Examples with LoginModule javax.security.auth.spi.LoginModule used on opensource projects

Search in sources :

Example 16 with LoginModule

use of javax.security.auth.spi.LoginModule in project mssql-jdbc by Microsoft.

the class ConstrainedSample method doInitialLogin.

/**
 * Authenticate the intermediate server that is going to impersonate the client
 *
 * @return a subject for the intermediate server with the keytab credentials
 * @throws PrivilegedActionException in case of failure
 */
private static Subject doInitialLogin() throws PrivilegedActionException {
    serviceSubject = new Subject();
    LoginModule krb5Module;
    try {
        krb5Module = (LoginModule) Class.forName("com.sun.security.auth.module.Krb5LoginModule").getConstructor().newInstance();
    } catch (Exception e) {
        System.out.print("Error loading Krb5LoginModule module: " + e);
        throw new PrivilegedActionException(e);
    }
    System.setProperty("sun.security.krb5.debug", String.valueOf(true));
    Map<String, String> options = new HashMap<>();
    options.put("useKeyTab", "true");
    options.put("storeKey", "true");
    options.put("doNotPrompt", "true");
    options.put("keyTab", KEYTAB_ROUTE);
    options.put("principal", SERVICE_PRINCIPAL);
    options.put("debug", "true");
    options.put("isInitiator", "true");
    Map<String, String> sharedState = new HashMap<>(0);
    krb5Module.initialize(serviceSubject, null, sharedState, options);
    try {
        krb5Module.login();
        krb5Module.commit();
    } catch (LoginException e) {
        System.out.print("Error authenticating with Kerberos: " + e);
        try {
            krb5Module.abort();
        } catch (LoginException e1) {
            System.out.print("Error aborting Kerberos authentication:  " + e1);
            throw new PrivilegedActionException(e);
        }
        throw new PrivilegedActionException(e);
    }
    return serviceSubject;
}
Also used : PrivilegedActionException(java.security.PrivilegedActionException) HashMap(java.util.HashMap) LoginException(javax.security.auth.login.LoginException) LoginModule(javax.security.auth.spi.LoginModule) Subject(javax.security.auth.Subject) LoginException(javax.security.auth.login.LoginException) PrivilegedActionException(java.security.PrivilegedActionException) GSSException(org.ietf.jgss.GSSException)

Example 17 with LoginModule

use of javax.security.auth.spi.LoginModule in project tomee by apache.

the class CDILoginModule method initialize.

@Override
public void initialize(final Subject subject, final CallbackHandler callbackHandler, final Map<String, ?> sharedState, final Map<String, ?> options) {
    final WebBeansContext webBeansContext = WebBeansContext.currentInstance();
    final BeanManagerImpl bm = webBeansContext.getBeanManagerImpl();
    if (!bm.isInUse()) {
        throw new OpenEJBRuntimeException("CDI not activated");
    }
    String delegate = String.valueOf(options.get("delegate"));
    if ("null".equals(delegate)) {
        final String app = findAppName(webBeansContext);
        delegate = String.valueOf(options.get(app));
        if ("null".equals(delegate)) {
            throw new OpenEJBRuntimeException("Please specify a delegate class");
        }
    }
    final Class<?> clazz;
    try {
        clazz = Thread.currentThread().getContextClassLoader().loadClass(delegate);
    } catch (final ClassNotFoundException e) {
        throw new OpenEJBRuntimeException(e.getMessage(), e);
    }
    cc = bm.createCreationalContext(null);
    final String cdiName = String.valueOf(options.get("cdiName"));
    if ("true".equals(String.valueOf(options.get("loginModuleAsCdiBean")))) {
        final Set<Bean<?>> beans;
        if ("null".equals(cdiName)) {
            beans = bm.getBeans(clazz);
        } else {
            beans = bm.getBeans(cdiName);
        }
        loginModule = LoginModule.class.cast(bm.getReference(bm.resolve(beans), clazz, cc));
    } else {
        try {
            loginModule = LoginModule.class.cast(clazz.newInstance());
            OWBInjector.inject(bm, loginModule, cc);
        } catch (final Exception e) {
            throw new OpenEJBRuntimeException("Can't inject into delegate class " + loginModule, e);
        }
    }
    loginModule.initialize(subject, callbackHandler, sharedState, options);
}
Also used : OpenEJBRuntimeException(org.apache.openejb.OpenEJBRuntimeException) WebBeansContext(org.apache.webbeans.config.WebBeansContext) BeanManagerImpl(org.apache.webbeans.container.BeanManagerImpl) LoginModule(javax.security.auth.spi.LoginModule) LoginException(javax.security.auth.login.LoginException) OpenEJBRuntimeException(org.apache.openejb.OpenEJBRuntimeException) Bean(javax.enterprise.inject.spi.Bean)

Example 18 with LoginModule

use of javax.security.auth.spi.LoginModule in project karaf by apache.

the class KarafMBeanServerGuardTest method loginWithTestRoles.

private Subject loginWithTestRoles(String... roles) throws LoginException {
    Subject subject = new Subject();
    LoginModule lm = new TestLoginModule(roles);
    lm.initialize(subject, null, null, null);
    lm.login();
    lm.commit();
    return subject;
}
Also used : LoginModule(javax.security.auth.spi.LoginModule) Subject(javax.security.auth.Subject)

Example 19 with LoginModule

use of javax.security.auth.spi.LoginModule in project karaf by apache.

the class KarafMBeanServerGuardTest method testCurrentUserHasCustomRole.

public void testCurrentUserHasCustomRole() throws Exception {
    Subject subject = new Subject();
    LoginModule lm = new TestLoginModule(new TestRolePrincipal("foo"));
    lm.initialize(subject, null, null, null);
    lm.login();
    lm.commit();
    Subject.doAs(subject, (PrivilegedAction<Void>) () -> {
        assertTrue(JaasHelper.currentUserHasRole(TestRolePrincipal.class.getCanonicalName() + ":foo"));
        assertFalse(JaasHelper.currentUserHasRole("foo"));
        return null;
    });
}
Also used : LoginModule(javax.security.auth.spi.LoginModule) Subject(javax.security.auth.Subject)

Aggregations

LoginModule (javax.security.auth.spi.LoginModule)19 LoginException (javax.security.auth.login.LoginException)12 CallbackHandler (javax.security.auth.callback.CallbackHandler)10 Principal (java.security.Principal)8 Subject (javax.security.auth.Subject)8 WikiPrincipal (org.apache.wiki.auth.WikiPrincipal)8 MockHttpServletRequest (net.sourceforge.stripes.mock.MockHttpServletRequest)4 HashMap (java.util.HashMap)2 Map (java.util.Map)2 Cookie (javax.servlet.http.Cookie)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 ExtensionLoginModule (org.eclipse.equinox.security.auth.module.ExtensionLoginModule)2 SecurityLoggerInfo (com.sun.enterprise.security.SecurityLoggerInfo)1 CERT_REALMNAME (com.sun.enterprise.security.auth.login.LoginContextDriver.CERT_REALMNAME)1 X509CertificateCredential (com.sun.enterprise.security.auth.login.common.X509CertificateCredential)1 OID (com.sun.enterprise.security.auth.realm.certificate.OID)1 AppClientSSL (com.sun.enterprise.security.integration.AppClientSSL)1 SSLUtils (com.sun.enterprise.security.ssl.SSLUtils)1 LocalStringManagerImpl (com.sun.enterprise.util.LocalStringManagerImpl)1 KeyStore (java.security.KeyStore)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial