Examples with UserAuthentication org.eclipse.jetty.security.UserAuthentication used on opensource projects

Search in sources :

Example 1 with UserAuthentication

use of org.eclipse.jetty.security.UserAuthentication in project jetty.project by eclipse.

the class JaspiAuthenticator method validateRequest.

public Authentication validateRequest(JaspiMessageInfo messageInfo) throws ServerAuthException {
    try {
        String authContextId = _authConfig.getAuthContextID(messageInfo);
        ServerAuthContext authContext = _authConfig.getAuthContext(authContextId, _serviceSubject, _authProperties);
        Subject clientSubject = new Subject();
        AuthStatus authStatus = authContext.validateRequest(messageInfo, clientSubject, _serviceSubject);
        if (authStatus == AuthStatus.SEND_CONTINUE)
            return Authentication.SEND_CONTINUE;
        if (authStatus == AuthStatus.SEND_FAILURE)
            return Authentication.SEND_FAILURE;
        if (authStatus == AuthStatus.SUCCESS) {
            Set<UserIdentity> ids = clientSubject.getPrivateCredentials(UserIdentity.class);
            UserIdentity userIdentity;
            if (ids.size() > 0) {
                userIdentity = ids.iterator().next();
            } else {
                CallerPrincipalCallback principalCallback = _callbackHandler.getThreadCallerPrincipalCallback();
                if (principalCallback == null) {
                    return Authentication.UNAUTHENTICATED;
                }
                Principal principal = principalCallback.getPrincipal();
                if (principal == null) {
                    String principalName = principalCallback.getName();
                    Set<Principal> principals = principalCallback.getSubject().getPrincipals();
                    for (Principal p : principals) {
                        if (p.getName().equals(principalName)) {
                            principal = p;
                            break;
                        }
                    }
                    if (principal == null) {
                        return Authentication.UNAUTHENTICATED;
                    }
                }
                GroupPrincipalCallback groupPrincipalCallback = _callbackHandler.getThreadGroupPrincipalCallback();
                String[] groups = groupPrincipalCallback == null ? null : groupPrincipalCallback.getGroups();
                userIdentity = _identityService.newUserIdentity(clientSubject, principal, groups);
            }
            HttpSession session = ((HttpServletRequest) messageInfo.getRequestMessage()).getSession(false);
            Authentication cached = (session == null ? null : (SessionAuthentication) session.getAttribute(SessionAuthentication.__J_AUTHENTICATED));
            if (cached != null)
                return cached;
            return new UserAuthentication(getAuthMethod(), userIdentity);
        }
        if (authStatus == AuthStatus.SEND_SUCCESS) {
            // we are processing a message in a secureResponse dialog.
            return Authentication.SEND_SUCCESS;
        }
        if (authStatus == AuthStatus.FAILURE) {
            HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
            response.sendError(HttpServletResponse.SC_FORBIDDEN);
            return Authentication.SEND_FAILURE;
        }
        // should not happen
        throw new IllegalStateException("No AuthStatus returned");
    } catch (IOException | AuthException e) {
        throw new ServerAuthException(e);
    }
}
Also used : HttpSession(javax.servlet.http.HttpSession) UserIdentity(org.eclipse.jetty.server.UserIdentity) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthException(javax.security.auth.message.AuthException) ServerAuthException(org.eclipse.jetty.security.ServerAuthException) SessionAuthentication(org.eclipse.jetty.security.authentication.SessionAuthentication) IOException(java.io.IOException) ServerAuthException(org.eclipse.jetty.security.ServerAuthException) UserAuthentication(org.eclipse.jetty.security.UserAuthentication) Subject(javax.security.auth.Subject) ServerAuthContext(javax.security.auth.message.config.ServerAuthContext) HttpServletRequest(javax.servlet.http.HttpServletRequest) CallerPrincipalCallback(javax.security.auth.message.callback.CallerPrincipalCallback) GroupPrincipalCallback(javax.security.auth.message.callback.GroupPrincipalCallback) AuthStatus(javax.security.auth.message.AuthStatus) DeferredAuthentication(org.eclipse.jetty.security.authentication.DeferredAuthentication) SessionAuthentication(org.eclipse.jetty.security.authentication.SessionAuthentication) UserAuthentication(org.eclipse.jetty.security.UserAuthentication) Authentication(org.eclipse.jetty.server.Authentication) Principal(java.security.Principal)

Example 2 with UserAuthentication

use of org.eclipse.jetty.security.UserAuthentication in project jetty.project by eclipse.

the class DeferredAuthentication method login.

/* ------------------------------------------------------------ */
/**
     * @see org.eclipse.jetty.server.Authentication.Deferred#login(String, Object, ServletRequest)
     */
@Override
public Authentication login(String username, Object password, ServletRequest request) {
    if (username == null)
        return null;
    UserIdentity identity = _authenticator.login(username, password, request);
    if (identity != null) {
        IdentityService identity_service = _authenticator.getLoginService().getIdentityService();
        UserAuthentication authentication = new UserAuthentication("API", identity);
        if (identity_service != null)
            _previousAssociation = identity_service.associate(identity);
        return authentication;
    }
    return null;
}
Also used : IdentityService(org.eclipse.jetty.security.IdentityService) UserIdentity(org.eclipse.jetty.server.UserIdentity) UserAuthentication(org.eclipse.jetty.security.UserAuthentication)

Example 3 with UserAuthentication

use of org.eclipse.jetty.security.UserAuthentication in project blade by biezhi.

the class BasicAuthenticator method validateRequest.

/* ------------------------------------------------------------ */
/**
     * @see org.eclipse.jetty.security.Authenticator#validateRequest(ServletRequest, ServletResponse, boolean)
     */
@Override
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException {
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) res;
    String credentials = request.getHeader(HttpHeader.AUTHORIZATION.asString());
    try {
        if (!mandatory)
            return new DeferredAuthentication(this);
        if (credentials != null) {
            int space = credentials.indexOf(' ');
            if (space > 0) {
                String method = credentials.substring(0, space);
                if ("basic".equalsIgnoreCase(method)) {
                    credentials = credentials.substring(space + 1);
                    credentials = B64Code.decode(credentials, StandardCharsets.ISO_8859_1);
                    int i = credentials.indexOf(':');
                    if (i > 0) {
                        String username = credentials.substring(0, i);
                        String password = credentials.substring(i + 1);
                        UserIdentity user = login(username, password, request);
                        if (user != null) {
                            return new UserAuthentication(getAuthMethod(), user);
                        }
                    }
                }
            }
        }
        if (DeferredAuthentication.isDeferred(response))
            return Authentication.UNAUTHENTICATED;
        response.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "basic realm=\"" + _loginService.getName() + '"');
        response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
        return Authentication.SEND_CONTINUE;
    } catch (IOException e) {
        throw new ServerAuthException(e);
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) UserIdentity(org.eclipse.jetty.server.UserIdentity) HttpServletResponse(javax.servlet.http.HttpServletResponse) IOException(java.io.IOException) ServerAuthException(org.eclipse.jetty.security.ServerAuthException) UserAuthentication(org.eclipse.jetty.security.UserAuthentication) Constraint(org.eclipse.jetty.util.security.Constraint)

Example 4 with UserAuthentication

use of org.eclipse.jetty.security.UserAuthentication in project blade by biezhi.

the class DeferredAuthentication method login.

/* ------------------------------------------------------------ */
/**
     * @see Deferred#login(String, Object, ServletRequest)
     */
@Override
public Authentication login(String username, Object password, ServletRequest request) {
    if (username == null)
        return null;
    UserIdentity identity = _authenticator.login(username, password, request);
    if (identity != null) {
        IdentityService identity_service = _authenticator.getLoginService().getIdentityService();
        UserAuthentication authentication = new UserAuthentication("API", identity);
        if (identity_service != null)
            _previousAssociation = identity_service.associate(identity);
        return authentication;
    }
    return null;
}
Also used : IdentityService(org.eclipse.jetty.security.IdentityService) UserIdentity(org.eclipse.jetty.server.UserIdentity) UserAuthentication(org.eclipse.jetty.security.UserAuthentication)

Example 5 with UserAuthentication

use of org.eclipse.jetty.security.UserAuthentication in project blade by biezhi.

the class SpnegoAuthenticator method validateRequest.

@Override
public Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException {
    HttpServletRequest req = (HttpServletRequest) request;
    HttpServletResponse res = (HttpServletResponse) response;
    String header = req.getHeader(HttpHeader.AUTHORIZATION.asString());
    if (!mandatory) {
        return new DeferredAuthentication(this);
    }
    // check to see if we have authorization headers required to continue
    if (header == null) {
        try {
            if (DeferredAuthentication.isDeferred(res)) {
                return Authentication.UNAUTHENTICATED;
            }
            LOG.debug("SpengoAuthenticator: sending challenge");
            res.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), HttpHeader.NEGOTIATE.asString());
            res.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return Authentication.SEND_CONTINUE;
        } catch (IOException ioe) {
            throw new ServerAuthException(ioe);
        }
    } else if (header != null && header.startsWith(HttpHeader.NEGOTIATE.asString())) {
        String spnegoToken = header.substring(10);
        UserIdentity user = login(null, spnegoToken, request);
        if (user != null) {
            return new UserAuthentication(getAuthMethod(), user);
        }
    }
    return Authentication.UNAUTHENTICATED;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) UserIdentity(org.eclipse.jetty.server.UserIdentity) HttpServletResponse(javax.servlet.http.HttpServletResponse) IOException(java.io.IOException) ServerAuthException(org.eclipse.jetty.security.ServerAuthException) UserAuthentication(org.eclipse.jetty.security.UserAuthentication)

Aggregations

UserAuthentication (org.eclipse.jetty.security.UserAuthentication)13 UserIdentity (org.eclipse.jetty.server.UserIdentity)13 HttpServletRequest (javax.servlet.http.HttpServletRequest)10 HttpServletResponse (javax.servlet.http.HttpServletResponse)9 ServerAuthException (org.eclipse.jetty.security.ServerAuthException)9 IOException (java.io.IOException)7 Principal (java.security.Principal)4 Constraint (org.eclipse.jetty.util.security.Constraint)4 Account (com.zimbra.cs.account.Account)2 KeyStore (java.security.KeyStore)2 MessageDigest (java.security.MessageDigest)2 X509Certificate (java.security.cert.X509Certificate)2 ServletRequest (javax.servlet.ServletRequest)2 IdentityService (org.eclipse.jetty.security.IdentityService)2 Authentication (org.eclipse.jetty.server.Authentication)2 Request (org.eclipse.jetty.server.Request)2 QuotedStringTokenizer (org.eclipse.jetty.util.QuotedStringTokenizer)2 CertificateValidator (org.eclipse.jetty.util.security.CertificateValidator)2 ServiceException (com.zimbra.common.service.ServiceException)1 ZimbraCookie (com.zimbra.common.util.ZimbraCookie)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial