Examples with SecurityHelper org.teiid.security.SecurityHelper used on opensource projects

Search in sources :

Example 1 with SecurityHelper

use of org.teiid.security.SecurityHelper in project teiid by teiid.

the class TestDQPWorkContext method testRestoreSecurityContext.

@Test
public void testRestoreSecurityContext() {
    final SecurityHelper sc = new SecurityHelper() {

        Object mycontext = null;

        @Override
        public Object getSecurityContext() {
            return this.mycontext;
        }

        @Override
        public void clearSecurityContext() {
            this.mycontext = null;
        }

        @Override
        public Object associateSecurityContext(Object context) {
            Object old = mycontext;
            this.mycontext = context;
            return old;
        }

        @Override
        public Subject getSubjectInContext(Object context) {
            return null;
        }

        @Override
        public Subject getSubjectInContext(String securityDomain) {
            return null;
        }

        @Override
        public Object authenticate(String securityDomain, String baseUserName, Credentials credentials, String applicationName) throws LoginException {
            return null;
        }

        @Override
        public GSSResult negotiateGssLogin(String securityDomain, byte[] serviceTicket) throws LoginException {
            return null;
        }
    };
    Object previousSC = "testSC";
    sc.associateSecurityContext(previousSC);
    DQPWorkContext message = new DQPWorkContext() {

        @Override
        public Subject getSubject() {
            return new Subject();
        }
    };
    message.setSecurityHelper(sc);
    message.setSession(Mockito.mock(SessionMetadata.class));
    // $NON-NLS-1$
    final String currentSC = "teiid-security-context";
    Mockito.stub(message.getSession().getSecurityContext()).toReturn(currentSC);
    Runnable r = new Runnable() {

        @Override
        public void run() {
            assertEquals(currentSC, sc.getSecurityContext());
        }
    };
    message.runInContext(r);
    assertEquals(previousSC, sc.getSecurityContext());
}
Also used : SessionMetadata(org.teiid.adminapi.impl.SessionMetadata) Credentials(org.teiid.security.Credentials) Subject(javax.security.auth.Subject) SecurityHelper(org.teiid.security.SecurityHelper) Test(org.junit.Test)

Example 2 with SecurityHelper

use of org.teiid.security.SecurityHelper in project teiid by teiid.

the class TestLocalConnections method testPassThroughDifferentUsers.

@Test
public void testPassThroughDifferentUsers() throws Throwable {
    MockSecurityHelper securityHelper = new MockSecurityHelper();
    SecurityHelper current = server.getSessionService().getSecurityHelper();
    server.getClientServiceRegistry().setSecurityHelper(securityHelper);
    server.getSessionService().setSecurityHelper(securityHelper);
    try {
        final Connection c = server.createConnection("jdbc:teiid:PartsSupplier;PassthroughAuthentication=true");
        Statement s = c.createStatement();
        ResultSet rs = s.executeQuery("select session_id()");
        Subject o = currentContext;
        currentContext = null;
        s.cancel();
        currentContext = o;
        rs.next();
        String id = rs.getString(1);
        rs.close();
        assertEquals(4, securityHelper.calls);
        server.getSessionService().pingServer(id);
        currentContext = new Subject();
        currentContext.getPrincipals().add(new SimplePrincipal("x"));
        rs = s.executeQuery("select session_id()");
        rs.next();
        String id1 = rs.getString(1);
        rs.close();
        assertFalse(id.equals(id1));
        try {
            server.getSessionService().pingServer(id);
            // should have logged off
            fail();
        } catch (InvalidSessionException e) {
        }
    } finally {
        server.getClientServiceRegistry().setSecurityHelper(current);
        server.getSessionService().setSecurityHelper(current);
    }
}
Also used : InvalidSessionException(org.teiid.client.security.InvalidSessionException) Statement(java.sql.Statement) Connection(java.sql.Connection) ResultSet(java.sql.ResultSet) Subject(javax.security.auth.Subject) SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal) SecurityHelper(org.teiid.security.SecurityHelper) Test(org.junit.Test)

Example 3 with SecurityHelper

use of org.teiid.security.SecurityHelper in project teiid by teiid.

the class TestPassthroughAuthentication method oneTimeSetup.

@BeforeClass
public static void oneTimeSetup() throws Exception {
    server.setUseCallingThread(true);
    server.start(new EmbeddedConfiguration() {

        @Override
        public SecurityHelper getSecurityHelper() {
            return securityHelper;
        }
    }, false);
}
Also used : EmbeddedConfiguration(org.teiid.runtime.EmbeddedConfiguration) SecurityHelper(org.teiid.security.SecurityHelper) BeforeClass(org.junit.BeforeClass)

Example 4 with SecurityHelper

use of org.teiid.security.SecurityHelper in project teiid by teiid.

the class LogonImpl method logon.

public LogonResult logon(Properties connProps) throws LogonException {
    String vdbName = connProps.getProperty(BaseDataSource.VDB_NAME);
    String vdbVersion = connProps.getProperty(BaseDataSource.VDB_VERSION);
    String user = connProps.getProperty(TeiidURL.CONNECTION.USER_NAME, CoreConstants.DEFAULT_ANON_USERNAME);
    boolean onlyAllowPassthrough = Boolean.valueOf(connProps.getProperty(TeiidURL.CONNECTION.PASSTHROUGH_AUTHENTICATION, // $NON-NLS-1$
    "false"));
    AuthenticationType authType = AuthenticationType.USERPASSWORD;
    if (!onlyAllowPassthrough) {
        authType = this.service.getAuthenticationType(vdbName, vdbVersion, user);
    }
    // the presence of the KRB5 token take as GSS based login.
    if (connProps.get(ILogon.KRB5TOKEN) != null) {
        if (authType == AuthenticationType.GSS) {
            Object previous = null;
            boolean assosiated = false;
            SecurityHelper securityHelper = service.getSecurityHelper();
            try {
                byte[] krb5Token = (byte[]) connProps.get(ILogon.KRB5TOKEN);
                Object securityContext = this.gssServiceTickets.remove(Base64.encodeBytes(MD5(krb5Token)));
                if (securityContext == null) {
                    throw new LogonException(RuntimePlugin.Event.TEIID40054, RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40054));
                }
                previous = securityHelper.associateSecurityContext(securityContext);
                assosiated = true;
                return logon(connProps, krb5Token, AuthenticationType.GSS, user);
            } finally {
                if (assosiated) {
                    securityHelper.associateSecurityContext(previous);
                }
            }
        } else {
        // shouldn't really get here, but we'll try user name password anyway
        }
    } else if (authType == AuthenticationType.GSS) {
        Version v = DQPWorkContext.getWorkContext().getClientVersion();
        // send a login result with a GSS challange
        if (v.compareTo(Version.EIGHT_7) >= 0) {
            LogonResult result = new LogonResult();
            result.addProperty(ILogon.AUTH_TYPE, authType);
            return result;
        }
        // throw an exception
        throw new LogonException(RuntimePlugin.Event.TEIID40149, RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40149));
    }
    if (!AuthenticationType.USERPASSWORD.equals(authType)) {
        throw new LogonException(RuntimePlugin.Event.TEIID40055, RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40055, authType));
    }
    return logon(connProps, null, AuthenticationType.USERPASSWORD, user);
}
Also used : Version(org.teiid.dqp.internal.process.DQPWorkContext.Version) LogonException(org.teiid.client.security.LogonException) LogonResult(org.teiid.client.security.LogonResult) AuthenticationType(org.teiid.net.socket.AuthenticationType) SecurityHelper(org.teiid.security.SecurityHelper)

Example 5 with SecurityHelper

use of org.teiid.security.SecurityHelper in project teiid by teiid.

the class TestLocalConnections method testSimulateGSSWithODBC.

@Test
public void testSimulateGSSWithODBC() throws Throwable {
    SecurityHelper securityHelper = new MockSecurityHelper();
    SecurityHelper current = server.getSessionService().getSecurityHelper();
    server.getClientServiceRegistry().setSecurityHelper(securityHelper);
    server.getSessionService().setSecurityHelper(securityHelper);
    server.getSessionService().setAuthenticationType(AuthenticationType.GSS);
    final byte[] token = "This is test of Partial GSS API".getBytes();
    final AtomicBoolean set = new AtomicBoolean(true);
    LogonImpl login = new LogonImpl(server.getSessionService(), null) {

        @Override
        public LogonResult logon(Properties connProps) throws LogonException {
            if (set.get()) {
                this.gssServiceTickets.put(Base64.encodeBytes(MD5(token)), currentContext);
                set.set(false);
            }
            return super.logon(connProps);
        }
    };
    server.getClientServiceRegistry().registerClientService(ILogon.class, login, LogConstants.CTX_SECURITY);
    try {
        Properties prop = new Properties();
        prop.put(ILogon.KRB5TOKEN, token);
        final Connection c = server.createConnection("jdbc:teiid:PartsSupplier;user=GSS", prop);
        Statement s = c.createStatement();
        ResultSet rs = s.executeQuery("select session_id()");
        Subject o = currentContext;
        currentContext = null;
        s.cancel();
        currentContext = o;
        rs.next();
        String id = rs.getString(1);
        rs.close();
    } finally {
        server.getSessionService().setAuthenticationType(AuthenticationType.USERPASSWORD);
        server.getClientServiceRegistry().setSecurityHelper(current);
        server.getSessionService().setSecurityHelper(current);
    }
}
Also used : AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) LogonImpl(org.teiid.transport.LogonImpl) Statement(java.sql.Statement) Connection(java.sql.Connection) ResultSet(java.sql.ResultSet) Properties(java.util.Properties) Subject(javax.security.auth.Subject) SecurityHelper(org.teiid.security.SecurityHelper) Test(org.junit.Test)

Aggregations

SecurityHelper (org.teiid.security.SecurityHelper)5 Subject (javax.security.auth.Subject)3 Test (org.junit.Test)3 Connection (java.sql.Connection)2 ResultSet (java.sql.ResultSet)2 Statement (java.sql.Statement)2 Properties (java.util.Properties)1 AtomicBoolean (java.util.concurrent.atomic.AtomicBoolean)1 SimplePrincipal (org.apache.cxf.common.security.SimplePrincipal)1 BeforeClass (org.junit.BeforeClass)1 SessionMetadata (org.teiid.adminapi.impl.SessionMetadata)1 InvalidSessionException (org.teiid.client.security.InvalidSessionException)1 LogonException (org.teiid.client.security.LogonException)1 LogonResult (org.teiid.client.security.LogonResult)1 Version (org.teiid.dqp.internal.process.DQPWorkContext.Version)1 AuthenticationType (org.teiid.net.socket.AuthenticationType)1 EmbeddedConfiguration (org.teiid.runtime.EmbeddedConfiguration)1 Credentials (org.teiid.security.Credentials)1 LogonImpl (org.teiid.transport.LogonImpl)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial