Search in sources :

Example 1 with Credential

use of javax.security.enterprise.credential.Credential in project Payara by payara.

the class RealmIdentityStore method validate.

protected CredentialValidationResult validate(UsernamePasswordCredential credential, String realmName) {
    try {
        Subject subject = login(credential, realmName);
        Set<String> groups = subject.getPrincipals(Group.class).stream().map(g -> g.getName()).collect(toSet());
        if (!groups.isEmpty()) {
            return new CredentialValidationResult(new CallerPrincipal(credential.getCaller()), groups);
        }
    } catch (LoginException ex) {
        return INVALID_RESULT;
    }
    return INVALID_RESULT;
}
Also used : RealmIdentityStoreDefinition(fish.payara.security.annotations.RealmIdentityStoreDefinition) RealmIdentityStoreConfiguration(fish.payara.security.realm.config.RealmIdentityStoreConfiguration) NOT_VALIDATED_RESULT(javax.security.enterprise.identitystore.CredentialValidationResult.NOT_VALIDATED_RESULT) PasswordCredential(com.sun.enterprise.security.auth.login.common.PasswordCredential) LoginException(com.sun.enterprise.security.auth.login.common.LoginException) Set(java.util.Set) Typed(javax.enterprise.inject.Typed) IdentityStore(javax.security.enterprise.identitystore.IdentityStore) Group(org.glassfish.security.common.Group) CallerPrincipal(javax.security.enterprise.CallerPrincipal) AppservAccessController.privileged(com.sun.enterprise.security.common.AppservAccessController.privileged) Subject(javax.security.auth.Subject) CredentialValidationResult(javax.security.enterprise.identitystore.CredentialValidationResult) INVALID_RESULT(javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT) Credential(javax.security.enterprise.credential.Credential) WebAndEjbToJaasBridge(com.sun.enterprise.security.auth.WebAndEjbToJaasBridge) LoginContextDriver.getValidRealm(com.sun.enterprise.security.auth.login.LoginContextDriver.getValidRealm) UsernamePasswordCredential(javax.security.enterprise.credential.UsernamePasswordCredential) CertificateCredential(fish.payara.security.api.CertificateCredential) Collectors.toSet(java.util.stream.Collectors.toSet) Group(org.glassfish.security.common.Group) CredentialValidationResult(javax.security.enterprise.identitystore.CredentialValidationResult) LoginException(com.sun.enterprise.security.auth.login.common.LoginException) CallerPrincipal(javax.security.enterprise.CallerPrincipal) Subject(javax.security.auth.Subject)

Example 2 with Credential

use of javax.security.enterprise.credential.Credential in project Payara by payara.

the class CertificateRealmIdentityStore method validate.

public static CredentialValidationResult validate(CertificateCredential credential, String realmName) {
    try {
        Subject subject = login(credential, realmName);
        Set<String> groups = subject.getPrincipals(Group.class).stream().map(g -> g.getName()).collect(toSet());
        return new CredentialValidationResult(credential.getPrincipal(), groups);
    } catch (LoginException ex) {
        return INVALID_RESULT;
    }
}
Also used : X509Certificate(java.security.cert.X509Certificate) Properties(java.util.Properties) NOT_VALIDATED_RESULT(javax.security.enterprise.identitystore.CredentialValidationResult.NOT_VALIDATED_RESULT) LoginException(com.sun.enterprise.security.auth.login.common.LoginException) Set(java.util.Set) Typed(javax.enterprise.inject.Typed) IdentityStore(javax.security.enterprise.identitystore.IdentityStore) Group(org.glassfish.security.common.Group) ClientCertificateLoginModule(com.sun.enterprise.security.auth.login.ClientCertificateLoginModule) CertificateRealmIdentityStoreConfiguration(fish.payara.security.realm.config.CertificateRealmIdentityStoreConfiguration) CertificateIdentityStoreDefinition(fish.payara.security.annotations.CertificateIdentityStoreDefinition) Subject(javax.security.auth.Subject) Realm(com.sun.enterprise.security.auth.realm.Realm) CredentialValidationResult(javax.security.enterprise.identitystore.CredentialValidationResult) INVALID_RESULT(javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT) Arrays.asList(java.util.Arrays.asList) ASSIGN_GROUPS(fish.payara.security.realm.RealmUtil.ASSIGN_GROUPS) Credential(javax.security.enterprise.credential.Credential) WebAndEjbToJaasBridge(com.sun.enterprise.security.auth.WebAndEjbToJaasBridge) CertificateCredential(fish.payara.security.api.CertificateCredential) CertificateRealm(com.sun.enterprise.security.auth.realm.certificate.CertificateRealm) Collectors.toSet(java.util.stream.Collectors.toSet) RealmUtil(fish.payara.security.realm.RealmUtil) Group(org.glassfish.security.common.Group) CredentialValidationResult(javax.security.enterprise.identitystore.CredentialValidationResult) LoginException(com.sun.enterprise.security.auth.login.common.LoginException) Subject(javax.security.auth.Subject)

Aggregations

WebAndEjbToJaasBridge (com.sun.enterprise.security.auth.WebAndEjbToJaasBridge)2 LoginException (com.sun.enterprise.security.auth.login.common.LoginException)2 CertificateCredential (fish.payara.security.api.CertificateCredential)2 Set (java.util.Set)2 Collectors.toSet (java.util.stream.Collectors.toSet)2 Typed (javax.enterprise.inject.Typed)2 Subject (javax.security.auth.Subject)2 Credential (javax.security.enterprise.credential.Credential)2 CredentialValidationResult (javax.security.enterprise.identitystore.CredentialValidationResult)2 INVALID_RESULT (javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT)2 NOT_VALIDATED_RESULT (javax.security.enterprise.identitystore.CredentialValidationResult.NOT_VALIDATED_RESULT)2 IdentityStore (javax.security.enterprise.identitystore.IdentityStore)2 Group (org.glassfish.security.common.Group)2 ClientCertificateLoginModule (com.sun.enterprise.security.auth.login.ClientCertificateLoginModule)1 LoginContextDriver.getValidRealm (com.sun.enterprise.security.auth.login.LoginContextDriver.getValidRealm)1 PasswordCredential (com.sun.enterprise.security.auth.login.common.PasswordCredential)1 Realm (com.sun.enterprise.security.auth.realm.Realm)1 CertificateRealm (com.sun.enterprise.security.auth.realm.certificate.CertificateRealm)1 AppservAccessController.privileged (com.sun.enterprise.security.common.AppservAccessController.privileged)1 CertificateIdentityStoreDefinition (fish.payara.security.annotations.CertificateIdentityStoreDefinition)1