use of javax.security.auth.spi.LoginModule in project jspwiki by apache.
the class UserDatabaseLoginModuleTest method testLogout.
public final void testLogout() {
try {
CallbackHandler handler = new WikiCallbackHandler(m_engine, null, "user", "password");
LoginModule module = new UserDatabaseLoginModule();
module.initialize(m_subject, handler, new HashMap<String, Object>(), new HashMap<String, Object>());
module.login();
module.commit();
Set<Principal> principals = m_subject.getPrincipals();
Assert.assertEquals(1, principals.size());
Assert.assertTrue(principals.contains(new WikiPrincipal("user", WikiPrincipal.LOGIN_NAME)));
Assert.assertFalse(principals.contains(Role.AUTHENTICATED));
Assert.assertFalse(principals.contains(Role.ALL));
module.logout();
Assert.assertEquals(0, principals.size());
} catch (LoginException e) {
System.err.println(e.getMessage());
Assert.assertTrue(false);
}
}
use of javax.security.auth.spi.LoginModule in project jspwiki by apache.
the class UserDatabaseLoginModuleTest method testLogin.
public final void testLogin() {
try {
// Log in with a user that isn't in the database
CallbackHandler handler = new WikiCallbackHandler(m_engine, null, "user", "password");
LoginModule module = new UserDatabaseLoginModule();
module.initialize(m_subject, handler, new HashMap<String, Object>(), new HashMap<String, Object>());
module.login();
module.commit();
Set<Principal> principals = m_subject.getPrincipals();
Assert.assertEquals(1, principals.size());
Assert.assertTrue(principals.contains(new WikiPrincipal("user", WikiPrincipal.LOGIN_NAME)));
Assert.assertFalse(principals.contains(Role.AUTHENTICATED));
Assert.assertFalse(principals.contains(Role.ALL));
// Login with a user that IS in the database
m_subject = new Subject();
handler = new WikiCallbackHandler(m_engine, null, "janne", "myP@5sw0rd");
module = new UserDatabaseLoginModule();
module.initialize(m_subject, handler, new HashMap<String, Object>(), new HashMap<String, Object>());
module.login();
module.commit();
principals = m_subject.getPrincipals();
Assert.assertEquals(1, principals.size());
Assert.assertTrue(principals.contains(new WikiPrincipal("janne", WikiPrincipal.LOGIN_NAME)));
Assert.assertFalse(principals.contains(Role.AUTHENTICATED));
Assert.assertFalse(principals.contains(Role.ALL));
} catch (LoginException e) {
System.err.println(e.getMessage());
Assert.assertTrue(false);
}
}
use of javax.security.auth.spi.LoginModule in project Payara by payara.
the class ClientCertificateLoginModule method login.
/**
* Authenticate the user by prompting for a username and password.
*
* <p>
*
* @return true in all cases since this <code>LoginModule</code> should not be ignored.
*
* @exception LoginException if this <code>LoginModule</code> is unable to perform the
* authentication.
*/
@Override
public boolean login() throws LoginException {
// Prompt for a username and password
if (callbackHandler == null) {
throw new LoginException("Error: no CallbackHandler available " + "to garner authentication information from the user");
}
try {
String[] certificateNames = new String[keyStore.size()];
String[] aliasNames = new String[keyStore.size()];
Enumeration<String> aliases = keyStore.aliases();
for (int i = 0; i < keyStore.size(); i++) {
aliasNames[i] = aliases.nextElement();
certificateNames[i] = ((X509Certificate) keyStore.getCertificate(aliasNames[i])).getSubjectX500Principal().getName(X500Principal.RFC2253, OID.getOIDMap());
}
Callback[] callbacks = new Callback[] { createChoiceCallback(certificateNames) };
callbackHandler.handle(callbacks);
int[] selectedIndexes = ((ChoiceCallback) callbacks[0]).getSelectedIndexes();
if (selectedIndexes == null) {
throw new LoginException("No certificate selected!");
} else if (selectedIndexes[0] == -1) {
throw new LoginException("Incorrect keystore password");
}
if (debug) {
_logger.fine(() -> "[ClientCertificateLoginModule] user entered certificates: " + Arrays.stream(selectedIndexes).mapToObj(i -> aliasNames[i]).collect(Collectors.toList()));
}
// The authenticate method previously picked out the wrong alias.
// Since we allow only 1 choice the first element in idx
// idx[0] should have the selected index.
alias = aliasNames[selectedIndexes[0]];
certificate = (X509Certificate) keyStore.getCertificate(alias);
// The authenticate should always return a true.
if (debug) {
_logger.fine("\t\t[ClientCertificateLoginModule] authentication succeeded");
}
succeeded = true;
return true;
} catch (UnsupportedCallbackException uce) {
throw new LoginException("Error: " + uce.getCallback() + " not available to garner authentication information from the user");
} catch (Exception e) {
throw new LoginException(e.toString());
}
}
use of javax.security.auth.spi.LoginModule in project jspwiki by apache.
the class AnonymousLoginModuleTest method testLogout.
public final void testLogout() {
HttpServletRequest request = m_engine.newHttpRequest();
try {
CallbackHandler handler = new WebContainerCallbackHandler(m_engine, request);
LoginModule module = new AnonymousLoginModule();
module.initialize(m_subject, handler, new HashMap<String, Object>(), new HashMap<String, Object>());
module.login();
module.commit();
Set<Principal> principals = m_subject.getPrincipals();
Assert.assertEquals(1, principals.size());
Assert.assertTrue(principals.contains(new WikiPrincipal("127.0.0.1")));
Assert.assertFalse(principals.contains(Role.ANONYMOUS));
Assert.assertFalse(principals.contains(Role.ALL));
module.logout();
Assert.assertEquals(0, principals.size());
} catch (LoginException e) {
System.err.println(e.getMessage());
Assert.assertTrue(false);
}
}
use of javax.security.auth.spi.LoginModule in project jspwiki by apache.
the class AnonymousLoginModuleTest method testLogin.
public final void testLogin() {
HttpServletRequest request = m_engine.newHttpRequest();
try {
// Test using IP address (AnonymousLoginModule succeeds)
CallbackHandler handler = new WebContainerCallbackHandler(m_engine, request);
LoginModule module = new AnonymousLoginModule();
module.initialize(m_subject, handler, new HashMap<String, Object>(), new HashMap<String, Object>());
module.login();
module.commit();
Set<Principal> principals = m_subject.getPrincipals();
Assert.assertEquals(1, principals.size());
Assert.assertTrue(principals.contains(new WikiPrincipal("127.0.0.1")));
Assert.assertFalse(principals.contains(Role.ANONYMOUS));
Assert.assertFalse(principals.contains(Role.ALL));
} catch (LoginException e) {
System.err.println(e.getMessage());
Assert.assertTrue(false);
}
}
Aggregations