Example 1 with AuthenticationManager
use of org.jboss.security.AuthenticationManager in project wildfly by wildfly.
the class SimpleSecurityManager method authenticate.
private boolean authenticate(SecurityContext context, Subject subject) {
SecurityContextUtil util = context.getUtil();
SubjectInfo subjectInfo = getSubjectInfo(context);
if (subject == null) {
subject = new Subject();
}
Principal principal = util.getUserPrincipal();
Principal auditPrincipal = principal;
Object credential = util.getCredential();
Identity unauthenticatedIdentity = null;
boolean authenticated = false;
if (principal == null) {
unauthenticatedIdentity = getUnauthenticatedIdentity();
subjectInfo.addIdentity(unauthenticatedIdentity);
auditPrincipal = unauthenticatedIdentity.asPrincipal();
subject.getPrincipals().add(auditPrincipal);
authenticated = true;
} else {
subject.getPrincipals().add(principal);
}
if (authenticated == false) {
AuthenticationManager authenticationManager = context.getAuthenticationManager();
authenticated = authenticationManager.isValid(principal, credential, subject);
}
if (authenticated == true) {
subjectInfo.setAuthenticatedSubject(subject);
}
AuditManager auditManager = context.getAuditManager();
if (auditManager != null) {
audit(authenticated ? AuditLevel.SUCCESS : AuditLevel.FAILURE, auditManager, auditPrincipal);
}
return authenticated;
}
Also used :
AuthenticationManager(org.jboss.security.AuthenticationManager)
SecurityContextUtil(org.jboss.security.SecurityContextUtil)
SubjectInfo(org.jboss.security.SubjectInfo)
SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity)
Identity(org.jboss.security.identity.Identity)
SimpleIdentity(org.jboss.security.identity.plugins.SimpleIdentity)
RunAsIdentity(org.jboss.security.RunAsIdentity)
Subject(javax.security.auth.Subject)
Principal(java.security.Principal)
SimplePrincipal(org.jboss.security.SimplePrincipal)
AuditManager(org.jboss.security.audit.AuditManager)
Example 2 with AuthenticationManager
use of org.jboss.security.AuthenticationManager in project wildfly by wildfly.
the class JNDIBasedSecurityManagement method getAuthenticationManager.
/** {@inheritDoc} */
public AuthenticationManager getAuthenticationManager(String securityDomain) {
AuthenticationManager am = null;
try {
am = authMgrMap.get(securityDomain);
if (am == null) {
am = (AuthenticationManager) lookUpJNDI(securityDomain + "/authenticationMgr");
authMgrMap.put(securityDomain, am);
}
} catch (Exception e) {
SecurityLogger.ROOT_LOGGER.tracef(e, "Exception getting AuthenticationManager for domain=%s", securityDomain);
}
return am;
}
Also used :
AuthenticationManager(org.jboss.security.AuthenticationManager)
Example 3 with AuthenticationManager
use of org.jboss.security.AuthenticationManager in project wildfly by wildfly.
the class UndertowDeploymentInfoService method handleAuthManagerLogout.
private void handleAuthManagerLogout(DeploymentInfo deploymentInfo, JBossWebMetaData mergedMetaData) {
if (securityDomain == null) {
return;
}
AuthenticationManager manager = securityDomainContextValue.getValue().getAuthenticationManager();
deploymentInfo.addNotificationReceiver(new LogoutNotificationReceiver(manager, securityDomain));
if (mergedMetaData.isFlushOnSessionInvalidation()) {
LogoutSessionListener listener = new LogoutSessionListener(manager);
deploymentInfo.addListener(Servlets.listener(LogoutSessionListener.class, new ImmediateInstanceFactory<EventListener>(listener)));
}
}
Also used :
JBossCachedAuthenticationManager(org.jboss.security.authentication.JBossCachedAuthenticationManager)
AuthenticationManager(org.jboss.security.AuthenticationManager)
LogoutNotificationReceiver(org.wildfly.extension.undertow.security.LogoutNotificationReceiver)
ImmediateInstanceFactory(io.undertow.servlet.util.ImmediateInstanceFactory)
Example 4 with AuthenticationManager
use of org.jboss.security.AuthenticationManager in project wildfly by wildfly.
the class UndertowDeploymentInfoService method stop.
@Override
public synchronized void stop(final StopContext stopContext) {
IoUtils.safeClose(this.deploymentInfo.getResourceManager());
if (securityDomain != null && securityFunction.getOptionalValue() == null) {
AuthenticationManager authManager = securityDomainContextValue.getValue().getAuthenticationManager();
if (authManager != null && authManager instanceof JBossCachedAuthenticationManager) {
((JBossCachedAuthenticationManager) authManager).releaseModuleEntries(module.getClassLoader());
}
}
this.deploymentInfo.setConfidentialPortManager(null);
this.deploymentInfo = null;
if (registration != null) {
registration.cancel();
}
}
Also used :
JBossCachedAuthenticationManager(org.jboss.security.authentication.JBossCachedAuthenticationManager)
AuthenticationManager(org.jboss.security.AuthenticationManager)
JBossCachedAuthenticationManager(org.jboss.security.authentication.JBossCachedAuthenticationManager)
Example 5 with AuthenticationManager
use of org.jboss.security.AuthenticationManager in project wildfly by wildfly.
the class JAASIdentityManagerImpl method verifyCredential.
private Account verifyCredential(final AccountImpl account, final Object credential) {
final AuthenticationManager authenticationManager = securityDomainContext.getAuthenticationManager();
final AuthorizationManager authorizationManager = securityDomainContext.getAuthorizationManager();
final SecurityContext sc = SecurityActions.getSecurityContext();
Principal incomingPrincipal = account.getOriginalPrincipal();
Subject subject = new Subject();
try {
boolean isValid = authenticationManager.isValid(incomingPrincipal, credential, subject);
if (isValid) {
UndertowLogger.ROOT_LOGGER.tracef("User: %s is authenticated", incomingPrincipal);
if (sc == null) {
throw UndertowLogger.ROOT_LOGGER.noSecurityContext();
}
Principal userPrincipal = getPrincipal(subject);
sc.getUtil().createSubjectInfo(incomingPrincipal, credential, subject);
SecurityContextCallbackHandler scb = new SecurityContextCallbackHandler(sc);
RoleGroup roles = authorizationManager.getSubjectRoles(subject, scb);
Set<String> roleSet = new HashSet<>();
for (Role role : roles.getRoles()) {
roleSet.add(role.getRoleName());
}
return new AccountImpl(userPrincipal, roleSet, credential, account.getOriginalPrincipal());
}
} catch (Exception e) {
throw new RuntimeException(e);
}
return null;
}
Also used :
SecurityContextCallbackHandler(org.jboss.security.callbacks.SecurityContextCallbackHandler)
Subject(javax.security.auth.Subject)
RoleGroup(org.jboss.security.identity.RoleGroup)
AuthenticationManager(org.jboss.security.AuthenticationManager)
Role(org.jboss.security.identity.Role)
SecurityContext(org.jboss.security.SecurityContext)
AuthorizationManager(org.jboss.security.AuthorizationManager)
Principal(java.security.Principal)
HashSet(java.util.HashSet)
Aggregations
AuthenticationManager (org.jboss.security.AuthenticationManager)7
Principal (java.security.Principal)3
Subject (javax.security.auth.Subject)2
JBossCachedAuthenticationManager (org.jboss.security.authentication.JBossCachedAuthenticationManager)2
ImmediateInstanceFactory (io.undertow.servlet.util.ImmediateInstanceFactory)1
HashSet (java.util.HashSet)1
Map (java.util.Map)1
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)1
CallbackHandler (javax.security.auth.callback.CallbackHandler)1
AuthorizationManager (org.jboss.security.AuthorizationManager)1
CacheableManager (org.jboss.security.CacheableManager)1
RunAsIdentity (org.jboss.security.RunAsIdentity)1
SecurityContext (org.jboss.security.SecurityContext)1
SecurityContextUtil (org.jboss.security.SecurityContextUtil)1
SimplePrincipal (org.jboss.security.SimplePrincipal)1
SubjectInfo (org.jboss.security.SubjectInfo)1
AuditManager (org.jboss.security.audit.AuditManager)1
SecurityContextCallbackHandler (org.jboss.security.callbacks.SecurityContextCallbackHandler)1
Identity (org.jboss.security.identity.Identity)1
Role (org.jboss.security.identity.Role)1
