Search in sources :

Example 16 with Connection

use of org.openmuc.j60870.Connection in project wildfly by wildfly.

the class SimpleSecurityManager method push.

/**
     * Must be called from within a privileged action.
     *
     * @param securityDomain
     */
public void push(final String securityDomain) {
    // TODO - Handle a null securityDomain here? Yes I think so.
    final SecurityContext previous = SecurityContextAssociation.getSecurityContext();
    contexts.push(previous);
    SecurityContext current = establishSecurityContext(securityDomain);
    if (propagate && previous != null) {
        current.setSubjectInfo(getSubjectInfo(previous));
        current.setIncomingRunAs(previous.getOutgoingRunAs());
    }
    RunAs currentRunAs = current.getIncomingRunAs();
    boolean trusted = currentRunAs != null && currentRunAs instanceof RunAsIdentity;
    if (trusted == false) {
        /*
             * We should only be switching to a context based on an identity from the Remoting connection if we don't already
             * have a trusted identity - this allows for beans to reauthenticate as a different identity.
             */
        if (SecurityActions.remotingContextIsSet()) {
            // In this case the principal and credential will not have been set to set some random values.
            SecurityContextUtil util = current.getUtil();
            Connection connection = SecurityActions.remotingContextGetConnection();
            Principal p = null;
            Object credential = null;
            SecurityIdentity localIdentity = connection.getLocalIdentity();
            if (localIdentity != null) {
                p = new SimplePrincipal(localIdentity.getPrincipal().getName());
                IdentityCredentials privateCredentials = localIdentity.getPrivateCredentials();
                PasswordCredential passwordCredential = privateCredentials.getCredential(PasswordCredential.class, ClearPassword.ALGORITHM_CLEAR);
                if (passwordCredential != null) {
                    credential = new String(passwordCredential.getPassword(ClearPassword.class).getPassword());
                } else {
                    credential = new RemotingConnectionCredential(connection);
                }
            } else {
                throw SecurityLogger.ROOT_LOGGER.noUserPrincipalFound();
            }
            SecurityActions.remotingContextClear();
            util.createSubjectInfo(p, credential, null);
        }
    }
}
Also used : ClearPassword(org.wildfly.security.password.interfaces.ClearPassword) SecurityContextUtil(org.jboss.security.SecurityContextUtil) RunAs(org.jboss.security.RunAs) RunAsIdentity(org.jboss.security.RunAsIdentity) Connection(org.jboss.remoting3.Connection) PasswordCredential(org.wildfly.security.credential.PasswordCredential) SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) SecurityContext(org.jboss.security.SecurityContext) RemotingConnectionCredential(org.jboss.as.security.remoting.RemotingConnectionCredential) Principal(java.security.Principal) SimplePrincipal(org.jboss.security.SimplePrincipal) SimplePrincipal(org.jboss.security.SimplePrincipal) IdentityCredentials(org.wildfly.security.auth.server.IdentityCredentials)

Example 17 with Connection

use of org.openmuc.j60870.Connection in project wildfly by wildfly.

the class RemotingLoginModule method login.

@SuppressWarnings("unchecked")
@Override
public boolean login() throws LoginException {
    if (super.login() == true) {
        log.debug("super.login()==true");
        return true;
    }
    Object credential = getCredential();
    if (credential instanceof RemotingConnectionCredential) {
        Connection con = ((RemotingConnectionCredential) credential).getConnection();
        Principal up = null;
        SecurityIdentity localIdentity = con.getLocalIdentity();
        if (localIdentity != null) {
            up = new RealmUser(localIdentity.getPrincipal().getName());
        }
        // If we found a principal from the connection then authentication succeeded.
        if (up != null) {
            identity = up;
            if (getUseFirstPass()) {
                String userName = identity.getName();
                log.debugf("Storing username '%s'", userName);
                // Add the username to the shared state map
                sharedState.put("javax.security.auth.login.name", identity);
                if (useNewClientCert) {
                    SSLSession session = con.getSslSession();
                    if (session != null) {
                        try {
                            credential = session.getPeerCertificates()[0];
                            log.debug("Using new certificate as credential.");
                        } catch (SSLPeerUnverifiedException e) {
                            log.debugf("No peer certificate available for '%s'", userName);
                        }
                    }
                } else if (useClientCert) {
                    SSLSession session = con.getSslSession();
                    if (session != null) {
                        try {
                            credential = session.getPeerCertificateChain()[0];
                            log.debug("Using certificate as credential.");
                        } catch (SSLPeerUnverifiedException e) {
                            log.debugf("No peer certificate available for '%s'", userName);
                        }
                    }
                }
                sharedState.put("javax.security.auth.login.password", credential);
            }
            loginOk = true;
            return true;
        }
    }
    // username and password has been supplied to a web auth.
    return false;
}
Also used : SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException) Connection(org.jboss.remoting3.Connection) RealmUser(org.jboss.as.core.security.RealmUser) SSLSession(javax.net.ssl.SSLSession) Principal(java.security.Principal)

Example 18 with Connection

use of org.openmuc.j60870.Connection in project okhttp by square.

the class RetryAndFollowUpInterceptor method followUpRequest.

/**
   * Figures out the HTTP request to make in response to receiving {@code userResponse}. This will
   * either add authentication headers, follow redirects or handle a client request timeout. If a
   * follow-up is either unnecessary or not applicable, this returns null.
   */
private Request followUpRequest(Response userResponse) throws IOException {
    if (userResponse == null)
        throw new IllegalStateException();
    Connection connection = streamAllocation.connection();
    Route route = connection != null ? connection.route() : null;
    int responseCode = userResponse.code();
    final String method = userResponse.request().method();
    switch(responseCode) {
        case HTTP_PROXY_AUTH:
            Proxy selectedProxy = route != null ? route.proxy() : client.proxy();
            if (selectedProxy.type() != Proxy.Type.HTTP) {
                throw new ProtocolException("Received HTTP_PROXY_AUTH (407) code while not using proxy");
            }
            return client.proxyAuthenticator().authenticate(route, userResponse);
        case HTTP_UNAUTHORIZED:
            return client.authenticator().authenticate(route, userResponse);
        case HTTP_PERM_REDIRECT:
        case HTTP_TEMP_REDIRECT:
            // or HEAD, the user agent MUST NOT automatically redirect the request"
            if (!method.equals("GET") && !method.equals("HEAD")) {
                return null;
            }
        // fall-through
        case HTTP_MULT_CHOICE:
        case HTTP_MOVED_PERM:
        case HTTP_MOVED_TEMP:
        case HTTP_SEE_OTHER:
            // Does the client allow redirects?
            if (!client.followRedirects())
                return null;
            String location = userResponse.header("Location");
            if (location == null)
                return null;
            HttpUrl url = userResponse.request().url().resolve(location);
            // Don't follow redirects to unsupported protocols.
            if (url == null)
                return null;
            // If configured, don't follow redirects between SSL and non-SSL.
            boolean sameScheme = url.scheme().equals(userResponse.request().url().scheme());
            if (!sameScheme && !client.followSslRedirects())
                return null;
            // Most redirects don't include a request body.
            Request.Builder requestBuilder = userResponse.request().newBuilder();
            if (HttpMethod.permitsRequestBody(method)) {
                final boolean maintainBody = HttpMethod.redirectsWithBody(method);
                if (HttpMethod.redirectsToGet(method)) {
                    requestBuilder.method("GET", null);
                } else {
                    RequestBody requestBody = maintainBody ? userResponse.request().body() : null;
                    requestBuilder.method(method, requestBody);
                }
                if (!maintainBody) {
                    requestBuilder.removeHeader("Transfer-Encoding");
                    requestBuilder.removeHeader("Content-Length");
                    requestBuilder.removeHeader("Content-Type");
                }
            }
            // way to retain them.
            if (!sameConnection(userResponse, url)) {
                requestBuilder.removeHeader("Authorization");
            }
            return requestBuilder.url(url).build();
        case HTTP_CLIENT_TIMEOUT:
            // repeat the request (even non-idempotent ones.)
            if (userResponse.request().body() instanceof UnrepeatableRequestBody) {
                return null;
            }
            return userResponse.request();
        default:
            return null;
    }
}
Also used : ProtocolException(java.net.ProtocolException) Connection(okhttp3.Connection) Request(okhttp3.Request) HttpUrl(okhttp3.HttpUrl) Proxy(java.net.Proxy) Route(okhttp3.Route) RequestBody(okhttp3.RequestBody)

Example 19 with Connection

use of org.openmuc.j60870.Connection in project WeexErosFramework by bmfe.

the class WeexOkhttp3Interceptor method intercept.

@Override
public Response intercept(Chain chain) throws IOException {
    String requestId = String.valueOf(mNextRequestId.getAndIncrement());
    Request request = chain.request();
    mEventReporter = NetworkEventReporterManager.get();
    RequestBodyHelper requestBodyHelper = null;
    if (mEventReporter != null) {
        requestBodyHelper = new RequestBodyHelper(mEventReporter, requestId);
        OkHttpInspectorRequest inspectorRequest = new OkHttpInspectorRequest(requestId, request, requestBodyHelper);
        mEventReporter.requestWillBeSent(inspectorRequest);
    }
    Response response;
    try {
        response = chain.proceed(request);
    } catch (IOException e) {
        if (mEventReporter != null) {
            mEventReporter.httpExchangeFailed(requestId, e.toString());
        }
        throw e;
    }
    if (mEventReporter != null) {
        if (requestBodyHelper.hasBody()) {
            requestBodyHelper.reportDataSent();
        }
        Connection connection = chain.connection();
        mEventReporter.responseHeadersReceived(new OkHttpInspectorResponse(requestId, request, response));
        ResponseBody body = response.body();
        MediaType contentType = null;
        InputStream responseStream = null;
        if (body != null) {
            contentType = body.contentType();
            responseStream = body.byteStream();
        }
        responseStream = mEventReporter.interpretResponseStream(requestId, contentType != null ? contentType.toString() : null, response.header("Content-Encoding"), responseStream, new DefaultResponseHandler(mEventReporter, requestId));
        if (responseStream != null) {
            response = response.newBuilder().body(new ForwardingResponseBody(body, responseStream)).build();
        }
    }
    return response;
}
Also used : InputStream(java.io.InputStream) Request(okhttp3.Request) Connection(okhttp3.Connection) IOException(java.io.IOException) DefaultResponseHandler(com.taobao.weex.devtools.inspector.network.DefaultResponseHandler) ResponseBody(okhttp3.ResponseBody) Response(okhttp3.Response) RequestBodyHelper(com.taobao.weex.devtools.inspector.network.RequestBodyHelper) MediaType(okhttp3.MediaType)

Example 20 with Connection

use of org.openmuc.j60870.Connection in project warn-report by saaavsaaa.

the class LinuxExecUtil method connect.

public Connection connect(String host, String user, String password, String keyPath) throws IOException {
    conn = new Connection(host);
    conn.connect();
    File KeyFile = new File(keyPath);
    boolean isAuthenticated = conn.authenticateWithPublicKey(user, KeyFile, password);
    if (isAuthenticated == false) {
        throw new IOException("Authentication failed.");
    }
    return conn;
}
Also used : Connection(ch.ethz.ssh2.Connection)

Aggregations

Connection (org.ovirt.engine.sdk4.Connection)64 Connection (com.trilead.ssh2.Connection)55 IOException (java.io.IOException)43 Session (com.trilead.ssh2.Session)32 VmsService (org.ovirt.engine.sdk4.services.VmsService)30 Vm (org.ovirt.engine.sdk4.types.Vm)30 InputStream (java.io.InputStream)25 VmService (org.ovirt.engine.sdk4.services.VmService)18 Connection (okhttp3.Connection)15 Connection (ch.ethz.ssh2.Connection)13 Request (okhttp3.Request)13 SystemService (org.ovirt.engine.sdk4.services.SystemService)13 Response (okhttp3.Response)12 StorageDomainsService (org.ovirt.engine.sdk4.services.StorageDomainsService)12 StorageDomain (org.ovirt.engine.sdk4.types.StorageDomain)12 MediaType (okhttp3.MediaType)11 ResponseBody (okhttp3.ResponseBody)11 RequestBody (okhttp3.RequestBody)10 CloudRuntimeException (com.cloud.utils.exception.CloudRuntimeException)9 Charset (java.nio.charset.Charset)9