Examples with Module org.apache.karaf.jaas.config.impl.Module used on opensource projects

Example 1 with Module

use of org.apache.karaf.jaas.config.impl.Module in project karaf by apache.

the class ManageRealmCommandTest method newModuleNamed.

private Module newModuleNamed(String name) {
    Module res = new Module();
    res.setName(name);
    res.setOptions(new Properties());
    res.setFlags("required");
    return res;
}

Example 2 with Module

use of org.apache.karaf.jaas.config.impl.Module in project ddf by codice.

the class LdapLoginConfigTest method testLdapLoginConfig.

/**
     * Verifies that the JaasRealm is properly registered and that multiple ldap modules can be
     * created, updated and deleted.
     */
@Test
public void testLdapLoginConfig() {
    LdapService ldapService = new LdapService(context);
    LdapLoginConfig ldapConfigOne = createLdapConfig(ldapService);
    ldapConfigOne.configure();
    String configIdOne = ldapConfigOne.getId();
    // Verify the JaasRealm is registered.
    verify(context).registerService(eq(JaasRealm.class), any(JaasRealm.class), Matchers.<Dictionary<String, Object>>any());
    LdapLoginConfig ldapConfigTwo = createLdapConfig(ldapService);
    ldapConfigTwo.configure();
    String configIdTwo = ldapConfigTwo.getId();
    Map<String, String> ldapPropsOne = createLdapProperties("cn=user1");
    ldapConfigOne.update(ldapPropsOne);
    Map<String, String> ldapPropsTwo = createLdapProperties("cn=user2");
    ldapConfigTwo.update(ldapPropsTwo);
    List<Module> ldapModules = ldapService.getModules();
    for (Module module : ldapModules) {
        String moduleName = module.getName();
        String username = module.getOptions().getProperty(CONNECTION_USERNAME);
        // Assert the ldap modules were updated.
        if (moduleName.equals(configIdOne)) {
            assertThat(username, is(equalTo("cn=user1")));
        } else if (moduleName.equals(configIdTwo)) {
            assertThat(username, is(equalTo("cn=user2")));
        } else {
            fail("The ldap modules did not update correctly.");
        }
    }
    // Verify the JaasRealm has only been registered once.
    verify(context, times(1)).registerService(eq(JaasRealm.class), any(JaasRealm.class), Matchers.<Dictionary<String, Object>>any());
    // Destroy the first ldap module.
    ldapConfigOne.destroy(1);
    // Assert that the ldap module had already been removed.
    assertThat(ldapService.delete(configIdOne), is(equalTo(false)));
    // Assert the second ldap module is removed.
    assertThat(ldapService.delete(configIdTwo), is(equalTo(true)));
}

Example 3 with Module

use of org.apache.karaf.jaas.config.impl.Module in project ddf by codice.

the class LdapLoginConfig method update.

/**
     * Update method that receives new properties.
     *
     * @param props Map of properties.
     */
public void update(Map<String, ?> props) {
    if (props != null) {
        LOGGER.debug("Received an updated set of configurations for the LDAP Login Config.");
        // create modules from the newly updated config
        Module ldapModule = createLdapModule(props);
        ldapService.update(ldapModule);
    }
}

Example 4 with Module

use of org.apache.karaf.jaas.config.impl.Module in project ddf by codice.

the class LdapLoginConfig method createLdapModule.

/**
     * Creates a new module with the given properties.
     *
     * @param properties Map of properties.
     * @return newly created module.
     */
private Module createLdapModule(Map<String, ?> properties) {
    Module ldapModule = new Module();
    ldapModule.setClassName(LDAP_MODULE);
    ldapModule.setFlags(SUFFICIENT_FLAG);
    ldapModule.setName(id);
    Properties props = new Properties();
    props.put(CONNECTION_USERNAME, properties.get(LDAP_BIND_USER_DN));
    props.put(CONNECTION_PASSWORD, properties.get(LDAP_BIND_USER_PASS));
    props.put(CONNECTION_URL, new PropertyResolver((String) properties.get(LDAP_URL)).toString());
    final Object userBaseDn = properties.get(USER_BASE_DN);
    props.put(SslLdapLoginModule.USER_BASE_DN, userBaseDn);
    final Object userNameAttribute = properties.get(USER_NAME_ATTRIBUTE);
    props.put(USER_FILTER, String.format("(%s=%%u)", userNameAttribute));
    props.put(USER_SEARCH_SUBTREE, "true");
    props.put(ROLE_BASE_DN, properties.get(GROUP_BASE_DN));
    props.put(ROLE_FILTER, String.format("(member=%s=%%u,%s)", userNameAttribute, userBaseDn));
    props.put(ROLE_NAME_ATTRIBUTE, "cn");
    props.put(ROLE_SEARCH_SUBTREE, "true");
    props.put("authentication", "simple");
    props.put("ssl.protocol", "TLS");
    props.put("ssl.algorithm", "SunX509");
    props.put(SSL_STARTTLS, properties.get(START_TLS));
    props.put(BIND_METHOD, properties.get(BIND_METHOD));
    props.put(REALM, (properties.get(REALM) != null) ? properties.get(REALM) : "");
    props.put(KDC_ADDRESS, (properties.get(KDC_ADDRESS) != null) ? properties.get(KDC_ADDRESS) : "");
    if ("GSSAPI SASL".equals(properties.get(BIND_METHOD)) && (StringUtils.isEmpty((String) properties.get(REALM)) || StringUtils.isEmpty((String) properties.get(KDC_ADDRESS)))) {
        LOGGER.warn("LDAP connection will fail. GSSAPI SASL connection requires Kerberos Realm and KDC Address.");
    }
    ldapModule.setOptions(props);
    return ldapModule;
}