Example 6 with UserNamePrincipal
use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.
the class Subjects method create.
public static Subject create(String userPrincipal) {
Set<Principal> principals = new HashSet<>();
principals.add(new UserNamePrincipal(userPrincipal));
return new Subject(false, principals, emptySet(), emptySet());
}
Also used :
UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal)
Principal(java.security.Principal)
UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal)
Subject(javax.security.auth.Subject)
HashSet(java.util.HashSet)
Example 7 with UserNamePrincipal
use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.
the class SchedulerAuthentication method login.
/**
* {@inheritDoc}
*/
public Scheduler login(Credentials cred) throws LoginException, AlreadyConnectedException {
Subject subject = authenticate(cred);
UserNamePrincipal unPrincipal = subject.getPrincipals(UserNamePrincipal.class).iterator().next();
String user = unPrincipal.getName();
logger.info("user : " + user);
// add this user to the scheduler front-end
UserIdentificationImpl ident = new UserIdentificationImpl(user, subject);
ident.setHostName(getSenderHostName());
this.frontend.connect(PAActiveObject.getContext().getCurrentRequest().getSourceBodyID(), ident, cred);
try {
// return the stub on Scheduler interface to keep avoid using server class on client side
return PAActiveObject.lookupActive(Scheduler.class, PAActiveObject.getUrl(frontend));
} catch (ActiveObjectCreationException e) {
rethrowSchedulerStubException(e);
} catch (IOException e) {
rethrowSchedulerStubException(e);
}
return null;
}
Also used :
UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal)
IOException(java.io.IOException)
Subject(javax.security.auth.Subject)
UserIdentificationImpl(org.ow2.proactive.scheduler.job.UserIdentificationImpl)
ActiveObjectCreationException(org.objectweb.proactive.ActiveObjectCreationException)
Example 8 with UserNamePrincipal
use of org.ow2.proactive.authentication.principals.UserNamePrincipal in project scheduling by ow2-proactive.
the class LDAPLoginModule method getLDAPUserDN.
/**
* Connects anonymously to the LDAP server <code>url</code> and retrieve
* DN of the user <code>username</code>
*
* <p>
* @exception NamingException
* if a naming exception is encountered.
* <p>
*
* @return the String containing the UID of the user or null if the user is
* not found.
*/
private String getLDAPUserDN(String username) throws NamingException {
String userDN = null;
DirContext ctx = null;
try {
// Create the initial directory context
ctx = this.connectAndGetContext();
SearchControls sControl = new SearchControls();
sControl.setSearchScope(SearchControls.SUBTREE_SCOPE);
String filter = String.format(ldapProperties.getProperty(LDAPProperties.LDAP_USER_FILTER), username);
// looking for the user dn (distinguish name)
NamingEnumeration<SearchResult> answer = ctx.search(USERS_DN, filter, sControl);
if (answer.hasMoreElements()) {
SearchResult result = (SearchResult) answer.next();
userDN = result.getNameInNamespace();
if (logger.isDebugEnabled()) {
logger.debug("User " + username + " has LDAP entry " + userDN);
}
subject.getPrincipals().add(new UserNamePrincipal(username));
// looking for the user groups
String groupFilter = String.format(ldapProperties.getProperty(LDAPProperties.LDAP_GROUP_FILTER), userDN);
NamingEnumeration<SearchResult> groupResults = ctx.search(GROUPS_DN, groupFilter, sControl);
while (groupResults.hasMoreElements()) {
SearchResult res = (SearchResult) groupResults.next();
Attribute attr = res.getAttributes().get(ldapProperties.getProperty(LDAPProperties.LDAP_GROUPNAME_ATTR));
if (attr != null) {
String groupName = attr.get().toString();
subject.getPrincipals().add(new GroupNamePrincipal(groupName));
if (logger.isDebugEnabled()) {
logger.debug("User " + username + " is a member of group " + groupName);
}
}
}
} else {
if (logger.isDebugEnabled()) {
logger.debug("User DN not found");
}
}
} catch (NamingException e) {
logger.error("Problem with the search in mode: " + AUTHENTICATION_METHOD + e);
throw e;
} finally {
try {
if (ctx != null) {
ctx.close();
}
} catch (NamingException e) {
logger.error("", e);
logger.error("Problem closing LDAP connection: " + e.getMessage());
}
}
return userDN;
}
Also used :
UserNamePrincipal(org.ow2.proactive.authentication.principals.UserNamePrincipal)
Attribute(javax.naming.directory.Attribute)
SearchControls(javax.naming.directory.SearchControls)
SearchResult(javax.naming.directory.SearchResult)
NamingException(javax.naming.NamingException)
DirContext(javax.naming.directory.DirContext)
InitialDirContext(javax.naming.directory.InitialDirContext)
GroupNamePrincipal(org.ow2.proactive.authentication.principals.GroupNamePrincipal)
Aggregations
UserNamePrincipal (org.ow2.proactive.authentication.principals.UserNamePrincipal)8
Subject (javax.security.auth.Subject)4
Principal (java.security.Principal)3
HashSet (java.util.HashSet)3
FailedLoginException (javax.security.auth.login.FailedLoginException)2
Client (org.ow2.proactive.resourcemanager.authentication.Client)2
NodeSource (org.ow2.proactive.resourcemanager.nodesource.NodeSource)2
IOException (java.io.IOException)1
Permission (java.security.Permission)1
NamingException (javax.naming.NamingException)1
Attribute (javax.naming.directory.Attribute)1
DirContext (javax.naming.directory.DirContext)1
InitialDirContext (javax.naming.directory.InitialDirContext)1
SearchControls (javax.naming.directory.SearchControls)1
SearchResult (javax.naming.directory.SearchResult)1
PamReturnValue (net.sf.jpam.PamReturnValue)1
ImmutablePair (org.apache.commons.lang3.tuple.ImmutablePair)1
ActiveObjectCreationException (org.objectweb.proactive.ActiveObjectCreationException)1
Node (org.objectweb.proactive.core.node.Node)1
NodeInformation (org.objectweb.proactive.core.node.NodeInformation)1
