Example 16 with BaseAuthenticationToken
use of org.codice.ddf.security.handler.BaseAuthenticationToken in project ddf by codice.
the class UsernamePasswordRealm method supports.
/**
* Determine if the supplied token is supported by this realm.
*/
@Override
public boolean supports(AuthenticationToken token) {
if (!(token instanceof BaseAuthenticationToken)) {
LOGGER.debug("The supplied authentication token is not an instance of BaseAuthenticationToken. Sending back not supported.");
return false;
}
BaseAuthenticationToken authToken = (BaseAuthenticationToken) token;
Object credentials = authToken.getCredentials();
if (credentials == null || authToken.getType() != AuthenticationTokenType.USERNAME) {
LOGGER.debug("The supplied authentication token has null/empty credentials. Sending back not supported.");
return false;
}
if (credentials instanceof String) {
LOGGER.debug("Token {} is supported by {}.", token.getClass(), UsernamePasswordRealm.class.getName());
return true;
}
return false;
}
Also used :
BaseAuthenticationToken(org.codice.ddf.security.handler.BaseAuthenticationToken)
Example 17 with BaseAuthenticationToken
use of org.codice.ddf.security.handler.BaseAuthenticationToken in project ddf by codice.
the class AssertionConsumerService method login.
private boolean login(org.opensaml.saml.saml2.core.Response samlResponse) {
if (!request.isSecure()) {
return false;
}
Map<String, Cookie> cookieMap = HttpUtils.getCookieMap(request);
if (cookieMap.containsKey("JSESSIONID") && sessionFactory != null) {
sessionFactory.getOrCreateSession(request).invalidate();
}
HandlerResult handlerResult = new HandlerResultImpl();
SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
simplePrincipalCollection.add(new SecurityAssertionSaml(samlResponse.getAssertions().get(0).getDOM()), "default");
SAMLAuthenticationToken samlToken = new SAMLAuthenticationToken(null, simplePrincipalCollection, request.getRemoteAddr());
handlerResult.setToken(samlToken);
handlerResult.setStatus(HandlerResult.Status.COMPLETED);
if (handlerResult.getStatus() != HandlerResult.Status.COMPLETED) {
LOGGER.debug("Failed to handle SAML assertion.");
return false;
}
if (handlerResult.getToken() instanceof BaseAuthenticationToken) {
((BaseAuthenticationToken) handlerResult.getToken()).setAllowGuest(contextPolicyManager.getGuestAccess());
}
request.setAttribute(AUTHENTICATION_TOKEN_KEY, handlerResult);
request.removeAttribute(ContextPolicy.NO_AUTH_POLICY);
try {
LOGGER.trace("Trying to login with provided SAML assertion.");
loginFilter.doFilter(request, null, (servletRequest, servletResponse) -> {
});
} catch (IOException | AuthenticationException e) {
LOGGER.debug("Failed to apply login filter to SAML assertion", e);
return false;
}
return true;
}
Also used :
Cookie(javax.servlet.http.Cookie)
AuthenticationException(org.codice.ddf.platform.filter.AuthenticationException)
HandlerResultImpl(org.codice.ddf.security.handler.HandlerResultImpl)
BaseAuthenticationToken(org.codice.ddf.security.handler.BaseAuthenticationToken)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
HandlerResult(org.codice.ddf.security.handler.api.HandlerResult)
IOException(java.io.IOException)
SAMLAuthenticationToken(org.codice.ddf.security.handler.SAMLAuthenticationToken)
SecurityAssertionSaml(ddf.security.assertion.saml.impl.SecurityAssertionSaml)
Aggregations
BaseAuthenticationToken (org.codice.ddf.security.handler.BaseAuthenticationToken)17
Test (org.junit.Test)9
X509Certificate (java.security.cert.X509Certificate)4
X500Principal (javax.security.auth.x500.X500Principal)4
SecurityAssertion (ddf.security.assertion.SecurityAssertion)3
SecurityServiceException (ddf.security.service.SecurityServiceException)3
AuthenticationInfo (org.apache.shiro.authc.AuthenticationInfo)3
AuthenticationToken (org.apache.shiro.authc.AuthenticationToken)3
GuestAuthenticationToken (org.codice.ddf.security.handler.GuestAuthenticationToken)3
Attribute (ddf.security.assertion.Attribute)2
SecurityManager (ddf.security.service.SecurityManager)2
PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)2
SimplePrincipalCollection (org.apache.shiro.subject.SimplePrincipalCollection)2
AuthenticationException (org.codice.ddf.platform.filter.AuthenticationException)2
AuthenticationTokenFactory (org.codice.ddf.security.handler.AuthenticationTokenFactory)2
HandlerResultImpl (org.codice.ddf.security.handler.HandlerResultImpl)2
HandlerResult (org.codice.ddf.security.handler.api.HandlerResult)2
Subject (ddf.security.Subject)1
AttributeStatement (ddf.security.assertion.AttributeStatement)1
SecurityAssertionSaml (ddf.security.assertion.saml.impl.SecurityAssertionSaml)1
