Search in sources :

Example 1 with InMemoryConfiguration

use of org.springframework.security.authentication.jaas.memory.InMemoryConfiguration in project atlas by apache.

the class AtlasPamAuthenticationProvider method init.

private void init() {
    try {
        AppConfigurationEntry appConfigurationEntry = new AppConfigurationEntry(loginModuleName, controlFlag, options);
        AppConfigurationEntry[] appConfigurationEntries = new AppConfigurationEntry[] { appConfigurationEntry };
        Map<String, AppConfigurationEntry[]> appConfigurationEntriesOptions = new HashMap<String, AppConfigurationEntry[]>();
        appConfigurationEntriesOptions.put("SPRINGSECURITY", appConfigurationEntries);
        Configuration configuration = new InMemoryConfiguration(appConfigurationEntriesOptions);
        jaasAuthenticationProvider.setConfiguration(configuration);
        UserAuthorityGranter authorityGranter = new UserAuthorityGranter();
        UserAuthorityGranter[] authorityGranters = new UserAuthorityGranter[] { authorityGranter };
        jaasAuthenticationProvider.setAuthorityGranters(authorityGranters);
        jaasAuthenticationProvider.afterPropertiesSet();
    } catch (Exception e) {
        LOG.error("Failed to init PAM Authentication", e);
    }
}
Also used : AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) InMemoryConfiguration(org.springframework.security.authentication.jaas.memory.InMemoryConfiguration) Configuration(javax.security.auth.login.Configuration) InMemoryConfiguration(org.springframework.security.authentication.jaas.memory.InMemoryConfiguration) HashMap(java.util.HashMap) AuthenticationException(org.springframework.security.core.AuthenticationException)

Example 2 with InMemoryConfiguration

use of org.springframework.security.authentication.jaas.memory.InMemoryConfiguration in project incubator-atlas by apache.

the class AtlasPamAuthenticationProvider method init.

private void init() {
    try {
        AppConfigurationEntry appConfigurationEntry = new AppConfigurationEntry(loginModuleName, controlFlag, options);
        AppConfigurationEntry[] appConfigurationEntries = new AppConfigurationEntry[] { appConfigurationEntry };
        Map<String, AppConfigurationEntry[]> appConfigurationEntriesOptions = new HashMap<String, AppConfigurationEntry[]>();
        appConfigurationEntriesOptions.put("SPRINGSECURITY", appConfigurationEntries);
        Configuration configuration = new InMemoryConfiguration(appConfigurationEntriesOptions);
        jaasAuthenticationProvider.setConfiguration(configuration);
        UserAuthorityGranter authorityGranter = new UserAuthorityGranter();
        UserAuthorityGranter[] authorityGranters = new UserAuthorityGranter[] { authorityGranter };
        jaasAuthenticationProvider.setAuthorityGranters(authorityGranters);
        jaasAuthenticationProvider.afterPropertiesSet();
    } catch (Exception e) {
        LOG.error("Failed to init PAM Authentication", e);
    }
}
Also used : AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) InMemoryConfiguration(org.springframework.security.authentication.jaas.memory.InMemoryConfiguration) Configuration(javax.security.auth.login.Configuration) InMemoryConfiguration(org.springframework.security.authentication.jaas.memory.InMemoryConfiguration) HashMap(java.util.HashMap) AuthenticationException(org.springframework.security.core.AuthenticationException)

Example 3 with InMemoryConfiguration

use of org.springframework.security.authentication.jaas.memory.InMemoryConfiguration in project kylo by Teradata.

the class JaasAuthConfig method jaasConfiguration.

@Bean(name = "jaasConfiguration")
public javax.security.auth.login.Configuration jaasConfiguration(Optional<List<LoginConfiguration>> loginModuleEntries) {
    // Generally the entries will be null only in situations like unit/integration tests.
    if (loginModuleEntries.isPresent()) {
        List<LoginConfiguration> sorted = new ArrayList<>(loginModuleEntries.get());
        sorted.sort(new AnnotationAwareOrderComparator());
        Map<String, AppConfigurationEntry[]> merged = sorted.stream().map(c -> c.getAllApplicationEntries().entrySet()).flatMap(s -> s.stream()).collect(Collectors.toMap(e -> e.getKey(), e -> e.getValue(), ArrayUtils::addAll));
        return new InMemoryConfiguration(merged);
    } else {
        return new InMemoryConfiguration(Collections.emptyMap());
    }
}
Also used : AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) LoginConfigurationBuilder(com.thinkbiganalytics.auth.jaas.LoginConfigurationBuilder) LoginConfiguration(com.thinkbiganalytics.auth.jaas.LoginConfiguration) ArrayUtils(org.apache.commons.lang3.ArrayUtils) DefaultJaasAuthenticationProvider(org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider) Scope(org.springframework.context.annotation.Scope) ArrayList(java.util.ArrayList) AuthorityGranter(org.springframework.security.authentication.jaas.AuthorityGranter) JaasHttpCallbackHandlerFilter(com.thinkbiganalytics.auth.jaas.http.JaasHttpCallbackHandlerFilter) Map(java.util.Map) UserPrincipalAuthorityGranter(com.thinkbiganalytics.auth.UserPrincipalAuthorityGranter) Named(javax.inject.Named) JaasAuthenticationCallbackHandler(org.springframework.security.authentication.jaas.JaasAuthenticationCallbackHandler) Order(org.springframework.core.annotation.Order) InMemoryConfiguration(org.springframework.security.authentication.jaas.memory.InMemoryConfiguration) UsernameJaasAuthenticationProvider(com.thinkbiganalytics.auth.jaas.UsernameJaasAuthenticationProvider) Collectors(java.util.stream.Collectors) DefaultKyloJaasAuthenticationProvider(com.thinkbiganalytics.auth.jaas.DefaultKyloJaasAuthenticationProvider) Configuration(org.springframework.context.annotation.Configuration) List(java.util.List) DefaultPrincipalAuthorityGranter(com.thinkbiganalytics.auth.DefaultPrincipalAuthorityGranter) Optional(java.util.Optional) Bean(org.springframework.context.annotation.Bean) AbstractJaasAuthenticationProvider(org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider) GroupPrincipalAuthorityGranter(com.thinkbiganalytics.auth.GroupPrincipalAuthorityGranter) Collections(java.util.Collections) AnnotationAwareOrderComparator(org.springframework.core.annotation.AnnotationAwareOrderComparator) InMemoryConfiguration(org.springframework.security.authentication.jaas.memory.InMemoryConfiguration) ArrayList(java.util.ArrayList) LoginConfiguration(com.thinkbiganalytics.auth.jaas.LoginConfiguration) AnnotationAwareOrderComparator(org.springframework.core.annotation.AnnotationAwareOrderComparator) Bean(org.springframework.context.annotation.Bean)

Example 4 with InMemoryConfiguration

use of org.springframework.security.authentication.jaas.memory.InMemoryConfiguration in project ranger by apache.

the class RangerAuthenticationProvider method getUnixAuthentication.

public Authentication getUnixAuthentication(Authentication authentication) {
    try {
        String rangerLdapDefaultRole = PropertiesUtil.getProperty("ranger.ldap.default.role", "ROLE_USER");
        DefaultJaasAuthenticationProvider jaasAuthenticationProvider = new DefaultJaasAuthenticationProvider();
        String loginModuleName = "org.apache.ranger.authentication.unix.jaas.RemoteUnixLoginModule";
        LoginModuleControlFlag controlFlag = LoginModuleControlFlag.REQUIRED;
        Map<String, String> options = PropertiesUtil.getPropertiesMap();
        AppConfigurationEntry appConfigurationEntry = new AppConfigurationEntry(loginModuleName, controlFlag, options);
        AppConfigurationEntry[] appConfigurationEntries = new AppConfigurationEntry[] { appConfigurationEntry };
        Map<String, AppConfigurationEntry[]> appConfigurationEntriesOptions = new HashMap<String, AppConfigurationEntry[]>();
        appConfigurationEntriesOptions.put("SPRINGSECURITY", appConfigurationEntries);
        Configuration configuration = new InMemoryConfiguration(appConfigurationEntriesOptions);
        jaasAuthenticationProvider.setConfiguration(configuration);
        RoleUserAuthorityGranter authorityGranter = new RoleUserAuthorityGranter();
        RoleUserAuthorityGranter[] authorityGranters = new RoleUserAuthorityGranter[] { authorityGranter };
        jaasAuthenticationProvider.setAuthorityGranters(authorityGranters);
        jaasAuthenticationProvider.afterPropertiesSet();
        String userName = authentication.getName();
        String userPassword = "";
        if (authentication.getCredentials() != null) {
            userPassword = authentication.getCredentials().toString();
        }
        // getting user authenticated
        if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
            final List<GrantedAuthority> grantedAuths = new ArrayList<>();
            grantedAuths.add(new SimpleGrantedAuthority(rangerLdapDefaultRole));
            final UserDetails principal = new User(userName, userPassword, grantedAuths);
            final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);
            authentication = jaasAuthenticationProvider.authenticate(finalAuthentication);
            authentication = getAuthenticationWithGrantedAuthority(authentication);
            return authentication;
        } else {
            return authentication;
        }
    } catch (Exception e) {
        logger.debug("Unix Authentication Failed:", e);
    }
    return authentication;
}
Also used : DefaultJaasAuthenticationProvider(org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider) RoleUserAuthorityGranter(org.apache.ranger.authentication.unix.jaas.RoleUserAuthorityGranter) User(org.springframework.security.core.userdetails.User) Configuration(javax.security.auth.login.Configuration) InMemoryConfiguration(org.springframework.security.authentication.jaas.memory.InMemoryConfiguration) HashMap(java.util.HashMap) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) ArrayList(java.util.ArrayList) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) AuthenticationException(org.springframework.security.core.AuthenticationException) AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) UserDetails(org.springframework.security.core.userdetails.UserDetails) InMemoryConfiguration(org.springframework.security.authentication.jaas.memory.InMemoryConfiguration) LoginModuleControlFlag(javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag) Authentication(org.springframework.security.core.Authentication)

Example 5 with InMemoryConfiguration

use of org.springframework.security.authentication.jaas.memory.InMemoryConfiguration in project ranger by apache.

the class RangerAuthenticationProvider method getPamAuthentication.

public Authentication getPamAuthentication(Authentication authentication) {
    try {
        String rangerLdapDefaultRole = PropertiesUtil.getProperty("ranger.ldap.default.role", "ROLE_USER");
        DefaultJaasAuthenticationProvider jaasAuthenticationProvider = new DefaultJaasAuthenticationProvider();
        String loginModuleName = "org.apache.ranger.authentication.unix.jaas.PamLoginModule";
        LoginModuleControlFlag controlFlag = LoginModuleControlFlag.REQUIRED;
        Map<String, String> options = PropertiesUtil.getPropertiesMap();
        if (!options.containsKey("ranger.pam.service"))
            options.put("ranger.pam.service", "ranger-admin");
        AppConfigurationEntry appConfigurationEntry = new AppConfigurationEntry(loginModuleName, controlFlag, options);
        AppConfigurationEntry[] appConfigurationEntries = new AppConfigurationEntry[] { appConfigurationEntry };
        Map<String, AppConfigurationEntry[]> appConfigurationEntriesOptions = new HashMap<String, AppConfigurationEntry[]>();
        appConfigurationEntriesOptions.put("SPRINGSECURITY", appConfigurationEntries);
        Configuration configuration = new InMemoryConfiguration(appConfigurationEntriesOptions);
        jaasAuthenticationProvider.setConfiguration(configuration);
        RoleUserAuthorityGranter authorityGranter = new RoleUserAuthorityGranter();
        RoleUserAuthorityGranter[] authorityGranters = new RoleUserAuthorityGranter[] { authorityGranter };
        jaasAuthenticationProvider.setAuthorityGranters(authorityGranters);
        jaasAuthenticationProvider.afterPropertiesSet();
        String userName = authentication.getName();
        String userPassword = "";
        if (authentication.getCredentials() != null) {
            userPassword = authentication.getCredentials().toString();
        }
        // getting user authenticated
        if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
            final List<GrantedAuthority> grantedAuths = new ArrayList<>();
            grantedAuths.add(new SimpleGrantedAuthority(rangerLdapDefaultRole));
            final UserDetails principal = new User(userName, userPassword, grantedAuths);
            final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);
            authentication = jaasAuthenticationProvider.authenticate(finalAuthentication);
            authentication = getAuthenticationWithGrantedAuthority(authentication);
            return authentication;
        } else {
            return authentication;
        }
    } catch (Exception e) {
        logger.debug("Pam Authentication Failed:", e);
    }
    return authentication;
}
Also used : DefaultJaasAuthenticationProvider(org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider) RoleUserAuthorityGranter(org.apache.ranger.authentication.unix.jaas.RoleUserAuthorityGranter) User(org.springframework.security.core.userdetails.User) Configuration(javax.security.auth.login.Configuration) InMemoryConfiguration(org.springframework.security.authentication.jaas.memory.InMemoryConfiguration) HashMap(java.util.HashMap) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) ArrayList(java.util.ArrayList) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) AuthenticationException(org.springframework.security.core.AuthenticationException) AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry) UserDetails(org.springframework.security.core.userdetails.UserDetails) InMemoryConfiguration(org.springframework.security.authentication.jaas.memory.InMemoryConfiguration) LoginModuleControlFlag(javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag) Authentication(org.springframework.security.core.Authentication)

Aggregations

AppConfigurationEntry (javax.security.auth.login.AppConfigurationEntry)5 InMemoryConfiguration (org.springframework.security.authentication.jaas.memory.InMemoryConfiguration)5 HashMap (java.util.HashMap)4 Configuration (javax.security.auth.login.Configuration)4 AuthenticationException (org.springframework.security.core.AuthenticationException)4 ArrayList (java.util.ArrayList)3 DefaultJaasAuthenticationProvider (org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider)3 LoginModuleControlFlag (javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag)2 RoleUserAuthorityGranter (org.apache.ranger.authentication.unix.jaas.RoleUserAuthorityGranter)2 AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)2 BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)2 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)2 Authentication (org.springframework.security.core.Authentication)2 GrantedAuthority (org.springframework.security.core.GrantedAuthority)2 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)2 User (org.springframework.security.core.userdetails.User)2 UserDetails (org.springframework.security.core.userdetails.UserDetails)2 DefaultPrincipalAuthorityGranter (com.thinkbiganalytics.auth.DefaultPrincipalAuthorityGranter)1 GroupPrincipalAuthorityGranter (com.thinkbiganalytics.auth.GroupPrincipalAuthorityGranter)1 UserPrincipalAuthorityGranter (com.thinkbiganalytics.auth.UserPrincipalAuthorityGranter)1