Example 1 with UserNamePrincipal
use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.
the class SelectionManagerTest method createMockeNode.
public static RMNode createMockeNode(String nodeUser, String nodeName, String nodeUrl) {
RMNode rmNode = mock(RMNode.class);
NodeInformation mockedNodeInformation = mock(NodeInformation.class);
Node node = mock(Node.class);
when(mockedNodeInformation.getURL()).thenReturn(nodeUrl);
when(mockedNodeInformation.getName()).thenReturn(nodeName);
when(node.getNodeInformation()).thenReturn(mockedNodeInformation);
when(rmNode.getNodeName()).thenReturn(nodeName);
when(rmNode.getNodeSource()).thenReturn(new NodeSource());
when(rmNode.getNode()).thenReturn(node);
when(rmNode.getNodeURL()).thenReturn(nodeUrl);
when(rmNode.getUserPermission()).thenReturn(new PrincipalPermission("permissions", singleton(new UserNamePrincipal(nodeUser))));
return rmNode;
}
Also used :
UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal)
NodeSource(org.ow2.proactive.resourcemanager.nodesource.NodeSource)
RMNode(org.ow2.proactive.resourcemanager.rmnode.RMNode)
NodeInformation(org.objectweb.proactive.core.node.NodeInformation)
RMNode(org.ow2.proactive.resourcemanager.rmnode.RMNode)
Node(org.objectweb.proactive.core.node.Node)
PrincipalPermission(org.ow2.proactive.permissions.PrincipalPermission)
Example 2 with UserNamePrincipal
use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.
the class FileLoginModule method logUser.
/**
* First Check user and password from login file. If user is authenticated,
* check group membership from group file.
* @param username user's login
* @param password user's password
* @param isNotFallbackAuthentication true if this method is not called inside a fallback mechanism
* @return true user login and password are correct, and requested group is authorized for the user
* @throws LoginException if authentication or group membership fails.
*/
protected boolean logUser(String username, String password, boolean isNotFallbackAuthentication) throws LoginException {
if (isNotFallbackAuthentication) {
removeOldFailedAttempts(username);
if (tooManyFailedAttempts(username)) {
String message = "Too many failed login/attempts, please try again in " + retryInHowManyMinutes(username) + " minutes.";
logger.warn("[" + FileLoginModule.class.getSimpleName() + "] " + message);
throw new FailedLoginException(message);
}
}
if (!authenticateUserFromFile(username, password)) {
String message = "[" + FileLoginModule.class.getSimpleName() + "] Incorrect Username/Password";
if (isNotFallbackAuthentication) {
logger.info(message);
} else {
logger.debug(message);
}
if (isNotFallbackAuthentication) {
storeFailedAttempt(username);
}
throw new FailedLoginException("Incorrect Username/Password");
} else {
resetFailedAttempt(username);
}
subject.getPrincipals().add(new UserNamePrincipal(username));
groupMembershipFromFile(username);
logger.debug("authentication succeeded for user '" + username + "'");
return true;
}
Also used :
UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal)
FailedLoginException(javax.security.auth.login.FailedLoginException)
Example 3 with UserNamePrincipal
use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.
the class PAMLoginModule method pamLogUser.
private boolean pamLogUser(String username, String password) throws LoginException {
logger.debug("Authenticating user " + username + " with PAM.");
removeOldFailedAttempts(username);
if (tooManyFailedAttempts(username)) {
String message = "Too many failed login/attempts, please try again in " + retryInHowManyMinutes(username) + " minutes.";
logger.warn(message);
throw new FailedLoginException(message);
}
PamReturnValue answer = pam.authenticate(username, password);
if (answer.equals(PamReturnValue.PAM_SUCCESS)) {
subject.getPrincipals().add(new UserNamePrincipal(username));
resetFailedAttempt(username);
super.groupMembershipFromFile(username);
return true;
} else {
logger.info("PAM authentication failed for user " + username + ": " + answer);
storeFailedAttempt(username);
throw new FailedLoginException(answer.toString());
}
}
Also used :
UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal)
FailedLoginException(javax.security.auth.login.FailedLoginException)
PamReturnValue(net.sf.jpam.PamReturnValue)
Example 4 with UserNamePrincipal
use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.
the class SchedulerAuthentication method login.
/**
* {@inheritDoc}
*/
public Scheduler login(Credentials cred) throws LoginException, AlreadyConnectedException {
Subject subject = authenticate(cred);
UserNamePrincipal unPrincipal = subject.getPrincipals(UserNamePrincipal.class).iterator().next();
String user = unPrincipal.getName();
logger.info("user : " + user);
// add this user to the scheduler front-end
UserIdentificationImpl ident = new UserIdentificationImpl(user, subject);
ident.setHostName(getSenderHostName());
this.frontend.connect(PAActiveObject.getContext().getCurrentRequest().getSourceBodyID(), ident, cred);
try {
// return the stub on Scheduler interface to keep avoid using server class on client side
return PAActiveObject.lookupActive(Scheduler.class, PAActiveObject.getUrl(frontend));
} catch (ActiveObjectCreationException e) {
rethrowSchedulerStubException(e);
} catch (IOException e) {
rethrowSchedulerStubException(e);
}
return null;
}
Also used :
UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal)
IOException(java.io.IOException)
Subject(javax.security.auth.Subject)
UserIdentificationImpl(org.ow2.proactive.scheduler.job.UserIdentificationImpl)
ActiveObjectCreationException(org.objectweb.proactive.ActiveObjectCreationException)
Example 5 with UserNamePrincipal
use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.
the class Subjects method create.
public static Subject create(String userPrincipal) {
Set<Principal> principals = new HashSet<>();
principals.add(new UserNamePrincipal(userPrincipal));
return new Subject(false, principals, emptySet(), emptySet());
}
Also used :
UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal)
Principal(java.security.Principal)
UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal)
Subject(javax.security.auth.Subject)
HashSet(java.util.HashSet)
Aggregations
UserNamePrincipal (org.ow2.proactive.authentication.principals.UserNamePrincipal)9
Subject (javax.security.auth.Subject)4
Principal (java.security.Principal)3
HashSet (java.util.HashSet)3
NodeSource (org.ow2.proactive.resourcemanager.nodesource.NodeSource)3
FailedLoginException (javax.security.auth.login.FailedLoginException)2
Node (org.objectweb.proactive.core.node.Node)2
NodeInformation (org.objectweb.proactive.core.node.NodeInformation)2
PrincipalPermission (org.ow2.proactive.permissions.PrincipalPermission)2
Client (org.ow2.proactive.resourcemanager.authentication.Client)2
RMNode (org.ow2.proactive.resourcemanager.rmnode.RMNode)2
IOException (java.io.IOException)1
Permission (java.security.Permission)1
NamingException (javax.naming.NamingException)1
Attribute (javax.naming.directory.Attribute)1
SearchControls (javax.naming.directory.SearchControls)1
SearchResult (javax.naming.directory.SearchResult)1
LdapName (javax.naming.ldap.LdapName)1
PamReturnValue (net.sf.jpam.PamReturnValue)1
ImmutablePair (org.apache.commons.lang3.tuple.ImmutablePair)1
