Examples with ServerAuthException org.eclipse.jetty.security.ServerAuthException used on opensource projects

Example 1 with ServerAuthException

use of org.eclipse.jetty.security.ServerAuthException in project jetty.project by eclipse.

the class JaspiAuthenticator method secureResponse.

public boolean secureResponse(JaspiMessageInfo messageInfo, Authentication validatedUser) throws ServerAuthException {
    try {
        String authContextId = _authConfig.getAuthContextID(messageInfo);
        ServerAuthContext authContext = _authConfig.getAuthContext(authContextId, _serviceSubject, _authProperties);
        // TODO
        // authContext.cleanSubject(messageInfo,validatedUser.getUserIdentity().getSubject());
        AuthStatus status = authContext.secureResponse(messageInfo, _serviceSubject);
        return (AuthStatus.SEND_SUCCESS.equals(status));
    } catch (AuthException e) {
        throw new ServerAuthException(e);
    }
}

Example 2 with ServerAuthException

use of org.eclipse.jetty.security.ServerAuthException in project jetty.project by eclipse.

the class JaspiAuthenticator method validateRequest.

public Authentication validateRequest(JaspiMessageInfo messageInfo) throws ServerAuthException {
    try {
        String authContextId = _authConfig.getAuthContextID(messageInfo);
        ServerAuthContext authContext = _authConfig.getAuthContext(authContextId, _serviceSubject, _authProperties);
        Subject clientSubject = new Subject();
        AuthStatus authStatus = authContext.validateRequest(messageInfo, clientSubject, _serviceSubject);
        if (authStatus == AuthStatus.SEND_CONTINUE)
            return Authentication.SEND_CONTINUE;
        if (authStatus == AuthStatus.SEND_FAILURE)
            return Authentication.SEND_FAILURE;
        if (authStatus == AuthStatus.SUCCESS) {
            Set<UserIdentity> ids = clientSubject.getPrivateCredentials(UserIdentity.class);
            UserIdentity userIdentity;
            if (ids.size() > 0) {
                userIdentity = ids.iterator().next();
            } else {
                CallerPrincipalCallback principalCallback = _callbackHandler.getThreadCallerPrincipalCallback();
                if (principalCallback == null) {
                    return Authentication.UNAUTHENTICATED;
                }
                Principal principal = principalCallback.getPrincipal();
                if (principal == null) {
                    String principalName = principalCallback.getName();
                    Set<Principal> principals = principalCallback.getSubject().getPrincipals();
                    for (Principal p : principals) {
                        if (p.getName().equals(principalName)) {
                            principal = p;
                            break;
                        }
                    }
                    if (principal == null) {
                        return Authentication.UNAUTHENTICATED;
                    }
                }
                GroupPrincipalCallback groupPrincipalCallback = _callbackHandler.getThreadGroupPrincipalCallback();
                String[] groups = groupPrincipalCallback == null ? null : groupPrincipalCallback.getGroups();
                userIdentity = _identityService.newUserIdentity(clientSubject, principal, groups);
            }
            HttpSession session = ((HttpServletRequest) messageInfo.getRequestMessage()).getSession(false);
            Authentication cached = (session == null ? null : (SessionAuthentication) session.getAttribute(SessionAuthentication.__J_AUTHENTICATED));
            if (cached != null)
                return cached;
            return new UserAuthentication(getAuthMethod(), userIdentity);
        }
        if (authStatus == AuthStatus.SEND_SUCCESS) {
            // we are processing a message in a secureResponse dialog.
            return Authentication.SEND_SUCCESS;
        }
        if (authStatus == AuthStatus.FAILURE) {
            HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
            response.sendError(HttpServletResponse.SC_FORBIDDEN);
            return Authentication.SEND_FAILURE;
        }
        // should not happen
        throw new IllegalStateException("No AuthStatus returned");
    } catch (IOException | AuthException e) {
        throw new ServerAuthException(e);
    }
}

Example 3 with ServerAuthException

use of org.eclipse.jetty.security.ServerAuthException in project jetty.project by eclipse.

the class DeferredAuthentication method authenticate.

/* ------------------------------------------------------------ */
/**
     * @see org.eclipse.jetty.server.Authentication.Deferred#authenticate(ServletRequest)
     */
@Override
public Authentication authenticate(ServletRequest request) {
    try {
        Authentication authentication = _authenticator.validateRequest(request, __deferredResponse, true);
        if (authentication != null && (authentication instanceof Authentication.User) && !(authentication instanceof Authentication.ResponseSent)) {
            LoginService login_service = _authenticator.getLoginService();
            IdentityService identity_service = login_service.getIdentityService();
            if (identity_service != null)
                _previousAssociation = identity_service.associate(((Authentication.User) authentication).getUserIdentity());
            return authentication;
        }
    } catch (ServerAuthException e) {
        LOG.debug(e);
    }
    return this;
}

Example 4 with ServerAuthException

use of org.eclipse.jetty.security.ServerAuthException in project jetty.project by eclipse.

the class DeferredAuthentication method authenticate.

/* ------------------------------------------------------------ */
/**
     * @see org.eclipse.jetty.server.Authentication.Deferred#authenticate(javax.servlet.ServletRequest, javax.servlet.ServletResponse)
     */
@Override
public Authentication authenticate(ServletRequest request, ServletResponse response) {
    try {
        LoginService login_service = _authenticator.getLoginService();
        IdentityService identity_service = login_service.getIdentityService();
        Authentication authentication = _authenticator.validateRequest(request, response, true);
        if (authentication instanceof Authentication.User && identity_service != null)
            _previousAssociation = identity_service.associate(((Authentication.User) authentication).getUserIdentity());
        return authentication;
    } catch (ServerAuthException e) {
        LOG.debug(e);
    }
    return this;
}

Example 5 with ServerAuthException

use of org.eclipse.jetty.security.ServerAuthException in project blade by biezhi.

the class BasicAuthenticator method validateRequest.

/* ------------------------------------------------------------ */
/**
     * @see org.eclipse.jetty.security.Authenticator#validateRequest(ServletRequest, ServletResponse, boolean)
     */
@Override
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException {
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) res;
    String credentials = request.getHeader(HttpHeader.AUTHORIZATION.asString());
    try {
        if (!mandatory)
            return new DeferredAuthentication(this);
        if (credentials != null) {
            int space = credentials.indexOf(' ');
            if (space > 0) {
                String method = credentials.substring(0, space);
                if ("basic".equalsIgnoreCase(method)) {
                    credentials = credentials.substring(space + 1);
                    credentials = B64Code.decode(credentials, StandardCharsets.ISO_8859_1);
                    int i = credentials.indexOf(':');
                    if (i > 0) {
                        String username = credentials.substring(0, i);
                        String password = credentials.substring(i + 1);
                        UserIdentity user = login(username, password, request);
                        if (user != null) {
                            return new UserAuthentication(getAuthMethod(), user);
                        }
                    }
                }
            }
        }
        if (DeferredAuthentication.isDeferred(response))
            return Authentication.UNAUTHENTICATED;
        response.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "basic realm=\"" + _loginService.getName() + '"');
        response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
        return Authentication.SEND_CONTINUE;
    } catch (IOException e) {
        throw new ServerAuthException(e);
    }
}