Examples with AuthenticationResult org.apache.qpid.server.security.auth.AuthenticationResult used on opensource projects

Example 41 with AuthenticationResult

use of org.apache.qpid.server.security.auth.AuthenticationResult in project qpid-broker-j by apache.

the class MD5AuthenticationProvider method authenticate.

@Override
public AuthenticationResult authenticate(final String username, final String password) {
    ManagedUser user = getUser(username);
    AuthenticationResult result;
    if (user != null && user.getPassword().equals(createStoredPassword(password))) {
        result = new AuthenticationResult(new UsernamePrincipal(username, this));
    } else {
        result = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR);
    }
    return result;
}

Example 42 with AuthenticationResult

use of org.apache.qpid.server.security.auth.AuthenticationResult in project qpid-broker-j by apache.

the class PlainAuthenticationProvider method authenticate.

@Override
public AuthenticationResult authenticate(final String username, final String password) {
    ManagedUser user = getUser(username);
    AuthenticationResult result;
    if (user != null && user.getPassword().equals(password)) {
        result = new AuthenticationResult(new UsernamePrincipal(username, this));
    } else {
        result = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR);
    }
    return result;
}

Example 43 with AuthenticationResult

use of org.apache.qpid.server.security.auth.AuthenticationResult in project qpid-broker-j by apache.

the class SimpleLDAPAuthenticationManagerImpl method doLDAPNameAuthentication.

private AuthenticationResult doLDAPNameAuthentication(String userId, String password) {
    final String name;
    try {
        name = getNameFromId(userId);
    } catch (NamingException e) {
        LOGGER.warn("Retrieving LDAP name for user '{}' resulted in error.", userId, e);
        return new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR, e);
    }
    if (name == null) {
        // The search didn't return anything, class as not-authenticated before it NPEs below
        return new AuthenticationResult(AuthenticationStatus.ERROR);
    }
    String providerAuthUrl = isSpecified(getProviderAuthUrl()) ? getProviderAuthUrl() : getProviderUrl();
    Hashtable<String, Object> env = createInitialDirContextEnvironment(providerAuthUrl);
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.SECURITY_PRINCIPAL, name);
    env.put(Context.SECURITY_CREDENTIALS, password);
    InitialDirContext ctx = null;
    try {
        ctx = createInitialDirContext(env, _sslSocketFactoryOverrideClass);
        Set<Principal> groups = Collections.emptySet();
        if (isGroupSearchRequired()) {
            if (!providerAuthUrl.equals(getProviderUrl())) {
                closeSafely(ctx);
                ctx = createSearchInitialDirContext();
            }
            groups = findGroups(ctx, name);
        }
        // Authentication succeeded
        return new AuthenticationResult(new UsernamePrincipal(name, this), groups, null);
    } catch (AuthenticationException ae) {
        // Authentication failed
        return new AuthenticationResult(AuthenticationStatus.ERROR);
    } catch (NamingException e) {
        // Some other failure
        LOGGER.warn("LDAP authentication attempt for username '{}' resulted in error.", name, e);
        return new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR, e);
    } finally {
        if (ctx != null) {
            closeSafely(ctx);
        }
    }
}

Example 44 with AuthenticationResult

use of org.apache.qpid.server.security.auth.AuthenticationResult in project qpid-broker-j by apache.

the class OAuth2AuthenticationProviderImpl method authenticateViaAccessToken.

@Override
public AuthenticationResult authenticateViaAccessToken(final String accessToken, final NamedAddressSpace addressSpace) {
    return _authenticationResultCacher.getOrLoad(new String[] { accessToken }, () -> {
        try {
            final Principal userPrincipal = _identityResolverService.getUserPrincipal(OAuth2AuthenticationProviderImpl.this, accessToken, addressSpace);
            OAuth2UserPrincipal oauthUserPrincipal = new OAuth2UserPrincipal(userPrincipal.getName(), accessToken, OAuth2AuthenticationProviderImpl.this);
            return new AuthenticationResult(oauthUserPrincipal);
        } catch (IOException | IdentityResolverException e) {
            LOGGER.error("Call to identity resolver failed", e);
            return new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR, e);
        }
    });
}

Example 45 with AuthenticationResult

use of org.apache.qpid.server.security.auth.AuthenticationResult in project qpid-broker-j by apache.

the class SubjectCreatorTest method setUp.

@Override
public void setUp() {
    when(_groupManager1.getGroupPrincipalsForUser(USERNAME_PRINCIPAL)).thenReturn(Collections.singleton(_group1));
    when(_groupManager2.getGroupPrincipalsForUser(USERNAME_PRINCIPAL)).thenReturn(Collections.singleton(_group2));
    _subjectCreator = new SubjectCreator(_authenticationProvider, new HashSet<>(Arrays.asList(_groupManager1, _groupManager2)), null);
    _eventLogger = mock(EventLogger.class);
    when(_authenticationProvider.getEventLogger()).thenReturn(_eventLogger);
    _authenticationResult = new AuthenticationResult(USERNAME_PRINCIPAL);
}