Example 6 with SimpleGroup
use of org.apache.cxf.common.security.SimpleGroup in project cxf by apache.
the class SimpleUsernameTokenInterceptor method createSubject.
protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException {
Subject subject = new Subject();
// delegate to the external security system if possible
// authenticate the user somehow
subject.getPrincipals().add(new SimplePrincipal(name));
// add roles this user is in
String roleName = "Alice".equals(name) ? "developers" : "pms";
subject.getPrincipals().add(new SimpleGroup(roleName, name));
subject.setReadOnly();
return subject;
}
Also used :
SimpleGroup(org.apache.cxf.common.security.SimpleGroup)
Subject(javax.security.auth.Subject)
SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal)
Example 7 with SimpleGroup
use of org.apache.cxf.common.security.SimpleGroup in project cxf by apache.
the class CustomUTValidator method validate.
public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
Credential cred = super.validate(credential, data);
UsernameToken ut = credential.getUsernametoken();
WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(ut.getName(), ut.isHashed());
principal.setCreatedTime(ut.getCreated());
principal.setNonce(principal.getNonce());
principal.setPassword(ut.getPassword());
principal.setPasswordType(ut.getPasswordType());
Subject subject = new Subject();
subject.getPrincipals().add(principal);
if ("Alice".equals(ut.getName())) {
subject.getPrincipals().add(new SimpleGroup("manager", ut.getName()));
}
subject.getPrincipals().add(new SimpleGroup("worker", ut.getName()));
cred.setSubject(subject);
return cred;
}
Also used :
Credential(org.apache.wss4j.dom.validate.Credential)
UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken)
SimpleGroup(org.apache.cxf.common.security.SimpleGroup)
Subject(javax.security.auth.Subject)
WSUsernameTokenPrincipalImpl(org.apache.wss4j.common.principal.WSUsernameTokenPrincipalImpl)
Example 8 with SimpleGroup
use of org.apache.cxf.common.security.SimpleGroup in project cxf by apache.
the class CustomStaxUTValidator method validate.
@SuppressWarnings("unchecked")
@Override
public <T extends UsernameSecurityToken & InboundSecurityToken> T validate(UsernameTokenType usernameTokenType, TokenContext tokenContext) throws WSSecurityException {
UsernameSecurityTokenImpl token = super.</*fake @see above*/
UsernameSecurityTokenImpl>validate(usernameTokenType, tokenContext);
Subject subject = new Subject();
subject.getPrincipals().add(token.getPrincipal());
if ("Alice".equals(token.getUsername())) {
subject.getPrincipals().add(new SimpleGroup("manager", token.getUsername()));
}
subject.getPrincipals().add(new SimpleGroup("worker", token.getUsername()));
token.setSubject(subject);
return (T) token;
}
Also used :
UsernameSecurityTokenImpl(org.apache.wss4j.stax.impl.securityToken.UsernameSecurityTokenImpl)
SimpleGroup(org.apache.cxf.common.security.SimpleGroup)
Subject(javax.security.auth.Subject)
Example 9 with SimpleGroup
use of org.apache.cxf.common.security.SimpleGroup in project cxf by apache.
the class SimpleSubjectCreatingInterceptor method createSubject.
@Override
protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException {
Subject subject = new Subject();
// delegate to the external security system if possible
subject.getPrincipals().add(new SimplePrincipal(name));
subject.getPrincipals().add(new SimpleGroup("developers", name));
subject.setReadOnly();
return subject;
}
Also used :
SimpleGroup(org.apache.cxf.common.security.SimpleGroup)
Subject(javax.security.auth.Subject)
SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal)
Example 10 with SimpleGroup
use of org.apache.cxf.common.security.SimpleGroup in project cxf by apache.
the class DefaultJWTRoleParser method parseRolesFromToken.
/**
* Return the set of User/Principal roles from the token.
* @param principal the Principal associated with the token
* @param subject the JAAS Subject associated with a successful validation of the token
* @param token The JWTToken
* @return the set of User/Principal roles from the token.
*/
public Set<Principal> parseRolesFromToken(Principal principal, Subject subject, JwtToken token) {
if (subject != null && useJaasSubject) {
return super.parseRolesFromSubject(principal, subject);
}
Set<Principal> roles = null;
if (roleClaim != null && token != null && token.getClaims().containsProperty(roleClaim)) {
roles = new HashSet<>();
String role = token.getClaims().getStringProperty(roleClaim).trim();
for (String r : role.split(",")) {
roles.add(new SimpleGroup(r));
}
} else {
roles = Collections.emptySet();
}
return roles;
}
Also used :
SimpleGroup(org.apache.cxf.common.security.SimpleGroup)
Principal(java.security.Principal)
Aggregations
SimpleGroup (org.apache.cxf.common.security.SimpleGroup)13
Subject (javax.security.auth.Subject)10
SimplePrincipal (org.apache.cxf.common.security.SimplePrincipal)9
Principal (java.security.Principal)6
Test (org.junit.Test)4
Group (java.security.acl.Group)2
HashSet (java.util.HashSet)2
IOException (java.io.IOException)1
Callback (javax.security.auth.callback.Callback)1
NameCallback (javax.security.auth.callback.NameCallback)1
PasswordCallback (javax.security.auth.callback.PasswordCallback)1
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)1
LoginException (javax.security.auth.login.LoginException)1
Claim (org.apache.cxf.rt.security.claims.Claim)1
SAMLClaim (org.apache.cxf.rt.security.saml.claims.SAMLClaim)1
LoginSecurityContext (org.apache.cxf.security.LoginSecurityContext)1
WSUsernameTokenPrincipalImpl (org.apache.wss4j.common.principal.WSUsernameTokenPrincipalImpl)1
UsernameToken (org.apache.wss4j.dom.message.token.UsernameToken)1
Credential (org.apache.wss4j.dom.validate.Credential)1
UsernameSecurityTokenImpl (org.apache.wss4j.stax.impl.securityToken.UsernameSecurityTokenImpl)1
