Search in sources :

Example 1 with TokenRealmConfiguration

use of org.infinispan.server.configuration.security.TokenRealmConfiguration in project infinispan by infinispan.

the class Server method getLoginConfiguration.

@Override
public Map<String, String> getLoginConfiguration(ProtocolServer protocolServer) {
    Map<String, String> loginConfiguration = new HashMap<>();
    // Get the REST endpoint's authentication configuration
    RestServerConfiguration rest = (RestServerConfiguration) protocolServer.getConfiguration();
    if (rest.authentication().mechanisms().contains("BEARER_TOKEN")) {
        // Find the token realm
        RealmConfiguration realm = serverConfiguration.security().realms().getRealm(rest.authentication().securityRealm());
        TokenRealmConfiguration realmConfiguration = realm.realmProviders().stream().filter(r -> r instanceof TokenRealmConfiguration).map(r -> (TokenRealmConfiguration) r).findFirst().get();
        loginConfiguration.put("mode", "OIDC");
        loginConfiguration.put("url", realmConfiguration.authServerUrl());
        loginConfiguration.put("realm", realmConfiguration.name());
        loginConfiguration.put("clientId", realmConfiguration.clientId());
    } else {
        loginConfiguration.put("mode", "HTTP");
        for (String mechanism : rest.authentication().mechanisms()) {
            loginConfiguration.put(mechanism, "true");
        }
    }
    Authenticator authenticator = rest.authentication().authenticator();
    loginConfiguration.put("ready", Boolean.toString(authenticator == null || authenticator.isReadyForHttpChallenge()));
    return loginConfiguration;
}
Also used : SSLContext(javax.net.ssl.SSLContext) ConfigurationBuilder(org.infinispan.configuration.cache.ConfigurationBuilder) LogFactory(org.infinispan.util.logging.LogFactory) DataSourceFactory(org.infinispan.server.datasource.DataSourceFactory) WildFlyElytronHttpBasicProvider(org.wildfly.security.http.basic.WildFlyElytronHttpBasicProvider) KnownComponentNames(org.infinispan.factories.KnownComponentNames) GlobalConfigurationManager(org.infinispan.globalstate.GlobalConfigurationManager) Log(org.infinispan.server.logging.Log) WildFlyElytronHttpSpnegoProvider(org.wildfly.security.http.spnego.WildFlyElytronHttpSpnegoProvider) WildFlyElytronHttpClientCertProvider(org.wildfly.security.http.cert.WildFlyElytronHttpClientCertProvider) BasicComponentRegistry(org.infinispan.factories.impl.BasicComponentRegistry) DefaultCacheManager(org.infinispan.manager.DefaultCacheManager) ConfigurationBuilderHolder(org.infinispan.configuration.parsing.ConfigurationBuilderHolder) Map(java.util.Map) TaskManager(org.infinispan.tasks.TaskManager) DataSourceConfiguration(org.infinispan.server.configuration.DataSourceConfiguration) ElytronSASLAuthenticationProvider(org.infinispan.server.security.ElytronSASLAuthenticationProvider) ServerStateManagerImpl(org.infinispan.server.state.ServerStateManagerImpl) Path(java.nio.file.Path) NamingManager(javax.naming.spi.NamingManager) HotRodServer(org.infinispan.server.hotrod.HotRodServer) WildFlyElytronSaslExternalProvider(org.wildfly.security.sasl.external.WildFlyElytronSaslExternalProvider) WildFlyElytronSaslScramProvider(org.wildfly.security.sasl.scram.WildFlyElytronSaslScramProvider) InitialContext(javax.naming.InitialContext) SinglePortRouteSource(org.infinispan.server.router.routes.singleport.SinglePortRouteSource) JGroupsTransport(org.infinispan.remoting.transport.jgroups.JGroupsTransport) NamedSocketFactory(org.infinispan.remoting.transport.jgroups.NamedSocketFactory) AuthorizationPermission(org.infinispan.security.AuthorizationPermission) Set(java.util.Set) EndpointConfiguration(org.infinispan.server.configuration.endpoint.EndpointConfiguration) Executors(java.util.concurrent.Executors) ComponentStatus(org.infinispan.lifecycle.ComponentStatus) RouteDestination(org.infinispan.server.router.routes.RouteDestination) CompletionStage(java.util.concurrent.CompletionStage) ConfigurationFor(org.infinispan.commons.configuration.ConfigurationFor) RestServerRouteDestination(org.infinispan.server.router.routes.rest.RestServerRouteDestination) SerializeWith(org.infinispan.commons.marshall.SerializeWith) ProtocolServerConfiguration(org.infinispan.server.core.configuration.ProtocolServerConfiguration) RouteSource(org.infinispan.server.router.routes.RouteSource) StringBuilderWriter(org.infinispan.commons.io.StringBuilderWriter) SerializableFunction(org.infinispan.util.function.SerializableFunction) HotRodServerRouteDestination(org.infinispan.server.router.routes.hotrod.HotRodServerRouteDestination) EndpointConfigurationBuilder(org.infinispan.server.configuration.endpoint.EndpointConfigurationBuilder) Supplier(java.util.function.Supplier) EmbeddedCacheManager(org.infinispan.manager.EmbeddedCacheManager) ClusterExecutor(org.infinispan.manager.ClusterExecutor) WildFlyElytronSaslLocalUserProvider(org.wildfly.security.sasl.localuser.WildFlyElytronSaslLocalUserProvider) ScheduledExecutorService(java.util.concurrent.ScheduledExecutorService) ProtocolServerConfigurationBuilder(org.infinispan.server.core.configuration.ProtocolServerConfigurationBuilder) Address(org.infinispan.remoting.transport.Address) Route(org.infinispan.server.router.routes.Route) PrivilegedActionException(java.security.PrivilegedActionException) Properties(java.util.Properties) GlobalConfigurationBuilder(org.infinispan.configuration.global.GlobalConfigurationBuilder) IOException(java.io.IOException) Authenticator(org.infinispan.rest.authentication.Authenticator) ServerManagement(org.infinispan.server.core.ServerManagement) InputStreamReader(java.io.InputStreamReader) TransportSecurityConfiguration(org.infinispan.server.configuration.security.TransportSecurityConfiguration) File(java.io.File) BackupManager(org.infinispan.server.core.BackupManager) WildFlyElytronSaslGs2Provider(org.wildfly.security.sasl.gs2.WildFlyElytronSaslGs2Provider) ServerConfiguration(org.infinispan.server.configuration.ServerConfiguration) Paths(java.nio.file.Paths) RespServerConfiguration(org.infinispan.server.resp.configuration.RespServerConfiguration) BufferedReader(java.io.BufferedReader) RestServerConfiguration(org.infinispan.rest.configuration.RestServerConfiguration) DefaultTimeService(org.infinispan.commons.time.DefaultTimeService) ConfigurationWriter(org.infinispan.commons.configuration.io.ConfigurationWriter) URL(java.net.URL) ObjectOutput(java.io.ObjectOutput) ServerAdminOperationsHandler(org.infinispan.server.tasks.admin.ServerAdminOperationsHandler) LoggingAuditLogger(org.infinispan.security.audit.LoggingAuditLogger) ProtocolServer(org.infinispan.server.core.ProtocolServer) CompletableFutures(org.infinispan.util.concurrent.CompletableFutures) ProcessInfo(org.infinispan.commons.jdkspecific.ProcessInfo) CacheConfigurationException(org.infinispan.commons.CacheConfigurationException) WildFlyElytronHttpBearerProvider(org.wildfly.security.http.bearer.WildFlyElytronHttpBearerProvider) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) RespServerRouteDestination(org.infinispan.server.router.routes.resp.RespServerRouteDestination) Collectors(java.util.stream.Collectors) List(java.util.List) OS(org.infinispan.commons.util.OS) ObjectInput(java.io.ObjectInput) TokenRealmConfiguration(org.infinispan.server.configuration.security.TokenRealmConfiguration) SinglePortRouterConfiguration(org.infinispan.server.router.configuration.SinglePortRouterConfiguration) RealmConfiguration(org.infinispan.server.configuration.security.RealmConfiguration) WildFlyElytronHttpDigestProvider(org.wildfly.security.http.digest.WildFlyElytronHttpDigestProvider) RestServer(org.infinispan.rest.RestServer) HashMap(java.util.HashMap) CompletableFuture(java.util.concurrent.CompletableFuture) WildFlyElytronSaslOAuth2Provider(org.wildfly.security.sasl.oauth2.WildFlyElytronSaslOAuth2Provider) RequestTracer(org.infinispan.server.core.RequestTracer) WildFlyElytronSaslGssapiProvider(org.wildfly.security.sasl.gssapi.WildFlyElytronSaslGssapiProvider) ServerStateManager(org.infinispan.server.core.ServerStateManager) Version(org.infinispan.commons.util.Version) BackupManagerImpl(org.infinispan.server.core.backup.BackupManagerImpl) WildFlyElytronSaslDigestProvider(org.wildfly.security.sasl.digest.WildFlyElytronSaslDigestProvider) DataSource(javax.sql.DataSource) ServerConfigurationSerializer(org.infinispan.server.configuration.ServerConfigurationSerializer) ElytronRESPAuthenticator(org.infinispan.server.security.ElytronRESPAuthenticator) Util(org.infinispan.commons.util.Util) RoutingTable(org.infinispan.server.router.RoutingTable) ServerInitialContextFactoryBuilder(org.infinispan.server.context.ServerInitialContextFactoryBuilder) HotRodServerConfiguration(org.infinispan.server.hotrod.configuration.HotRodServerConfiguration) RespServer(org.infinispan.server.resp.RespServer) Security(org.infinispan.security.Security) TimeUnit(java.util.concurrent.TimeUnit) WildFlyElytronSaslPlainProvider(org.wildfly.security.sasl.plain.WildFlyElytronSaslPlainProvider) ServerConfigurationBuilder(org.infinispan.server.configuration.ServerConfigurationBuilder) Configuration(org.infinispan.configuration.cache.Configuration) ParserRegistry(org.infinispan.configuration.parsing.ParserRegistry) ElytronHTTPAuthenticator(org.infinispan.server.security.ElytronHTTPAuthenticator) SinglePortEndpointRouter(org.infinispan.server.router.router.impl.singleport.SinglePortEndpointRouter) BlockingManager(org.infinispan.util.concurrent.BlockingManager) Collections(java.util.Collections) LogManager(org.apache.logging.log4j.LogManager) TimeService(org.infinispan.commons.time.TimeService) TokenRealmConfiguration(org.infinispan.server.configuration.security.TokenRealmConfiguration) RealmConfiguration(org.infinispan.server.configuration.security.RealmConfiguration) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap) TokenRealmConfiguration(org.infinispan.server.configuration.security.TokenRealmConfiguration) RestServerConfiguration(org.infinispan.rest.configuration.RestServerConfiguration) Authenticator(org.infinispan.rest.authentication.Authenticator) ElytronRESPAuthenticator(org.infinispan.server.security.ElytronRESPAuthenticator) ElytronHTTPAuthenticator(org.infinispan.server.security.ElytronHTTPAuthenticator)

Example 2 with TokenRealmConfiguration

use of org.infinispan.server.configuration.security.TokenRealmConfiguration in project infinispan by infinispan.

the class ServerConfigurationSerializer method writeSecurityRealms.

private void writeSecurityRealms(ConfigurationWriter writer, RealmsConfiguration realms) {
    if (!realms.realms().isEmpty()) {
        writer.writeStartArrayElement(Element.SECURITY_REALMS);
        for (Map.Entry<String, RealmConfiguration> e : realms.realms().entrySet()) {
            RealmConfiguration realm = e.getValue();
            writer.writeStartElement(Element.SECURITY_REALM);
            realm.attributes().write(writer);
            writeServerIdentities(writer, realm.serverIdentitiesConfiguration());
            for (RealmProvider provider : realm.realmProviders()) {
                if (provider instanceof FileSystemRealmConfiguration) {
                    writeRealm(writer, (FileSystemRealmConfiguration) provider);
                } else if (provider instanceof LdapRealmConfiguration) {
                    writeRealm(writer, (LdapRealmConfiguration) provider);
                } else if (provider instanceof LocalRealmConfiguration) {
                    writeRealm(writer, (LocalRealmConfiguration) provider);
                } else if (provider instanceof PropertiesRealmConfiguration) {
                    writeRealm(writer, (PropertiesRealmConfiguration) provider);
                } else if (provider instanceof TokenRealmConfiguration) {
                    writeRealm(writer, (TokenRealmConfiguration) provider);
                } else if (provider instanceof TrustStoreConfiguration) {
                    writeRealm(writer, (TrustStoreRealmConfiguration) provider);
                }
            }
            // SECURITY_REALM
            writer.writeEndElement();
        }
        // SECURITY_REALMS
        writer.writeEndArrayElement();
    }
}
Also used : RealmConfiguration(org.infinispan.server.configuration.security.RealmConfiguration) LdapRealmConfiguration(org.infinispan.server.configuration.security.LdapRealmConfiguration) LocalRealmConfiguration(org.infinispan.server.configuration.security.LocalRealmConfiguration) TrustStoreRealmConfiguration(org.infinispan.server.configuration.security.TrustStoreRealmConfiguration) TokenRealmConfiguration(org.infinispan.server.configuration.security.TokenRealmConfiguration) PropertiesRealmConfiguration(org.infinispan.server.configuration.security.PropertiesRealmConfiguration) FileSystemRealmConfiguration(org.infinispan.server.configuration.security.FileSystemRealmConfiguration) PropertiesRealmConfiguration(org.infinispan.server.configuration.security.PropertiesRealmConfiguration) TrustStoreConfiguration(org.infinispan.server.configuration.security.TrustStoreConfiguration) RealmProvider(org.infinispan.server.configuration.security.RealmProvider) LocalRealmConfiguration(org.infinispan.server.configuration.security.LocalRealmConfiguration) TokenRealmConfiguration(org.infinispan.server.configuration.security.TokenRealmConfiguration) FileSystemRealmConfiguration(org.infinispan.server.configuration.security.FileSystemRealmConfiguration) LdapRealmConfiguration(org.infinispan.server.configuration.security.LdapRealmConfiguration) TrustStoreRealmConfiguration(org.infinispan.server.configuration.security.TrustStoreRealmConfiguration) Map(java.util.Map)

Aggregations

Map (java.util.Map)2 BufferedReader (java.io.BufferedReader)1 File (java.io.File)1 IOException (java.io.IOException)1 InputStreamReader (java.io.InputStreamReader)1 ObjectInput (java.io.ObjectInput)1 ObjectOutput (java.io.ObjectOutput)1 URL (java.net.URL)1 Path (java.nio.file.Path)1 Paths (java.nio.file.Paths)1 PrivilegedActionException (java.security.PrivilegedActionException)1 Collections (java.util.Collections)1 HashMap (java.util.HashMap)1 List (java.util.List)1 Properties (java.util.Properties)1 Set (java.util.Set)1 CompletableFuture (java.util.concurrent.CompletableFuture)1 CompletionStage (java.util.concurrent.CompletionStage)1 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)1 Executors (java.util.concurrent.Executors)1