Examples with SessionToken org.teiid.client.security.SessionToken used on opensource projects

Example 6 with SessionToken

use of org.teiid.client.security.SessionToken in project teiid by teiid.

the class TestFailover method createListener.

private SocketListener createListener(InetSocketAddress address, SSLConfiguration config) {
    ClientServiceRegistryImpl server = new ClientServiceRegistryImpl() {

        @Override
        public ClassLoader getCallerClassloader() {
            return getClass().getClassLoader();
        }
    };
    SessionService ss = mock(SessionService.class);
    server.registerClientService(ILogon.class, new // $NON-NLS-1$
    LogonImpl(// $NON-NLS-1$
    ss, // $NON-NLS-1$
    "fakeCluster") {

        @Override
        public LogonResult logon(Properties connProps) throws LogonException {
            logonAttempts++;
            return new LogonResult(new SessionToken("dummy"), "x", "z");
        }

        @Override
        public ResultsFuture<?> ping() throws InvalidSessionException, TeiidComponentException {
            return ResultsFuture.NULL_FUTURE;
        }

        @Override
        public void assertIdentity(SessionToken checkSession) throws InvalidSessionException, TeiidComponentException {
            throw new InvalidSessionException();
        }
    }, null);
    server.registerClientService(FakeService.class, new TestSocketRemoting.FakeServiceImpl(), null);
    return new SocketListener(new InetSocketAddress(address.getAddress().getHostAddress(), address.getPort()), 0, 0, 2, config, server, BufferManagerFactory.getStandaloneBufferManager());
}

Example 7 with SessionToken

use of org.teiid.client.security.SessionToken in project teiid by teiid.

the class TestLogonImpl method testLogonResult.

@Test
public void testLogonResult() throws Exception {
    SessionService ssi = Mockito.mock(SessionService.class);
    Mockito.stub(ssi.getAuthenticationType(Mockito.anyString(), Mockito.anyString(), Mockito.anyString())).toReturn(AuthenticationType.USERPASSWORD);
    DQPWorkContext.setWorkContext(new DQPWorkContext());
    // $NON-NLS-1$
    String userName = "Fred";
    // $NON-NLS-1$
    String applicationName = "test";
    Properties p = new Properties();
    p.setProperty(TeiidURL.CONNECTION.USER_NAME, userName);
    p.setProperty(TeiidURL.CONNECTION.APP_NAME, applicationName);
    p.setProperty(TeiidURL.JDBC.VDB_NAME, "x");
    p.setProperty(TeiidURL.JDBC.VDB_VERSION, "1");
    SessionMetadata session = new SessionMetadata();
    session.setUserName(userName);
    session.setApplicationName(applicationName);
    session.setSessionId(String.valueOf(1));
    session.setSessionToken(new SessionToken(1, userName));
    Mockito.stub(ssi.createSession("x", "1", AuthenticationType.USERPASSWORD, userName, null, applicationName, p)).toReturn(session);
    // $NON-NLS-1$
    LogonImpl impl = new LogonImpl(ssi, "fakeCluster");
    LogonResult result = impl.logon(p);
    assertEquals(userName, result.getUserName());
    assertEquals(String.valueOf(1), result.getSessionID());
}

Example 8 with SessionToken

use of org.teiid.client.security.SessionToken in project teiid by teiid.

the class SessionServiceImpl method createSession.

@Override
public SessionMetadata createSession(String vdbName, String vdbVersion, AuthenticationType authType, String userName, Credentials credentials, String applicationName, Properties properties) throws LoginException, SessionServiceException {
    ArgCheck.isNotNull(applicationName);
    ArgCheck.isNotNull(properties);
    Object securityContext = null;
    Subject subject = null;
    String hostName = properties.getProperty(TeiidURL.CONNECTION.CLIENT_HOSTNAME);
    String ipAddress = properties.getProperty(TeiidURL.CONNECTION.CLIENT_IP_ADDRESS);
    String clientMac = properties.getProperty(TeiidURL.CONNECTION.CLIENT_MAC);
    boolean onlyAllowPassthrough = Boolean.valueOf(properties.getProperty(TeiidURL.CONNECTION.PASSTHROUGH_AUTHENTICATION, // $NON-NLS-1$
    "false"));
    AuditMessage.LogonInfo info = new AuditMessage.LogonInfo(vdbName, vdbVersion, authType.toString(), userName, applicationName, hostName, ipAddress, clientMac, onlyAllowPassthrough);
    if (LogManager.isMessageToBeRecorded(LogConstants.CTX_AUDITLOGGING, MessageLevel.DETAIL)) {
        // $NON-NLS-1$ //$NON-NLS-2$
        LogManager.logDetail(LogConstants.CTX_AUDITLOGGING, new AuditMessage("session", "logon-request", info, null));
    }
    try {
        // Validate VDB and version if logging on to server product...
        VDBMetaData vdb = null;
        if (vdbName != null) {
            vdb = getActiveVDB(vdbName, vdbVersion);
            if (vdb == null) {
                throw new SessionServiceException(RuntimePlugin.Event.TEIID40046, RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40046, vdbName, vdbVersion));
            }
        }
        if (sessionMaxLimit > 0 && getActiveSessionsCount() >= sessionMaxLimit) {
            throw new SessionServiceException(RuntimePlugin.Event.TEIID40043, RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40043, new Long(sessionMaxLimit)));
        }
        String securityDomain = getSecurityDomain(userName, vdbName, vdbVersion, vdb);
        if (securityDomain != null) {
            // Authenticate user...
            // if not authenticated, this method throws exception
            // $NON-NLS-1$
            LogManager.logDetail(LogConstants.CTX_SECURITY, new Object[] { "authenticateUser", userName, applicationName });
            String baseUserName = userName;
            if (allowSecurityDomainQualifier) {
                baseUserName = getBaseUsername(userName);
            }
            if (onlyAllowPassthrough || authType.equals(AuthenticationType.GSS)) {
                subject = this.securityHelper.getSubjectInContext(securityDomain);
                if (subject == null) {
                    if ((!onlyAllowPassthrough || !(trustAllLocal && DQPWorkContext.getWorkContext().isLocal()))) {
                        throw new LoginException(RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40087));
                    }
                } else {
                    userName = getUserName(subject, baseUserName);
                }
                securityContext = this.securityHelper.getSecurityContext();
            } else {
                userName = baseUserName;
                securityContext = this.securityHelper.authenticate(securityDomain, baseUserName, credentials, applicationName);
                subject = this.securityHelper.getSubjectInContext(securityContext);
            }
        } else {
            LogManager.logDetail(LogConstants.CTX_SECURITY, RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40117));
        }
        long creationTime = System.currentTimeMillis();
        // Return a new session info object
        SessionMetadata newSession = new SessionMetadata();
        newSession.setSessionToken(new SessionToken(userName));
        newSession.setSessionId(newSession.getSessionToken().getSessionID());
        newSession.setUserName(userName);
        newSession.setCreatedTime(creationTime);
        newSession.setApplicationName(applicationName);
        newSession.setClientHostName(hostName);
        newSession.setIPAddress(ipAddress);
        newSession.setClientHardwareAddress(clientMac);
        newSession.setSecurityDomain(securityDomain);
        if (vdb != null) {
            newSession.setVDBName(vdb.getName());
            newSession.setVDBVersion(vdb.getVersion());
        }
        // these are local no need for monitoring.
        newSession.setSubject(subject);
        newSession.setSecurityContext(securityContext);
        newSession.setVdb(vdb);
        if (LogManager.isMessageToBeRecorded(LogConstants.CTX_SECURITY, MessageLevel.DETAIL)) {
            // $NON-NLS-1$
            LogManager.logDetail(LogConstants.CTX_SECURITY, new Object[] { "Logon successful, created", newSession });
        }
        this.sessionCache.put(newSession.getSessionId(), newSession);
        if (LogManager.isMessageToBeRecorded(LogConstants.CTX_AUDITLOGGING, MessageLevel.DETAIL)) {
            // $NON-NLS-1$ //$NON-NLS-2$
            LogManager.logDetail(LogConstants.CTX_AUDITLOGGING, new AuditMessage("session", "logon-success", newSession));
        }
        return newSession;
    } catch (LoginException e) {
        if (LogManager.isMessageToBeRecorded(LogConstants.CTX_AUDITLOGGING, MessageLevel.DETAIL)) {
            // $NON-NLS-1$ //$NON-NLS-2$
            LogManager.logDetail(LogConstants.CTX_AUDITLOGGING, new AuditMessage("session", "logon-fail", info, e));
        }
        throw e;
    } catch (SessionServiceException e) {
        if (LogManager.isMessageToBeRecorded(LogConstants.CTX_AUDITLOGGING, MessageLevel.DETAIL)) {
            // $NON-NLS-1$ //$NON-NLS-2$
            LogManager.logDetail(LogConstants.CTX_AUDITLOGGING, new AuditMessage("session", "logon-fail", info, e));
        }
        throw e;
    }
}

Example 9 with SessionToken

use of org.teiid.client.security.SessionToken in project teiid by teiid.

the class LogonImpl method assertIdentity.

@Override
public void assertIdentity(SessionToken checkSession) throws InvalidSessionException, TeiidComponentException {
    if (checkSession == null) {
        // disassociate
        this.updateDQPContext(new SessionMetadata());
        return;
    }
    SessionMetadata sessionInfo = null;
    try {
        sessionInfo = this.service.validateSession(checkSession.getSessionID());
    } catch (SessionServiceException e) {
        throw new TeiidComponentException(RuntimePlugin.Event.TEIID40062, e);
    }
    if (sessionInfo == null) {
        throw new InvalidSessionException(RuntimePlugin.Event.TEIID40063);
    }
    SessionToken st = sessionInfo.getSessionToken();
    if (!st.equals(checkSession)) {
        throw new InvalidSessionException(RuntimePlugin.Event.TEIID40064);
    }
    this.updateDQPContext(sessionInfo);
}