Examples with ClientPrincipal org.apache.karaf.jaas.boot.principal.ClientPrincipal used on opensource projects

Search in sources :

Example 1 with ClientPrincipal

use of org.apache.karaf.jaas.boot.principal.ClientPrincipal in project karaf by apache.

the class JaasAuthenticator method authenticate.

public Subject authenticate(Object credentials) throws SecurityException {
    if (!(credentials instanceof String[])) {
        throw new IllegalArgumentException("Expected String[2], got " + (credentials != null ? credentials.getClass().getName() : null));
    }
    final String[] params = (String[]) credentials;
    if (params.length != 2) {
        throw new IllegalArgumentException("Expected String[2] but length was " + params.length);
    }
    try {
        Subject subject = new Subject();
        try {
            subject.getPrincipals().add(new ClientPrincipal("jmx", RemoteServer.getClientHost()));
        } catch (Throwable t) {
        // Ignore
        }
        LoginContext loginContext = new LoginContext(realm, subject, callbacks -> {
            for (Callback callback : callbacks) {
                if (callback instanceof NameCallback) {
                    ((NameCallback) callback).setName(params[0]);
                } else if (callback instanceof PasswordCallback) {
                    ((PasswordCallback) callback).setPassword((params[1].toCharArray()));
                } else {
                    throw new UnsupportedCallbackException(callback);
                }
            }
        });
        loginContext.login();
        int roleCount = 0;
        for (Principal principal : subject.getPrincipals()) {
            if (principal instanceof RolePrincipal) {
                roleCount++;
            }
        }
        if (roleCount == 0) {
            throw new FailedLoginException("User doesn't have role defined");
        }
        return subject;
    } catch (LoginException e) {
        throw new SecurityException("Authentication failed", e);
    }
}
Also used : ClientPrincipal(org.apache.karaf.jaas.boot.principal.ClientPrincipal) Subject(javax.security.auth.Subject) LoginContext(javax.security.auth.login.LoginContext) PasswordCallback(javax.security.auth.callback.PasswordCallback) NameCallback(javax.security.auth.callback.NameCallback) AuthorizeCallback(javax.security.sasl.AuthorizeCallback) Callback(javax.security.auth.callback.Callback) NameCallback(javax.security.auth.callback.NameCallback) FailedLoginException(javax.security.auth.login.FailedLoginException) PasswordCallback(javax.security.auth.callback.PasswordCallback) LoginException(javax.security.auth.login.LoginException) FailedLoginException(javax.security.auth.login.FailedLoginException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) ClientPrincipal(org.apache.karaf.jaas.boot.principal.ClientPrincipal) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) Principal(java.security.Principal)

Example 2 with ClientPrincipal

use of org.apache.karaf.jaas.boot.principal.ClientPrincipal in project karaf by apache.

the class AbstractAuditLoginModuleTest method getPrincipalInfo.

@Test
public void getPrincipalInfo() {
    LogAuditLoginModule module = new LogAuditLoginModule();
    Map<String, String> options = new HashMap<>();
    options.put("logger", "test");
    Subject subject = new Subject();
    subject.getPrincipals().add(new ClientPrincipal("ssh", "/127.0.0.1"));
    subject.getPrincipals().add(new ClientPrincipal("ssh", "/127.0.0.2"));
    subject.getPrincipals().add((UserPrincipal) () -> "noexist");
    module.initialize(subject, new NamePasswordCallbackHandler("myuser", "mypassword"), null, options);
    Assert.assertEquals("ssh(/127.0.0.1), ssh(/127.0.0.2)", module.getPrincipalInfo());
}
Also used : HashMap(java.util.HashMap) NamePasswordCallbackHandler(org.apache.karaf.jaas.modules.NamePasswordCallbackHandler) ClientPrincipal(org.apache.karaf.jaas.boot.principal.ClientPrincipal) Subject(javax.security.auth.Subject) Test(org.junit.Test)

Example 3 with ClientPrincipal

use of org.apache.karaf.jaas.boot.principal.ClientPrincipal in project karaf by apache.

the class LocalConsoleManager method createLocalKarafSubject.

private Subject createLocalKarafSubject() {
    String userName = System.getProperty(KARAF_LOCAL_USER);
    if (userName == null) {
        userName = "karaf";
    }
    final Subject subject = new Subject();
    subject.getPrincipals().add(new UserPrincipal(userName));
    subject.getPrincipals().add(new ClientPrincipal("local", "localhost"));
    String roles = System.getProperty(KARAF_LOCAL_ROLES, KARAF_LOCAL_ROLES_DEFAULT);
    if (roles != null) {
        for (String role : roles.split("[,]")) {
            subject.getPrincipals().add(new RolePrincipal(role.trim()));
        }
    }
    return subject;
}
Also used : RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) ClientPrincipal(org.apache.karaf.jaas.boot.principal.ClientPrincipal) Subject(javax.security.auth.Subject) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal)

Example 4 with ClientPrincipal

use of org.apache.karaf.jaas.boot.principal.ClientPrincipal in project karaf by apache.

the class Buffer method format.

public Buffer format(Subject subject) throws IOException {
    String up = null;
    String cp = null;
    for (Principal p : subject.getPrincipals()) {
        if (p instanceof UserPrincipal) {
            up = p.getName();
        } else if (p instanceof ClientPrincipal) {
            cp = p.getName();
        }
    }
    if (up != null) {
        append(up);
    } else {
        append('?');
    }
    if (cp != null) {
        append('@');
        append(cp);
    }
    return this;
}
Also used : ClientPrincipal(org.apache.karaf.jaas.boot.principal.ClientPrincipal) Principal(java.security.Principal) ClientPrincipal(org.apache.karaf.jaas.boot.principal.ClientPrincipal) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal)

Example 5 with ClientPrincipal

use of org.apache.karaf.jaas.boot.principal.ClientPrincipal in project karaf by apache.

the class JaasSecurityProvider method doAuthenticate.

public Subject doAuthenticate(final String address, final String username, final String password) {
    try {
        Subject subject = new Subject();
        subject.getPrincipals().add(new ClientPrincipal("webconsole", address));
        LoginContext loginContext = new LoginContext(realm, subject, callbacks -> {
            for (Callback callback : callbacks) {
                if (callback instanceof NameCallback) {
                    ((NameCallback) callback).setName(username);
                } else if (callback instanceof PasswordCallback) {
                    ((PasswordCallback) callback).setPassword(password.toCharArray());
                } else {
                    throw new UnsupportedCallbackException(callback);
                }
            }
        });
        loginContext.login();
        if (role != null && role.length() > 0) {
            String clazz = "org.apache.karaf.jaas.boot.principal.RolePrincipal";
            String name = role;
            int idx = role.indexOf(':');
            if (idx > 0) {
                clazz = role.substring(0, idx);
                name = role.substring(idx + 1);
            }
            boolean found = false;
            for (Principal p : subject.getPrincipals()) {
                if (p.getClass().getName().equals(clazz) && p.getName().equals(name)) {
                    found = true;
                    break;
                }
            }
            if (!found) {
                throw new FailedLoginException("User does not have the required role " + role);
            }
        }
        return subject;
    } catch (FailedLoginException e) {
        LOG.debug("Login failed", e);
        return null;
    } catch (AccountException e) {
        LOG.warn("Account failure", e);
        return null;
    } catch (GeneralSecurityException e) {
        LOG.error("General Security Exception", e);
        return null;
    }
}
Also used : GeneralSecurityException(java.security.GeneralSecurityException) ClientPrincipal(org.apache.karaf.jaas.boot.principal.ClientPrincipal) Subject(javax.security.auth.Subject) LoginContext(javax.security.auth.login.LoginContext) PasswordCallback(javax.security.auth.callback.PasswordCallback) NameCallback(javax.security.auth.callback.NameCallback) Callback(javax.security.auth.callback.Callback) NameCallback(javax.security.auth.callback.NameCallback) FailedLoginException(javax.security.auth.login.FailedLoginException) AccountException(javax.security.auth.login.AccountException) PasswordCallback(javax.security.auth.callback.PasswordCallback) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) ClientPrincipal(org.apache.karaf.jaas.boot.principal.ClientPrincipal) Principal(java.security.Principal)

Aggregations

ClientPrincipal (org.apache.karaf.jaas.boot.principal.ClientPrincipal)7 Subject (javax.security.auth.Subject)6 Principal (java.security.Principal)4 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)4 FailedLoginException (javax.security.auth.login.FailedLoginException)4 LoginContext (javax.security.auth.login.LoginContext)4 Callback (javax.security.auth.callback.Callback)3 NameCallback (javax.security.auth.callback.NameCallback)3 PasswordCallback (javax.security.auth.callback.PasswordCallback)3 RolePrincipal (org.apache.karaf.jaas.boot.principal.RolePrincipal)3 LoginException (javax.security.auth.login.LoginException)2 AuthorizeCallback (javax.security.sasl.AuthorizeCallback)2 UserPrincipal (org.apache.karaf.jaas.boot.principal.UserPrincipal)2 IOException (java.io.IOException)1 GeneralSecurityException (java.security.GeneralSecurityException)1 HashMap (java.util.HashMap)1 AccountException (javax.security.auth.login.AccountException)1 NamePasswordCallbackHandler (org.apache.karaf.jaas.modules.NamePasswordCallbackHandler)1 Test (org.junit.Test)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial