Examples with AuthenticationType org.teiid.net.socket.AuthenticationType used on opensource projects
Example 1 with AuthenticationType
use of org.teiid.net.socket.AuthenticationType in project teiid by teiid.
the class LocalServerConnection method authenticate.
public synchronized void authenticate() throws ConnectionException, CommunicationException {
Object previousSecurityContext = workContext.getSecurityHelper().associateSecurityContext(workContext.getSession().getSecurityContext());
try {
logoff();
} finally {
workContext.getSecurityHelper().associateSecurityContext(previousSecurityContext);
}
workContext.setSecurityContext(previousSecurityContext);
try {
this.result = this.getService(ILogon.class).logon(this.connectionProperties);
AuthenticationType type = (AuthenticationType) this.result.getProperty(ILogon.AUTH_TYPE);
if (type != null) {
// server has issued an additional challenge
if (type == AuthenticationType.GSS) {
try {
this.result = MakeGSS.authenticate(this.getService(ILogon.class), this.connectionProperties);
} catch (LogonException e) {
if (!passthrough) {
throw new LogonException(RuntimePlugin.Event.TEIID40150, e, RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40150));
}
throw e;
}
} else {
throw new LogonException(JDBCPlugin.Event.TEIID20034, JDBCPlugin.Util.gs(JDBCPlugin.Event.TEIID20034, type));
}
}
} catch (LogonException e) {
// to give to the user
throw new ConnectionException(e);
} catch (TeiidComponentException e) {
if (e.getCause() instanceof CommunicationException) {
throw (CommunicationException) e.getCause();
}
throw new CommunicationException(RuntimePlugin.Event.TEIID40069, e);
}
}
Also used :
CommunicationException(org.teiid.net.CommunicationException)
LogonException(org.teiid.client.security.LogonException)
TeiidComponentException(org.teiid.core.TeiidComponentException)
ConnectionException(org.teiid.net.ConnectionException)
AuthenticationType(org.teiid.net.socket.AuthenticationType)
Example 2 with AuthenticationType
use of org.teiid.net.socket.AuthenticationType in project teiid by teiid.
the class LogonImpl method logon.
public LogonResult logon(Properties connProps) throws LogonException {
String vdbName = connProps.getProperty(BaseDataSource.VDB_NAME);
String vdbVersion = connProps.getProperty(BaseDataSource.VDB_VERSION);
String user = connProps.getProperty(TeiidURL.CONNECTION.USER_NAME, CoreConstants.DEFAULT_ANON_USERNAME);
boolean onlyAllowPassthrough = Boolean.valueOf(connProps.getProperty(TeiidURL.CONNECTION.PASSTHROUGH_AUTHENTICATION, // $NON-NLS-1$
"false"));
AuthenticationType authType = AuthenticationType.USERPASSWORD;
if (!onlyAllowPassthrough) {
authType = this.service.getAuthenticationType(vdbName, vdbVersion, user);
}
// the presence of the KRB5 token take as GSS based login.
if (connProps.get(ILogon.KRB5TOKEN) != null) {
if (authType == AuthenticationType.GSS) {
Object previous = null;
boolean assosiated = false;
SecurityHelper securityHelper = service.getSecurityHelper();
try {
byte[] krb5Token = (byte[]) connProps.get(ILogon.KRB5TOKEN);
Object securityContext = this.gssServiceTickets.remove(Base64.encodeBytes(MD5(krb5Token)));
if (securityContext == null) {
throw new LogonException(RuntimePlugin.Event.TEIID40054, RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40054));
}
previous = securityHelper.associateSecurityContext(securityContext);
assosiated = true;
return logon(connProps, krb5Token, AuthenticationType.GSS, user);
} finally {
if (assosiated) {
securityHelper.associateSecurityContext(previous);
}
}
} else {
// shouldn't really get here, but we'll try user name password anyway
}
} else if (authType == AuthenticationType.GSS) {
Version v = DQPWorkContext.getWorkContext().getClientVersion();
// send a login result with a GSS challange
if (v.compareTo(Version.EIGHT_7) >= 0) {
LogonResult result = new LogonResult();
result.addProperty(ILogon.AUTH_TYPE, authType);
return result;
}
// throw an exception
throw new LogonException(RuntimePlugin.Event.TEIID40149, RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40149));
}
if (!AuthenticationType.USERPASSWORD.equals(authType)) {
throw new LogonException(RuntimePlugin.Event.TEIID40055, RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40055, authType));
}
return logon(connProps, null, AuthenticationType.USERPASSWORD, user);
}
Also used :
Version(org.teiid.dqp.internal.process.DQPWorkContext.Version)
LogonException(org.teiid.client.security.LogonException)
LogonResult(org.teiid.client.security.LogonResult)
AuthenticationType(org.teiid.net.socket.AuthenticationType)
SecurityHelper(org.teiid.security.SecurityHelper)
Example 3 with AuthenticationType
use of org.teiid.net.socket.AuthenticationType in project teiid by teiid.
the class LogonImpl method neogitiateGssLogin.
@Override
public LogonResult neogitiateGssLogin(Properties connProps, byte[] serviceTicket, boolean createSession) throws LogonException {
String vdbName = connProps.getProperty(BaseDataSource.VDB_NAME);
String vdbVersion = connProps.getProperty(BaseDataSource.VDB_VERSION);
String user = connProps.getProperty(BaseDataSource.USER_NAME);
AuthenticationType authType = this.service.getAuthenticationType(vdbName, vdbVersion, user);
if (!AuthenticationType.GSS.equals(authType)) {
// $NON-NLS-1$
throw new LogonException(RuntimePlugin.Event.TEIID40055, RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40055, "Kerberos"));
}
// Using SPENGO security domain establish a token and subject.
GSSResult result = neogitiateGssLogin(serviceTicket, vdbName, vdbVersion, user);
if (!result.isAuthenticated() || !createSession) {
// $NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
LogonResult logonResult = new LogonResult(new SessionToken(0, "temp"), "internal", "internal");
logonResult.addProperty(ILogon.KRB5TOKEN, result.getServiceToken());
logonResult.addProperty(ILogon.KRB5_ESTABLISHED, new Boolean(result.isAuthenticated()));
if (result.isAuthenticated()) {
logonResult.addProperty(GSSCredential.class.getName(), result.getDelegationCredential());
}
return logonResult;
}
// GSS API (jdbc) will make the session in one single call
connProps.setProperty(TeiidURL.CONNECTION.USER_NAME, result.getUserName());
connProps.put(ILogon.KRB5TOKEN, result.getServiceToken());
if (result.getDelegationCredential() != null) {
connProps.put(GSSCredential.class.getName(), result.getDelegationCredential());
}
LogonResult logonResult = logon(connProps);
return logonResult;
}
Also used :
GSSResult(org.teiid.security.GSSResult)
SessionToken(org.teiid.client.security.SessionToken)
GSSCredential(org.ietf.jgss.GSSCredential)
LogonException(org.teiid.client.security.LogonException)
LogonResult(org.teiid.client.security.LogonResult)
AuthenticationType(org.teiid.net.socket.AuthenticationType)
Example 4 with AuthenticationType
use of org.teiid.net.socket.AuthenticationType in project teiid by teiid.
the class ODBCServerRemoteImpl method logon.
@Override
public void logon(String databaseName, String user, NullTerminatedStringDataInputStream data, SocketAddress remoteAddress) {
try {
java.util.Properties info = new java.util.Properties();
info.put(TeiidURL.CONNECTION.USER_NAME, user);
AuthenticationType authType = getAuthenticationType(user, databaseName);
String password = null;
if (authType.equals(AuthenticationType.USERPASSWORD)) {
password = data.readString();
} else if (authType.equals(AuthenticationType.GSS)) {
byte[] serviceToken = data.readServiceToken();
GSSResult result = this.logon.neogitiateGssLogin(serviceToken, databaseName, null, user);
serviceToken = result.getServiceToken();
if (result.isAuthenticated()) {
info.put(ILogon.KRB5TOKEN, serviceToken);
if (!result.isNullContinuationToken()) {
this.client.authenticationGSSContinue(serviceToken);
}
// if delegation is in progress, participate in it.
if (result.getDelegationCredential() != null) {
info.put(GSSCredential.class.getName(), result.getDelegationCredential());
}
} else {
this.client.authenticationGSSContinue(serviceToken);
return;
}
} else {
// $NON-NLS-1$
throw new AssertionError("Unsupported Authentication Type");
}
// this is local connection
// $NON-NLS-1$
String url = "jdbc:teiid:" + databaseName;
if (password != null) {
info.put(TeiidURL.CONNECTION.PASSWORD, password);
}
String applicationName = this.props.getProperty(PgBackendProtocol.APPLICATION_NAME);
if (applicationName == null) {
applicationName = PgBackendProtocol.DEFAULT_APPLICATION_NAME;
this.props.put(PgBackendProtocol.APPLICATION_NAME, applicationName);
}
info.put(TeiidURL.CONNECTION.APP_NAME, applicationName);
if (remoteAddress instanceof InetSocketAddress) {
SocketServerConnection.updateConnectionProperties(info, ((InetSocketAddress) remoteAddress).getAddress(), false);
}
this.connection = driver.connect(url, info);
// Propagate so that we can use in pg methods
SessionMetadata sm = ((LocalServerConnection) this.connection.getServerConnection()).getWorkContext().getSession();
sm.addAttchment(ODBCServerRemoteImpl.class, this);
setConnectionProperties(this.connection);
int hash = this.connection.getConnectionId().hashCode();
Enumeration<?> keys = this.props.propertyNames();
while (keys.hasMoreElements()) {
String key = (String) keys.nextElement();
this.connection.setExecutionProperty(key, this.props.getProperty(key));
}
StatementImpl s = this.connection.createStatement();
try {
// $NON-NLS-1$
s.execute("select teiid_session_set('resolve_groupby_positional', true)");
} finally {
s.close();
}
this.client.authenticationSucess(hash, hash);
ready();
} catch (SQLException e) {
errorOccurred(e);
terminate();
} catch (LogonException e) {
errorOccurred(e);
terminate();
} catch (IOException e) {
errorOccurred(e);
terminate();
}
}
Also used :
Properties(java.util.Properties)
TeiidSQLException(org.teiid.jdbc.TeiidSQLException)
SQLException(java.sql.SQLException)
InetSocketAddress(java.net.InetSocketAddress)
SessionMetadata(org.teiid.adminapi.impl.SessionMetadata)
IOException(java.io.IOException)
Properties(java.util.Properties)
GSSResult(org.teiid.security.GSSResult)
PreparedStatementImpl(org.teiid.jdbc.PreparedStatementImpl)
StatementImpl(org.teiid.jdbc.StatementImpl)
LogonException(org.teiid.client.security.LogonException)
AuthenticationType(org.teiid.net.socket.AuthenticationType)
Example 5 with AuthenticationType
use of org.teiid.net.socket.AuthenticationType in project teiid by teiid.
the class ODBCServerRemoteImpl method initialize.
@Override
public void initialize(Properties props) {
this.props = props;
this.client.initialized(this.props);
// $NON-NLS-1$
String user = props.getProperty("user");
// $NON-NLS-1$
String database = props.getProperty("database");
AuthenticationType authType = null;
try {
authType = getAuthenticationType(user, database);
} catch (LogonException e) {
errorOccurred(e);
terminate();
return;
}
if (authType.equals(AuthenticationType.USERPASSWORD)) {
this.client.useClearTextAuthentication();
} else if (authType.equals(AuthenticationType.GSS)) {
this.client.useAuthenticationGSS();
} else {
// $NON-NLS-1$
throw new AssertionError("Unsupported Authentication Type");
}
}
Also used :
LogonException(org.teiid.client.security.LogonException)
AuthenticationType(org.teiid.net.socket.AuthenticationType)
Aggregations
LogonException (org.teiid.client.security.LogonException)5
AuthenticationType (org.teiid.net.socket.AuthenticationType)5
LogonResult (org.teiid.client.security.LogonResult)2
GSSResult (org.teiid.security.GSSResult)2
IOException (java.io.IOException)1
InetSocketAddress (java.net.InetSocketAddress)1
SQLException (java.sql.SQLException)1
Properties (java.util.Properties)1
GSSCredential (org.ietf.jgss.GSSCredential)1
SessionMetadata (org.teiid.adminapi.impl.SessionMetadata)1
SessionToken (org.teiid.client.security.SessionToken)1
TeiidComponentException (org.teiid.core.TeiidComponentException)1
Version (org.teiid.dqp.internal.process.DQPWorkContext.Version)1
PreparedStatementImpl (org.teiid.jdbc.PreparedStatementImpl)1
StatementImpl (org.teiid.jdbc.StatementImpl)1
TeiidSQLException (org.teiid.jdbc.TeiidSQLException)1
CommunicationException (org.teiid.net.CommunicationException)1
ConnectionException (org.teiid.net.ConnectionException)1
SecurityHelper (org.teiid.security.SecurityHelper)1
