Examples with NamePasswordCallbackHandler org.apache.karaf.jaas.modules.NamePasswordCallbackHandler used on opensource projects

Search in sources :

Example 21 with NamePasswordCallbackHandler

use of org.apache.karaf.jaas.modules.NamePasswordCallbackHandler in project karaf by apache.

the class LdapCacheTest method testAdminLogin.

@Test
public void testAdminLogin() throws Exception {
    Properties options = ldapLoginModuleOptions();
    LDAPLoginModule module = new LDAPLoginModule();
    CallbackHandler cb = new NamePasswordCallbackHandler("admin", "admin123");
    Subject subject = new Subject();
    module.initialize(subject, cb, null, options);
    assertEquals("Precondition", 0, subject.getPrincipals().size());
    assertTrue(module.login());
    assertTrue(module.commit());
    assertEquals(2, subject.getPrincipals().size());
    boolean foundUser = false;
    boolean foundRole = false;
    for (Principal pr : subject.getPrincipals()) {
        if (pr instanceof UserPrincipal) {
            assertEquals("admin", pr.getName());
            foundUser = true;
        } else if (pr instanceof RolePrincipal) {
            assertEquals("admin", pr.getName());
            foundRole = true;
        }
    }
    assertTrue(foundUser);
    assertTrue(foundRole);
    assertTrue(module.logout());
    assertEquals("Principals should be gone as the user has logged out", 0, subject.getPrincipals().size());
    DirContext context = new LDAPCache(new LDAPOptions(options)).open();
    // Make "admin" user a member of a new "another" group
    //        dn: cn=admin,ou=groups,dc=example,dc=com
    //        objectClass: top
    //        objectClass: groupOfNames
    //        cn: admin
    //        member: cn=admin,ou=people,dc=example,dc=com
    Attributes entry = new BasicAttributes();
    entry.put(new BasicAttribute("cn", "another"));
    Attribute oc = new BasicAttribute("objectClass");
    oc.add("top");
    oc.add("groupOfNames");
    entry.put(oc);
    Attribute mb = new BasicAttribute("member");
    mb.add("cn=admin,ou=people,dc=example,dc=com");
    entry.put(mb);
    context.createSubcontext("cn=another,ou=groups,dc=example,dc=com", entry);
    Thread.sleep(100);
    module = new LDAPLoginModule();
    subject = new Subject();
    module.initialize(subject, cb, null, options);
    assertEquals("Precondition", 0, subject.getPrincipals().size());
    assertTrue(module.login());
    assertTrue(module.commit());
    assertEquals("Postcondition", 3, subject.getPrincipals().size());
}
Also used : BasicAttribute(javax.naming.directory.BasicAttribute) BasicAttributes(javax.naming.directory.BasicAttributes) NamePasswordCallbackHandler(org.apache.karaf.jaas.modules.NamePasswordCallbackHandler) CallbackHandler(javax.security.auth.callback.CallbackHandler) BasicAttribute(javax.naming.directory.BasicAttribute) Attribute(javax.naming.directory.Attribute) BasicAttributes(javax.naming.directory.BasicAttributes) Attributes(javax.naming.directory.Attributes) DirContext(javax.naming.directory.DirContext) Properties(org.apache.felix.utils.properties.Properties) Subject(javax.security.auth.Subject) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) NamePasswordCallbackHandler(org.apache.karaf.jaas.modules.NamePasswordCallbackHandler) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) Principal(java.security.Principal) Test(org.junit.Test)

Example 22 with NamePasswordCallbackHandler

use of org.apache.karaf.jaas.modules.NamePasswordCallbackHandler in project karaf by apache.

the class LdapLoginModuleTest method testNonAdminLogin.

@Test
public void testNonAdminLogin() throws Exception {
    Properties options = ldapLoginModuleOptions();
    LDAPLoginModule module = new LDAPLoginModule();
    Subject subject = new Subject();
    module.initialize(subject, new NamePasswordCallbackHandler("cheese", "foodie"), null, options);
    assertEquals("Precondition", 0, subject.getPrincipals().size());
    assertTrue(module.login());
    assertTrue(module.commit());
    assertEquals(1, subject.getPrincipals().size());
    boolean foundUser = false;
    boolean foundRole = false;
    for (Principal pr : subject.getPrincipals()) {
        if (pr instanceof UserPrincipal) {
            assertEquals("cheese", pr.getName());
            foundUser = true;
        } else if (pr instanceof RolePrincipal) {
            assertEquals("admin", pr.getName());
            foundRole = true;
        }
    }
    assertTrue(foundUser);
    // cheese is not an admin so no roles should be returned
    assertFalse(foundRole);
    assertTrue(module.logout());
    assertEquals("Principals should be gone as the user has logged out", 0, subject.getPrincipals().size());
}
Also used : NamePasswordCallbackHandler(org.apache.karaf.jaas.modules.NamePasswordCallbackHandler) Properties(org.apache.felix.utils.properties.Properties) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) Subject(javax.security.auth.Subject) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) Principal(java.security.Principal) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) Test(org.junit.Test)

Example 23 with NamePasswordCallbackHandler

use of org.apache.karaf.jaas.modules.NamePasswordCallbackHandler in project karaf by apache.

the class LdapLoginModuleTest method testRoleMappingParsing.

@Test
public void testRoleMappingParsing() throws Exception {
    Properties options = ldapLoginModuleOptions();
    options.put(LDAPOptions.ROLE_MAPPING, "admin = karaf, test; admin = another");
    LDAPLoginModule module = new LDAPLoginModule();
    Subject subject = new Subject();
    module.initialize(subject, new NamePasswordCallbackHandler("admin", "admin123"), null, options);
    assertEquals("Precondition", 0, subject.getPrincipals().size());
    assertTrue(module.login());
    assertTrue(module.commit());
    assertEquals(4, subject.getPrincipals().size());
    final List<String> roles = new ArrayList<>(Arrays.asList("karaf", "test", "another"));
    boolean foundUser = false;
    boolean foundRole = false;
    for (Principal pr : subject.getPrincipals()) {
        if (pr instanceof UserPrincipal) {
            assertEquals("admin", pr.getName());
            foundUser = true;
        } else if (pr instanceof RolePrincipal) {
            assertTrue(roles.remove(pr.getName()));
            foundRole = true;
        }
    }
    assertTrue(foundUser);
    assertTrue(foundRole);
    assertTrue(roles.isEmpty());
    assertTrue(module.logout());
    assertEquals("Principals should be gone as the user has logged out", 0, subject.getPrincipals().size());
}
Also used : NamePasswordCallbackHandler(org.apache.karaf.jaas.modules.NamePasswordCallbackHandler) ArrayList(java.util.ArrayList) Properties(org.apache.felix.utils.properties.Properties) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) Subject(javax.security.auth.Subject) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) Principal(java.security.Principal) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) Test(org.junit.Test)

Example 24 with NamePasswordCallbackHandler

use of org.apache.karaf.jaas.modules.NamePasswordCallbackHandler in project karaf by apache.

the class LdapLoginModuleTest method testRoleMappingFqdn.

@Test
public void testRoleMappingFqdn() throws Exception {
    Properties options = ldapLoginModuleOptions();
    options.put(LDAPOptions.ROLE_MAPPING, "cn=admin,ou=groups,dc=example,dc=com=karaf;cn=admin,ou=mygroups,dc=example,dc=com=another");
    options.put(LDAPOptions.ROLE_BASE_DN, "ou=groups,dc=example,dc=com");
    options.put(LDAPOptions.ROLE_SEARCH_SUBTREE, "true");
    options.put(LDAPOptions.ROLE_FILTER, "(member=%fqdn)");
    options.put(LDAPOptions.ROLE_NAME_ATTRIBUTE, "description");
    LDAPLoginModule module = new LDAPLoginModule();
    Subject subject = new Subject();
    module.initialize(subject, new NamePasswordCallbackHandler("admin", "admin123"), null, options);
    assertEquals("Precondition", 0, subject.getPrincipals().size());
    assertTrue(module.login());
    assertTrue(module.commit());
    assertEquals(2, subject.getPrincipals().size());
    final List<String> roles = new ArrayList<>(Arrays.asList("karaf"));
    boolean foundUser = false;
    boolean foundRole = false;
    for (Principal principal : subject.getPrincipals()) {
        if (principal instanceof UserPrincipal) {
            assertEquals("admin", principal.getName());
            foundUser = true;
        } else if (principal instanceof RolePrincipal) {
            assertTrue(roles.remove(principal.getName()));
            foundRole = true;
        }
    }
    assertTrue(foundUser);
    assertTrue(foundRole);
    assertTrue(roles.isEmpty());
    assertTrue(module.logout());
    assertEquals("Principals should be gone as the user has logged out", 0, subject.getPrincipals().size());
}
Also used : NamePasswordCallbackHandler(org.apache.karaf.jaas.modules.NamePasswordCallbackHandler) ArrayList(java.util.ArrayList) Properties(org.apache.felix.utils.properties.Properties) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) Subject(javax.security.auth.Subject) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) Principal(java.security.Principal) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) Test(org.junit.Test)

Example 25 with NamePasswordCallbackHandler

use of org.apache.karaf.jaas.modules.NamePasswordCallbackHandler in project karaf by apache.

the class LdapLoginModuleTest method testTrimmedUsernameLogin.

@Test
public void testTrimmedUsernameLogin() throws Exception {
    Properties options = ldapLoginModuleOptions();
    options.put("usernames.trim", "true");
    LDAPLoginModule module = new LDAPLoginModule();
    Subject subject = new Subject();
    module.initialize(subject, new NamePasswordCallbackHandler("cheese   ", "foodie"), null, options);
    assertEquals("Precondition", 0, subject.getPrincipals().size());
    assertTrue(module.login());
    assertTrue(module.commit());
    assertEquals(1, subject.getPrincipals().size());
    boolean foundUser = false;
    boolean foundRole = false;
    for (Principal pr : subject.getPrincipals()) {
        if (pr instanceof UserPrincipal) {
            assertEquals("cheese", pr.getName());
            foundUser = true;
        } else if (pr instanceof RolePrincipal) {
            assertEquals("admin", pr.getName());
            foundRole = true;
        }
    }
    assertTrue(foundUser);
    // cheese is not an admin so no roles should be returned
    assertFalse(foundRole);
    assertTrue(module.logout());
    assertEquals("Principals should be gone as the user has logged out", 0, subject.getPrincipals().size());
}
Also used : NamePasswordCallbackHandler(org.apache.karaf.jaas.modules.NamePasswordCallbackHandler) Properties(org.apache.felix.utils.properties.Properties) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) Subject(javax.security.auth.Subject) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) RolePrincipal(org.apache.karaf.jaas.boot.principal.RolePrincipal) Principal(java.security.Principal) UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal) Test(org.junit.Test)

Aggregations

Subject (javax.security.auth.Subject)26 NamePasswordCallbackHandler (org.apache.karaf.jaas.modules.NamePasswordCallbackHandler)26 Test (org.junit.Test)25 Properties (org.apache.felix.utils.properties.Properties)21 Principal (java.security.Principal)13 RolePrincipal (org.apache.karaf.jaas.boot.principal.RolePrincipal)13 UserPrincipal (org.apache.karaf.jaas.boot.principal.UserPrincipal)13 AbstractKerberosITest (org.apache.directory.server.kerberos.kdc.AbstractKerberosITest)8 File (java.io.File)4 HashMap (java.util.HashMap)4 ArrayList (java.util.ArrayList)3 GroupPrincipal (org.apache.karaf.jaas.boot.principal.GroupPrincipal)3 KerberosPrincipal (javax.security.auth.kerberos.KerberosPrincipal)2 KerberosTicket (javax.security.auth.kerberos.KerberosTicket)2 FailedLoginException (javax.security.auth.login.FailedLoginException)2 LoginException (javax.security.auth.login.LoginException)2 Attribute (javax.naming.directory.Attribute)1 Attributes (javax.naming.directory.Attributes)1 BasicAttribute (javax.naming.directory.BasicAttribute)1 BasicAttributes (javax.naming.directory.BasicAttributes)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial