Search in sources :

Example 1 with UserNamePrincipal

use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.

the class SelectionManagerTest method createMockeNode.

public static RMNode createMockeNode(String nodeUser, String nodeName, String nodeUrl) {
    RMNode rmNode = mock(RMNode.class);
    NodeInformation mockedNodeInformation = mock(NodeInformation.class);
    Node node = mock(Node.class);
    when(mockedNodeInformation.getURL()).thenReturn(nodeUrl);
    when(mockedNodeInformation.getName()).thenReturn(nodeName);
    when(node.getNodeInformation()).thenReturn(mockedNodeInformation);
    when(rmNode.getNodeName()).thenReturn(nodeName);
    when(rmNode.getNodeSource()).thenReturn(new NodeSource());
    when(rmNode.getNode()).thenReturn(node);
    when(rmNode.getNodeURL()).thenReturn(nodeUrl);
    when(rmNode.getUserPermission()).thenReturn(new PrincipalPermission("permissions", singleton(new UserNamePrincipal(nodeUser))));
    return rmNode;
}
Also used : UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal) NodeSource(org.ow2.proactive.resourcemanager.nodesource.NodeSource) RMNode(org.ow2.proactive.resourcemanager.rmnode.RMNode) NodeInformation(org.objectweb.proactive.core.node.NodeInformation) RMNode(org.ow2.proactive.resourcemanager.rmnode.RMNode) Node(org.objectweb.proactive.core.node.Node) PrincipalPermission(org.ow2.proactive.permissions.PrincipalPermission)

Example 2 with UserNamePrincipal

use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.

the class FileLoginModule method logUser.

/**
 * First Check user and password from login file. If user is authenticated,
 * check group membership from group file.
 * @param username user's login
 * @param password user's password
 * @param isNotFallbackAuthentication true if this method is not called inside a fallback mechanism
 * @return true user login and password are correct, and requested group is authorized for the user
 * @throws LoginException if authentication or group membership fails.
 */
protected boolean logUser(String username, String password, boolean isNotFallbackAuthentication) throws LoginException {
    if (isNotFallbackAuthentication) {
        removeOldFailedAttempts(username);
        if (tooManyFailedAttempts(username)) {
            String message = "Too many failed login/attempts, please try again in " + retryInHowManyMinutes(username) + " minutes.";
            logger.warn("[" + FileLoginModule.class.getSimpleName() + "] " + message);
            throw new FailedLoginException(message);
        }
    }
    if (!authenticateUserFromFile(username, password)) {
        String message = "[" + FileLoginModule.class.getSimpleName() + "] Incorrect Username/Password";
        if (isNotFallbackAuthentication) {
            logger.info(message);
        } else {
            logger.debug(message);
        }
        if (isNotFallbackAuthentication) {
            storeFailedAttempt(username);
        }
        throw new FailedLoginException("Incorrect Username/Password");
    } else {
        resetFailedAttempt(username);
    }
    subject.getPrincipals().add(new UserNamePrincipal(username));
    groupMembershipFromFile(username);
    logger.debug("authentication succeeded for user '" + username + "'");
    return true;
}
Also used : UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal) FailedLoginException(javax.security.auth.login.FailedLoginException)

Example 3 with UserNamePrincipal

use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.

the class PAMLoginModule method pamLogUser.

private boolean pamLogUser(String username, String password) throws LoginException {
    logger.debug("Authenticating user " + username + " with PAM.");
    removeOldFailedAttempts(username);
    if (tooManyFailedAttempts(username)) {
        String message = "Too many failed login/attempts, please try again in " + retryInHowManyMinutes(username) + " minutes.";
        logger.warn(message);
        throw new FailedLoginException(message);
    }
    PamReturnValue answer = pam.authenticate(username, password);
    if (answer.equals(PamReturnValue.PAM_SUCCESS)) {
        subject.getPrincipals().add(new UserNamePrincipal(username));
        resetFailedAttempt(username);
        super.groupMembershipFromFile(username);
        return true;
    } else {
        logger.info("PAM authentication failed for user " + username + ": " + answer);
        storeFailedAttempt(username);
        throw new FailedLoginException(answer.toString());
    }
}
Also used : UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal) FailedLoginException(javax.security.auth.login.FailedLoginException) PamReturnValue(net.sf.jpam.PamReturnValue)

Example 4 with UserNamePrincipal

use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.

the class SchedulerAuthentication method login.

/**
 * {@inheritDoc}
 */
public Scheduler login(Credentials cred) throws LoginException, AlreadyConnectedException {
    Subject subject = authenticate(cred);
    UserNamePrincipal unPrincipal = subject.getPrincipals(UserNamePrincipal.class).iterator().next();
    String user = unPrincipal.getName();
    logger.info("user : " + user);
    // add this user to the scheduler front-end
    UserIdentificationImpl ident = new UserIdentificationImpl(user, subject);
    ident.setHostName(getSenderHostName());
    this.frontend.connect(PAActiveObject.getContext().getCurrentRequest().getSourceBodyID(), ident, cred);
    try {
        // return the stub on Scheduler interface to keep avoid using server class on client side
        return PAActiveObject.lookupActive(Scheduler.class, PAActiveObject.getUrl(frontend));
    } catch (ActiveObjectCreationException e) {
        rethrowSchedulerStubException(e);
    } catch (IOException e) {
        rethrowSchedulerStubException(e);
    }
    return null;
}
Also used : UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal) IOException(java.io.IOException) Subject(javax.security.auth.Subject) UserIdentificationImpl(org.ow2.proactive.scheduler.job.UserIdentificationImpl) ActiveObjectCreationException(org.objectweb.proactive.ActiveObjectCreationException)

Example 5 with UserNamePrincipal

use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.

the class Subjects method create.

public static Subject create(String userPrincipal) {
    Set<Principal> principals = new HashSet<>();
    principals.add(new UserNamePrincipal(userPrincipal));
    return new Subject(false, principals, emptySet(), emptySet());
}
Also used : UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal) Principal(java.security.Principal) UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal) Subject(javax.security.auth.Subject) HashSet(java.util.HashSet)

Aggregations

UserNamePrincipal (org.ow2.proactive.authentication.principals.UserNamePrincipal)9 Subject (javax.security.auth.Subject)4 Principal (java.security.Principal)3 HashSet (java.util.HashSet)3 NodeSource (org.ow2.proactive.resourcemanager.nodesource.NodeSource)3 FailedLoginException (javax.security.auth.login.FailedLoginException)2 Node (org.objectweb.proactive.core.node.Node)2 NodeInformation (org.objectweb.proactive.core.node.NodeInformation)2 PrincipalPermission (org.ow2.proactive.permissions.PrincipalPermission)2 Client (org.ow2.proactive.resourcemanager.authentication.Client)2 RMNode (org.ow2.proactive.resourcemanager.rmnode.RMNode)2 IOException (java.io.IOException)1 Permission (java.security.Permission)1 NamingException (javax.naming.NamingException)1 Attribute (javax.naming.directory.Attribute)1 SearchControls (javax.naming.directory.SearchControls)1 SearchResult (javax.naming.directory.SearchResult)1 LdapName (javax.naming.ldap.LdapName)1 PamReturnValue (net.sf.jpam.PamReturnValue)1 ImmutablePair (org.apache.commons.lang3.tuple.ImmutablePair)1