use of org.geotoolkit.sml.xml.v100.Connection in project wildfly by wildfly.
the class SimpleSecurityManager method push.
/**
* Must be called from within a privileged action.
*
* @param securityDomain
*/
public void push(final String securityDomain) {
// TODO - Handle a null securityDomain here? Yes I think so.
final SecurityContext previous = SecurityContextAssociation.getSecurityContext();
contexts.push(previous);
SecurityContext current = establishSecurityContext(securityDomain);
if (propagate && previous != null) {
current.setSubjectInfo(getSubjectInfo(previous));
current.setIncomingRunAs(previous.getOutgoingRunAs());
}
RunAs currentRunAs = current.getIncomingRunAs();
boolean trusted = currentRunAs != null && currentRunAs instanceof RunAsIdentity;
if (trusted == false) {
/*
* We should only be switching to a context based on an identity from the Remoting connection if we don't already
* have a trusted identity - this allows for beans to reauthenticate as a different identity.
*/
if (SecurityActions.remotingContextIsSet()) {
// In this case the principal and credential will not have been set to set some random values.
SecurityContextUtil util = current.getUtil();
Connection connection = SecurityActions.remotingContextGetConnection();
Principal p = null;
Object credential = null;
SecurityIdentity localIdentity = connection.getLocalIdentity();
if (localIdentity != null) {
p = new SimplePrincipal(localIdentity.getPrincipal().getName());
IdentityCredentials privateCredentials = localIdentity.getPrivateCredentials();
PasswordCredential passwordCredential = privateCredentials.getCredential(PasswordCredential.class, ClearPassword.ALGORITHM_CLEAR);
if (passwordCredential != null) {
credential = new String(passwordCredential.getPassword(ClearPassword.class).getPassword());
} else {
credential = new RemotingConnectionCredential(connection);
}
} else {
throw SecurityLogger.ROOT_LOGGER.noUserPrincipalFound();
}
SecurityActions.remotingContextClear();
util.createSubjectInfo(p, credential, null);
}
}
}
use of org.geotoolkit.sml.xml.v100.Connection in project wildfly by wildfly.
the class RemotingLoginModule method login.
@SuppressWarnings("unchecked")
@Override
public boolean login() throws LoginException {
if (super.login() == true) {
log.debug("super.login()==true");
return true;
}
Object credential = getCredential();
if (credential instanceof RemotingConnectionCredential) {
Connection con = ((RemotingConnectionCredential) credential).getConnection();
Principal up = null;
SecurityIdentity localIdentity = con.getLocalIdentity();
if (localIdentity != null) {
up = new RealmUser(localIdentity.getPrincipal().getName());
}
// If we found a principal from the connection then authentication succeeded.
if (up != null) {
identity = up;
if (getUseFirstPass()) {
String userName = identity.getName();
log.debugf("Storing username '%s'", userName);
// Add the username to the shared state map
sharedState.put("javax.security.auth.login.name", identity);
if (useNewClientCert) {
SSLSession session = con.getSslSession();
if (session != null) {
try {
credential = session.getPeerCertificates()[0];
log.debug("Using new certificate as credential.");
} catch (SSLPeerUnverifiedException e) {
log.debugf("No peer certificate available for '%s'", userName);
}
}
} else if (useClientCert) {
SSLSession session = con.getSslSession();
if (session != null) {
try {
credential = session.getPeerCertificateChain()[0];
log.debug("Using certificate as credential.");
} catch (SSLPeerUnverifiedException e) {
log.debugf("No peer certificate available for '%s'", userName);
}
}
}
sharedState.put("javax.security.auth.login.password", credential);
}
loginOk = true;
return true;
}
}
// username and password has been supplied to a web auth.
return false;
}
use of org.geotoolkit.sml.xml.v100.Connection in project okhttp by square.
the class RetryAndFollowUpInterceptor method followUpRequest.
/**
* Figures out the HTTP request to make in response to receiving {@code userResponse}. This will
* either add authentication headers, follow redirects or handle a client request timeout. If a
* follow-up is either unnecessary or not applicable, this returns null.
*/
private Request followUpRequest(Response userResponse) throws IOException {
if (userResponse == null)
throw new IllegalStateException();
Connection connection = streamAllocation.connection();
Route route = connection != null ? connection.route() : null;
int responseCode = userResponse.code();
final String method = userResponse.request().method();
switch(responseCode) {
case HTTP_PROXY_AUTH:
Proxy selectedProxy = route != null ? route.proxy() : client.proxy();
if (selectedProxy.type() != Proxy.Type.HTTP) {
throw new ProtocolException("Received HTTP_PROXY_AUTH (407) code while not using proxy");
}
return client.proxyAuthenticator().authenticate(route, userResponse);
case HTTP_UNAUTHORIZED:
return client.authenticator().authenticate(route, userResponse);
case HTTP_PERM_REDIRECT:
case HTTP_TEMP_REDIRECT:
// or HEAD, the user agent MUST NOT automatically redirect the request"
if (!method.equals("GET") && !method.equals("HEAD")) {
return null;
}
// fall-through
case HTTP_MULT_CHOICE:
case HTTP_MOVED_PERM:
case HTTP_MOVED_TEMP:
case HTTP_SEE_OTHER:
// Does the client allow redirects?
if (!client.followRedirects())
return null;
String location = userResponse.header("Location");
if (location == null)
return null;
HttpUrl url = userResponse.request().url().resolve(location);
// Don't follow redirects to unsupported protocols.
if (url == null)
return null;
// If configured, don't follow redirects between SSL and non-SSL.
boolean sameScheme = url.scheme().equals(userResponse.request().url().scheme());
if (!sameScheme && !client.followSslRedirects())
return null;
// Most redirects don't include a request body.
Request.Builder requestBuilder = userResponse.request().newBuilder();
if (HttpMethod.permitsRequestBody(method)) {
final boolean maintainBody = HttpMethod.redirectsWithBody(method);
if (HttpMethod.redirectsToGet(method)) {
requestBuilder.method("GET", null);
} else {
RequestBody requestBody = maintainBody ? userResponse.request().body() : null;
requestBuilder.method(method, requestBody);
}
if (!maintainBody) {
requestBuilder.removeHeader("Transfer-Encoding");
requestBuilder.removeHeader("Content-Length");
requestBuilder.removeHeader("Content-Type");
}
}
// way to retain them.
if (!sameConnection(userResponse, url)) {
requestBuilder.removeHeader("Authorization");
}
return requestBuilder.url(url).build();
case HTTP_CLIENT_TIMEOUT:
// repeat the request (even non-idempotent ones.)
if (userResponse.request().body() instanceof UnrepeatableRequestBody) {
return null;
}
return userResponse.request();
default:
return null;
}
}
use of org.geotoolkit.sml.xml.v100.Connection in project WeexErosFramework by bmfe.
the class WeexOkhttp3Interceptor method intercept.
@Override
public Response intercept(Chain chain) throws IOException {
String requestId = String.valueOf(mNextRequestId.getAndIncrement());
Request request = chain.request();
mEventReporter = NetworkEventReporterManager.get();
RequestBodyHelper requestBodyHelper = null;
if (mEventReporter != null) {
requestBodyHelper = new RequestBodyHelper(mEventReporter, requestId);
OkHttpInspectorRequest inspectorRequest = new OkHttpInspectorRequest(requestId, request, requestBodyHelper);
mEventReporter.requestWillBeSent(inspectorRequest);
}
Response response;
try {
response = chain.proceed(request);
} catch (IOException e) {
if (mEventReporter != null) {
mEventReporter.httpExchangeFailed(requestId, e.toString());
}
throw e;
}
if (mEventReporter != null) {
if (requestBodyHelper.hasBody()) {
requestBodyHelper.reportDataSent();
}
Connection connection = chain.connection();
mEventReporter.responseHeadersReceived(new OkHttpInspectorResponse(requestId, request, response));
ResponseBody body = response.body();
MediaType contentType = null;
InputStream responseStream = null;
if (body != null) {
contentType = body.contentType();
responseStream = body.byteStream();
}
responseStream = mEventReporter.interpretResponseStream(requestId, contentType != null ? contentType.toString() : null, response.header("Content-Encoding"), responseStream, new DefaultResponseHandler(mEventReporter, requestId));
if (responseStream != null) {
response = response.newBuilder().body(new ForwardingResponseBody(body, responseStream)).build();
}
}
return response;
}
use of org.geotoolkit.sml.xml.v100.Connection in project warn-report by saaavsaaa.
the class LinuxExecUtil method connect.
public Connection connect(String host, String user, String password, String keyPath) throws IOException {
conn = new Connection(host);
conn.connect();
File KeyFile = new File(keyPath);
boolean isAuthenticated = conn.authenticateWithPublicKey(user, KeyFile, password);
if (isAuthenticated == false) {
throw new IOException("Authentication failed.");
}
return conn;
}
Aggregations