Example 1 with Credentials
use of org.teiid.security.Credentials in project teiid by teiid.
the class TestDQPWorkContext method testRestoreSecurityContext.
@Test
public void testRestoreSecurityContext() {
final SecurityHelper sc = new SecurityHelper() {
Object mycontext = null;
@Override
public Object getSecurityContext() {
return this.mycontext;
}
@Override
public void clearSecurityContext() {
this.mycontext = null;
}
@Override
public Object associateSecurityContext(Object context) {
Object old = mycontext;
this.mycontext = context;
return old;
}
@Override
public Subject getSubjectInContext(Object context) {
return null;
}
@Override
public Subject getSubjectInContext(String securityDomain) {
return null;
}
@Override
public Object authenticate(String securityDomain, String baseUserName, Credentials credentials, String applicationName) throws LoginException {
return null;
}
@Override
public GSSResult negotiateGssLogin(String securityDomain, byte[] serviceTicket) throws LoginException {
return null;
}
};
Object previousSC = "testSC";
sc.associateSecurityContext(previousSC);
DQPWorkContext message = new DQPWorkContext() {
@Override
public Subject getSubject() {
return new Subject();
}
};
message.setSecurityHelper(sc);
message.setSession(Mockito.mock(SessionMetadata.class));
// $NON-NLS-1$
final String currentSC = "teiid-security-context";
Mockito.stub(message.getSession().getSecurityContext()).toReturn(currentSC);
Runnable r = new Runnable() {
@Override
public void run() {
assertEquals(currentSC, sc.getSecurityContext());
}
};
message.runInContext(r);
assertEquals(previousSC, sc.getSecurityContext());
}
Also used :
SessionMetadata(org.teiid.adminapi.impl.SessionMetadata)
Credentials(org.teiid.security.Credentials)
Subject(javax.security.auth.Subject)
SecurityHelper(org.teiid.security.SecurityHelper)
Test(org.junit.Test)
Example 2 with Credentials
use of org.teiid.security.Credentials in project teiid by teiid.
the class TestJBossSecurityHelper method testAuthenticate.
public void testAuthenticate() throws Exception {
Credentials credentials = new Credentials("pass1".toCharArray());
String domains = "testFile";
AuthenticationManager authManager = new AuthenticationManager() {
public String getSecurityDomain() {
return null;
}
public boolean isValid(Principal principal, Object credential, Subject activeSubject) {
return true;
}
public boolean isValid(Principal principal, Object credential) {
return true;
}
@Override
public Principal getTargetPrincipal(Principal anotherDomainPrincipal, Map<String, Object> contextMap) {
return null;
}
@Override
public Subject getActiveSubject() {
return null;
}
@Override
public void logout(Principal arg0, Subject arg1) {
}
};
final SecurityDomainContext securityContext = new SecurityDomainContext(authManager, null, null, null, null, null);
JBossSecurityHelper ms = buildSecurityHelper(domains, securityContext);
// $NON-NLS-1$
Object c = ms.authenticate(domains, "user1", credentials, null);
// $NON-NLS-1$
assertTrue(c instanceof JBossSecurityContext);
assertEquals(domains, ((JBossSecurityContext) c).getSecurityDomain());
}
Also used :
AuthenticationManager(org.jboss.security.AuthenticationManager)
JBossSecurityContext(org.jboss.security.plugins.JBossSecurityContext)
Map(java.util.Map)
Credentials(org.teiid.security.Credentials)
Principal(java.security.Principal)
SimplePrincipal(org.jboss.security.SimplePrincipal)
Subject(javax.security.auth.Subject)
SecurityDomainContext(org.jboss.as.security.plugins.SecurityDomainContext)
Example 3 with Credentials
use of org.teiid.security.Credentials in project teiid by teiid.
the class TestJBossSecurityHelper method validateSession.
public void validateSession(boolean securityEnabled) throws Exception {
final ArrayList<String> domains = new ArrayList<String>();
domains.add("somedomain");
AuthenticationManager authManager = Mockito.mock(AuthenticationManager.class);
Mockito.stub(authManager.isValid(new SimplePrincipal("steve"), "pass1", new Subject())).toReturn(true);
final SecurityDomainContext securityContext = new SecurityDomainContext(authManager, null, null, null, null, null);
SessionServiceImpl jss = new SessionServiceImpl() {
@Override
protected VDBMetaData getActiveVDB(String vdbName, String vdbVersion) throws SessionServiceException {
return Mockito.mock(VDBMetaData.class);
}
};
jss.setSecurityHelper(buildSecurityHelper("somedomain", securityContext));
jss.setSecurityDomain("somedomain");
try {
jss.validateSession(String.valueOf(1));
// $NON-NLS-1$
fail("exception expected");
} catch (InvalidSessionException e) {
}
// $NON-NLS-1$ //$NON-NLS-2$
SessionMetadata info = jss.createSession("x", "1", AuthenticationType.USERPASSWORD, "steve", new Credentials("pass1".toCharArray()), "foo", new Properties());
if (securityEnabled) {
Mockito.verify(authManager).isValid(new SimplePrincipal("steve"), "pass1", new Subject());
}
String id1 = info.getSessionId();
jss.validateSession(id1);
assertEquals(1, jss.getActiveSessionsCount());
// $NON-NLS-1$
assertEquals(0, jss.getSessionsLoggedInToVDB(new VDBKey("a", 1)).size());
jss.closeSession(id1);
try {
jss.validateSession(id1);
// $NON-NLS-1$
fail("exception expected");
} catch (InvalidSessionException e) {
}
try {
jss.closeSession(id1);
// $NON-NLS-1$
fail("exception expected");
} catch (InvalidSessionException e) {
}
}
Also used :
InvalidSessionException(org.teiid.client.security.InvalidSessionException)
SessionServiceImpl(org.teiid.services.SessionServiceImpl)
SessionMetadata(org.teiid.adminapi.impl.SessionMetadata)
ArrayList(java.util.ArrayList)
Properties(java.util.Properties)
Subject(javax.security.auth.Subject)
SecurityDomainContext(org.jboss.as.security.plugins.SecurityDomainContext)
AuthenticationManager(org.jboss.security.AuthenticationManager)
VDBKey(org.teiid.vdb.runtime.VDBKey)
SimplePrincipal(org.jboss.security.SimplePrincipal)
Credentials(org.teiid.security.Credentials)
Example 4 with Credentials
use of org.teiid.security.Credentials in project teiid by teiid.
the class LogonImpl method logon.
private LogonResult logon(Properties connProps, byte[] krb5ServiceTicket, AuthenticationType authType, String user) throws LogonException {
String vdbName = connProps.getProperty(BaseDataSource.VDB_NAME);
String vdbVersion = connProps.getProperty(BaseDataSource.VDB_VERSION);
String applicationName = connProps.getProperty(TeiidURL.CONNECTION.APP_NAME);
String password = connProps.getProperty(TeiidURL.CONNECTION.PASSWORD);
Credentials credential = null;
if (password != null) {
credential = new Credentials(password.toCharArray());
}
try {
SessionMetadata sessionInfo = service.createSession(vdbName, vdbVersion, authType, user, credential, applicationName, connProps);
if (connProps.get(GSSCredential.class.getName()) != null) {
addCredentials(sessionInfo.getSubject(), (GSSCredential) connProps.get(GSSCredential.class.getName()));
}
updateDQPContext(sessionInfo);
if (DQPWorkContext.getWorkContext().getClientAddress() == null) {
sessionInfo.setEmbedded(true);
}
// if (oldSessionId != null) {
// TODO: we should be smarter about disassociating the old sessions from the client. we'll just rely on
// ping based clean up
// }
LogonResult result = new LogonResult(sessionInfo.getSessionToken(), sessionInfo.getVDBName(), clusterName);
if (krb5ServiceTicket != null) {
result.addProperty(ILogon.KRB5TOKEN, krb5ServiceTicket);
}
return result;
} catch (LoginException e) {
throw new LogonException(e);
} catch (SessionServiceException e) {
throw new LogonException(e);
}
}
Also used :
GSSCredential(org.ietf.jgss.GSSCredential)
SessionMetadata(org.teiid.adminapi.impl.SessionMetadata)
LogonException(org.teiid.client.security.LogonException)
LogonResult(org.teiid.client.security.LogonResult)
LoginException(javax.security.auth.login.LoginException)
Credentials(org.teiid.security.Credentials)
SessionServiceException(org.teiid.dqp.service.SessionServiceException)
Example 5 with Credentials
use of org.teiid.security.Credentials in project teiid by teiid.
the class TestSessionServiceImpl method testSecurityDomain.
@Test
public void testSecurityDomain() throws Exception {
VDBRepository repo = Mockito.mock(VDBRepository.class);
VDBMetaData vdb = new VDBMetaData();
vdb.setName("name");
vdb.setVersion(1);
vdb.setStatus(Status.ACTIVE);
vdb.addProperty(SessionServiceImpl.SECURITY_DOMAIN_PROPERTY, "domain");
Mockito.stub(repo.getLiveVDB("name", "1")).toReturn(vdb);
ssi.setVDBRepository(repo);
Properties properties = new Properties();
properties.setProperty(TeiidURL.JDBC.VDB_NAME, "name.1");
SessionMetadata s = ssi.createSession("name", "1", AuthenticationType.USERPASSWORD, "x", new Credentials(new char[] { 'y' }), "z", properties);
assertEquals("domain", s.getSecurityDomain());
}
Also used :
VDBMetaData(org.teiid.adminapi.impl.VDBMetaData)
SessionMetadata(org.teiid.adminapi.impl.SessionMetadata)
VDBRepository(org.teiid.deployers.VDBRepository)
Properties(java.util.Properties)
Credentials(org.teiid.security.Credentials)
Test(org.junit.Test)
Aggregations
Credentials (org.teiid.security.Credentials)6
SessionMetadata (org.teiid.adminapi.impl.SessionMetadata)5
Properties (java.util.Properties)3
Subject (javax.security.auth.Subject)3
Test (org.junit.Test)3
SecurityDomainContext (org.jboss.as.security.plugins.SecurityDomainContext)2
AuthenticationManager (org.jboss.security.AuthenticationManager)2
SimplePrincipal (org.jboss.security.SimplePrincipal)2
VDBMetaData (org.teiid.adminapi.impl.VDBMetaData)2
VDBRepository (org.teiid.deployers.VDBRepository)2
Principal (java.security.Principal)1
ArrayList (java.util.ArrayList)1
Map (java.util.Map)1
LoginException (javax.security.auth.login.LoginException)1
GSSCredential (org.ietf.jgss.GSSCredential)1
JBossSecurityContext (org.jboss.security.plugins.JBossSecurityContext)1
InvalidSessionException (org.teiid.client.security.InvalidSessionException)1
LogonException (org.teiid.client.security.LogonException)1
LogonResult (org.teiid.client.security.LogonResult)1
SessionServiceException (org.teiid.dqp.service.SessionServiceException)1
