Examples with AuthenticationException org.codice.ddf.platform.filter.AuthenticationException used on opensource projects

Search in sources :

Example 11 with AuthenticationException

use of org.codice.ddf.platform.filter.AuthenticationException in project ddf by codice.

the class AssertionConsumerService method login.

private boolean login(org.opensaml.saml.saml2.core.Response samlResponse) {
    if (!request.isSecure()) {
        return false;
    }
    Map<String, Cookie> cookieMap = HttpUtils.getCookieMap(request);
    if (cookieMap.containsKey("JSESSIONID") && sessionFactory != null) {
        sessionFactory.getOrCreateSession(request).invalidate();
    }
    HandlerResult handlerResult = new HandlerResultImpl();
    SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
    simplePrincipalCollection.add(new SecurityAssertionSaml(samlResponse.getAssertions().get(0).getDOM()), "default");
    SAMLAuthenticationToken samlToken = new SAMLAuthenticationToken(null, simplePrincipalCollection, request.getRemoteAddr());
    handlerResult.setToken(samlToken);
    handlerResult.setStatus(HandlerResult.Status.COMPLETED);
    if (handlerResult.getStatus() != HandlerResult.Status.COMPLETED) {
        LOGGER.debug("Failed to handle SAML assertion.");
        return false;
    }
    if (handlerResult.getToken() instanceof BaseAuthenticationToken) {
        ((BaseAuthenticationToken) handlerResult.getToken()).setAllowGuest(contextPolicyManager.getGuestAccess());
    }
    request.setAttribute(AUTHENTICATION_TOKEN_KEY, handlerResult);
    request.removeAttribute(ContextPolicy.NO_AUTH_POLICY);
    try {
        LOGGER.trace("Trying to login with provided SAML assertion.");
        loginFilter.doFilter(request, null, (servletRequest, servletResponse) -> {
        });
    } catch (IOException | AuthenticationException e) {
        LOGGER.debug("Failed to apply login filter to SAML assertion", e);
        return false;
    }
    return true;
}
Also used : Cookie(javax.servlet.http.Cookie) AuthenticationException(org.codice.ddf.platform.filter.AuthenticationException) HandlerResultImpl(org.codice.ddf.security.handler.HandlerResultImpl) BaseAuthenticationToken(org.codice.ddf.security.handler.BaseAuthenticationToken) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) HandlerResult(org.codice.ddf.security.handler.api.HandlerResult) IOException(java.io.IOException) SAMLAuthenticationToken(org.codice.ddf.security.handler.SAMLAuthenticationToken) SecurityAssertionSaml(ddf.security.assertion.saml.impl.SecurityAssertionSaml)

Example 12 with AuthenticationException

use of org.codice.ddf.platform.filter.AuthenticationException in project ddf by codice.

the class GuestInterceptor method getSubject.

private synchronized Subject getSubject(String ipAddress) throws AuthenticationException {
    Subject subject = guestSubjectCache.getIfPresent(ipAddress);
    if (subject == null) {
        if (securityManager == null) {
            throw new AuthenticationException("Unable to create the guest subject, system is not ready.");
        }
        GuestAuthenticationToken token = new GuestAuthenticationToken(ipAddress, securityLogger);
        LOGGER.debug("Getting new Guest user token for {}", ipAddress);
        try {
            subject = securityManager.getSubject(token);
            // this should be a cache not a map so we can remove items, make this change
            guestSubjectCache.put(ipAddress, subject);
        } catch (SecurityServiceException sse) {
            LOGGER.info("Unable to request subject for guest user.", sse);
        }
    } else {
        LOGGER.debug("Using cached Guest user token for {}", ipAddress);
    }
    return subject;
}
Also used : SecurityServiceException(ddf.security.service.SecurityServiceException) GuestAuthenticationToken(org.codice.ddf.security.handler.GuestAuthenticationToken) AuthenticationException(org.codice.ddf.platform.filter.AuthenticationException) Subject(ddf.security.Subject)

Example 13 with AuthenticationException

use of org.codice.ddf.platform.filter.AuthenticationException in project ddf by codice.

the class GuestInterceptor method handleMessage.

@Override
public void handleMessage(SoapMessage message) throws Fault {
    if (message != null) {
        HttpServletRequest request = (HttpServletRequest) message.get(AbstractHTTPDestination.HTTP_REQUEST);
        LOGGER.debug("Getting new Guest user token");
        Principal principal = null;
        Subject subject = null;
        try {
            subject = getSubject(request.getRemoteAddr());
        } catch (AuthenticationException e) {
            throw new Fault(e);
        }
        if (subject != null) {
            PrincipalCollection principals = subject.getPrincipals();
            SecurityAssertion securityAssertion = principals.oneByType(SecurityAssertion.class);
            if (securityAssertion != null) {
                principal = new SecurityAssertionPrincipalDefault(securityAssertion);
            } else {
                LOGGER.debug("Subject did not contain a security assertion");
            }
            message.put(SecurityContext.class, new DefaultSecurityContext(principal, null));
            message.put(WSS4J_CHECK_STRING, Boolean.TRUE);
        }
    } else {
        LOGGER.debug("Incoming SOAP message is null - guest interceptor makes no sense.");
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) DefaultSecurityContext(org.apache.cxf.interceptor.security.DefaultSecurityContext) AuthenticationException(org.codice.ddf.platform.filter.AuthenticationException) SecurityAssertionPrincipalDefault(ddf.security.assertion.impl.SecurityAssertionPrincipalDefault) PrincipalCollection(org.apache.shiro.subject.PrincipalCollection) Fault(org.apache.cxf.interceptor.Fault) SecurityAssertion(ddf.security.assertion.SecurityAssertion) Principal(java.security.Principal) Subject(ddf.security.Subject)

Aggregations

AuthenticationException (org.codice.ddf.platform.filter.AuthenticationException)13 HttpServletRequest (javax.servlet.http.HttpServletRequest)9 Subject (ddf.security.Subject)8 IOException (java.io.IOException)8 HttpServletResponse (javax.servlet.http.HttpServletResponse)7 ContextPolicy (org.codice.ddf.security.policy.context.ContextPolicy)7 SecurityFilterChain (org.codice.ddf.platform.filter.SecurityFilterChain)6 ContextPolicyManager (org.codice.ddf.security.policy.context.ContextPolicyManager)6 Test (org.junit.Test)6 SecurityLogger (ddf.security.audit.SecurityLogger)5 CollectionPermission (ddf.security.permission.CollectionPermission)5 Collection (java.util.Collection)5 HandlerResult (org.codice.ddf.security.handler.api.HandlerResult)5 SecurityConstants (ddf.security.SecurityConstants)4 CollectionPermissionImpl (ddf.security.permission.impl.CollectionPermissionImpl)4 KeyValuePermissionImpl (ddf.security.permission.impl.KeyValuePermissionImpl)4 Collections (java.util.Collections)4 HashMap (java.util.HashMap)4 Map (java.util.Map)4 ThreadContext (org.apache.shiro.util.ThreadContext)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial