Example 1 with PendingException
use of sun.security.util.PendingException in project Bytecoder by mirkosertic.
the class LoginContext method invoke.
private void invoke(String methodName) throws LoginException {
for (int i = moduleIndex; i < moduleStack.length; i++, moduleIndex++) {
try {
if (moduleStack[i].module == null) {
// locate and instantiate the LoginModule
//
String name = moduleStack[i].entry.getLoginModuleName();
ServiceLoader<LoginModule> sc = AccessController.doPrivileged((PrivilegedAction<ServiceLoader<LoginModule>>) () -> ServiceLoader.load(LoginModule.class, contextClassLoader));
for (LoginModule m : sc) {
if (m.getClass().getName().equals(name)) {
moduleStack[i].module = m;
if (debug != null) {
debug.println(name + " loaded as a service");
}
break;
}
}
if (moduleStack[i].module == null) {
try {
@SuppressWarnings("deprecation") Object tmp = Class.forName(name, false, contextClassLoader).newInstance();
moduleStack[i].module = (LoginModule) tmp;
if (debug != null) {
debug.println(name + " loaded via reflection");
}
} catch (ClassNotFoundException e) {
throw new LoginException("No LoginModule found for " + name);
}
}
// invoke the LoginModule initialize method
moduleStack[i].module.initialize(subject, callbackHandler, state, moduleStack[i].entry.getOptions());
}
// find the requested method in the LoginModule
boolean status;
switch(methodName) {
case LOGIN_METHOD:
status = moduleStack[i].module.login();
break;
case COMMIT_METHOD:
status = moduleStack[i].module.commit();
break;
case LOGOUT_METHOD:
status = moduleStack[i].module.logout();
break;
case ABORT_METHOD:
status = moduleStack[i].module.abort();
break;
default:
throw new AssertionError("Unknown method " + methodName);
}
if (status == true) {
// if SUFFICIENT, return if no prior REQUIRED errors
if (!methodName.equals(ABORT_METHOD) && !methodName.equals(LOGOUT_METHOD) && moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT && firstRequiredError == null) {
// clear state
clearState();
if (debug != null)
debug.println(methodName + " SUFFICIENT success");
return;
}
if (debug != null)
debug.println(methodName + " success");
success = true;
} else {
if (debug != null)
debug.println(methodName + " ignored");
}
} catch (Exception ite) {
// failure cases
LoginException le;
if (ite instanceof PendingException && methodName.equals(LOGIN_METHOD)) {
throw (PendingException) ite;
} else if (ite instanceof LoginException) {
le = (LoginException) ite;
} else if (ite instanceof SecurityException) {
// do not want privacy leak
// (e.g., sensitive file path in exception msg)
le = new LoginException("Security Exception");
le.initCause(new SecurityException());
if (debug != null) {
debug.println("original security exception with detail msg " + "replaced by new exception with empty detail msg");
debug.println("original security exception: " + ite.toString());
}
} else {
// capture an unexpected LoginModule exception
java.io.StringWriter sw = new java.io.StringWriter();
ite.printStackTrace(new java.io.PrintWriter(sw));
sw.flush();
le = new LoginException(sw.toString());
}
if (moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.REQUISITE) {
if (debug != null)
debug.println(methodName + " REQUISITE failure");
// if REQUISITE, then immediately throw an exception
if (methodName.equals(ABORT_METHOD) || methodName.equals(LOGOUT_METHOD)) {
if (firstRequiredError == null)
firstRequiredError = le;
} else {
throwException(firstRequiredError, le);
}
} else if (moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.REQUIRED) {
if (debug != null)
debug.println(methodName + " REQUIRED failure");
// mark down that a REQUIRED module failed
if (firstRequiredError == null)
firstRequiredError = le;
} else {
if (debug != null)
debug.println(methodName + " OPTIONAL failure");
// mark down that an OPTIONAL module failed
if (firstError == null)
firstError = le;
}
}
}
// we went thru all the LoginModules.
if (firstRequiredError != null) {
// a REQUIRED module failed -- return the error
throwException(firstRequiredError, null);
} else if (success == false && firstError != null) {
// no module succeeded -- return the first error
throwException(firstError, null);
} else if (success == false) {
// no module succeeded -- all modules were IGNORED
throwException(new LoginException(ResourcesMgr.getString("Login.Failure.all.modules.ignored")), null);
} else {
// success
clearState();
return;
}
}
Also used :
PendingException(sun.security.util.PendingException)
LoginModule(javax.security.auth.spi.LoginModule)
PendingException(sun.security.util.PendingException)
ServiceLoader(java.util.ServiceLoader)
Example 2 with PendingException
use of sun.security.util.PendingException in project jdk8u_jdk by JetBrains.
the class LoginContext method invoke.
private void invoke(String methodName) throws LoginException {
for (int i = moduleIndex; i < moduleStack.length; i++, moduleIndex++) {
try {
int mIndex = 0;
Method[] methods = null;
if (moduleStack[i].module != null) {
methods = moduleStack[i].module.getClass().getMethods();
} else {
// instantiate the LoginModule
//
// Allow any object to be a LoginModule as long as it
// conforms to the interface.
Class<?> c = Class.forName(moduleStack[i].entry.getLoginModuleName(), true, contextClassLoader);
Constructor<?> constructor = c.getConstructor(PARAMS);
Object[] args = {};
moduleStack[i].module = constructor.newInstance(args);
// call the LoginModule's initialize method
methods = moduleStack[i].module.getClass().getMethods();
for (mIndex = 0; mIndex < methods.length; mIndex++) {
if (methods[mIndex].getName().equals(INIT_METHOD)) {
break;
}
}
Object[] initArgs = { subject, callbackHandler, state, moduleStack[i].entry.getOptions() };
// invoke the LoginModule initialize method
//
// Throws ArrayIndexOutOfBoundsException if no such
// method defined. May improve to use LoginException in
// the future.
methods[mIndex].invoke(moduleStack[i].module, initArgs);
}
// find the requested method in the LoginModule
for (mIndex = 0; mIndex < methods.length; mIndex++) {
if (methods[mIndex].getName().equals(methodName)) {
break;
}
}
// set up the arguments to be passed to the LoginModule method
Object[] args = {};
// invoke the LoginModule method
//
// Throws ArrayIndexOutOfBoundsException if no such
// method defined. May improve to use LoginException in
// the future.
boolean status = ((Boolean) methods[mIndex].invoke(moduleStack[i].module, args)).booleanValue();
if (status == true) {
// if SUFFICIENT, return if no prior REQUIRED errors
if (!methodName.equals(ABORT_METHOD) && !methodName.equals(LOGOUT_METHOD) && moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT && firstRequiredError == null) {
// clear state
clearState();
if (debug != null)
debug.println(methodName + " SUFFICIENT success");
return;
}
if (debug != null)
debug.println(methodName + " success");
success = true;
} else {
if (debug != null)
debug.println(methodName + " ignored");
}
} catch (NoSuchMethodException nsme) {
MessageFormat form = new MessageFormat(ResourcesMgr.getString("unable.to.instantiate.LoginModule.module.because.it.does.not.provide.a.no.argument.constructor"));
Object[] source = { moduleStack[i].entry.getLoginModuleName() };
throwException(null, new LoginException(form.format(source)));
} catch (InstantiationException ie) {
throwException(null, new LoginException(ResourcesMgr.getString("unable.to.instantiate.LoginModule.") + ie.getMessage()));
} catch (ClassNotFoundException cnfe) {
throwException(null, new LoginException(ResourcesMgr.getString("unable.to.find.LoginModule.class.") + cnfe.getMessage()));
} catch (IllegalAccessException iae) {
throwException(null, new LoginException(ResourcesMgr.getString("unable.to.access.LoginModule.") + iae.getMessage()));
} catch (InvocationTargetException ite) {
// failure cases
LoginException le;
if (ite.getCause() instanceof PendingException && methodName.equals(LOGIN_METHOD)) {
throw (PendingException) ite.getCause();
} else if (ite.getCause() instanceof LoginException) {
le = (LoginException) ite.getCause();
} else if (ite.getCause() instanceof SecurityException) {
// do not want privacy leak
// (e.g., sensitive file path in exception msg)
le = new LoginException("Security Exception");
le.initCause(new SecurityException());
if (debug != null) {
debug.println("original security exception with detail msg " + "replaced by new exception with empty detail msg");
debug.println("original security exception: " + ite.getCause().toString());
}
} else {
// capture an unexpected LoginModule exception
java.io.StringWriter sw = new java.io.StringWriter();
ite.getCause().printStackTrace(new java.io.PrintWriter(sw));
sw.flush();
le = new LoginException(sw.toString());
}
if (moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.REQUISITE) {
if (debug != null)
debug.println(methodName + " REQUISITE failure");
// if REQUISITE, then immediately throw an exception
if (methodName.equals(ABORT_METHOD) || methodName.equals(LOGOUT_METHOD)) {
if (firstRequiredError == null)
firstRequiredError = le;
} else {
throwException(firstRequiredError, le);
}
} else if (moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.REQUIRED) {
if (debug != null)
debug.println(methodName + " REQUIRED failure");
// mark down that a REQUIRED module failed
if (firstRequiredError == null)
firstRequiredError = le;
} else {
if (debug != null)
debug.println(methodName + " OPTIONAL failure");
// mark down that an OPTIONAL module failed
if (firstError == null)
firstError = le;
}
}
}
// we went thru all the LoginModules.
if (firstRequiredError != null) {
// a REQUIRED module failed -- return the error
throwException(firstRequiredError, null);
} else if (success == false && firstError != null) {
// no module succeeded -- return the first error
throwException(firstError, null);
} else if (success == false) {
// no module succeeded -- all modules were IGNORED
throwException(new LoginException(ResourcesMgr.getString("Login.Failure.all.modules.ignored")), null);
} else {
// success
clearState();
return;
}
}
Also used :
MessageFormat(java.text.MessageFormat)
PendingException(sun.security.util.PendingException)
Method(java.lang.reflect.Method)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
Aggregations
PendingException (sun.security.util.PendingException)2
InvocationTargetException (java.lang.reflect.InvocationTargetException)1
Method (java.lang.reflect.Method)1
MessageFormat (java.text.MessageFormat)1
ServiceLoader (java.util.ServiceLoader)1
LoginModule (javax.security.auth.spi.LoginModule)1
