use of org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm in project jboss-remoting by jboss-remoting.
the class TimeOutConnectionTestCase method doTest.
private void doTest(OptionMap connectionProviderOptions) throws Exception {
try (final ServerSocketChannel channel = ServerSocketChannel.open()) {
channel.configureBlocking(true);
channel.socket().bind(new InetSocketAddress("localhost", 30123));
Thread acceptThread = new Thread(new Accept(channel));
acceptThread.start();
// create endpoint, auth provider, etc, create server
final EndpointBuilder endpointBuilder = Endpoint.builder();
final XnioWorker.Builder workerBuilder = endpointBuilder.buildXnioWorker(Xnio.getInstance());
workerBuilder.setCoreWorkerPoolSize(4).setMaxWorkerPoolSize(4).setWorkerIoThreads(4);
endpointBuilder.setEndpointName("test");
try (Endpoint ep = endpointBuilder.build()) {
endpoint = ep;
final SecurityDomain.Builder domainBuilder = SecurityDomain.builder();
final SimpleMapBackedSecurityRealm mainRealm = new SimpleMapBackedSecurityRealm();
domainBuilder.addRealm("mainRealm", mainRealm);
domainBuilder.setDefaultRealmName("mainRealm");
final PasswordFactory passwordFactory = PasswordFactory.getInstance("clear");
mainRealm.setPasswordMap("bob", passwordFactory.generatePassword(new ClearPasswordSpec("pass".toCharArray())));
// create connect and close endpoint threads
IoFuture<Connection> futureConnection = AuthenticationContext.empty().with(MatchRule.ALL, AuthenticationConfiguration.empty().useName("bob").usePassword("pass")).run(new PrivilegedAction<IoFuture<Connection>>() {
public IoFuture<Connection> run() {
try {
return ep.connect(new URI("remote://localhost:30123"), OptionMap.EMPTY);
} catch (URISyntaxException e) {
throw new RuntimeException(e);
}
}
});
assertEquals(Status.WAITING, futureConnection.await(500, TimeUnit.MILLISECONDS));
ep.close();
assertEquals(Status.CANCELLED, futureConnection.getStatus());
acceptThread.join();
} finally {
endpoint = null;
}
}
}
use of org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm in project jboss-remoting by jboss-remoting.
the class HeartbeatTestCase method testDefaultHeartbeat.
/**
* Test that heartbeat can be set and can be disabled by setting it to 0
*
* @throws Exception
*/
@Test
public void testDefaultHeartbeat() throws Exception {
Channel clientChannel = null;
Channel serverChannel = null;
Closeable streamServer = null;
Connection connection = null;
Registration serviceRegistration = null;
final Endpoint endpoint = Endpoint.builder().setEndpointName("test").build();
NetworkServerProvider networkServerProvider = endpoint.getConnectionProviderInterface("remote", NetworkServerProvider.class);
final SecurityDomain.Builder domainBuilder = SecurityDomain.builder();
final SimpleMapBackedSecurityRealm mainRealm = new SimpleMapBackedSecurityRealm();
domainBuilder.addRealm("mainRealm", mainRealm).build();
domainBuilder.setDefaultRealmName("mainRealm");
domainBuilder.setPermissionMapper((permissionMappable, roles) -> PermissionVerifier.ALL);
final PasswordFactory passwordFactory = PasswordFactory.getInstance("clear");
mainRealm.setPasswordMap("bob", passwordFactory.generatePassword(new ClearPasswordSpec("pass".toCharArray())));
final SaslServerFactory saslServerFactory = new ServiceLoaderSaslServerFactory(HeartbeatTestCase.class.getClassLoader());
final SaslAuthenticationFactory.Builder builder = SaslAuthenticationFactory.builder();
builder.setSecurityDomain(domainBuilder.build());
builder.setFactory(saslServerFactory);
builder.setMechanismConfigurationSelector(mechanismInformation -> SaslMechanismInformation.Names.SCRAM_SHA_256.equals(mechanismInformation.getMechanismName()) ? MechanismConfiguration.EMPTY : null);
final SaslAuthenticationFactory saslAuthenticationFactory = builder.build();
streamServer = networkServerProvider.createServer(new InetSocketAddress("localhost", 30123), OptionMap.create(Options.SSL_ENABLED, Boolean.FALSE), saslAuthenticationFactory, SSLContext.getDefault());
final FutureResult<Channel> passer = new FutureResult<Channel>();
serviceRegistration = endpoint.registerService("org.jboss.test", new OpenListener() {
public void channelOpened(final Channel channel) {
passer.setResult(channel);
}
public void registrationTerminated() {
}
}, OptionMap.EMPTY);
IoFuture<Connection> futureConnection = AuthenticationContext.empty().with(MatchRule.ALL, AuthenticationConfiguration.empty().useName("bob").usePassword("pass").setSaslMechanismSelector(SaslMechanismSelector.NONE.addMechanism("SCRAM-SHA-256"))).run(new PrivilegedAction<IoFuture<Connection>>() {
public IoFuture<Connection> run() {
try {
return endpoint.connect(new URI("remote://localhost:30123"), OptionMap.EMPTY);
} catch (URISyntaxException e) {
throw new RuntimeException(e);
}
}
});
connection = futureConnection.get();
IoFuture<Channel> futureChannel = connection.openChannel("org.jboss.test", OptionMap.EMPTY);
clientChannel = futureChannel.get();
serverChannel = passer.getIoFuture().get();
assertNotNull(serverChannel);
RemoteConnectionChannel remoteClientChannel = (RemoteConnectionChannel) clientChannel;
assertEquals(RemotingOptions.DEFAULT_HEARTBEAT_INTERVAL, Utils.getInstanceValue(remoteClientChannel.getRemoteConnection(), "heartbeatInterval"));
RemoteWriteListener clientWriteListener = (RemoteWriteListener) Utils.getInstanceValue(remoteClientChannel.getRemoteConnection(), "writeListener");
assertNotNull(Utils.getInstanceValue(clientWriteListener, "heartKey"));
afterTest(clientChannel, serverChannel, connection, serviceRegistration);
destroy(endpoint, streamServer);
}
use of org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm in project jboss-ejb-client by wildfly.
the class DummyServer method start.
public void start() throws Exception {
logger.info("Starting " + this);
// create a Remoting endpoint
final OptionMap options = OptionMap.EMPTY;
EndpointBuilder endpointBuilder = Endpoint.builder();
endpointBuilder.setEndpointName(this.endpointName);
endpointBuilder.buildXnioWorker(Xnio.getInstance()).populateFromOptions(options);
endpoint = endpointBuilder.build();
if (startTxServer) {
final RemotingTransactionService remotingTransactionService = RemotingTransactionService.builder().setEndpoint(endpoint).setTransactionContext(LocalTransactionContext.getCurrent()).build();
remotingTransactionService.register();
}
// add a connection provider factory for the URI scheme "remote"
// endpoint.addConnectionProvider("remote", new RemoteConnectionProviderFactory(), OptionMap.create(Options.SSL_ENABLED, Boolean.FALSE));
final NetworkServerProvider serverProvider = endpoint.getConnectionProviderInterface("remote", NetworkServerProvider.class);
// set up a security realm called default with a user called test
final SimpleMapBackedSecurityRealm realm = new SimpleMapBackedSecurityRealm();
realm.setPasswordMap("test", ClearPassword.createRaw(ClearPassword.ALGORITHM_CLEAR, "test".toCharArray()));
// set up a security domain which has realm "default"
final SecurityDomain.Builder domainBuilder = SecurityDomain.builder();
// add the security realm called "default" to the security domain
domainBuilder.addRealm("default", realm).build();
domainBuilder.setDefaultRealmName("default");
domainBuilder.setPermissionMapper((permissionMappable, roles) -> PermissionVerifier.ALL);
SecurityDomain testDomain = domainBuilder.build();
// set up a SaslAuthenticationFactory (i.e. a SaslServerFactory)
SaslAuthenticationFactory saslAuthenticationFactory = SaslAuthenticationFactory.builder().setSecurityDomain(testDomain).setMechanismConfigurationSelector(mechanismInformation -> {
switch(mechanismInformation.getMechanismName()) {
case "ANONYMOUS":
case "PLAIN":
{
return MechanismConfiguration.EMPTY;
}
default:
return null;
}
}).setFactory(SaslFactories.getElytronSaslServerFactory()).build();
final OptionMap serverOptions = OptionMap.create(Options.SASL_MECHANISMS, Sequence.of("ANONYMOUS"), Options.SASL_POLICY_NOANONYMOUS, Boolean.FALSE);
final SocketAddress bindAddress = new InetSocketAddress(InetAddress.getByName(host), port);
this.server = serverProvider.createServer(bindAddress, serverOptions, saslAuthenticationFactory, null);
// set up an association to handle invocations, session creations and module/toopology listensrs
// the association makes use of a module deployment repository as well a sa cluster registry
Association dummyAssociation = new DummyAssociationImpl(this, deploymentRepository, clusterRegistry);
// set up a remoting transaction service
RemotingTransactionService.Builder txnServiceBuilder = RemotingTransactionService.builder();
txnServiceBuilder.setEndpoint(endpoint);
txnServiceBuilder.setTransactionContext(LocalTransactionContext.getCurrent());
RemotingTransactionService transactionService = txnServiceBuilder.build();
// setup remote EJB service
RemoteEJBService remoteEJBService = RemoteEJBService.create(dummyAssociation, transactionService, DEFAULT_CLASS_FILTER);
remoteEJBService.serverUp();
// Register an EJB channel open listener
OpenListener channelOpenListener = remoteEJBService.getOpenListener();
try {
registration = endpoint.registerService("jboss.ejb", new OpenListener() {
@Override
public void channelOpened(Channel channel) {
currentConnections.add(channel);
channelOpenListener.channelOpened(channel);
}
@Override
public void registrationTerminated() {
}
}, OptionMap.EMPTY);
} catch (ServiceRegistrationException e) {
throw new Exception(e);
}
}
use of org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm in project wildfly-core by wildfly.
the class IdentityAddressProtocolUtilTestCase method testSupportedTypes.
@Test
public void testSupportedTypes() throws Exception {
Set<String> groups = new HashSet<>();
groups.add("GroupOne");
groups.add("GroupTwo");
MapAttributes mapAttributes = new MapAttributes();
mapAttributes.addAll("GROUPS", groups);
SimpleMapBackedSecurityRealm smbsr = new SimpleMapBackedSecurityRealm();
smbsr.setPasswordMap("TestUser", ClearPassword.createRaw(ClearPassword.ALGORITHM_CLEAR, "password".toCharArray()), mapAttributes);
SecurityDomain testDomain = SecurityDomain.builder().setDefaultRealmName("Test").addRealm("Test", smbsr).setRoleDecoder(RoleDecoder.simple("GROUPS")).setPrincipalRewriter(p -> new NamePrincipal(p.getName())).build().setPreRealmRewriter((Function<Principal, Principal>) p -> new NamePrincipal(p.getName())).setPermissionMapper((permissionMappable, roles) -> LoginPermission.getInstance()).build();
InetAddress testAddress = InetAddress.getByAddress("localhost", new byte[] { 0x7F, 0x00, 0x00, 0x01 });
ServerAuthenticationContext serverAuthenticationContext = testDomain.createNewAuthenticationContext();
serverAuthenticationContext.setAuthenticationName("TestUser");
serverAuthenticationContext.authorize();
SecurityIdentity securityIdentity = serverAuthenticationContext.getAuthorizedIdentity();
PropagatedIdentity propagated = writeAndRead(securityIdentity, testAddress);
securityIdentity = propagated.securityIdentity;
Principal principal = securityIdentity.getPrincipal();
assertEquals("Principal Name", "TestUser", principal.getName());
Set<String> identityRoles = StreamSupport.stream(securityIdentity.getRoles().spliterator(), false).collect(Collectors.toSet());
assertEquals("Roles Count", 2, identityRoles.size());
assertTrue("GroupOne Membership", identityRoles.contains("GroupOne"));
assertTrue("GroupTwo Membership", identityRoles.contains("GroupTwo"));
assertEquals("Propagated Address", testAddress, propagated.inetAddress);
}
use of org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm in project quarkus by quarkusio.
the class SecurityRealmsTestCase method testSimpleMapBackedSecurityRealm.
@Test
public void testSimpleMapBackedSecurityRealm() throws RealmUnavailableException {
SimpleMapBackedSecurityRealm realm = new SimpleMapBackedSecurityRealm();
Map<String, SimpleRealmEntry> identityMap = new HashMap<>();
Attributes attributes = new MapAttributes();
attributes.add("groups", 0, "Admin");
attributes.add("groups", 1, "Tester");
ClearPassword clear = ClearPassword.createRaw(ClearPassword.ALGORITHM_CLEAR, "jb0ss".toCharArray());
PasswordCredential jb0ss = new PasswordCredential(clear);
List<Credential> credentials = new ArrayList<>();
credentials.add(jb0ss);
SimpleRealmEntry scottEntry = new SimpleRealmEntry(credentials, attributes);
identityMap.put("scott", scottEntry);
realm.setIdentityMap(identityMap);
RealmIdentity scott = realm.getRealmIdentity(new NamePrincipal("scott"));
AuthorizationIdentity auth = scott.getAuthorizationIdentity();
Attributes roles = auth.getAttributes();
Assertions.assertTrue(roles.containsValue("groups", "Admin"));
Assertions.assertTrue(roles.containsValue("groups", "Tester"));
}
Aggregations