Search in sources :

Example 1 with SocketConnectionPrincipal

use of org.apache.qpid.server.security.auth.SocketConnectionPrincipal in project qpid-broker-j by apache.

the class ConnectionAndUserPredicate method evaluate.

@Override
public boolean evaluate(final ILoggingEvent event) {
    String userPrincipalString = "";
    String connectionString = "";
    String remoteContainerName = "";
    Subject subject = Subject.getSubject(AccessController.getContext());
    Set<SocketConnectionPrincipal> connectionPrincipals = subject.getPrincipals(SocketConnectionPrincipal.class);
    Set<AuthenticatedPrincipal> userPrincipals = subject.getPrincipals(AuthenticatedPrincipal.class);
    if (!connectionPrincipals.isEmpty()) {
        SocketConnectionPrincipal socketConnectionPrincipal = connectionPrincipals.iterator().next();
        connectionString = socketConnectionPrincipal.getName();
        if (socketConnectionPrincipal instanceof ConnectionPrincipal) {
            remoteContainerName = ((ConnectionPrincipal) socketConnectionPrincipal).getConnection().getRemoteContainerName();
            if (remoteContainerName == null) {
                remoteContainerName = "";
            }
        }
    }
    if (!userPrincipals.isEmpty()) {
        userPrincipalString = new GenericPrincipal(userPrincipals.iterator().next()).toExternalForm();
    }
    return _usernamePattern.matcher(userPrincipalString).matches() && _connectionNamePattern.matcher(connectionString).matches() && _remoteContainerIdPattern.matcher(remoteContainerName).matches();
}
Also used : GenericPrincipal(org.apache.qpid.server.model.preferences.GenericPrincipal) SocketConnectionPrincipal(org.apache.qpid.server.security.auth.SocketConnectionPrincipal) SocketConnectionPrincipal(org.apache.qpid.server.security.auth.SocketConnectionPrincipal) ConnectionPrincipal(org.apache.qpid.server.connection.ConnectionPrincipal) Subject(javax.security.auth.Subject) AuthenticatedPrincipal(org.apache.qpid.server.security.auth.AuthenticatedPrincipal)

Example 2 with SocketConnectionPrincipal

use of org.apache.qpid.server.security.auth.SocketConnectionPrincipal in project qpid-broker-j by apache.

the class AuthenticationResultCacher method digestCredentials.

private String digestCredentials(final String... content) {
    try {
        MessageDigest md = MessageDigest.getInstance("SHA-256");
        Subject subject = Subject.getSubject(AccessController.getContext());
        Set<SocketConnectionPrincipal> connectionPrincipals = subject.getPrincipals(SocketConnectionPrincipal.class);
        if (connectionPrincipals != null && !connectionPrincipals.isEmpty()) {
            SocketConnectionPrincipal connectionPrincipal = connectionPrincipals.iterator().next();
            md.update(connectionPrincipal.getRemoteAddress().toString().getBytes(UTF8));
        }
        for (String part : content) {
            md.update(part.getBytes(UTF8));
        }
        byte[] credentialDigest = md.digest();
        for (int i = 0; i < _iterationCount; ++i) {
            md = MessageDigest.getInstance("SHA-256");
            credentialDigest = md.digest(credentialDigest);
        }
        return DatatypeConverter.printHexBinary(credentialDigest);
    } catch (NoSuchAlgorithmException e) {
        throw new RuntimeException("JVM is non compliant. Seems to not support SHA-256.");
    }
}
Also used : SocketConnectionPrincipal(org.apache.qpid.server.security.auth.SocketConnectionPrincipal) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) MessageDigest(java.security.MessageDigest) Subject(javax.security.auth.Subject)

Example 3 with SocketConnectionPrincipal

use of org.apache.qpid.server.security.auth.SocketConnectionPrincipal in project qpid-broker-j by apache.

the class BrokerImpl method getConnectionMetaData.

@Override
public SocketConnectionMetaData getConnectionMetaData() {
    Subject subject = Subject.getSubject(AccessController.getContext());
    final SocketConnectionPrincipal principal;
    if (subject != null) {
        Set<SocketConnectionPrincipal> principals = subject.getPrincipals(SocketConnectionPrincipal.class);
        if (!principals.isEmpty()) {
            principal = principals.iterator().next();
        } else {
            principal = null;
        }
    } else {
        principal = null;
    }
    return principal == null ? null : principal.getConnectionMetaData();
}
Also used : SocketConnectionPrincipal(org.apache.qpid.server.security.auth.SocketConnectionPrincipal) Subject(javax.security.auth.Subject)

Aggregations

Subject (javax.security.auth.Subject)3 SocketConnectionPrincipal (org.apache.qpid.server.security.auth.SocketConnectionPrincipal)3 MessageDigest (java.security.MessageDigest)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 ConnectionPrincipal (org.apache.qpid.server.connection.ConnectionPrincipal)1 GenericPrincipal (org.apache.qpid.server.model.preferences.GenericPrincipal)1 AuthenticatedPrincipal (org.apache.qpid.server.security.auth.AuthenticatedPrincipal)1