Search in sources :

Example 1 with SimpleCallbackHandler

use of org.apache.felix.jaas.integration.common.SimpleCallbackHandler in project felix by apache.

the class ITJaasWithBootClasspath method testJaasWithBootAndGlobalConfig.

@Test
public void testJaasWithBootAndGlobalConfig() throws Exception {
    String realmName = name.getMethodName();
    createLoginModuleConfig(realmName);
    // 1. Configure the ConfigSpi to replace global config
    org.osgi.service.cm.Configuration config2 = ca.getConfiguration("org.apache.felix.jaas.ConfigurationSpi", null);
    Properties p2 = new Properties();
    p2.setProperty("jaas.globalConfigPolicy", "replace");
    config2.update(p2);
    delay();
    CallbackHandler handler = new SimpleCallbackHandler("foo", "foo");
    Subject s = new Subject();
    // 2. Now just do normal JAAS Login. No change of TCCL and no fetching of explicit config
    LoginContext lc = new LoginContext(realmName, s, handler);
    lc.login();
    assertFalse(s.getPrincipals().isEmpty());
}
Also used : SimpleCallbackHandler(org.apache.felix.jaas.integration.common.SimpleCallbackHandler) CallbackHandler(javax.security.auth.callback.CallbackHandler) LoginContext(javax.security.auth.login.LoginContext) SimpleCallbackHandler(org.apache.felix.jaas.integration.common.SimpleCallbackHandler) Properties(java.util.Properties) Subject(javax.security.auth.Subject) Test(org.junit.Test)

Example 2 with SimpleCallbackHandler

use of org.apache.felix.jaas.integration.common.SimpleCallbackHandler in project felix by apache.

the class ITJaasWithConfigBasedLoginModule method testJaasConfigPassing.

/**
 * Validates that OSGi config do gets passed as part of options to the LoginModule
 */
@Test
public void testJaasConfigPassing() throws Exception {
    String realmName = name.getMethodName();
    // 1. Create sample config
    org.osgi.service.cm.Configuration config = ca.createFactoryConfiguration("org.apache.felix.jaas.Configuration.factory", null);
    Dictionary<String, Object> p = new Hashtable<String, Object>();
    p.put("jaas.classname", "org.apache.felix.jaas.integration.sample1.ConfigLoginModule");
    p.put("jaas.realmName", realmName);
    // Following passed config gets validated in
    // org.apache.felix.jaas.integration.sample1.ConfigLoginModule.validateConfig()
    p.put("validateConfig", Boolean.TRUE);
    p.put("key0", "val0");
    p.put("key1", "val1");
    p.put("key2", "val2");
    // Override the value directly passed in config via options value explicitly
    p.put("jaas.options", new String[] { "key3=val3", "key4=val4", "key0=valNew" });
    config.update(p);
    delay();
    // 2. Validate the login passes with this config. LoginModule would validate
    // the config also
    CallbackHandler handler = new SimpleCallbackHandler("foo", "foo");
    Configuration jaasConfig = Configuration.getInstance("JavaLoginConfig", null, "FelixJaasProvider");
    Subject s = new Subject();
    final ClassLoader cl = Thread.currentThread().getContextClassLoader();
    try {
        Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
        LoginContext lc = new LoginContext(realmName, s, handler, jaasConfig);
        lc.login();
    } finally {
        Thread.currentThread().setContextClassLoader(cl);
    }
    assertFalse(s.getPrincipals().isEmpty());
}
Also used : SimpleCallbackHandler(org.apache.felix.jaas.integration.common.SimpleCallbackHandler) CallbackHandler(javax.security.auth.callback.CallbackHandler) Configuration(javax.security.auth.login.Configuration) Hashtable(java.util.Hashtable) SimpleCallbackHandler(org.apache.felix.jaas.integration.common.SimpleCallbackHandler) Subject(javax.security.auth.Subject) LoginContext(javax.security.auth.login.LoginContext) Test(org.junit.Test)

Example 3 with SimpleCallbackHandler

use of org.apache.felix.jaas.integration.common.SimpleCallbackHandler in project felix by apache.

the class ITJaasWithConfigBasedLoginModule method testJaasConfigWithEmptyRealm.

@Test
public void testJaasConfigWithEmptyRealm() throws Exception {
    String realmName = name.getMethodName();
    // Scenario 1 - Create a config with no realm name set. So its default name would
    // be set to the defaultRealmName setting of ConfigurationSpi. Which defaults to 'other'
    org.osgi.service.cm.Configuration config = ca.createFactoryConfiguration("org.apache.felix.jaas.Configuration.factory", null);
    Dictionary<String, Object> dict = new Hashtable<String, Object>();
    dict.put("jaas.classname", "org.apache.felix.jaas.integration.sample1.ConfigLoginModule");
    config.update(dict);
    delay();
    CallbackHandler handler = new SimpleCallbackHandler("foo", "foo");
    Subject s = new Subject();
    LoginContext lc = loginContextFactory.createLoginContext(realmName, s, handler);
    lc.login();
    assertFalse(s.getPrincipals().isEmpty());
    // Scenario 2 - Now we change the default realm name to 'default' and we do not have any login module which
    // is bound to 'other' as they get part of 'default'. In this case login should fail
    org.osgi.service.cm.Configuration config2 = ca.getConfiguration("org.apache.felix.jaas.ConfigurationSpi", null);
    Properties p2 = new Properties();
    p2.setProperty("jaas.defaultRealmName", "default");
    config2.update(p2);
    delay();
    try {
        Subject s2 = new Subject();
        LoginContext lc2 = loginContextFactory.createLoginContext(realmName, s2, handler);
        lc2.login();
        fail("Should have failed as no LoginModule bound with 'other'");
    } catch (LoginException e) {
    }
}
Also used : SimpleCallbackHandler(org.apache.felix.jaas.integration.common.SimpleCallbackHandler) CallbackHandler(javax.security.auth.callback.CallbackHandler) Hashtable(java.util.Hashtable) SimpleCallbackHandler(org.apache.felix.jaas.integration.common.SimpleCallbackHandler) Properties(java.util.Properties) Subject(javax.security.auth.Subject) LoginContext(javax.security.auth.login.LoginContext) LoginException(javax.security.auth.login.LoginException) Test(org.junit.Test)

Example 4 with SimpleCallbackHandler

use of org.apache.felix.jaas.integration.common.SimpleCallbackHandler in project felix by apache.

the class ITJaasWithConfigBasedLoginModule method testJaasWithFactory.

@Test
public void testJaasWithFactory() throws Exception {
    String realmName = name.getMethodName();
    createLoginModuleConfig(realmName);
    delay();
    CallbackHandler handler = new SimpleCallbackHandler("foo", "foo");
    Subject s = new Subject();
    // Using LoginFactory we can avoid providing Configuration and switching TCCL
    LoginContext lc = loginContextFactory.createLoginContext(realmName, s, handler);
    lc.login();
    assertFalse(s.getPrincipals().isEmpty());
    // Negative case. Login fails with incorrect password
    try {
        LoginContext lc2 = loginContextFactory.createLoginContext(realmName, s, new SimpleCallbackHandler("foo", "bar"));
        lc2.login();
        fail("Login should have failed");
    } catch (LoginException e) {
    }
}
Also used : SimpleCallbackHandler(org.apache.felix.jaas.integration.common.SimpleCallbackHandler) CallbackHandler(javax.security.auth.callback.CallbackHandler) LoginContext(javax.security.auth.login.LoginContext) SimpleCallbackHandler(org.apache.felix.jaas.integration.common.SimpleCallbackHandler) LoginException(javax.security.auth.login.LoginException) Subject(javax.security.auth.Subject) Test(org.junit.Test)

Example 5 with SimpleCallbackHandler

use of org.apache.felix.jaas.integration.common.SimpleCallbackHandler in project felix by apache.

the class ITJaasWithBootClasspath method testJaasWithBoot.

/**
 * Creates the scenario where jaas-boot jar is placed in bootclasspath. With this the client
 * code need not switch the TCCL
 */
@Test
public void testJaasWithBoot() throws Exception {
    String realmName = name.getMethodName();
    createLoginModuleConfig(realmName);
    delay();
    CallbackHandler handler = new SimpleCallbackHandler("foo", "foo");
    Configuration config = Configuration.getInstance("JavaLoginConfig", null, "FelixJaasProvider");
    Subject s = new Subject();
    LoginContext lc = new LoginContext(realmName, s, handler, config);
    lc.login();
    assertFalse(s.getPrincipals().isEmpty());
}
Also used : SimpleCallbackHandler(org.apache.felix.jaas.integration.common.SimpleCallbackHandler) CallbackHandler(javax.security.auth.callback.CallbackHandler) LoginContext(javax.security.auth.login.LoginContext) Configuration(javax.security.auth.login.Configuration) SimpleCallbackHandler(org.apache.felix.jaas.integration.common.SimpleCallbackHandler) Subject(javax.security.auth.Subject) Test(org.junit.Test)

Aggregations

Subject (javax.security.auth.Subject)7 CallbackHandler (javax.security.auth.callback.CallbackHandler)7 LoginContext (javax.security.auth.login.LoginContext)7 SimpleCallbackHandler (org.apache.felix.jaas.integration.common.SimpleCallbackHandler)7 Test (org.junit.Test)7 Properties (java.util.Properties)3 Configuration (javax.security.auth.login.Configuration)3 Hashtable (java.util.Hashtable)2 LoginException (javax.security.auth.login.LoginException)2