Examples with UsernamePasswordCredential javax.security.enterprise.credential.UsernamePasswordCredential used on opensource projects

Search in sources :

Example 6 with UsernamePasswordCredential

use of javax.security.enterprise.credential.UsernamePasswordCredential in project quickstart by wildfly.

the class TestAuthenticationMechanism method validateRequest.

@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
    final String username = request.getHeader(USERNAME_HEADER);
    final String password = request.getHeader(PASSWORD_HEADER);
    if (username != null && password != null) {
        UsernamePasswordCredential upc = new UsernamePasswordCredential(username, password);
        CredentialValidationResult cvr = identityStoreHandler.validate(upc);
        if (cvr.getStatus() == Status.VALID) {
            return httpMessageContext.notifyContainerAboutLogin(cvr.getCallerPrincipal(), cvr.getCallerGroups());
        } else {
            return challenge(response, httpMessageContext);
        }
    }
    return challenge(response, httpMessageContext);
}
Also used : CredentialValidationResult(javax.security.enterprise.identitystore.CredentialValidationResult) UsernamePasswordCredential(javax.security.enterprise.credential.UsernamePasswordCredential)

Example 7 with UsernamePasswordCredential

use of javax.security.enterprise.credential.UsernamePasswordCredential in project wildfly by wildfly.

the class TestAuthenticationMechanism method validateRequest.

@Override
public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMessageContext) throws AuthenticationException {
    final String username = request.getHeader(USERNAME_HEADER);
    final String password = request.getHeader(PASSWORD_HEADER);
    final boolean challenge = Boolean.parseBoolean(request.getParameter("challenge"));
    if (username != null && password != null) {
        UsernamePasswordCredential upc = new UsernamePasswordCredential(username, password);
        CredentialValidationResult cvr = identityStoreHandler.validate(upc);
        if (cvr.getStatus() == Status.VALID) {
            return httpMessageContext.notifyContainerAboutLogin(cvr.getCallerPrincipal(), cvr.getCallerGroups());
        } else {
            return challenge(response, httpMessageContext);
        }
    }
    if (challenge || httpMessageContext.isProtected()) {
        return challenge(response, httpMessageContext);
    }
    return httpMessageContext.doNothing();
}
Also used : CredentialValidationResult(javax.security.enterprise.identitystore.CredentialValidationResult) UsernamePasswordCredential(javax.security.enterprise.credential.UsernamePasswordCredential)

Example 8 with UsernamePasswordCredential

use of javax.security.enterprise.credential.UsernamePasswordCredential in project Payara by payara.

the class RealmIdentityStore method login.

protected Subject login(UsernamePasswordCredential credential, String realmName) {
    String username = credential.getCaller();
    char[] password = credential.getPassword().getValue();
    Subject subject = new Subject();
    privileged(() -> subject.getPrivateCredentials().add(new PasswordCredential(username, password, getValidRealm(realmName))));
    WebAndEjbToJaasBridge.login(subject, PasswordCredential.class);
    return subject;
}
Also used : PasswordCredential(com.sun.enterprise.security.auth.login.common.PasswordCredential) UsernamePasswordCredential(javax.security.enterprise.credential.UsernamePasswordCredential) Subject(javax.security.auth.Subject)

Example 9 with UsernamePasswordCredential

use of javax.security.enterprise.credential.UsernamePasswordCredential in project Payara by payara.

the class RealmIdentityStore method validate.

protected CredentialValidationResult validate(UsernamePasswordCredential credential, String realmName) {
    try {
        Subject subject = login(credential, realmName);
        Set<String> groups = subject.getPrincipals(Group.class).stream().map(g -> g.getName()).collect(toSet());
        if (!groups.isEmpty()) {
            return new CredentialValidationResult(new CallerPrincipal(credential.getCaller()), groups);
        }
    } catch (LoginException ex) {
        return INVALID_RESULT;
    }
    return INVALID_RESULT;
}
Also used : RealmIdentityStoreDefinition(fish.payara.security.annotations.RealmIdentityStoreDefinition) RealmIdentityStoreConfiguration(fish.payara.security.realm.config.RealmIdentityStoreConfiguration) NOT_VALIDATED_RESULT(javax.security.enterprise.identitystore.CredentialValidationResult.NOT_VALIDATED_RESULT) PasswordCredential(com.sun.enterprise.security.auth.login.common.PasswordCredential) LoginException(com.sun.enterprise.security.auth.login.common.LoginException) Set(java.util.Set) Typed(javax.enterprise.inject.Typed) IdentityStore(javax.security.enterprise.identitystore.IdentityStore) Group(org.glassfish.security.common.Group) CallerPrincipal(javax.security.enterprise.CallerPrincipal) AppservAccessController.privileged(com.sun.enterprise.security.common.AppservAccessController.privileged) Subject(javax.security.auth.Subject) CredentialValidationResult(javax.security.enterprise.identitystore.CredentialValidationResult) INVALID_RESULT(javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT) Credential(javax.security.enterprise.credential.Credential) WebAndEjbToJaasBridge(com.sun.enterprise.security.auth.WebAndEjbToJaasBridge) LoginContextDriver.getValidRealm(com.sun.enterprise.security.auth.login.LoginContextDriver.getValidRealm) UsernamePasswordCredential(javax.security.enterprise.credential.UsernamePasswordCredential) CertificateCredential(fish.payara.security.api.CertificateCredential) Collectors.toSet(java.util.stream.Collectors.toSet) Group(org.glassfish.security.common.Group) CredentialValidationResult(javax.security.enterprise.identitystore.CredentialValidationResult) LoginException(com.sun.enterprise.security.auth.login.common.LoginException) CallerPrincipal(javax.security.enterprise.CallerPrincipal) Subject(javax.security.auth.Subject)

Example 10 with UsernamePasswordCredential

use of javax.security.enterprise.credential.UsernamePasswordCredential in project quickstart by wildfly.

the class ElytronIdentityStore method validate.

@Override
public CredentialValidationResult validate(Credential credential) {
    if (credential instanceof UsernamePasswordCredential) {
        UsernamePasswordCredential upc = (UsernamePasswordCredential) credential;
        SecurityIdentity result;
        try {
            result = securityDomain.authenticate(upc.getCaller(), new PasswordGuessEvidence(upc.getPassword().getValue()));
        } catch (RealmUnavailableException e) {
            return NOT_VALIDATED_RESULT;
        } catch (SecurityException e) {
            return INVALID_RESULT;
        }
        final HashSet<String> groups = new HashSet<>();
        result.getRoles().forEach(groups::add);
        return new CredentialValidationResult(result.getPrincipal().getName(), groups);
    }
    return INVALID_RESULT;
}
Also used : SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) CredentialValidationResult(javax.security.enterprise.identitystore.CredentialValidationResult) PasswordGuessEvidence(org.wildfly.security.evidence.PasswordGuessEvidence) RealmUnavailableException(org.wildfly.security.auth.server.RealmUnavailableException) UsernamePasswordCredential(javax.security.enterprise.credential.UsernamePasswordCredential) HashSet(java.util.HashSet)

Aggregations

UsernamePasswordCredential (javax.security.enterprise.credential.UsernamePasswordCredential)11 CredentialValidationResult (javax.security.enterprise.identitystore.CredentialValidationResult)9 PasswordCredential (com.sun.enterprise.security.auth.login.common.PasswordCredential)2 Subject (javax.security.auth.Subject)2 WebAndEjbToJaasBridge (com.sun.enterprise.security.auth.WebAndEjbToJaasBridge)1 LoginContextDriver.getValidRealm (com.sun.enterprise.security.auth.login.LoginContextDriver.getValidRealm)1 LoginException (com.sun.enterprise.security.auth.login.common.LoginException)1 AppservAccessController.privileged (com.sun.enterprise.security.common.AppservAccessController.privileged)1 RealmIdentityStoreDefinition (fish.payara.security.annotations.RealmIdentityStoreDefinition)1 CertificateCredential (fish.payara.security.api.CertificateCredential)1 RealmIdentityStoreConfiguration (fish.payara.security.realm.config.RealmIdentityStoreConfiguration)1 HashSet (java.util.HashSet)1 Set (java.util.Set)1 Collectors.toSet (java.util.stream.Collectors.toSet)1 Typed (javax.enterprise.inject.Typed)1 InitialLdapContext (javax.naming.ldap.InitialLdapContext)1 LdapContext (javax.naming.ldap.LdapContext)1 CallerPrincipal (javax.security.enterprise.CallerPrincipal)1 Credential (javax.security.enterprise.credential.Credential)1 INVALID_RESULT (javax.security.enterprise.identitystore.CredentialValidationResult.INVALID_RESULT)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial