use of org.wildfly.security.sasl.anonymous.AnonymousServerFactory in project wildfly-core by wildfly.
the class RemotingHttpUpgradeService method start.
@Override
public synchronized void start(final StartContext context) throws StartException {
final Endpoint endpoint = endpointSupplier.get();
OptionMap.Builder builder = OptionMap.builder();
ListenerRegistry.Listener listenerInfo = listenerRegistrySupplier.get().getListener(httpConnectorName);
assert listenerInfo != null;
listenerInfo.addHttpUpgradeMetadata(httpUpgradeMetadata = new ListenerRegistry.HttpUpgradeMetadata("jboss-remoting", endpointName));
RemotingConnectorBindingInfoService.install(context.getChildTarget(), context.getController().getName().getSimpleName(), (SocketBinding) listenerInfo.getContextInformation("socket-binding"), listenerInfo.getProtocol().equals("https") ? REMOTE_HTTPS : REMOTE_HTTP);
if (connectorPropertiesOptionMap != null) {
builder.addAll(connectorPropertiesOptionMap);
}
OptionMap resultingMap = builder.getMap();
try {
final ExternalConnectionProvider provider = endpoint.getConnectionProviderInterface(Protocol.HTTP_REMOTING.toString(), ExternalConnectionProvider.class);
SaslAuthenticationFactory saslAuthenticationFactory = saslAuthenticationFactorySupplier != null ? saslAuthenticationFactorySupplier.get() : null;
if (saslAuthenticationFactory == null) {
// TODO Elytron Inject the sasl server factory.
RemotingLogger.ROOT_LOGGER.warn("****** All authentication is ANONYMOUS for " + getClass().getName());
final SecurityDomain.Builder domainBuilder = SecurityDomain.builder();
domainBuilder.addRealm("default", SecurityRealm.EMPTY_REALM).build();
domainBuilder.setDefaultRealmName("default");
domainBuilder.setPermissionMapper((permissionMappable, roles) -> createPermissionVerifier());
final SaslAuthenticationFactory.Builder authBuilder = SaslAuthenticationFactory.builder();
authBuilder.setSecurityDomain(domainBuilder.build());
authBuilder.setFactory(new AnonymousServerFactory());
authBuilder.setMechanismConfigurationSelector(mechanismInformation -> MechanismConfiguration.EMPTY);
saslAuthenticationFactory = authBuilder.build();
}
final Consumer<StreamConnection> adaptor = provider.createConnectionAdaptor(resultingMap, saslAuthenticationFactory);
upgradeRegistrySupplier.get().addProtocol(JBOSS_REMOTING, new ChannelListener<StreamConnection>() {
@Override
public void handleEvent(final StreamConnection channel) {
adaptor.accept(channel);
/*if (channel instanceof SslConnection) {
adaptor.accept(new AssembledConnectedSslStreamChannel((SslConnection) channel, channel.getSourceChannel(), channel.getSinkChannel()));
} else {
adaptor.adapt(new AssembledConnectedStreamChannel(channel, channel.getSourceChannel(), channel.getSinkChannel()));
}*/
}
}, new SimpleHttpUpgradeHandshake(MAGIC_NUMBER, SEC_JBOSS_REMOTING_KEY, SEC_JBOSS_REMOTING_ACCEPT));
serviceConsumer.accept(this);
} catch (UnknownURISchemeException e) {
throw new StartException(e);
} catch (IOException e) {
throw new StartException(e);
}
}
use of org.wildfly.security.sasl.anonymous.AnonymousServerFactory in project wildfly-core by wildfly.
the class ChannelServer method create.
public static ChannelServer create(final Configuration configuration) throws IOException {
checkNotNullParam("configuration", configuration).validate();
// Hack WFCORE-3302/REM3-303 workaround
if (firstCreate) {
firstCreate = false;
} else {
try {
// wait in case the previous socket has not closed
Thread.sleep(100);
} catch (InterruptedException e) {
Thread.currentThread().interrupt();
throw new RuntimeException(e);
}
}
// TODO WFCORE-3302 -- Endpoint.getCurrent() should be ok
final Endpoint endpoint = Endpoint.builder().setEndpointName(configuration.getEndpointName()).build();
final NetworkServerProvider networkServerProvider = endpoint.getConnectionProviderInterface(configuration.getUriScheme(), NetworkServerProvider.class);
final SecurityDomain.Builder domainBuilder = SecurityDomain.builder();
final SimpleMapBackedSecurityRealm realm = new SimpleMapBackedSecurityRealm();
domainBuilder.addRealm("default", realm).build();
domainBuilder.setDefaultRealmName("default");
domainBuilder.setPermissionMapper((permissionMappable, roles) -> PermissionVerifier.ALL);
SecurityDomain testDomain = domainBuilder.build();
SaslAuthenticationFactory saslAuthenticationFactory = SaslAuthenticationFactory.builder().setSecurityDomain(testDomain).setMechanismConfigurationSelector(mechanismInformation -> "ANONYMOUS".equals(mechanismInformation.getMechanismName()) ? MechanismConfiguration.EMPTY : null).setFactory(new AnonymousServerFactory()).build();
System.out.println(configuration.getBindAddress());
AcceptingChannel<StreamConnection> streamServer = networkServerProvider.createServer(configuration.getBindAddress(), OptionMap.EMPTY, saslAuthenticationFactory, null);
return new ChannelServer(endpoint, null, streamServer);
}
use of org.wildfly.security.sasl.anonymous.AnonymousServerFactory in project wildfly-core by wildfly.
the class AbstractStreamServerService method start.
@Override
public void start(final StartContext context) throws StartException {
try {
NetworkServerProvider networkServerProvider = endpointSupplier.get().getConnectionProviderInterface("remoting", NetworkServerProvider.class);
SSLContext sslContext = sslContextSupplier != null ? sslContextSupplier.get() : null;
OptionMap.Builder builder = OptionMap.builder();
if (sslContext != null) {
builder.set(Options.SSL_ENABLED, true);
builder.set(Options.SSL_STARTTLS, true);
}
SaslAuthenticationFactory factory = saslAuthenticationFactorySupplier != null ? saslAuthenticationFactorySupplier.get() : null;
if (connectorPropertiesOptionMap != null) {
builder.addAll(connectorPropertiesOptionMap);
}
OptionMap resultingMap = builder.getMap();
if (RemotingLogger.ROOT_LOGGER.isTraceEnabled()) {
RemotingLogger.ROOT_LOGGER.tracef("Resulting OptionMap %s", resultingMap.toString());
}
if (factory == null) {
// TODO Elytron: Just authenticate anonymously
RemotingLogger.ROOT_LOGGER.warn("****** All authentication is ANONYMOUS for " + getClass().getName());
final SecurityDomain.Builder domainBuilder = SecurityDomain.builder();
domainBuilder.setPermissionMapper((permissionMappable, roles) -> LoginPermission.getInstance());
domainBuilder.addRealm("default", org.wildfly.security.auth.server.SecurityRealm.EMPTY_REALM).build();
domainBuilder.setDefaultRealmName("default");
factory = SaslAuthenticationFactory.builder().setFactory(new AnonymousServerFactory()).setMechanismConfigurationSelector(i -> MechanismConfiguration.EMPTY).setSecurityDomain(domainBuilder.build()).build();
}
streamServer = networkServerProvider.createServer(getSocketAddress(), resultingMap, factory, sslContext);
streamServerConsumer.accept(streamServer);
SocketBindingManager sbm = socketBindingManagerSupplier != null ? socketBindingManagerSupplier.get() : null;
if (sbm != null) {
managedBinding = registerSocketBinding(sbm);
}
RemotingLogger.ROOT_LOGGER.listeningOnSocket(NetworkUtils.formatAddress(getSocketAddress()));
} catch (BindException e) {
throw RemotingLogger.ROOT_LOGGER.couldNotBindToSocket(e.getMessage() + " " + NetworkUtils.formatAddress(getSocketAddress()), e);
} catch (Exception e) {
throw RemotingLogger.ROOT_LOGGER.couldNotStart(e);
}
}
Aggregations