Search in sources :

Example 1 with CredentialsCallback

use of org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback in project jackrabbit-oak by apache.

the class AbstractLoginModule method getCredentials.

/**
     * Tries to retrieve valid (supported) Credentials:
     * <ol>
     * <li>using a {@link CredentialsCallback},</li>
     * <li>looking for a {@link #SHARED_KEY_CREDENTIALS} entry in the
     * shared state (see also {@link #getSharedCredentials()} and finally by</li>
     * <li>searching for valid credentials in the subject.</li>
     * </ol>
     *
     * @return Valid (supported) credentials or {@code null}.
     */
@CheckForNull
protected Credentials getCredentials() {
    Set<Class> supported = getSupportedCredentials();
    if (callbackHandler != null) {
        log.debug("Login: retrieving Credentials using callback.");
        try {
            CredentialsCallback callback = new CredentialsCallback();
            callbackHandler.handle(new Callback[] { callback });
            Credentials creds = callback.getCredentials();
            if (creds != null && supported.contains(creds.getClass())) {
                log.debug("Login: Credentials '{}' obtained from callback", creds);
                return creds;
            } else {
                log.debug("Login: No supported credentials obtained from callback; trying shared state.");
            }
        } catch (UnsupportedCallbackException e) {
            log.warn(e.getMessage());
        } catch (IOException e) {
            log.error(e.getMessage());
        }
    }
    Credentials creds = getSharedCredentials();
    if (creds != null && supported.contains(creds.getClass())) {
        log.debug("Login: Credentials obtained from shared state.");
        return creds;
    } else {
        log.debug("Login: No supported credentials found in shared state; looking for credentials in subject.");
        for (Class clz : getSupportedCredentials()) {
            Set<Credentials> cds = subject.getPublicCredentials(clz);
            if (!cds.isEmpty()) {
                log.debug("Login: Credentials found in subject.");
                return cds.iterator().next();
            }
        }
    }
    log.debug("No credentials found.");
    return null;
}
Also used : UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) IOException(java.io.IOException) Credentials(javax.jcr.Credentials) CredentialsCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback) CheckForNull(javax.annotation.CheckForNull)

Example 2 with CredentialsCallback

use of org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback in project jackrabbit-oak by apache.

the class CallbackHandlerImplTest method testCredentialsCallback.

@Test
public void testCredentialsCallback() throws Exception {
    CredentialsCallback cb = new CredentialsCallback();
    callbackHandler.handle(new Callback[] { cb });
    assertSame(simpleCreds, cb.getCredentials());
}
Also used : CredentialsCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 3 with CredentialsCallback

use of org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback in project jackrabbit-oak by apache.

the class AbstractLoginModuleTest method testGetCredentialsFromCallbackHandler.

@Test
public void testGetCredentialsFromCallbackHandler() {
    CallbackHandler cbh = new CallbackHandler() {

        @Override
        public void handle(Callback[] callbacks) {
            for (Callback cb : callbacks) {
                if (cb instanceof CredentialsCallback) {
                    ((CredentialsCallback) cb).setCredentials(new TestCredentials());
                }
            }
        }
    };
    AbstractLoginModule lm = initLoginModule(TestCredentials.class, cbh);
    assertTrue(lm.getCredentials() instanceof TestCredentials);
    lm = initLoginModule(SimpleCredentials.class, cbh);
    assertNull(lm.getCredentials());
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) CallbackHandler(javax.security.auth.callback.CallbackHandler) PrincipalProviderCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.PrincipalProviderCallback) RepositoryCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.RepositoryCallback) SecurityProviderCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.SecurityProviderCallback) WhiteboardCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.WhiteboardCallback) UserManagerCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.UserManagerCallback) CredentialsCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback) Callback(javax.security.auth.callback.Callback) CredentialsCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback) Test(org.junit.Test)

Example 4 with CredentialsCallback

use of org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback in project jackrabbit-oak by apache.

the class GuestLoginModule method login.

@Override
public boolean login() {
    if (callbackHandler != null) {
        CredentialsCallback ccb = new CredentialsCallback();
        try {
            callbackHandler.handle(new Callback[] { ccb });
            Credentials credentials = ccb.getCredentials();
            if (credentials == null) {
                guestCredentials = new GuestCredentials();
                sharedState.put(AbstractLoginModule.SHARED_KEY_CREDENTIALS, guestCredentials);
                return true;
            }
        } catch (IOException e) {
            log.debug("Login: Failed to retrieve Credentials from CallbackHandler", e);
        } catch (UnsupportedCallbackException e) {
            log.debug("Login: Failed to retrieve Credentials from CallbackHandler", e);
        }
    }
    // ignore this login module
    return false;
}
Also used : IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) GuestCredentials(javax.jcr.GuestCredentials) Credentials(javax.jcr.Credentials) GuestCredentials(javax.jcr.GuestCredentials) CredentialsCallback(org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback)

Aggregations

CredentialsCallback (org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback)4 IOException (java.io.IOException)2 Credentials (javax.jcr.Credentials)2 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)2 Test (org.junit.Test)2 CheckForNull (javax.annotation.CheckForNull)1 GuestCredentials (javax.jcr.GuestCredentials)1 SimpleCredentials (javax.jcr.SimpleCredentials)1 Callback (javax.security.auth.callback.Callback)1 CallbackHandler (javax.security.auth.callback.CallbackHandler)1 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)1 PrincipalProviderCallback (org.apache.jackrabbit.oak.spi.security.authentication.callback.PrincipalProviderCallback)1 RepositoryCallback (org.apache.jackrabbit.oak.spi.security.authentication.callback.RepositoryCallback)1 SecurityProviderCallback (org.apache.jackrabbit.oak.spi.security.authentication.callback.SecurityProviderCallback)1 UserManagerCallback (org.apache.jackrabbit.oak.spi.security.authentication.callback.UserManagerCallback)1 WhiteboardCallback (org.apache.jackrabbit.oak.spi.security.authentication.callback.WhiteboardCallback)1