Search in sources :

Example 6 with UserNamePrincipal

use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.

the class Subjects method create.

public static Subject create(String userPrincipal) {
    Set<Principal> principals = new HashSet<>();
    principals.add(new UserNamePrincipal(userPrincipal));
    return new Subject(false, principals, emptySet(), emptySet());
}
Also used : UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal) Principal(java.security.Principal) UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal) Subject(javax.security.auth.Subject) HashSet(java.util.HashSet)

Example 7 with UserNamePrincipal

use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.

the class SchedulerAuthentication method login.

/**
 * {@inheritDoc}
 */
public Scheduler login(Credentials cred) throws LoginException, AlreadyConnectedException {
    Subject subject = authenticate(cred);
    UserNamePrincipal unPrincipal = subject.getPrincipals(UserNamePrincipal.class).iterator().next();
    String user = unPrincipal.getName();
    logger.info("user : " + user);
    // add this user to the scheduler front-end
    UserIdentificationImpl ident = new UserIdentificationImpl(user, subject);
    ident.setHostName(getSenderHostName());
    this.frontend.connect(PAActiveObject.getContext().getCurrentRequest().getSourceBodyID(), ident, cred);
    try {
        // return the stub on Scheduler interface to keep avoid using server class on client side
        return PAActiveObject.lookupActive(Scheduler.class, PAActiveObject.getUrl(frontend));
    } catch (ActiveObjectCreationException e) {
        rethrowSchedulerStubException(e);
    } catch (IOException e) {
        rethrowSchedulerStubException(e);
    }
    return null;
}
Also used : UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal) IOException(java.io.IOException) Subject(javax.security.auth.Subject) UserIdentificationImpl(org.ow2.proactive.scheduler.job.UserIdentificationImpl) ActiveObjectCreationException(org.objectweb.proactive.ActiveObjectCreationException)

Example 8 with UserNamePrincipal

use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.

the class LDAPLoginModule method getLDAPUserDN.

/**
 * Connects anonymously to the LDAP server <code>url</code> and retrieve
 * DN of the user <code>username</code>
 *
 * <p>
 * @exception NamingException
 *                if a naming exception is encountered.
 * <p>
 *
 * @return the String containing the UID of the user or null if the user is
 *         not found.
 */
private String getLDAPUserDN(String username) throws NamingException {
    String userDN = null;
    DirContext ctx = null;
    try {
        // Create the initial directory context
        ctx = this.connectAndGetContext();
        SearchControls sControl = new SearchControls();
        sControl.setSearchScope(SearchControls.SUBTREE_SCOPE);
        String filter = String.format(ldapProperties.getProperty(LDAPProperties.LDAP_USER_FILTER), username);
        // looking for the user dn (distinguish name)
        NamingEnumeration<SearchResult> answer = ctx.search(USERS_DN, filter, sControl);
        if (answer.hasMoreElements()) {
            SearchResult result = (SearchResult) answer.next();
            userDN = result.getNameInNamespace();
            if (logger.isDebugEnabled()) {
                logger.debug("User " + username + " has LDAP entry " + userDN);
            }
            subject.getPrincipals().add(new UserNamePrincipal(username));
            // looking for the user groups
            String groupFilter = String.format(ldapProperties.getProperty(LDAPProperties.LDAP_GROUP_FILTER), userDN);
            NamingEnumeration<SearchResult> groupResults = ctx.search(GROUPS_DN, groupFilter, sControl);
            while (groupResults.hasMoreElements()) {
                SearchResult res = (SearchResult) groupResults.next();
                Attribute attr = res.getAttributes().get(ldapProperties.getProperty(LDAPProperties.LDAP_GROUPNAME_ATTR));
                if (attr != null) {
                    String groupName = attr.get().toString();
                    subject.getPrincipals().add(new GroupNamePrincipal(groupName));
                    if (logger.isDebugEnabled()) {
                        logger.debug("User " + username + " is a member of group " + groupName);
                    }
                }
            }
        } else {
            if (logger.isDebugEnabled()) {
                logger.debug("User DN not found");
            }
        }
    } catch (NamingException e) {
        logger.error("Problem with the search in mode: " + AUTHENTICATION_METHOD + e);
        throw e;
    } finally {
        try {
            if (ctx != null) {
                ctx.close();
            }
        } catch (NamingException e) {
            logger.error("", e);
            logger.error("Problem closing LDAP connection: " + e.getMessage());
        }
    }
    return userDN;
}
Also used : UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal) Attribute(javax.naming.directory.Attribute) SearchControls(javax.naming.directory.SearchControls) SearchResult(javax.naming.directory.SearchResult) NamingException(javax.naming.NamingException) DirContext(javax.naming.directory.DirContext) InitialDirContext(javax.naming.directory.InitialDirContext) GroupNamePrincipal(org.ow2.proactive.authentication.principals.GroupNamePrincipal)

Aggregations

UserNamePrincipal (org.ow2.proactive.authentication.principals.UserNamePrincipal)8 Subject (javax.security.auth.Subject)4 Principal (java.security.Principal)3 HashSet (java.util.HashSet)3 FailedLoginException (javax.security.auth.login.FailedLoginException)2 Client (org.ow2.proactive.resourcemanager.authentication.Client)2 NodeSource (org.ow2.proactive.resourcemanager.nodesource.NodeSource)2 IOException (java.io.IOException)1 Permission (java.security.Permission)1 NamingException (javax.naming.NamingException)1 Attribute (javax.naming.directory.Attribute)1 DirContext (javax.naming.directory.DirContext)1 InitialDirContext (javax.naming.directory.InitialDirContext)1 SearchControls (javax.naming.directory.SearchControls)1 SearchResult (javax.naming.directory.SearchResult)1 PamReturnValue (net.sf.jpam.PamReturnValue)1 ImmutablePair (org.apache.commons.lang3.tuple.ImmutablePair)1 ActiveObjectCreationException (org.objectweb.proactive.ActiveObjectCreationException)1 Node (org.objectweb.proactive.core.node.Node)1 NodeInformation (org.objectweb.proactive.core.node.NodeInformation)1