use of org.apereo.portal.security.IOpaqueCredentials in project uPortal by Jasig.
the class CachedPasswordUserInfoService method getPassword.
/**
* Retrieves the users password by iterating over the user's security contexts and returning the
* first available cached password.
*
* @param baseContext The security context to start looking for a password from.
* @return the users password
*/
private String getPassword(ISecurityContext baseContext) {
String password = null;
IOpaqueCredentials oc = baseContext.getOpaqueCredentials();
if (oc instanceof NotSoOpaqueCredentials) {
NotSoOpaqueCredentials nsoc = (NotSoOpaqueCredentials) oc;
password = nsoc.getCredentials();
}
// If still no password, loop through subcontexts to find cached credentials
Enumeration en = baseContext.getSubContexts();
while (password == null && en.hasMoreElements()) {
ISecurityContext subContext = (ISecurityContext) en.nextElement();
password = this.getPassword(subContext);
}
return password;
}
use of org.apereo.portal.security.IOpaqueCredentials in project uPortal by Jasig.
the class Authentication method setContextParameters.
/**
* Get the principal and credential for a specific context and store them in the context.
*
* @param principals
* @param credentials
* @param ctxName
* @param securityContext
* @param person
*/
public void setContextParameters(Map<String, String> principals, Map<String, String> credentials, String ctxName, ISecurityContext securityContext, IPerson person) {
if (log.isDebugEnabled()) {
final StringBuilder msg = new StringBuilder();
msg.append("Preparing to authenticate; setting parameters for context name '").append(ctxName).append("', context class '").append(securityContext.getClass().getName()).append("'");
// Display principalTokens...
msg.append("\n\t Available Principal Tokens");
for (final Object o : principals.entrySet()) {
final Map.Entry<?, ?> y = (Map.Entry<?, ?>) o;
msg.append("\n\t\t").append(y.getKey()).append("=").append(y.getValue());
}
// Keep credentialTokens secret, but indicate whether they were provided...
msg.append("\n\t Available Credential Tokens");
for (final Object o : credentials.entrySet()) {
final Map.Entry<?, ?> y = (Map.Entry<?, ?>) o;
final String val = (String) y.getValue();
String valWasSpecified = null;
if (val != null) {
valWasSpecified = val.trim().length() == 0 ? "empty" : "provided";
}
msg.append("\n\t\t").append(y.getKey()).append(" was ").append(valWasSpecified);
}
log.debug(msg.toString());
}
String username = principals.get(ctxName);
String credential = credentials.get(ctxName);
// If username or credential are null, this indicates that the token was not
// set in security.properties. We will then use the value for root.
username = username != null ? username : (String) principals.get(BASE_CONTEXT_NAME);
credential = credential != null ? credential : (String) credentials.get(BASE_CONTEXT_NAME);
if (log.isDebugEnabled()) {
log.debug("Authentication::setContextParameters() username: " + username);
}
// Retrieve and populate an instance of the principal object
final IPrincipal principalInstance = securityContext.getPrincipalInstance();
if (username != null && !username.equals("")) {
principalInstance.setUID(username);
}
// Retrieve and populate an instance of the credentials object
final IOpaqueCredentials credentialsInstance = securityContext.getOpaqueCredentialsInstance();
if (credentialsInstance != null) {
credentialsInstance.setCredentials(credential);
}
}
Aggregations