sam;
    if (sam == null) {
        synchronized (this) {
            this.sam = localSam;
        }
    }
    return new SimpleSAMAuthContext(authContextID, serviceSubject, properties, handler, localSam);
}

Example 3 with ServerAuthModule

use of javax.security.auth.message.module.ServerAuthModule in project Payara by payara.

the class GFServerConfigProvider method createModuleInfo.

/**
 * Instantiate+initialize module class
 */
static ModuleInfo createModuleInfo(Entry entry, CallbackHandler handler, String type, Map<String, Object> properties) throws AuthException {
    try {
        // instantiate module using no-arg constructor
        Object newModule = entry.newInstance();
        Map<String, Object> map = properties;
        Map<String, Object> entryOptions = entry.getOptions();
        if (entryOptions != null) {
            if (map == null) {
                map = new HashMap<>();
            } else {
                map = new HashMap<>(map);
            }
            map.putAll(entryOptions);
        }
        // No doPrivilege at this point, need to revisit
        if (SERVER.equals(type)) {
            if (newModule instanceof ServerAuthModule) {
                ServerAuthModule sam = (ServerAuthModule) newModule;
                sam.initialize(entry.getRequestPolicy(), entry.getResponsePolicy(), handler, map);
            } else if (newModule instanceof com.sun.enterprise.security.jauth.ServerAuthModule) {
                // TODO REMOVE
                com.sun.enterprise.security.jauth.ServerAuthModule sam0 = (com.sun.enterprise.security.jauth.ServerAuthModule) newModule;
                AuthPolicy requestPolicy = (entry.getRequestPolicy() != null) ? new AuthPolicy(entry.getRequestPolicy()) : null;
                AuthPolicy responsePolicy = (entry.getResponsePolicy() != null) ? new AuthPolicy(entry.getResponsePolicy()) : null;
                sam0.initialize(requestPolicy, responsePolicy, handler, map);
            }
        } else {
            // CLIENT
            if (newModule instanceof ClientAuthModule) {
                ClientAuthModule cam = (ClientAuthModule) newModule;
                cam.initialize(entry.getRequestPolicy(), entry.getResponsePolicy(), handler, map);
            } else if (newModule instanceof com.sun.enterprise.security.jauth.ClientAuthModule) {
                // TODO REMOVE
                com.sun.enterprise.security.jauth.ClientAuthModule cam0 = (com.sun.enterprise.security.jauth.ClientAuthModule) newModule;
                AuthPolicy requestPolicy = new AuthPolicy(entry.getRequestPolicy());
                AuthPolicy responsePolicy = new AuthPolicy(entry.getResponsePolicy());
                cam0.initialize(requestPolicy, responsePolicy, handler, map);
            }
        }
        return new ModuleInfo(newModule, map);
    } catch (Exception e) {
        if (e instanceof AuthException) {
            throw (AuthException) e;
        }
        AuthException ae = new AuthException();
        ae.initCause(e);
        throw ae;
    }
}

Example 4 with ServerAuthModule

use of javax.security.auth.message.module.ServerAuthModule in project cdap by caskdata.

the class JASPIAuthenticationHandler method getHandlerAuthenticator.

@Override
protected Authenticator getHandlerAuthenticator() {
    JaspiAuthenticatorFactory jaspiAuthenticatorFactory = new JaspiAuthenticatorFactory();
    jaspiAuthenticatorFactory.setLoginService(getHandlerLoginService());
    HashMap<String, ServerAuthContext> serverAuthContextMap = new HashMap<>();
    ServletCallbackHandler callbackHandler = new ServletCallbackHandler(getHandlerLoginService());
    ServerAuthModule authModule = new BasicAuthModule(callbackHandler, "JAASRealm");
    serverAuthContextMap.put("authContextID", new ServerAuthContextImpl(Collections.singletonList(authModule)));
    ServerAuthContextType serverAuthContextType = new ServerAuthContextType("HTTP", "server *", "authContextID", new AuthModuleType<ServerAuthModule>());
    ServerAuthConfigType serverAuthConfigType = new ServerAuthConfigType(serverAuthContextType, true);
    ServerAuthConfig serverAuthConfig = new ServerAuthConfigImpl(serverAuthConfigType, serverAuthContextMap);
    return new JaspiAuthenticator(serverAuthConfig, null, callbackHandler, new Subject(), true, getHandlerIdentityService());
}

Example 5 with ServerAuthModule

use of javax.security.auth.message.module.ServerAuthModule in project jbossws-cxf by jbossws.

the class JBossWSServerAuthConfig method createSAM.

@SuppressWarnings({ "unchecked", "rawtypes" })
private ServerAuthModule createSAM(ClassLoader moduleCL, String name) throws Exception {
    Class clazz = SecurityActions.loadClass(moduleCL, name);
    Constructor ctr = clazz.getConstructor(new Class[0]);
    return (ServerAuthModule) ctr.newInstance(new Object[0]);
}