Examples with SubjectAuthenticationResult org.apache.qpid.server.security.auth.SubjectAuthenticationResult used on opensource projects

Search in sources :

Example 11 with SubjectAuthenticationResult

use of org.apache.qpid.server.security.auth.SubjectAuthenticationResult in project qpid-broker-j by apache.

the class OAuth2PreemptiveAuthenticator method attemptAuthentication.

@Override
public Subject attemptAuthentication(final HttpServletRequest request, final HttpManagementConfiguration configuration) {
    final Port<?> port = configuration.getPort(request);
    final AuthenticationProvider<?> authenticationProvider = configuration.getAuthenticationProvider(request);
    String authorizationHeader = request.getHeader("Authorization");
    String accessToken = null;
    if (authorizationHeader != null && authorizationHeader.startsWith(BEARER_PREFIX)) {
        accessToken = authorizationHeader.substring(BEARER_PREFIX.length());
    }
    if (accessToken != null && authenticationProvider instanceof OAuth2AuthenticationProvider) {
        OAuth2AuthenticationProvider<?> oAuth2AuthProvider = (OAuth2AuthenticationProvider<?>) authenticationProvider;
        AuthenticationResult authenticationResult = oAuth2AuthProvider.authenticateViaAccessToken(accessToken, null);
        SubjectCreator subjectCreator = port.getSubjectCreator(request.isSecure(), request.getServerName());
        SubjectAuthenticationResult result = subjectCreator.createResultWithGroups(authenticationResult);
        return result.getSubject();
    }
    return null;
}
Also used : OAuth2AuthenticationProvider(org.apache.qpid.server.security.auth.manager.oauth2.OAuth2AuthenticationProvider) SubjectCreator(org.apache.qpid.server.security.SubjectCreator) SubjectAuthenticationResult(org.apache.qpid.server.security.auth.SubjectAuthenticationResult) SubjectAuthenticationResult(org.apache.qpid.server.security.auth.SubjectAuthenticationResult) AuthenticationResult(org.apache.qpid.server.security.auth.AuthenticationResult)

Example 12 with SubjectAuthenticationResult

use of org.apache.qpid.server.security.auth.SubjectAuthenticationResult in project qpid-broker-j by apache.

the class OAuth2PreemptiveAuthenticatorTest method createMockOAuth2AuthenticationProvider.

private OAuth2AuthenticationProvider<?> createMockOAuth2AuthenticationProvider(final HttpPort mockPort) throws URISyntaxException {
    OAuth2AuthenticationProvider authenticationProvider = mock(OAuth2AuthenticationProvider.class);
    SubjectCreator mockSubjectCreator = mock(SubjectCreator.class);
    SubjectAuthenticationResult mockSuccessfulSubjectAuthenticationResult = mock(SubjectAuthenticationResult.class);
    SubjectAuthenticationResult mockUnauthorizedSubjectAuthenticationResult = mock(SubjectAuthenticationResult.class);
    final Subject successfulSubject = new Subject(true, Collections.singleton(new AuthenticatedPrincipal(new UsernamePrincipal(TEST_AUTHORIZED_USER, null))), Collections.emptySet(), Collections.emptySet());
    final Subject unauthorizedSubject = new Subject(true, Collections.singleton(new AuthenticatedPrincipal(new UsernamePrincipal(TEST_UNAUTHORIZED_USER, null))), Collections.emptySet(), Collections.emptySet());
    AuthenticationResult mockSuccessfulAuthenticationResult = mock(AuthenticationResult.class);
    AuthenticationResult mockUnauthorizedAuthenticationResult = mock(AuthenticationResult.class);
    AuthenticationResult failedAuthenticationResult = new AuthenticationResult(AuthenticationResult.AuthenticationStatus.ERROR, new Exception("authentication failed"));
    SubjectAuthenticationResult failedSubjectAuthenticationResult = new SubjectAuthenticationResult(failedAuthenticationResult);
    when(mockPort.getSubjectCreator(any(Boolean.class), anyString())).thenReturn(mockSubjectCreator);
    when(authenticationProvider.authenticateViaAccessToken(TEST_VALID_ACCESS_TOKEN, null)).thenReturn(mockSuccessfulAuthenticationResult);
    when(authenticationProvider.authenticateViaAccessToken(TEST_INVALID_ACCESS_TOKEN, null)).thenReturn(failedAuthenticationResult);
    when(authenticationProvider.authenticateViaAccessToken(TEST_UNAUTHORIZED_ACCESS_TOKEN, null)).thenReturn(mockUnauthorizedAuthenticationResult);
    when(mockSuccessfulSubjectAuthenticationResult.getSubject()).thenReturn(successfulSubject);
    when(mockUnauthorizedSubjectAuthenticationResult.getSubject()).thenReturn(unauthorizedSubject);
    when(mockSubjectCreator.createResultWithGroups(mockSuccessfulAuthenticationResult)).thenReturn(mockSuccessfulSubjectAuthenticationResult);
    when(mockSubjectCreator.createResultWithGroups(mockUnauthorizedAuthenticationResult)).thenReturn(mockUnauthorizedSubjectAuthenticationResult);
    when(mockSubjectCreator.createResultWithGroups(failedAuthenticationResult)).thenReturn(failedSubjectAuthenticationResult);
    return authenticationProvider;
}
Also used : UsernamePrincipal(org.apache.qpid.server.security.auth.UsernamePrincipal) OAuth2AuthenticationProvider(org.apache.qpid.server.security.auth.manager.oauth2.OAuth2AuthenticationProvider) SubjectCreator(org.apache.qpid.server.security.SubjectCreator) SubjectAuthenticationResult(org.apache.qpid.server.security.auth.SubjectAuthenticationResult) Subject(javax.security.auth.Subject) URISyntaxException(java.net.URISyntaxException) AuthenticatedPrincipal(org.apache.qpid.server.security.auth.AuthenticatedPrincipal) SubjectAuthenticationResult(org.apache.qpid.server.security.auth.SubjectAuthenticationResult) AuthenticationResult(org.apache.qpid.server.security.auth.AuthenticationResult)

Example 13 with SubjectAuthenticationResult

use of org.apache.qpid.server.security.auth.SubjectAuthenticationResult in project qpid-broker-j by apache.

the class SubjectCreator method authenticate.

public SubjectAuthenticationResult authenticate(SaslNegotiator saslNegotiator, byte[] response) {
    AuthenticationResult authenticationResult = saslNegotiator.handleResponse(response);
    if (authenticationResult.getStatus() == AuthenticationStatus.SUCCESS) {
        return createResultWithGroups(authenticationResult);
    } else {
        if (authenticationResult.getStatus() == AuthenticationStatus.ERROR) {
            String authenticationId = saslNegotiator.getAttemptedAuthenticationId();
            _authenticationProvider.getEventLogger().message(AUTHENTICATION_FAILED(authenticationId, authenticationId != null));
        }
        return new SubjectAuthenticationResult(authenticationResult);
    }
}
Also used : SubjectAuthenticationResult(org.apache.qpid.server.security.auth.SubjectAuthenticationResult) SubjectAuthenticationResult(org.apache.qpid.server.security.auth.SubjectAuthenticationResult) AuthenticationResult(org.apache.qpid.server.security.auth.AuthenticationResult)

Example 14 with SubjectAuthenticationResult

use of org.apache.qpid.server.security.auth.SubjectAuthenticationResult in project qpid-broker-j by apache.

the class SubjectCreatorTest method testSaslAuthenticationSuccessReturnsSubjectWithUserAndGroupPrincipals.

public void testSaslAuthenticationSuccessReturnsSubjectWithUserAndGroupPrincipals() throws Exception {
    when(_testSaslNegotiator.handleResponse(_saslResponseBytes)).thenReturn(_authenticationResult);
    SubjectAuthenticationResult result = _subjectCreator.authenticate(_testSaslNegotiator, _saslResponseBytes);
    final Subject actualSubject = result.getSubject();
    assertEquals("Should contain one user principal and two groups ", 3, actualSubject.getPrincipals().size());
    assertTrue(actualSubject.getPrincipals().contains(new AuthenticatedPrincipal(USERNAME_PRINCIPAL)));
    assertTrue(actualSubject.getPrincipals().contains(_group1));
    assertTrue(actualSubject.getPrincipals().contains(_group2));
    assertTrue(actualSubject.isReadOnly());
}
Also used : SubjectAuthenticationResult(org.apache.qpid.server.security.auth.SubjectAuthenticationResult) Subject(javax.security.auth.Subject) AuthenticatedPrincipal(org.apache.qpid.server.security.auth.AuthenticatedPrincipal)

Aggregations

SubjectAuthenticationResult (org.apache.qpid.server.security.auth.SubjectAuthenticationResult)14 AuthenticationResult (org.apache.qpid.server.security.auth.AuthenticationResult)8 Subject (javax.security.auth.Subject)7 SubjectCreator (org.apache.qpid.server.security.SubjectCreator)6 Broker (org.apache.qpid.server.model.Broker)4 AuthenticatedPrincipal (org.apache.qpid.server.security.auth.AuthenticatedPrincipal)4 OAuth2AuthenticationProvider (org.apache.qpid.server.security.auth.manager.oauth2.OAuth2AuthenticationProvider)4 IOException (java.io.IOException)3 URISyntaxException (java.net.URISyntaxException)3 AccessControlException (java.security.AccessControlException)3 UsernamePrincipal (org.apache.qpid.server.security.auth.UsernamePrincipal)3 URI (java.net.URI)2 SecureRandom (java.security.SecureRandom)2 InetSocketAddress (java.net.InetSocketAddress)1 Principal (java.security.Principal)1 Collections (java.util.Collections)1 Enumeration (java.util.Enumeration)1 HashMap (java.util.HashMap)1 LinkedHashMap (java.util.LinkedHashMap)1 Map (java.util.Map)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial