Search in sources :

Example 1 with AnonymousServerFactory

use of org.wildfly.security.sasl.anonymous.AnonymousServerFactory in project wildfly-core by wildfly.

the class RemotingHttpUpgradeService method start.

@Override
public synchronized void start(final StartContext context) throws StartException {
    final Endpoint endpoint = endpointSupplier.get();
    OptionMap.Builder builder = OptionMap.builder();
    ListenerRegistry.Listener listenerInfo = listenerRegistrySupplier.get().getListener(httpConnectorName);
    assert listenerInfo != null;
    listenerInfo.addHttpUpgradeMetadata(httpUpgradeMetadata = new ListenerRegistry.HttpUpgradeMetadata("jboss-remoting", endpointName));
    RemotingConnectorBindingInfoService.install(context.getChildTarget(), context.getController().getName().getSimpleName(), (SocketBinding) listenerInfo.getContextInformation("socket-binding"), listenerInfo.getProtocol().equals("https") ? REMOTE_HTTPS : REMOTE_HTTP);
    if (connectorPropertiesOptionMap != null) {
        builder.addAll(connectorPropertiesOptionMap);
    }
    OptionMap resultingMap = builder.getMap();
    try {
        final ExternalConnectionProvider provider = endpoint.getConnectionProviderInterface(Protocol.HTTP_REMOTING.toString(), ExternalConnectionProvider.class);
        SaslAuthenticationFactory saslAuthenticationFactory = saslAuthenticationFactorySupplier != null ? saslAuthenticationFactorySupplier.get() : null;
        if (saslAuthenticationFactory == null) {
            // TODO Elytron Inject the sasl server factory.
            RemotingLogger.ROOT_LOGGER.warn("****** All authentication is ANONYMOUS for " + getClass().getName());
            final SecurityDomain.Builder domainBuilder = SecurityDomain.builder();
            domainBuilder.addRealm("default", SecurityRealm.EMPTY_REALM).build();
            domainBuilder.setDefaultRealmName("default");
            domainBuilder.setPermissionMapper((permissionMappable, roles) -> createPermissionVerifier());
            final SaslAuthenticationFactory.Builder authBuilder = SaslAuthenticationFactory.builder();
            authBuilder.setSecurityDomain(domainBuilder.build());
            authBuilder.setFactory(new AnonymousServerFactory());
            authBuilder.setMechanismConfigurationSelector(mechanismInformation -> MechanismConfiguration.EMPTY);
            saslAuthenticationFactory = authBuilder.build();
        }
        final Consumer<StreamConnection> adaptor = provider.createConnectionAdaptor(resultingMap, saslAuthenticationFactory);
        upgradeRegistrySupplier.get().addProtocol(JBOSS_REMOTING, new ChannelListener<StreamConnection>() {

            @Override
            public void handleEvent(final StreamConnection channel) {
                adaptor.accept(channel);
            /*if (channel instanceof SslConnection) {
                        adaptor.accept(new AssembledConnectedSslStreamChannel((SslConnection) channel, channel.getSourceChannel(), channel.getSinkChannel()));
                    } else {
                        adaptor.adapt(new AssembledConnectedStreamChannel(channel, channel.getSourceChannel(), channel.getSinkChannel()));
                    }*/
            }
        }, new SimpleHttpUpgradeHandshake(MAGIC_NUMBER, SEC_JBOSS_REMOTING_KEY, SEC_JBOSS_REMOTING_ACCEPT));
        serviceConsumer.accept(this);
    } catch (UnknownURISchemeException e) {
        throw new StartException(e);
    } catch (IOException e) {
        throw new StartException(e);
    }
}
Also used : ListenerRegistry(io.undertow.server.ListenerRegistry) ExternalConnectionProvider(org.jboss.remoting3.spi.ExternalConnectionProvider) UnknownURISchemeException(org.jboss.remoting3.UnknownURISchemeException) IOException(java.io.IOException) StreamConnection(org.xnio.StreamConnection) SecurityDomain(org.wildfly.security.auth.server.SecurityDomain) SaslAuthenticationFactory(org.wildfly.security.auth.server.SaslAuthenticationFactory) Endpoint(org.jboss.remoting3.Endpoint) AnonymousServerFactory(org.wildfly.security.sasl.anonymous.AnonymousServerFactory) OptionMap(org.xnio.OptionMap) StartException(org.jboss.msc.service.StartException)

Example 2 with AnonymousServerFactory

use of org.wildfly.security.sasl.anonymous.AnonymousServerFactory in project wildfly-core by wildfly.

the class ChannelServer method create.

public static ChannelServer create(final Configuration configuration) throws IOException {
    checkNotNullParam("configuration", configuration).validate();
    // Hack WFCORE-3302/REM3-303 workaround
    if (firstCreate) {
        firstCreate = false;
    } else {
        try {
            // wait in case the previous socket has not closed
            Thread.sleep(100);
        } catch (InterruptedException e) {
            Thread.currentThread().interrupt();
            throw new RuntimeException(e);
        }
    }
    // TODO WFCORE-3302 -- Endpoint.getCurrent() should be ok
    final Endpoint endpoint = Endpoint.builder().setEndpointName(configuration.getEndpointName()).build();
    final NetworkServerProvider networkServerProvider = endpoint.getConnectionProviderInterface(configuration.getUriScheme(), NetworkServerProvider.class);
    final SecurityDomain.Builder domainBuilder = SecurityDomain.builder();
    final SimpleMapBackedSecurityRealm realm = new SimpleMapBackedSecurityRealm();
    domainBuilder.addRealm("default", realm).build();
    domainBuilder.setDefaultRealmName("default");
    domainBuilder.setPermissionMapper((permissionMappable, roles) -> PermissionVerifier.ALL);
    SecurityDomain testDomain = domainBuilder.build();
    SaslAuthenticationFactory saslAuthenticationFactory = SaslAuthenticationFactory.builder().setSecurityDomain(testDomain).setMechanismConfigurationSelector(mechanismInformation -> "ANONYMOUS".equals(mechanismInformation.getMechanismName()) ? MechanismConfiguration.EMPTY : null).setFactory(new AnonymousServerFactory()).build();
    System.out.println(configuration.getBindAddress());
    AcceptingChannel<StreamConnection> streamServer = networkServerProvider.createServer(configuration.getBindAddress(), OptionMap.EMPTY, saslAuthenticationFactory, null);
    return new ChannelServer(endpoint, null, streamServer);
}
Also used : SaslAuthenticationFactory(org.wildfly.security.auth.server.SaslAuthenticationFactory) SimpleMapBackedSecurityRealm(org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm) Endpoint(org.jboss.remoting3.Endpoint) AnonymousServerFactory(org.wildfly.security.sasl.anonymous.AnonymousServerFactory) NetworkServerProvider(org.jboss.remoting3.spi.NetworkServerProvider) StreamConnection(org.xnio.StreamConnection) SecurityDomain(org.wildfly.security.auth.server.SecurityDomain)

Example 3 with AnonymousServerFactory

use of org.wildfly.security.sasl.anonymous.AnonymousServerFactory in project wildfly-core by wildfly.

the class AbstractStreamServerService method start.

@Override
public void start(final StartContext context) throws StartException {
    try {
        NetworkServerProvider networkServerProvider = endpointSupplier.get().getConnectionProviderInterface("remoting", NetworkServerProvider.class);
        SSLContext sslContext = sslContextSupplier != null ? sslContextSupplier.get() : null;
        OptionMap.Builder builder = OptionMap.builder();
        if (sslContext != null) {
            builder.set(Options.SSL_ENABLED, true);
            builder.set(Options.SSL_STARTTLS, true);
        }
        SaslAuthenticationFactory factory = saslAuthenticationFactorySupplier != null ? saslAuthenticationFactorySupplier.get() : null;
        if (connectorPropertiesOptionMap != null) {
            builder.addAll(connectorPropertiesOptionMap);
        }
        OptionMap resultingMap = builder.getMap();
        if (RemotingLogger.ROOT_LOGGER.isTraceEnabled()) {
            RemotingLogger.ROOT_LOGGER.tracef("Resulting OptionMap %s", resultingMap.toString());
        }
        if (factory == null) {
            // TODO Elytron: Just authenticate anonymously
            RemotingLogger.ROOT_LOGGER.warn("****** All authentication is ANONYMOUS for " + getClass().getName());
            final SecurityDomain.Builder domainBuilder = SecurityDomain.builder();
            domainBuilder.setPermissionMapper((permissionMappable, roles) -> LoginPermission.getInstance());
            domainBuilder.addRealm("default", org.wildfly.security.auth.server.SecurityRealm.EMPTY_REALM).build();
            domainBuilder.setDefaultRealmName("default");
            factory = SaslAuthenticationFactory.builder().setFactory(new AnonymousServerFactory()).setMechanismConfigurationSelector(i -> MechanismConfiguration.EMPTY).setSecurityDomain(domainBuilder.build()).build();
        }
        streamServer = networkServerProvider.createServer(getSocketAddress(), resultingMap, factory, sslContext);
        streamServerConsumer.accept(streamServer);
        SocketBindingManager sbm = socketBindingManagerSupplier != null ? socketBindingManagerSupplier.get() : null;
        if (sbm != null) {
            managedBinding = registerSocketBinding(sbm);
        }
        RemotingLogger.ROOT_LOGGER.listeningOnSocket(NetworkUtils.formatAddress(getSocketAddress()));
    } catch (BindException e) {
        throw RemotingLogger.ROOT_LOGGER.couldNotBindToSocket(e.getMessage() + " " + NetworkUtils.formatAddress(getSocketAddress()), e);
    } catch (Exception e) {
        throw RemotingLogger.ROOT_LOGGER.couldNotStart(e);
    }
}
Also used : SSLContext(javax.net.ssl.SSLContext) StopContext(org.jboss.msc.service.StopContext) Endpoint(org.jboss.remoting3.Endpoint) SocketBindingManager(org.jboss.as.network.SocketBindingManager) BindException(java.net.BindException) AcceptingChannel(org.xnio.channels.AcceptingChannel) MechanismConfiguration(org.wildfly.security.auth.server.MechanismConfiguration) Supplier(java.util.function.Supplier) AnonymousServerFactory(org.wildfly.security.sasl.anonymous.AnonymousServerFactory) OptionMap(org.xnio.OptionMap) SaslAuthenticationFactory(org.wildfly.security.auth.server.SaslAuthenticationFactory) StreamConnection(org.xnio.StreamConnection) NetworkUtils(org.jboss.as.network.NetworkUtils) RemotingLogger(org.jboss.as.remoting.logging.RemotingLogger) StartException(org.jboss.msc.service.StartException) ManagedBinding(org.jboss.as.network.ManagedBinding) StartContext(org.jboss.msc.service.StartContext) Service(org.jboss.msc.Service) NetworkServerProvider(org.jboss.remoting3.spi.NetworkServerProvider) InetSocketAddress(java.net.InetSocketAddress) Consumer(java.util.function.Consumer) Options(org.xnio.Options) LoginPermission(org.wildfly.security.auth.permission.LoginPermission) SecurityDomain(org.wildfly.security.auth.server.SecurityDomain) IoUtils(org.xnio.IoUtils) SaslAuthenticationFactory(org.wildfly.security.auth.server.SaslAuthenticationFactory) AnonymousServerFactory(org.wildfly.security.sasl.anonymous.AnonymousServerFactory) OptionMap(org.xnio.OptionMap) NetworkServerProvider(org.jboss.remoting3.spi.NetworkServerProvider) BindException(java.net.BindException) SSLContext(javax.net.ssl.SSLContext) BindException(java.net.BindException) StartException(org.jboss.msc.service.StartException) SecurityDomain(org.wildfly.security.auth.server.SecurityDomain) SocketBindingManager(org.jboss.as.network.SocketBindingManager)

Aggregations

Endpoint (org.jboss.remoting3.Endpoint)3 SaslAuthenticationFactory (org.wildfly.security.auth.server.SaslAuthenticationFactory)3 SecurityDomain (org.wildfly.security.auth.server.SecurityDomain)3 AnonymousServerFactory (org.wildfly.security.sasl.anonymous.AnonymousServerFactory)3 StreamConnection (org.xnio.StreamConnection)3 StartException (org.jboss.msc.service.StartException)2 NetworkServerProvider (org.jboss.remoting3.spi.NetworkServerProvider)2 OptionMap (org.xnio.OptionMap)2 ListenerRegistry (io.undertow.server.ListenerRegistry)1 IOException (java.io.IOException)1 BindException (java.net.BindException)1 InetSocketAddress (java.net.InetSocketAddress)1 Consumer (java.util.function.Consumer)1 Supplier (java.util.function.Supplier)1 SSLContext (javax.net.ssl.SSLContext)1 ManagedBinding (org.jboss.as.network.ManagedBinding)1 NetworkUtils (org.jboss.as.network.NetworkUtils)1 SocketBindingManager (org.jboss.as.network.SocketBindingManager)1 RemotingLogger (org.jboss.as.remoting.logging.RemotingLogger)1 Service (org.jboss.msc.Service)1