Java Code Examples for javax.security.sasl.AuthorizeCallback

The following are top voted examples for showing how to use javax.security.sasl.AuthorizeCallback. These examples are extracted from open source projects. You can vote up the examples you like and your votes will be used in our system to generate more good examples.
Example 1
Project: fuck_zookeeper   File: SaslServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
            + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    // canonicalize authorization id according to system properties:
    // zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
    // zookeeper.kerberos.removeHostFromPrincipal(={true,false})
    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        if (shouldAppendHost(kerberosName)) {
            userNameBuilder.append("/").append(kerberosName.getHostName());
        }
        if (shouldAppendRealm(kerberosName)) {
            userNameBuilder.append("@").append(kerberosName.getRealm());
        }
        LOG.info("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.error("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 2
Project: https-github.com-apache-zookeeper   File: SaslServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
            + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    // canonicalize authorization id according to system properties:
    // zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
    // zookeeper.kerberos.removeHostFromPrincipal(={true,false})
    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        if (shouldAppendHost(kerberosName)) {
            userNameBuilder.append("/").append(kerberosName.getHostName());
        }
        if (shouldAppendRealm(kerberosName)) {
            userNameBuilder.append("@").append(kerberosName.getRealm());
        }
        LOG.info("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.error("Failed to set name based on Kerberos authentication rules.", e);
    }
}
 
Example 3
Project: kafka-0.11.0.0-src-with-comment   File: SaslServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID={}; authorizationID={}.", authenticationID,
            authorizationID);
    ac.setAuthorized(true);

    KerberosName kerberosName = KerberosName.parse(authenticationID);
    try {
        String userName = kerberosShortNamer.shortName(kerberosName);
        LOG.info("Setting authorizedID: {}", userName);
        ac.setAuthorizedID(userName);
    } catch (IOException e) {
        LOG.error("Failed to set name for '{}' based on Kerberos authentication rules.", kerberosName, e);
    }
}
 
Example 4
Project: kafka-0.11.0.0-src-with-comment   File: TestDigestLoginModule.java   Source Code and License 6 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            NameCallback nameCallback = (NameCallback) callback;
            nameCallback.setName(nameCallback.getDefaultName());
        } else if (callback instanceof PasswordCallback) {
            PasswordCallback passwordCallback = (PasswordCallback) callback;
            passwordCallback.setPassword(TestJaasConfig.PASSWORD.toCharArray());
        } else if (callback instanceof RealmCallback) {
            RealmCallback realmCallback = (RealmCallback) callback;
            realmCallback.setText(realmCallback.getDefaultText());
        } else if (callback instanceof AuthorizeCallback) {
            AuthorizeCallback authCallback = (AuthorizeCallback) callback;
            if (TestJaasConfig.USERNAME.equals(authCallback.getAuthenticationID())) {
                authCallback.setAuthorized(true);
                authCallback.setAuthorizedID(authCallback.getAuthenticationID());
            }
        }
    }
}
 
Example 5
Project: ZooKeeper   File: SaslServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
            + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    // canonicalize authorization id according to system properties:
    // zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
    // zookeeper.kerberos.removeHostFromPrincipal(={true,false})
    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        if (shouldAppendHost(kerberosName)) {
            userNameBuilder.append("/").append(kerberosName.getHostName());
        }
        if (shouldAppendRealm(kerberosName)) {
            userNameBuilder.append("@").append(kerberosName.getRealm());
        }
        LOG.info("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.error("Failed to set name based on Kerberos authentication rules.", e);
    }
}
 
Example 6
Project: kafka   File: SaslServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID={}; authorizationID={}.", authenticationID,
            authorizationID);
    ac.setAuthorized(true);

    KerberosName kerberosName = KerberosName.parse(authenticationID);
    try {
        String userName = kerberosShortNamer.shortName(kerberosName);
        LOG.info("Setting authorizedID: {}", userName);
        ac.setAuthorizedID(userName);
    } catch (IOException e) {
        LOG.error("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 7
Project: kafka   File: TestDigestLoginModule.java   Source Code and License 6 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            NameCallback nameCallback = (NameCallback) callback;
            nameCallback.setName(nameCallback.getDefaultName());
        } else if (callback instanceof PasswordCallback) {
            PasswordCallback passwordCallback = (PasswordCallback) callback;
            passwordCallback.setPassword(TestJaasConfig.PASSWORD.toCharArray());
        } else if (callback instanceof RealmCallback) {
            RealmCallback realmCallback = (RealmCallback) callback;
            realmCallback.setText(realmCallback.getDefaultText());
        } else if (callback instanceof AuthorizeCallback) {
            AuthorizeCallback authCallback = (AuthorizeCallback) callback;
            if (TestJaasConfig.USERNAME.equals(authCallback.getAuthenticationID())) {
                authCallback.setAuthorized(true);
                authCallback.setAuthorizedID(authCallback.getAuthenticationID());
            }
        }
    }
}
 
Example 8
Project: herddb   File: SaslNettyServer.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
        + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        userNameBuilder.append("/").append(kerberosName.getHostName());
        userNameBuilder.append("@").append(kerberosName.getRealm());
        LOG.info("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.severe("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 9
Project: StreamProcessingInfrastructure   File: SaslServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
            + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    // canonicalize authorization id according to system properties:
    // zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
    // zookeeper.kerberos.removeHostFromPrincipal(={true,false})
    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        if (shouldAppendHost(kerberosName)) {
            userNameBuilder.append("/").append(kerberosName.getHostName());
        }
        if (shouldAppendRealm(kerberosName)) {
            userNameBuilder.append("@").append(kerberosName.getRealm());
        }
        LOG.info("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.error("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 10
Project: bigstreams   File: SaslServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
            + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    // canonicalize authorization id according to system properties:
    // zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
    // zookeeper.kerberos.removeHostFromPrincipal(={true,false})
    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        if (shouldAppendHost(kerberosName)) {
            userNameBuilder.append("/").append(kerberosName.getHostName());
        }
        if (shouldAppendRealm(kerberosName)) {
            userNameBuilder.append("@").append(kerberosName.getRealm());
        }
        LOG.info("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.error("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 11
Project: zookeeper-src-learning   File: SaslServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
            + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    // canonicalize authorization id according to system properties:
    // zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
    // zookeeper.kerberos.removeHostFromPrincipal(={true,false})
    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        if (shouldAppendHost(kerberosName)) {
            userNameBuilder.append("/").append(kerberosName.getHostName());
        }
        if (shouldAppendRealm(kerberosName)) {
            userNameBuilder.append("@").append(kerberosName.getRealm());
        }
        LOG.info("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.error("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 12
Project: zookeeper   File: SaslServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
            + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    // canonicalize authorization id according to system properties:
    // zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
    // zookeeper.kerberos.removeHostFromPrincipal(={true,false})
    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        if (shouldAppendHost(kerberosName)) {
            userNameBuilder.append("/").append(kerberosName.getHostName());
        }
        if (shouldAppendRealm(kerberosName)) {
            userNameBuilder.append("@").append(kerberosName.getRealm());
        }
        LOG.info("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.error("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 13
Project: SecureKeeper   File: SaslServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
            + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    // canonicalize authorization id according to system properties:
    // zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
    // zookeeper.kerberos.removeHostFromPrincipal(={true,false})
    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        if (shouldAppendHost(kerberosName)) {
            userNameBuilder.append("/").append(kerberosName.getHostName());
        }
        if (shouldAppendRealm(kerberosName)) {
            userNameBuilder.append("@").append(kerberosName.getRealm());
        }
        LOG.info("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.error("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 14
Project: SecureKeeper   File: SaslServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
            + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    // canonicalize authorization id according to system properties:
    // zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
    // zookeeper.kerberos.removeHostFromPrincipal(={true,false})
    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        if (shouldAppendHost(kerberosName)) {
            userNameBuilder.append("/").append(kerberosName.getHostName());
        }
        if (shouldAppendRealm(kerberosName)) {
            userNameBuilder.append("@").append(kerberosName.getRealm());
        }
        LOG.info("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.error("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 15
Project: drill   File: KerberosFactory.java   Source Code and License 6 votes vote down vote up
@Override
public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException {
  for (final Callback callback : callbacks) {
    if (callback instanceof AuthorizeCallback) {
      final AuthorizeCallback authorizeCallback = (AuthorizeCallback) callback;
      if (!authorizeCallback.getAuthenticationID()
          .equals(authorizeCallback.getAuthorizationID())) {
        throw new SaslException("Drill expects authorization ID and authentication ID to match. " +
            "Use inbound impersonation feature so one entity can act on behalf of another.");
      } else {
        authorizeCallback.setAuthorized(true);
      }
    } else {
      throw new UnsupportedCallbackException(callback);
    }
  }
}
 
Example 16
Project: jgroups-3.6.4-fixed   File: SASLTest.java   Source Code and License 6 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for(Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            NameCallback nameCallback = (NameCallback)callback;
            nameCallback.setName("user");
        } else if (callback instanceof PasswordCallback) {
            PasswordCallback passwordCallback = (PasswordCallback)callback;
            passwordCallback.setPassword(password.toCharArray());
        } else if (callback instanceof AuthorizeCallback) {
            AuthorizeCallback authorizeCallback = (AuthorizeCallback)callback;
            authorizeCallback.setAuthorized(authorizeCallback.getAuthenticationID().equals(authorizeCallback.getAuthorizationID()));
        } else if (callback instanceof RealmCallback) {
            RealmCallback realmCallback = (RealmCallback) callback;
            realmCallback.setText(REALM);
        } else {
            throw new UnsupportedCallbackException(callback);
        }
    }
}
 
Example 17
Project: majordodo   File: SaslNettyServer.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.severe("Successfully authenticated client: authenticationID=" + authenticationID
        + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        userNameBuilder.append("/").append(kerberosName.getHostName());
        userNameBuilder.append("@").append(kerberosName.getRealm());
        LOG.severe("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.severe("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 18
Project: StreamBench   File: SaslServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
            + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    // canonicalize authorization id according to system properties:
    // zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
    // zookeeper.kerberos.removeHostFromPrincipal(={true,false})
    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        if (shouldAppendHost(kerberosName)) {
            userNameBuilder.append("/").append(kerberosName.getHostName());
        }
        if (shouldAppendRealm(kerberosName)) {
            userNameBuilder.append("@").append(kerberosName.getRealm());
        }
        LOG.info("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.error("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 19
Project: ACaZoo   File: SaslServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
            + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    // canonicalize authorization id according to system properties:
    // zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
    // zookeeper.kerberos.removeHostFromPrincipal(={true,false})
    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        if (shouldAppendHost(kerberosName)) {
            userNameBuilder.append("/").append(kerberosName.getHostName());
        }
        if (shouldAppendRealm(kerberosName)) {
            userNameBuilder.append("@").append(kerberosName.getRealm());
        }
        LOG.info("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.error("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 20
Project: jstrom   File: ServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID + " authorizationID= " + ac.getAuthorizationID());

    // if authorizationId is not set, set it to authenticationId.
    if (ac.getAuthorizationID() == null) {
        ac.setAuthorizedID(authenticationID);
    }

    // When authNid and authZid are not equal , authNId is attempting to impersonate authZid, We
    // add the authNid as the real user in reqContext's subject which will be used during authorization.
    if (!ac.getAuthenticationID().equals(ac.getAuthorizationID())) {
        ReqContext.context().setRealPrincipal(new SaslTransportPlugin.User(ac.getAuthenticationID()));
    }

    ac.setAuthorized(true);
}
 
Example 21
Project: jstrom   File: ServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    LOG.info("Successfully authenticated client: authenticationID = " + authenticationID + " authorizationID = " + ac.getAuthorizationID());

    // if authorizationId is not set, set it to authenticationId.
    if (ac.getAuthorizationID() == null) {
        ac.setAuthorizedID(authenticationID);
    }

    // When authNid and authZid are not equal , authNId is attempting to impersonate authZid, We
    // add the authNid as the real user in reqContext's subject which will be used during authorization.
    if (!authenticationID.equals(ac.getAuthorizationID())) {
        LOG.info("Impersonation attempt  authenticationID = " + ac.getAuthenticationID() + " authorizationID = " + ac.getAuthorizationID());
        ReqContext.context().setRealPrincipal(new SaslTransportPlugin.User(ac.getAuthenticationID()));
    }

    ac.setAuthorized(true);
}
 
Example 22
Project: blazingcache   File: SaslNettyServer.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.severe("Successfully authenticated client: authenticationID=" + authenticationID
        + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        userNameBuilder.append("/").append(kerberosName.getHostName());
        userNameBuilder.append("@").append(kerberosName.getRealm());
        LOG.severe("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.severe("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 23
Project: glowroot   File: SaslCallbackHandler.java   Source Code and License 6 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof AuthorizeCallback) {
            AuthorizeCallback authorizeCallback = (AuthorizeCallback) callback;
            String authenticationId = authorizeCallback.getAuthenticationID();
            String authorizationId = authorizeCallback.getAuthorizationID();
            authorizeCallback.setAuthorized(authenticationId.equals(authorizationId));
        } else if (callback instanceof NameCallback) {
            ((NameCallback) callback).setName("glowroot");
        } else if (callback instanceof PasswordCallback) {
            ((PasswordCallback) callback).setPassword(password);
        } else if (callback instanceof RealmCallback) {
            ((RealmCallback) callback).setText("glowroot");
        }
    }
}
 
Example 24
Project: cn1   File: AuthorizeCallbackTest.java   Source Code and License 6 votes vote down vote up
public void assertDeserialized(Serializable oref, Serializable otest) {
    AuthorizeCallback ref = (AuthorizeCallback) oref;
    AuthorizeCallback test = (AuthorizeCallback) otest;
    String idC = ref.getAuthenticationID();
    String idZ = ref.getAuthorizationID();
    String id = ref.getAuthorizedID();
    boolean is = ref.isAuthorized();
    if (idC == null) {
        assertNull(test.getAuthenticationID());
    } else {
        assertEquals(test.getAuthenticationID(), idC);
    }
    if (idZ == null) {
        assertNull(test.getAuthorizationID());
    } else {
        assertEquals(test.getAuthorizationID(), idZ);
    }
    if (id == null) {
        assertNull(test.getAuthorizedID());
    } else {
        assertEquals(test.getAuthorizedID(), id);
    }
    assertEquals(test.isAuthorized(), is);

}
 
Example 25
Project: cn1   File: AuthorizeCallbackTest.java   Source Code and License 6 votes vote down vote up
/**
 * Test for <code>AuthorizeCallback(String authnID, String authzID)</code>
 * and get/set methods
 */
public void test01() {
    AuthorizeCallback auth = new AuthorizeCallback(null, null);
    assertNull(auth.getAuthenticationID());
    assertNull(auth.getAuthorizationID());
    assertNull(auth.getAuthorizedID());
    assertFalse(auth.isAuthorized());

    auth.setAuthorized(true);
    assertTrue(auth.isAuthorized());
    assertNull(auth.getAuthorizedID());

    auth.setAuthorized(false);
    assertNull(auth.getAuthorizedID());
    assertFalse(auth.isAuthorized());

    auth.setAuthorizedID("ZZZ");
    auth.setAuthorized(true);
    assertEquals(auth.getAuthorizedID(), "ZZZ");
    assertNull(auth.getAuthorizationID());
    assertTrue(auth.isAuthorized());
}
 
Example 26
Project: wildfly-core   File: SaslTestCase.java   Source Code and License 6 votes vote down vote up
private CallbackHandler serverCallbackHandler(String username, String realm, String password) {
    return callbacks -> {
        for (Callback callback : callbacks) {
            if (callback instanceof NameCallback) {
                Assert.assertEquals(username, ((NameCallback) callback).getDefaultName());
            } else if (callback instanceof RealmCallback) {
                Assert.assertEquals(realm, ((RealmCallback) callback).getDefaultText());
            } else if (callback instanceof PasswordCallback) {
                ((PasswordCallback) callback).setPassword(password.toCharArray());
            } else if (callback instanceof AuthorizeCallback) {
                ((AuthorizeCallback) callback).setAuthorized(((AuthorizeCallback) callback).getAuthorizationID().equals(((AuthorizeCallback) callback).getAuthenticationID()));
            } else {
                throw new UnsupportedCallbackException(callback);
            }
        }
    };
}
 
Example 27
Project: wildfly-core   File: ClientCertCallbackHandler.java   Source Code and License 6 votes vote down vote up
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (Callback current : callbacks) {
        if (current instanceof AuthorizeCallback) {
            AuthorizeCallback acb = (AuthorizeCallback) current;
            boolean authorized = acb.getAuthenticationID().equals(acb.getAuthorizationID());
            if (authorized == false) {
                SECURITY_LOGGER.tracef(
                        "Checking 'AuthorizeCallback', authorized=false, authenticationID=%s, authorizationID=%s.",
                        acb.getAuthenticationID(), acb.getAuthorizationID());
            }
            acb.setAuthorized(authorized);
        } else {
            throw new UnsupportedCallbackException(current);
        }
    }
}
 
Example 28
Project: tigase-server   File: AuthRepoPlainCallbackHandler.java   Source Code and License 6 votes vote down vote up
@SuppressWarnings("unused")
protected void handleAuthorizeCallback(AuthorizeCallback authCallback) {
	String authenId = authCallback.getAuthenticationID();

	if (log.isLoggable(Level.FINEST)) {
		log.log(Level.FINEST, "AuthorizeCallback: authenId: {0}", authenId);
	}

	String authorId = authCallback.getAuthorizationID();

	if (log.isLoggable(Level.FINEST)) {
		log.log(Level.FINEST, "AuthorizeCallback: authorId: {0}", authorId);
	}
	if (AbstractSasl.isAuthzIDIgnored() || authenId.equals(authorId)) {
		authCallback.setAuthorized(true);
	}
}
 
Example 29
Project: tigase-server   File: ScramCallbackHandler.java   Source Code and License 6 votes vote down vote up
protected void handleAuthorizeCallback(AuthorizeCallback authCallback) {
	String authenId = authCallback.getAuthenticationID();

	if (log.isLoggable(Level.FINEST)) {
		log.log(Level.FINEST, "AuthorizeCallback: authenId: {0}", authenId);
	}

	String authorId = authCallback.getAuthorizationID();

	if (log.isLoggable(Level.FINEST)) {
		log.log(Level.FINEST, "AuthorizeCallback: authorId: {0}", authorId);
	}
	if (AbstractSasl.isAuthzIDIgnored() || authenId.equals(authorId)) {
		authCallback.setAuthorized(true);
	}
}
 
Example 30
Project: tigase-server   File: ScramCallbackHandler.java   Source Code and License 6 votes vote down vote up
protected void handleCallback(Callback callback) throws UnsupportedCallbackException, IOException {
	if (callback instanceof XMPPSessionCallback) {
		((XMPPSessionCallback) callback).setSession(session);
	} else if (callback instanceof ChannelBindingCallback) {
		handleChannelBindingCallback((ChannelBindingCallback) callback);
	} else if (callback instanceof PBKDIterationsCallback) {
		handlePBKDIterationsCallback((PBKDIterationsCallback) callback);
	} else if (callback instanceof SaltedPasswordCallback) {
		handleSaltedPasswordCallbackCallback((SaltedPasswordCallback) callback);
	} else if (callback instanceof NameCallback) {
		handleNameCallback((NameCallback) callback);
	} else if (callback instanceof SaltCallback) {
		handleSaltCallback((SaltCallback) callback);
	} else if (callback instanceof AuthorizeCallback) {
		handleAuthorizeCallback((AuthorizeCallback) callback);
	} else {
		throw new UnsupportedCallbackException(callback, "Unrecognized Callback " + callback);
	}
}
 
Example 31
Project: tigase-server   File: ScramSPCallbackHandler.java   Source Code and License 6 votes vote down vote up
protected void handleAuthorizeCallback(AuthorizeCallback authCallback) {
	String authenId = authCallback.getAuthenticationID();

	if (log.isLoggable(Level.FINEST)) {
		log.log(Level.FINEST, "AuthorizeCallback: authenId: {0}", authenId);
	}

	String authorId = authCallback.getAuthorizationID();

	if (log.isLoggable(Level.FINEST)) {
		log.log(Level.FINEST, "AuthorizeCallback: authorId: {0}", authorId);
	}
	if (AbstractSasl.isAuthzIDIgnored() || authenId.equals(authorId)) {
		authCallback.setAuthorized(true);
	}
}
 
Example 32
Project: tigase-server   File: ScramSPCallbackHandler.java   Source Code and License 6 votes vote down vote up
protected void handleCallback(Callback callback) throws UnsupportedCallbackException, IOException {
	if (callback instanceof XMPPSessionCallback) {
		((XMPPSessionCallback) callback).setSession(session);
	} else if (callback instanceof ChannelBindingCallback) {
		handleChannelBindingCallback((ChannelBindingCallback) callback);
	} else if (callback instanceof PBKDIterationsCallback) {
		handlePBKDIterationsCallback((PBKDIterationsCallback) callback);
	} else if (callback instanceof SaltedPasswordCallback) {
		handleSaltedPasswordCallback((SaltedPasswordCallback) callback);
	} else if (callback instanceof NameCallback) {
		handleNameCallback((NameCallback) callback);
	} else if (callback instanceof SaltCallback) {
		handleSaltCallback((SaltCallback) callback);
	} else if (callback instanceof AuthorizeCallback) {
		handleAuthorizeCallback((AuthorizeCallback) callback);
	} else {
		throw new UnsupportedCallbackException(callback, "Unrecognized Callback " + callback);
	}
}
 
Example 33
Project: tigase-server   File: PlainSPCallbackHandler.java   Source Code and License 6 votes vote down vote up
protected void handleAuthorizeCallback(AuthorizeCallback authCallback) {
	String authenId = authCallback.getAuthenticationID();

	if (log.isLoggable(Level.FINEST)) {
		log.log(Level.FINEST, "AuthorizeCallback: authenId: {0}", authenId);
	}

	String authorId = authCallback.getAuthorizationID();

	if (log.isLoggable(Level.FINEST)) {
		log.log(Level.FINEST, "AuthorizeCallback: authorId: {0}", authorId);
	}
	if (AbstractSasl.isAuthzIDIgnored() || authenId.equals(authorId)) {
		authCallback.setAuthorized(true);
	}
}
 
Example 34
Project: LoadBalanced_zk   File: SaslServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
            + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    // canonicalize authorization id according to system properties:
    // zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
    // zookeeper.kerberos.removeHostFromPrincipal(={true,false})
    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        if (shouldAppendHost(kerberosName)) {
            userNameBuilder.append("/").append(kerberosName.getHostName());
        }
        if (shouldAppendRealm(kerberosName)) {
            userNameBuilder.append("@").append(kerberosName.getRealm());
        }
        LOG.info("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.error("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 35
Project: LoadBalanced_zk   File: SaslServerCallbackHandler.java   Source Code and License 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
            + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    // canonicalize authorization id according to system properties:
    // zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
    // zookeeper.kerberos.removeHostFromPrincipal(={true,false})
    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        if (shouldAppendHost(kerberosName)) {
            userNameBuilder.append("/").append(kerberosName.getHostName());
        }
        if (shouldAppendRealm(kerberosName)) {
            userNameBuilder.append("@").append(kerberosName.getRealm());
        }
        LOG.info("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.error("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 36
Project: freeVM   File: AuthorizeCallbackTest.java   Source Code and License 6 votes vote down vote up
public void assertDeserialized(Serializable oref, Serializable otest) {
    AuthorizeCallback ref = (AuthorizeCallback) oref;
    AuthorizeCallback test = (AuthorizeCallback) otest;
    String idC = ref.getAuthenticationID();
    String idZ = ref.getAuthorizationID();
    String id = ref.getAuthorizedID();
    boolean is = ref.isAuthorized();
    if (idC == null) {
        assertNull(test.getAuthenticationID());
    } else {
        assertEquals(test.getAuthenticationID(), idC);
    }
    if (idZ == null) {
        assertNull(test.getAuthorizationID());
    } else {
        assertEquals(test.getAuthorizationID(), idZ);
    }
    if (id == null) {
        assertNull(test.getAuthorizedID());
    } else {
        assertEquals(test.getAuthorizedID(), id);
    }
    assertEquals(test.isAuthorized(), is);

}
 
Example 37
Project: freeVM   File: AuthorizeCallbackTest.java   Source Code and License 6 votes vote down vote up
/**
 * Test for <code>AuthorizeCallback(String authnID, String authzID)</code>
 * and get/set methods
 */
public void test01() {
    AuthorizeCallback auth = new AuthorizeCallback(null, null);
    assertNull(auth.getAuthenticationID());
    assertNull(auth.getAuthorizationID());
    assertNull(auth.getAuthorizedID());
    assertFalse(auth.isAuthorized());

    auth.setAuthorized(true);
    assertTrue(auth.isAuthorized());
    assertNull(auth.getAuthorizedID());

    auth.setAuthorized(false);
    assertNull(auth.getAuthorizedID());
    assertFalse(auth.isAuthorized());

    auth.setAuthorizedID("ZZZ");
    auth.setAuthorized(true);
    assertEquals(auth.getAuthorizedID(), "ZZZ");
    assertNull(auth.getAuthorizationID());
    assertTrue(auth.isAuthorized());
}
 
Example 38
Project: freeVM   File: AuthorizeCallbackTest.java   Source Code and License 6 votes vote down vote up
public void assertDeserialized(Serializable oref, Serializable otest) {
    AuthorizeCallback ref = (AuthorizeCallback) oref;
    AuthorizeCallback test = (AuthorizeCallback) otest;
    String idC = ref.getAuthenticationID();
    String idZ = ref.getAuthorizationID();
    String id = ref.getAuthorizedID();
    boolean is = ref.isAuthorized();
    if (idC == null) {
        assertNull(test.getAuthenticationID());
    } else {
        assertEquals(test.getAuthenticationID(), idC);
    }
    if (idZ == null) {
        assertNull(test.getAuthorizationID());
    } else {
        assertEquals(test.getAuthorizationID(), idZ);
    }
    if (id == null) {
        assertNull(test.getAuthorizedID());
    } else {
        assertEquals(test.getAuthorizedID(), id);
    }
    assertEquals(test.isAuthorized(), is);

}
 
Example 39
Project: freeVM   File: AuthorizeCallbackTest.java   Source Code and License 6 votes vote down vote up
/**
 * Test for <code>AuthorizeCallback(String authnID, String authzID)</code>
 * and get/set methods
 */
public void test01() {
    AuthorizeCallback auth = new AuthorizeCallback(null, null);
    assertNull(auth.getAuthenticationID());
    assertNull(auth.getAuthorizationID());
    assertNull(auth.getAuthorizedID());
    assertFalse(auth.isAuthorized());

    auth.setAuthorized(true);
    assertTrue(auth.isAuthorized());
    assertNull(auth.getAuthorizedID());

    auth.setAuthorized(false);
    assertNull(auth.getAuthorizedID());
    assertFalse(auth.isAuthorized());

    auth.setAuthorizedID("ZZZ");
    auth.setAuthorized(true);
    assertEquals(auth.getAuthorizedID(), "ZZZ");
    assertNull(auth.getAuthorizationID());
    assertTrue(auth.isAuthorized());
}
 
Example 40
Project: CadalWorkspace   File: TestTSaslTransports.java   Source Code and License 6 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
  for (Callback c : callbacks) {
    if (c instanceof NameCallback) {
      ((NameCallback) c).setName(PRINCIPAL);
    } else if (c instanceof PasswordCallback) {
      ((PasswordCallback) c).setPassword(password.toCharArray());
    } else if (c instanceof AuthorizeCallback) {
      ((AuthorizeCallback) c).setAuthorized(true);
    } else if (c instanceof RealmCallback) {
      ((RealmCallback) c).setText(REALM);
    } else {
      throw new UnsupportedCallbackException(c);
    }
  }
}