Example 6 with Password
use of org.eclipse.jetty.util.security.Password in project jetty.project by eclipse.
the class ClientCertAuthModule method validateRequest.
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
java.security.cert.X509Certificate[] certs = (java.security.cert.X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
try {
// Need certificates.
if (certs == null || certs.length == 0 || certs[0] == null) {
response.sendError(HttpServletResponse.SC_FORBIDDEN, "A client certificate is required for accessing this web application but the server's listener is not configured for mutual authentication (or the client did not provide a certificate).");
return AuthStatus.SEND_FAILURE;
}
Principal principal = certs[0].getSubjectDN();
if (principal == null)
principal = certs[0].getIssuerDN();
final String username = principal == null ? "clientcert" : principal.getName();
// TODO no idea if this is correct
final String password = new String(B64Code.encode(certs[0].getSignature()));
// TODO is cert_auth correct?
if (login(clientSubject, username, new Password(password), Constraint.__CERT_AUTH, messageInfo)) {
return AuthStatus.SUCCESS;
}
if (!isMandatory(messageInfo)) {
return AuthStatus.SUCCESS;
}
response.sendError(HttpServletResponse.SC_FORBIDDEN, "The provided client certificate does not correspond to a trusted user.");
return AuthStatus.SEND_FAILURE;
} catch (IOException e) {
throw new AuthException(e.getMessage());
} catch (UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
}
}
Also used :
HttpServletResponse(javax.servlet.http.HttpServletResponse)
AuthException(javax.security.auth.message.AuthException)
IOException(java.io.IOException)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
Principal(java.security.Principal)
Password(org.eclipse.jetty.util.security.Password)
Example 7 with Password
use of org.eclipse.jetty.util.security.Password in project jetty.project by eclipse.
the class JaspiTest method before.
@Before
public void before() throws Exception {
System.setProperty("org.apache.geronimo.jaspic.configurationFile", "src/test/resources/jaspi.xml");
_server = new Server();
_connector = new LocalConnector(_server);
_server.addConnector(_connector);
ContextHandlerCollection contexts = new ContextHandlerCollection();
_server.setHandler(contexts);
TestLoginService loginService = new TestLoginService("TestRealm");
loginService.putUser("user", new Password("password"), new String[] { "users" });
loginService.putUser("admin", new Password("secret"), new String[] { "users", "admins" });
_server.addBean(loginService);
ContextHandler context = new ContextHandler();
contexts.addHandler(context);
context.setContextPath("/ctx");
JaspiAuthenticatorFactory jaspiAuthFactory = new JaspiAuthenticatorFactory();
ConstraintSecurityHandler security = new ConstraintSecurityHandler();
context.setHandler(security);
security.setAuthenticatorFactory(jaspiAuthFactory);
// security.setAuthenticator(new BasicAuthenticator());
Constraint constraint = new Constraint("All", "users");
constraint.setAuthenticate(true);
ConstraintMapping mapping = new ConstraintMapping();
mapping.setPathSpec("/jaspi/*");
mapping.setConstraint(constraint);
security.addConstraintMapping(mapping);
TestHandler handler = new TestHandler();
security.setHandler(handler);
ContextHandler other = new ContextHandler();
contexts.addHandler(other);
other.setContextPath("/other");
ConstraintSecurityHandler securityOther = new ConstraintSecurityHandler();
other.setHandler(securityOther);
securityOther.setAuthenticatorFactory(jaspiAuthFactory);
securityOther.addConstraintMapping(mapping);
securityOther.setHandler(new TestHandler());
_server.start();
}
Also used :
ContextHandler(org.eclipse.jetty.server.handler.ContextHandler)
ConstraintMapping(org.eclipse.jetty.security.ConstraintMapping)
Server(org.eclipse.jetty.server.Server)
Constraint(org.eclipse.jetty.util.security.Constraint)
ConstraintSecurityHandler(org.eclipse.jetty.security.ConstraintSecurityHandler)
LocalConnector(org.eclipse.jetty.server.LocalConnector)
ContextHandlerCollection(org.eclipse.jetty.server.handler.ContextHandlerCollection)
Password(org.eclipse.jetty.util.security.Password)
Before(org.junit.Before)
Example 8 with Password
use of org.eclipse.jetty.util.security.Password in project jetty.project by eclipse.
the class AliasedConstraintTest method startServer.
@BeforeClass
public static void startServer() throws Exception {
server = new Server();
connector = new LocalConnector(server);
server.setConnectors(new Connector[] { connector });
ContextHandler context = new ContextHandler();
SessionHandler session = new SessionHandler();
TestLoginService loginService = new TestLoginService(TEST_REALM);
loginService.putUser("user0", new Password("password"), new String[] {});
loginService.putUser("user", new Password("password"), new String[] { "user" });
loginService.putUser("user2", new Password("password"), new String[] { "user" });
loginService.putUser("admin", new Password("password"), new String[] { "user", "administrator" });
loginService.putUser("user3", new Password("password"), new String[] { "foo" });
context.setContextPath("/ctx");
context.setResourceBase(MavenTestingUtils.getTestResourceDir("docroot").getAbsolutePath());
HandlerList handlers = new HandlerList();
handlers.setHandlers(new Handler[] { context, new DefaultHandler() });
server.setHandler(handlers);
context.setHandler(session);
// context.addAliasCheck(new AllowSymLinkAliasChecker());
server.addBean(loginService);
security = new ConstraintSecurityHandler();
session.setHandler(security);
ResourceHandler handler = new ResourceHandler();
security.setHandler(handler);
List<ConstraintMapping> constraints = new ArrayList<>();
Constraint constraint0 = new Constraint();
constraint0.setAuthenticate(true);
constraint0.setName("forbid");
ConstraintMapping mapping0 = new ConstraintMapping();
mapping0.setPathSpec("/forbid/*");
mapping0.setConstraint(constraint0);
constraints.add(mapping0);
Set<String> knownRoles = new HashSet<>();
knownRoles.add("user");
knownRoles.add("administrator");
security.setConstraintMappings(constraints, knownRoles);
server.start();
}
Also used :
SessionHandler(org.eclipse.jetty.server.session.SessionHandler)
HandlerList(org.eclipse.jetty.server.handler.HandlerList)
Server(org.eclipse.jetty.server.Server)
Constraint(org.eclipse.jetty.util.security.Constraint)
LocalConnector(org.eclipse.jetty.server.LocalConnector)
ArrayList(java.util.ArrayList)
ResourceHandler(org.eclipse.jetty.server.handler.ResourceHandler)
Matchers.containsString(org.hamcrest.Matchers.containsString)
DefaultHandler(org.eclipse.jetty.server.handler.DefaultHandler)
ContextHandler(org.eclipse.jetty.server.handler.ContextHandler)
Password(org.eclipse.jetty.util.security.Password)
HashSet(java.util.HashSet)
BeforeClass(org.junit.BeforeClass)
Example 9 with Password
use of org.eclipse.jetty.util.security.Password in project jetty.project by eclipse.
the class SpecExampleConstraintTest method startServer.
@BeforeClass
public static void startServer() {
_server = new Server();
_connector = new LocalConnector(_server);
_server.setConnectors(new Connector[] { _connector });
ContextHandler _context = new ContextHandler();
_session = new SessionHandler();
TestLoginService _loginService = new TestLoginService(TEST_REALM);
_loginService.putUser("fred", new Password("password"), IdentityService.NO_ROLES);
_loginService.putUser("harry", new Password("password"), new String[] { "HOMEOWNER" });
_loginService.putUser("chris", new Password("password"), new String[] { "CONTRACTOR" });
_loginService.putUser("steven", new Password("password"), new String[] { "SALESCLERK" });
_context.setContextPath("/ctx");
_server.setHandler(_context);
_context.setHandler(_session);
_server.addBean(_loginService);
}
Also used :
ContextHandler(org.eclipse.jetty.server.handler.ContextHandler)
SessionHandler(org.eclipse.jetty.server.session.SessionHandler)
Server(org.eclipse.jetty.server.Server)
LocalConnector(org.eclipse.jetty.server.LocalConnector)
Password(org.eclipse.jetty.util.security.Password)
BeforeClass(org.junit.BeforeClass)
Example 10 with Password
use of org.eclipse.jetty.util.security.Password in project EventHub by Codecademy.
the class EventHubHandler method main.
public static void main(String[] args) throws Exception {
Properties properties = new Properties();
properties.load(EventHub.class.getClassLoader().getResourceAsStream("hub.properties"));
properties.load(EventHubHandler.class.getClassLoader().getResourceAsStream("web.properties"));
properties.putAll(System.getProperties());
Injector injector = Guice.createInjector(Modules.override(new DmaIdListModule(), new DatedEventIndexModule(), new ShardedEventIndexModule(), new PropertiesIndexModule(), new UserEventIndexModule(), new EventStorageModule(), new UserStorageModule(), new EventHubModule(properties)).with(new Module()));
final EventHubHandler eventHubHandler = injector.getInstance(EventHubHandler.class);
int port = injector.getInstance(Key.get(Integer.class, Names.named("eventhubhandler.port")));
final Server server = new Server(port);
@SuppressWarnings("ConstantConditions") String webDir = EventHubHandler.class.getClassLoader().getResource("frontend").toExternalForm();
HashLoginService loginService = new HashLoginService();
loginService.putUser(properties.getProperty("eventhubhandler.username"), new Password(properties.getProperty("eventhubhandler.password")), new String[] { "user" });
server.addBean(loginService);
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
Constraint constraint = new Constraint();
constraint.setName("auth");
constraint.setAuthenticate(true);
constraint.setRoles(new String[] { "user", "admin" });
ConstraintMapping mapping = new ConstraintMapping();
mapping.setPathSpec("/*");
mapping.setConstraint(constraint);
securityHandler.setConstraintMappings(Collections.singletonList(mapping));
securityHandler.setAuthenticator(new BasicAuthenticator());
securityHandler.setLoginService(loginService);
ResourceHandler resourceHandler = new ResourceHandler();
resourceHandler.setDirectoriesListed(false);
resourceHandler.setWelcomeFiles(new String[] { "main.html" });
resourceHandler.setResourceBase(webDir);
HandlerList handlers = new HandlerList();
handlers.setHandlers(new Handler[] { new JsonpCallbackHandler(eventHubHandler), securityHandler });
server.setHandler(handlers);
securityHandler.setHandler(resourceHandler);
server.start();
Runtime.getRuntime().addShutdownHook(new Thread(new Runnable() {
@Override
public void run() {
if (server.isStarted()) {
try {
server.stop();
eventHubHandler.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}
}, "Stop Jetty Hook"));
server.join();
}
Also used :
HandlerList(org.eclipse.jetty.server.handler.HandlerList)
UserEventIndexModule(com.codecademy.eventhub.index.UserEventIndexModule)
Server(org.eclipse.jetty.server.Server)
Constraint(org.eclipse.jetty.util.security.Constraint)
ResourceHandler(org.eclipse.jetty.server.handler.ResourceHandler)
Properties(java.util.Properties)
HashLoginService(org.eclipse.jetty.security.HashLoginService)
BasicAuthenticator(org.eclipse.jetty.security.authentication.BasicAuthenticator)
Injector(com.google.inject.Injector)
ConstraintSecurityHandler(org.eclipse.jetty.security.ConstraintSecurityHandler)
DatedEventIndexModule(com.codecademy.eventhub.index.DatedEventIndexModule)
Password(org.eclipse.jetty.util.security.Password)
ConstraintMapping(org.eclipse.jetty.security.ConstraintMapping)
PropertiesIndexModule(com.codecademy.eventhub.index.PropertiesIndexModule)
EventHubModule(com.codecademy.eventhub.EventHubModule)
Constraint(org.eclipse.jetty.util.security.Constraint)
ServletException(javax.servlet.ServletException)
IOException(java.io.IOException)
DmaIdListModule(com.codecademy.eventhub.list.DmaIdListModule)
ShardedEventIndexModule(com.codecademy.eventhub.index.ShardedEventIndexModule)
EventStorageModule(com.codecademy.eventhub.storage.EventStorageModule)
UserStorageModule(com.codecademy.eventhub.storage.UserStorageModule)
DatedEventIndexModule(com.codecademy.eventhub.index.DatedEventIndexModule)
UserEventIndexModule(com.codecademy.eventhub.index.UserEventIndexModule)
PropertiesIndexModule(com.codecademy.eventhub.index.PropertiesIndexModule)
EventHubModule(com.codecademy.eventhub.EventHubModule)
DmaIdListModule(com.codecademy.eventhub.list.DmaIdListModule)
UserStorageModule(com.codecademy.eventhub.storage.UserStorageModule)
ShardedEventIndexModule(com.codecademy.eventhub.index.ShardedEventIndexModule)
EventStorageModule(com.codecademy.eventhub.storage.EventStorageModule)
Aggregations
Password (org.eclipse.jetty.util.security.Password)11
Server (org.eclipse.jetty.server.Server)6
Constraint (org.eclipse.jetty.util.security.Constraint)5
IOException (java.io.IOException)4
ConstraintMapping (org.eclipse.jetty.security.ConstraintMapping)4
ConstraintSecurityHandler (org.eclipse.jetty.security.ConstraintSecurityHandler)4
LocalConnector (org.eclipse.jetty.server.LocalConnector)4
ContextHandler (org.eclipse.jetty.server.handler.ContextHandler)4
SessionHandler (org.eclipse.jetty.server.session.SessionHandler)3
BeforeClass (org.junit.BeforeClass)3
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)2
AuthException (javax.security.auth.message.AuthException)2
HttpServletRequest (javax.servlet.http.HttpServletRequest)2
HttpServletResponse (javax.servlet.http.HttpServletResponse)2
HashLoginService (org.eclipse.jetty.security.HashLoginService)2
BasicAuthenticator (org.eclipse.jetty.security.authentication.BasicAuthenticator)2
DefaultHandler (org.eclipse.jetty.server.handler.DefaultHandler)2
HandlerList (org.eclipse.jetty.server.handler.HandlerList)2
ResourceHandler (org.eclipse.jetty.server.handler.ResourceHandler)2
Before (org.junit.Before)2
