Search in sources :

Example 16 with Connection

use of org.osate.aadl2.Connection in project wildfly by wildfly.

the class SimpleSecurityManager method push.

/**
     * Must be called from within a privileged action.
     *
     * @param securityDomain
     */
public void push(final String securityDomain) {
    // TODO - Handle a null securityDomain here? Yes I think so.
    final SecurityContext previous = SecurityContextAssociation.getSecurityContext();
    contexts.push(previous);
    SecurityContext current = establishSecurityContext(securityDomain);
    if (propagate && previous != null) {
        current.setSubjectInfo(getSubjectInfo(previous));
        current.setIncomingRunAs(previous.getOutgoingRunAs());
    }
    RunAs currentRunAs = current.getIncomingRunAs();
    boolean trusted = currentRunAs != null && currentRunAs instanceof RunAsIdentity;
    if (trusted == false) {
        /*
             * We should only be switching to a context based on an identity from the Remoting connection if we don't already
             * have a trusted identity - this allows for beans to reauthenticate as a different identity.
             */
        if (SecurityActions.remotingContextIsSet()) {
            // In this case the principal and credential will not have been set to set some random values.
            SecurityContextUtil util = current.getUtil();
            Connection connection = SecurityActions.remotingContextGetConnection();
            Principal p = null;
            Object credential = null;
            SecurityIdentity localIdentity = connection.getLocalIdentity();
            if (localIdentity != null) {
                p = new SimplePrincipal(localIdentity.getPrincipal().getName());
                IdentityCredentials privateCredentials = localIdentity.getPrivateCredentials();
                PasswordCredential passwordCredential = privateCredentials.getCredential(PasswordCredential.class, ClearPassword.ALGORITHM_CLEAR);
                if (passwordCredential != null) {
                    credential = new String(passwordCredential.getPassword(ClearPassword.class).getPassword());
                } else {
                    credential = new RemotingConnectionCredential(connection);
                }
            } else {
                throw SecurityLogger.ROOT_LOGGER.noUserPrincipalFound();
            }
            SecurityActions.remotingContextClear();
            util.createSubjectInfo(p, credential, null);
        }
    }
}
Also used : ClearPassword(org.wildfly.security.password.interfaces.ClearPassword) SecurityContextUtil(org.jboss.security.SecurityContextUtil) RunAs(org.jboss.security.RunAs) RunAsIdentity(org.jboss.security.RunAsIdentity) Connection(org.jboss.remoting3.Connection) PasswordCredential(org.wildfly.security.credential.PasswordCredential) SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) SecurityContext(org.jboss.security.SecurityContext) RemotingConnectionCredential(org.jboss.as.security.remoting.RemotingConnectionCredential) Principal(java.security.Principal) SimplePrincipal(org.jboss.security.SimplePrincipal) SimplePrincipal(org.jboss.security.SimplePrincipal) IdentityCredentials(org.wildfly.security.auth.server.IdentityCredentials)

Example 17 with Connection

use of org.osate.aadl2.Connection in project wildfly by wildfly.

the class RemotingLoginModule method login.

@SuppressWarnings("unchecked")
@Override
public boolean login() throws LoginException {
    if (super.login() == true) {
        log.debug("super.login()==true");
        return true;
    }
    Object credential = getCredential();
    if (credential instanceof RemotingConnectionCredential) {
        Connection con = ((RemotingConnectionCredential) credential).getConnection();
        Principal up = null;
        SecurityIdentity localIdentity = con.getLocalIdentity();
        if (localIdentity != null) {
            up = new RealmUser(localIdentity.getPrincipal().getName());
        }
        // If we found a principal from the connection then authentication succeeded.
        if (up != null) {
            identity = up;
            if (getUseFirstPass()) {
                String userName = identity.getName();
                log.debugf("Storing username '%s'", userName);
                // Add the username to the shared state map
                sharedState.put("javax.security.auth.login.name", identity);
                if (useNewClientCert) {
                    SSLSession session = con.getSslSession();
                    if (session != null) {
                        try {
                            credential = session.getPeerCertificates()[0];
                            log.debug("Using new certificate as credential.");
                        } catch (SSLPeerUnverifiedException e) {
                            log.debugf("No peer certificate available for '%s'", userName);
                        }
                    }
                } else if (useClientCert) {
                    SSLSession session = con.getSslSession();
                    if (session != null) {
                        try {
                            credential = session.getPeerCertificateChain()[0];
                            log.debug("Using certificate as credential.");
                        } catch (SSLPeerUnverifiedException e) {
                            log.debugf("No peer certificate available for '%s'", userName);
                        }
                    }
                }
                sharedState.put("javax.security.auth.login.password", credential);
            }
            loginOk = true;
            return true;
        }
    }
    // username and password has been supplied to a web auth.
    return false;
}
Also used : SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException) Connection(org.jboss.remoting3.Connection) RealmUser(org.jboss.as.core.security.RealmUser) SSLSession(javax.net.ssl.SSLSession) Principal(java.security.Principal)

Example 18 with Connection

use of org.osate.aadl2.Connection in project okhttp by square.

the class RetryAndFollowUpInterceptor method followUpRequest.

/**
   * Figures out the HTTP request to make in response to receiving {@code userResponse}. This will
   * either add authentication headers, follow redirects or handle a client request timeout. If a
   * follow-up is either unnecessary or not applicable, this returns null.
   */
private Request followUpRequest(Response userResponse) throws IOException {
    if (userResponse == null)
        throw new IllegalStateException();
    Connection connection = streamAllocation.connection();
    Route route = connection != null ? connection.route() : null;
    int responseCode = userResponse.code();
    final String method = userResponse.request().method();
    switch(responseCode) {
        case HTTP_PROXY_AUTH:
            Proxy selectedProxy = route != null ? route.proxy() : client.proxy();
            if (selectedProxy.type() != Proxy.Type.HTTP) {
                throw new ProtocolException("Received HTTP_PROXY_AUTH (407) code while not using proxy");
            }
            return client.proxyAuthenticator().authenticate(route, userResponse);
        case HTTP_UNAUTHORIZED:
            return client.authenticator().authenticate(route, userResponse);
        case HTTP_PERM_REDIRECT:
        case HTTP_TEMP_REDIRECT:
            // or HEAD, the user agent MUST NOT automatically redirect the request"
            if (!method.equals("GET") && !method.equals("HEAD")) {
                return null;
            }
        // fall-through
        case HTTP_MULT_CHOICE:
        case HTTP_MOVED_PERM:
        case HTTP_MOVED_TEMP:
        case HTTP_SEE_OTHER:
            // Does the client allow redirects?
            if (!client.followRedirects())
                return null;
            String location = userResponse.header("Location");
            if (location == null)
                return null;
            HttpUrl url = userResponse.request().url().resolve(location);
            // Don't follow redirects to unsupported protocols.
            if (url == null)
                return null;
            // If configured, don't follow redirects between SSL and non-SSL.
            boolean sameScheme = url.scheme().equals(userResponse.request().url().scheme());
            if (!sameScheme && !client.followSslRedirects())
                return null;
            // Most redirects don't include a request body.
            Request.Builder requestBuilder = userResponse.request().newBuilder();
            if (HttpMethod.permitsRequestBody(method)) {
                final boolean maintainBody = HttpMethod.redirectsWithBody(method);
                if (HttpMethod.redirectsToGet(method)) {
                    requestBuilder.method("GET", null);
                } else {
                    RequestBody requestBody = maintainBody ? userResponse.request().body() : null;
                    requestBuilder.method(method, requestBody);
                }
                if (!maintainBody) {
                    requestBuilder.removeHeader("Transfer-Encoding");
                    requestBuilder.removeHeader("Content-Length");
                    requestBuilder.removeHeader("Content-Type");
                }
            }
            // way to retain them.
            if (!sameConnection(userResponse, url)) {
                requestBuilder.removeHeader("Authorization");
            }
            return requestBuilder.url(url).build();
        case HTTP_CLIENT_TIMEOUT:
            // repeat the request (even non-idempotent ones.)
            if (userResponse.request().body() instanceof UnrepeatableRequestBody) {
                return null;
            }
            return userResponse.request();
        default:
            return null;
    }
}
Also used : ProtocolException(java.net.ProtocolException) Connection(okhttp3.Connection) Request(okhttp3.Request) HttpUrl(okhttp3.HttpUrl) Proxy(java.net.Proxy) Route(okhttp3.Route) RequestBody(okhttp3.RequestBody)

Example 19 with Connection

use of org.osate.aadl2.Connection in project WeexErosFramework by bmfe.

the class WeexOkhttp3Interceptor method intercept.

@Override
public Response intercept(Chain chain) throws IOException {
    String requestId = String.valueOf(mNextRequestId.getAndIncrement());
    Request request = chain.request();
    mEventReporter = NetworkEventReporterManager.get();
    RequestBodyHelper requestBodyHelper = null;
    if (mEventReporter != null) {
        requestBodyHelper = new RequestBodyHelper(mEventReporter, requestId);
        OkHttpInspectorRequest inspectorRequest = new OkHttpInspectorRequest(requestId, request, requestBodyHelper);
        mEventReporter.requestWillBeSent(inspectorRequest);
    }
    Response response;
    try {
        response = chain.proceed(request);
    } catch (IOException e) {
        if (mEventReporter != null) {
            mEventReporter.httpExchangeFailed(requestId, e.toString());
        }
        throw e;
    }
    if (mEventReporter != null) {
        if (requestBodyHelper.hasBody()) {
            requestBodyHelper.reportDataSent();
        }
        Connection connection = chain.connection();
        mEventReporter.responseHeadersReceived(new OkHttpInspectorResponse(requestId, request, response));
        ResponseBody body = response.body();
        MediaType contentType = null;
        InputStream responseStream = null;
        if (body != null) {
            contentType = body.contentType();
            responseStream = body.byteStream();
        }
        responseStream = mEventReporter.interpretResponseStream(requestId, contentType != null ? contentType.toString() : null, response.header("Content-Encoding"), responseStream, new DefaultResponseHandler(mEventReporter, requestId));
        if (responseStream != null) {
            response = response.newBuilder().body(new ForwardingResponseBody(body, responseStream)).build();
        }
    }
    return response;
}
Also used : InputStream(java.io.InputStream) Request(okhttp3.Request) Connection(okhttp3.Connection) IOException(java.io.IOException) DefaultResponseHandler(com.taobao.weex.devtools.inspector.network.DefaultResponseHandler) ResponseBody(okhttp3.ResponseBody) Response(okhttp3.Response) RequestBodyHelper(com.taobao.weex.devtools.inspector.network.RequestBodyHelper) MediaType(okhttp3.MediaType)

Example 20 with Connection

use of org.osate.aadl2.Connection in project warn-report by saaavsaaa.

the class LinuxExecUtil method connect.

public Connection connect(String host, String user, String password, String keyPath) throws IOException {
    conn = new Connection(host);
    conn.connect();
    File KeyFile = new File(keyPath);
    boolean isAuthenticated = conn.authenticateWithPublicKey(user, KeyFile, password);
    if (isAuthenticated == false) {
        throw new IOException("Authentication failed.");
    }
    return conn;
}
Also used : Connection(ch.ethz.ssh2.Connection)

Aggregations

IOException (java.io.IOException)78 ComponentInstance (org.osate.aadl2.instance.ComponentInstance)64 Connection (org.ovirt.engine.sdk4.Connection)64 Connection (com.trilead.ssh2.Connection)61 Connection (org.osate.aadl2.Connection)57 ConnectionInstance (org.osate.aadl2.instance.ConnectionInstance)51 ArrayList (java.util.ArrayList)36 FeatureInstance (org.osate.aadl2.instance.FeatureInstance)35 Connection (ch.ethz.ssh2.Connection)34 Session (com.trilead.ssh2.Session)33 Connection (org.jboss.remoting3.Connection)33 Connection (okhttp3.Connection)32 Test (org.junit.Test)32 ConnectionInstanceEnd (org.osate.aadl2.instance.ConnectionInstanceEnd)32 Connection (com.google.cloud.bigquery.connection.v1.Connection)31 InputStream (java.io.InputStream)31 VmsService (org.ovirt.engine.sdk4.services.VmsService)30 Vm (org.ovirt.engine.sdk4.types.Vm)30 ConnectionReference (org.osate.aadl2.instance.ConnectionReference)29 Subcomponent (org.osate.aadl2.Subcomponent)28