Example 26 with SimplePrincipal
use of org.apache.cxf.common.security.SimplePrincipal in project cxf by apache.
the class STSLoginModule method login.
@Override
public boolean login() throws LoginException {
// Get username and password
Callback[] callbacks = new Callback[2];
callbacks[0] = new NameCallback("Username: ");
callbacks[1] = new PasswordCallback("Password: ", false);
try {
callbackHandler.handle(callbacks);
} catch (IOException ioException) {
throw new LoginException(ioException.getMessage());
} catch (UnsupportedCallbackException unsupportedCallbackException) {
throw new LoginException(unsupportedCallbackException.getMessage() + " not available to obtain information from user.");
}
String user = ((NameCallback) callbacks[0]).getName();
char[] tmpPassword = ((PasswordCallback) callbacks[1]).getPassword();
if (tmpPassword == null) {
tmpPassword = new char[0];
}
String password = new String(tmpPassword);
roles = new HashSet<>();
userPrincipal = null;
STSTokenValidator validator = new STSTokenValidator(true);
validator.setUseIssueBinding(requireRoles);
validator.setUseOnBehalfOf(!disableOnBehalfOf);
validator.setDisableCaching(!requireRoles || disableCaching);
// Authenticate token
try {
UsernameToken token = convertToToken(user, password);
Credential credential = new Credential();
credential.setUsernametoken(token);
RequestData data = new RequestData();
Message message = PhaseInterceptorChain.getCurrentMessage();
STSClient stsClient = configureSTSClient(message);
if (message != null) {
message.put(SecurityConstants.STS_CLIENT, stsClient);
data.setMsgContext(message);
} else {
validator.setStsClient(stsClient);
}
credential = validator.validate(credential, data);
// Add user principal
userPrincipal = new SimplePrincipal(user);
// Add roles if a SAML Assertion was returned from the STS
roles.addAll(getRoles(message, credential));
} catch (Exception e) {
LOG.log(Level.INFO, "User " + user + " authentication failed", e);
throw new LoginException("User " + user + " authentication failed: " + e.getMessage());
}
succeeded = true;
return true;
}
Also used :
Credential(org.apache.wss4j.dom.validate.Credential)
Message(org.apache.cxf.message.Message)
UsernameToken(org.apache.wss4j.dom.message.token.UsernameToken)
IOException(java.io.IOException)
LoginException(javax.security.auth.login.LoginException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
BusException(org.apache.cxf.BusException)
IOException(java.io.IOException)
EndpointException(org.apache.cxf.endpoint.EndpointException)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
NameCallback(javax.security.auth.callback.NameCallback)
RequestData(org.apache.wss4j.dom.handler.RequestData)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
LoginException(javax.security.auth.login.LoginException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal)
Example 27 with SimplePrincipal
use of org.apache.cxf.common.security.SimplePrincipal in project cxf by apache.
the class ClaimsAuthorizingInterceptorTest method prepareMessage.
private Message prepareMessage(Class<?> cls, String methodName, String roleName, org.apache.cxf.rt.security.claims.Claim... claim) throws Exception {
ClaimCollection claims = new ClaimCollection();
Collections.addAll(claims, claim);
Set<Principal> roles = parseRolesFromClaims(claims, roleName, "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified");
ClaimsSecurityContext sc = new ClaimsSecurityContext() {
private Principal p = new SimplePrincipal("user");
@Override
public Principal getUserPrincipal() {
return p;
}
@Override
public boolean isUserInRole(String role) {
if (roles == null) {
return false;
}
for (Principal principalRole : roles) {
if (principalRole != p && principalRole.getName().equals(role)) {
return true;
}
}
return false;
}
@Override
public Subject getSubject() {
return null;
}
@Override
public Set<Principal> getUserRoles() {
return roles;
}
@Override
public ClaimCollection getClaims() {
return claims;
}
};
Message m = new MessageImpl();
m.setExchange(new ExchangeImpl());
m.put(SecurityContext.class, sc);
m.put("org.apache.cxf.resource.method", cls.getMethod(methodName, new Class[] {}));
return m;
}
Also used :
Message(org.apache.cxf.message.Message)
ClaimCollection(org.apache.cxf.rt.security.claims.ClaimCollection)
ClaimsSecurityContext(org.apache.cxf.rt.security.claims.ClaimsSecurityContext)
MessageImpl(org.apache.cxf.message.MessageImpl)
SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal)
Principal(java.security.Principal)
SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal)
ExchangeImpl(org.apache.cxf.message.ExchangeImpl)
Example 28 with SimplePrincipal
use of org.apache.cxf.common.security.SimplePrincipal in project cxf by apache.
the class SimpleSubjectCreatingInterceptor method createSubject.
@Override
protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException {
Subject subject = new Subject();
// delegate to the external security system if possible
subject.getPrincipals().add(new SimplePrincipal(name));
subject.getPrincipals().add(new SimpleGroup("developers", name));
subject.setReadOnly();
return subject;
}
Also used :
SimpleGroup(org.apache.cxf.common.security.SimpleGroup)
Subject(javax.security.auth.Subject)
SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal)
Example 29 with SimplePrincipal
use of org.apache.cxf.common.security.SimplePrincipal in project cxf by apache.
the class TestUserPasswordLoginModule method login.
@Override
public boolean login() throws LoginException {
NameCallback nameCallback = new NameCallback("User");
PasswordCallback passwordCallback = new PasswordCallback("Password", false);
Callback[] callbacks = new Callback[] { nameCallback, passwordCallback };
try {
this.callbackHandler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw new LoginException(e.getMessage());
}
String userName = nameCallback.getName();
String password = new String(passwordCallback.getPassword());
if (!TESTUSER.equals(userName)) {
throw new LoginException("wrong username");
}
if (!TESTPASS.equals(password)) {
throw new LoginException("wrong password");
}
subject.getPrincipals().add(new SimplePrincipal(userName));
subject.getPrincipals().add(new SimpleGroup(TESTGROUP));
return true;
}
Also used :
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
NameCallback(javax.security.auth.callback.NameCallback)
Callback(javax.security.auth.callback.Callback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
LoginException(javax.security.auth.login.LoginException)
SimpleGroup(org.apache.cxf.common.security.SimpleGroup)
IOException(java.io.IOException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal)
Example 30 with SimplePrincipal
use of org.apache.cxf.common.security.SimplePrincipal in project tesb-rt-se by Talend.
the class SecurityContextFilter method setNewSecurityContext.
private void setNewSecurityContext(Message message, final String user) {
final SecurityContext newSc = new SecurityContext() {
public Principal getUserPrincipal() {
return new SimplePrincipal(user);
}
public boolean isUserInRole(String arg0) {
return false;
}
};
message.put(SecurityContext.class, newSc);
}
Also used :
SecurityContext(org.apache.cxf.security.SecurityContext)
SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal)
Aggregations
SimplePrincipal (org.apache.cxf.common.security.SimplePrincipal)33
Principal (java.security.Principal)19
Subject (javax.security.auth.Subject)19
Test (org.junit.Test)13
SimpleGroup (org.apache.cxf.common.security.SimpleGroup)10
SecurityContext (org.apache.cxf.security.SecurityContext)9
GroupPrincipal (org.apache.cxf.common.security.GroupPrincipal)6
Message (org.apache.cxf.message.Message)6
LoginSecurityContext (org.apache.cxf.security.LoginSecurityContext)4
IOException (java.io.IOException)3
Callback (javax.security.auth.callback.Callback)3
NameCallback (javax.security.auth.callback.NameCallback)3
PasswordCallback (javax.security.auth.callback.PasswordCallback)3
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)3
LoginException (javax.security.auth.login.LoginException)3
Base64Exception (org.apache.cxf.common.util.Base64Exception)3
ClaimCollection (org.apache.cxf.rt.security.claims.ClaimCollection)3
HashSet (java.util.HashSet)2
CallbackHandler (javax.security.auth.callback.CallbackHandler)2
ExchangeImpl (org.apache.cxf.message.ExchangeImpl)2
