Examples with PAM org.jvnet.libpam.PAM used on opensource projects

Example 11 with PAM

use of org.jvnet.libpam.PAM in project gitblit by gitblit.

the class PAMAuthProvider method authenticate.

@Override
public UserModel authenticate(String username, char[] password) {
    if (CLibrary.libc.getpwnam(username) == null) {
        logger.warn("Can not get PAM passwd for " + username);
        return null;
    }
    PAM pam = null;
    try {
        String serviceName = settings.getString(Keys.realm.pam.serviceName, "system-auth");
        pam = new PAM(serviceName);
        pam.authenticate(username, new String(password));
    } catch (PAMException e) {
        logger.error(e.getMessage());
        return null;
    } finally {
        if (pam != null) {
            pam.dispose();
        }
    }
    UserModel user = userManager.getUserModel(username);
    if (user == null) {
        // create user object for new authenticated user
        user = new UserModel(username.toLowerCase());
    }
    // create a user cookie
    setCookie(user);
    // update user attributes from UnixUser
    user.accountType = getAccountType();
    user.password = Constants.EXTERNAL_ACCOUNT;
    // TODO consider mapping PAM groups to teams
    // push the changes to the backing user service
    updateUser(user);
    return user;
}

Example 12 with PAM

use of org.jvnet.libpam.PAM in project drill by apache.

the class Pam4jUserAuthenticator method authenticate.

@Override
public void authenticate(String user, String password) throws UserAuthenticationException {
    for (String profile : profiles) {
        PAM pam = null;
        try {
            pam = new PAM(profile);
            pam.authenticate(user, password);
        } catch (PAMException ex) {
            logger.error("PAM auth failed for user: {} against {} profile. Exception: {}", user, profile, ex.getMessage());
            throw new UserAuthenticationException(String.format("PAM auth failed for user: %s using profile: %s", user, profile));
        } finally {
            if (pam != null) {
                pam.dispose();
            }
        }
        // No need to check for null unixUser as in case of failure we will not reach here.
        logger.trace("PAM authentication was successful for user: {} using profile: {}", user, profile);
    }
}

Example 13 with PAM

use of org.jvnet.libpam.PAM in project keycloak by keycloak.

the class PAMAuthenticator method authenticate.

/**
 * Returns true if user was successfully authenticated against PAM
 *
 * @return UnixUser object if user was successfully authenticated
 */
public UnixUser authenticate() {
    PAM pam = null;
    UnixUser user = null;
    try {
        pam = new PAM(PAM_SERVICE);
        user = pam.authenticate(username, factors);
    } catch (PAMException e) {
        logger.error("Authentication failed", e);
        e.printStackTrace();
    } finally {
        pam.dispose();
    }
    return user;
}

Example 14 with PAM

use of org.jvnet.libpam.PAM in project knox by apache.

the class KnoxPamRealm method doGetAuthenticationInfo.

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    PAM pam = null;
    UnixUser user = null;
    try {
        pam = new PAM(this.getService());
        UsernamePasswordToken upToken = (UsernamePasswordToken) token;
        user = pam.authenticate(upToken.getUsername(), new String(upToken.getPassword()));
    } catch (PAMException e) {
        handleAuthFailure(token, e.getMessage(), e);
    } finally {
        if (pam != null) {
            pam.dispose();
        }
    }
    HashRequest hashRequest = new HashRequest.Builder().setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build();
    Hash credentialsHash = hashService.computeHash(hashRequest);
    /* Coverity Scan CID 1361684 */
    if (credentialsHash == null) {
        handleAuthFailure(token, "Failed to compute hash", null);
    }
    return new SimpleAuthenticationInfo(new UnixUserPrincipal(user), credentialsHash.toHex(), credentialsHash.getSalt(), getName());
}