use of org.apache.qpid.server.security.auth.SocketConnectionPrincipal in project qpid-broker-j by apache.
the class ConnectionAndUserPredicate method evaluate.
@Override
public boolean evaluate(final ILoggingEvent event) {
String userPrincipalString = "";
String connectionString = "";
String remoteContainerName = "";
Subject subject = Subject.getSubject(AccessController.getContext());
Set<SocketConnectionPrincipal> connectionPrincipals = subject.getPrincipals(SocketConnectionPrincipal.class);
Set<AuthenticatedPrincipal> userPrincipals = subject.getPrincipals(AuthenticatedPrincipal.class);
if (!connectionPrincipals.isEmpty()) {
SocketConnectionPrincipal socketConnectionPrincipal = connectionPrincipals.iterator().next();
connectionString = socketConnectionPrincipal.getName();
if (socketConnectionPrincipal instanceof ConnectionPrincipal) {
remoteContainerName = ((ConnectionPrincipal) socketConnectionPrincipal).getConnection().getRemoteContainerName();
if (remoteContainerName == null) {
remoteContainerName = "";
}
}
}
if (!userPrincipals.isEmpty()) {
userPrincipalString = new GenericPrincipal(userPrincipals.iterator().next()).toExternalForm();
}
return _usernamePattern.matcher(userPrincipalString).matches() && _connectionNamePattern.matcher(connectionString).matches() && _remoteContainerIdPattern.matcher(remoteContainerName).matches();
}
use of org.apache.qpid.server.security.auth.SocketConnectionPrincipal in project qpid-broker-j by apache.
the class AuthenticationResultCacher method digestCredentials.
private String digestCredentials(final String... content) {
try {
MessageDigest md = MessageDigest.getInstance("SHA-256");
Subject subject = Subject.getSubject(AccessController.getContext());
Set<SocketConnectionPrincipal> connectionPrincipals = subject.getPrincipals(SocketConnectionPrincipal.class);
if (connectionPrincipals != null && !connectionPrincipals.isEmpty()) {
SocketConnectionPrincipal connectionPrincipal = connectionPrincipals.iterator().next();
md.update(connectionPrincipal.getRemoteAddress().toString().getBytes(UTF8));
}
for (String part : content) {
md.update(part.getBytes(UTF8));
}
byte[] credentialDigest = md.digest();
for (int i = 0; i < _iterationCount; ++i) {
md = MessageDigest.getInstance("SHA-256");
credentialDigest = md.digest(credentialDigest);
}
return DatatypeConverter.printHexBinary(credentialDigest);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException("JVM is non compliant. Seems to not support SHA-256.");
}
}
use of org.apache.qpid.server.security.auth.SocketConnectionPrincipal in project qpid-broker-j by apache.
the class BrokerImpl method getConnectionMetaData.
@Override
public SocketConnectionMetaData getConnectionMetaData() {
Subject subject = Subject.getSubject(AccessController.getContext());
final SocketConnectionPrincipal principal;
if (subject != null) {
Set<SocketConnectionPrincipal> principals = subject.getPrincipals(SocketConnectionPrincipal.class);
if (!principals.isEmpty()) {
principal = principals.iterator().next();
} else {
principal = null;
}
} else {
principal = null;
}
return principal == null ? null : principal.getConnectionMetaData();
}
Aggregations