Example 1 with PAM
use of org.jvnet.libpam.PAM in project athenz by yahoo.
the class UserAuthorityTest method testAuthenticateException.
@Test
public void testAuthenticateException() throws PAMException {
PAM pam = Mockito.mock(PAM.class);
UserAuthority userAuthority = new UserAuthority();
userAuthority.setPAM(pam);
Mockito.when(pam.authenticate("testuser", "testpwd")).thenReturn(null);
Principal principal = userAuthority.authenticate("Basic dGVzdHVzZXI6dGVzdHB3ZA==", "10.72.118.45", "GET", null);
assertNull(principal);
principal = userAuthority.authenticate("Basic ", "10.72.118.45", "GET", null);
assertNull(principal);
}Example 2 with PAM
use of org.jvnet.libpam.PAM in project athenz by yahoo.
the class UserAuthorityTest method testNullSimplePrincipal.
@Test
public void testNullSimplePrincipal() throws PAMException {
PAM pam = Mockito.mock(PAM.class);
UnixUser user = Mockito.mock(UnixUser.class);
Mockito.when(pam.authenticate("testuser", "testpwd")).thenReturn(user);
UserAuthority authority = new UserAuthority();
UserAuthority userAuthority = Mockito.spy(authority);
doReturn(null).when(userAuthority).getSimplePrincipal(anyString(), anyString(), anyLong());
userAuthority.setPAM(pam);
String expectedDomain = "user";
assertEquals(userAuthority.getDomain(), expectedDomain);
String expectedHeader = "Authorization";
assertEquals(userAuthority.getHeader(), expectedHeader);
assertTrue(userAuthority.isValidUser("user1"));
StringBuilder errMsg = new StringBuilder();
String testToken = "Basic dGVzdHVzZXI6dGVzdHB3ZA==";
Principal principal = userAuthority.authenticate(testToken, "10.72.118.45", "GET", errMsg);
assertNull(principal);
}
Also used :
UnixUser(org.jvnet.libpam.UnixUser)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
PAM(org.jvnet.libpam.PAM)
Principal(com.yahoo.athenz.auth.Principal)
Test(org.testng.annotations.Test)
Example 3 with PAM
use of org.jvnet.libpam.PAM in project drill by axbaretto.
the class Pam4jUserAuthenticator method authenticate.
@Override
public void authenticate(String user, String password) throws UserAuthenticationException {
for (String profile : profiles) {
PAM pam = null;
try {
pam = new PAM(profile);
pam.authenticate(user, password);
} catch (PAMException ex) {
logger.error("PAM auth failed for user: {} against {} profile. Exception: {}", user, profile, ex.getMessage());
throw new UserAuthenticationException(String.format("PAM auth failed for user: %s using profile: %s", user, profile));
} finally {
if (pam != null) {
pam.dispose();
}
}
// No need to check for null unixUser as in case of failure we will not reach here.
logger.trace("PAM authentication was successful for user: {} using profile: {}", user, profile);
}
}
Also used :
PAM(org.jvnet.libpam.PAM)
PAMException(org.jvnet.libpam.PAMException)
Example 4 with PAM
use of org.jvnet.libpam.PAM in project knox by apache.
the class KnoxPamRealm method doGetAuthenticationInfo.
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
UnixUser user = null;
try {
user = (new PAM(this.getService())).authenticate(upToken.getUsername(), new String(upToken.getPassword()));
} catch (PAMException e) {
handleAuthFailure(token, e.getMessage(), e);
}
HashRequest.Builder builder = new HashRequest.Builder();
Hash credentialsHash = hashService.computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
/* Coverity Scan CID 1361684 */
if (credentialsHash == null) {
handleAuthFailure(token, "Failed to compute hash", null);
}
return new SimpleAuthenticationInfo(new UnixUserPrincipal(user), credentialsHash.toHex(), credentialsHash.getSalt(), getName());
}
Also used :
UnixUser(org.jvnet.libpam.UnixUser)
SimpleAuthenticationInfo(org.apache.shiro.authc.SimpleAuthenticationInfo)
PAM(org.jvnet.libpam.PAM)
PAMException(org.jvnet.libpam.PAMException)
UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)
Example 5 with PAM
use of org.jvnet.libpam.PAM in project athenz by yahoo.
the class UserAuthorityTest method testUserAuthorityAuthenticateException.
@Test
public void testUserAuthorityAuthenticateException() throws PAMException {
PAM pam = Mockito.mock(PAM.class);
UserAuthority userAuthority = new UserAuthority();
userAuthority.setPAM(pam);
Mockito.when(pam.authenticate("testuser", "testpwd")).thenThrow(RuntimeException.class);
Principal principal = userAuthority.authenticate("Basic dGVzdHVzZXI6dGVždšB3ZA==", "10.72.118.45", "GET", null);
assertNull(principal);
principal = userAuthority.authenticate("Basic dGVzdHVzZXI6dGVzdHB3ZA==", "10.72.118.45", "GET", null);
assertNull(principal);
}Aggregations
PAM (org.jvnet.libpam.PAM)14
PAMException (org.jvnet.libpam.PAMException)8
UnixUser (org.jvnet.libpam.UnixUser)7
Test (org.testng.annotations.Test)6
Principal (com.yahoo.athenz.auth.Principal)5
SimpleAuthenticationInfo (org.apache.shiro.authc.SimpleAuthenticationInfo)3
UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)3
AuthenticationException (org.apache.shiro.authc.AuthenticationException)2
ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)2
UserModel (com.gitblit.models.UserModel)1
PamRealm (com.sun.enterprise.security.auth.realm.pam.PamRealm)1
LoginException (javax.security.auth.login.LoginException)1
