javax.security.auth.message.AuthException Java Examples
The following examples show how to use
javax.security.auth.message.AuthException.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SessionSAM.java From eplmp with Eclipse Public License 1.0 | 6 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
LOGGER.log(Level.FINE, "Validating request @" + request.getMethod() + " " + request.getRequestURI());
String login = (String) request.getSession().getAttribute("login");
String groups = (String) request.getSession().getAttribute("groups");
CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(clientSubject, login);
GroupPrincipalCallback groupPrincipalCallback = new GroupPrincipalCallback(clientSubject, new String[]{groups});
Callback[] callbacks = new Callback[]{callerPrincipalCallback, groupPrincipalCallback};
try {
callbackHandler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
}
return AuthStatus.SUCCESS;
}
Example #2
| Source File: CustomServerAuthContext.java From eplmp with Eclipse Public License 1.0 | 6 votes |
|
@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
AuthServices.addCORSHeaders(response);
LOGGER.log(Level.FINE, "secureResponse @" + request.getMethod() + " " + request.getRequestURI());
if (isOptionsRequest(request)) {
return AuthStatus.SEND_SUCCESS;
}
CustomSAM module = getModule(messageInfo);
if (module != null) {
return module.secureResponse(messageInfo, serviceSubject);
}
return AuthStatus.SEND_FAILURE;
}
Example #3
| Source File: CustomServerAuthContext.java From eplmp with Eclipse Public License 1.0 | 6 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
AuthServices.addCORSHeaders(response);
LOGGER.log(Level.FINE, "validateRequest @" + request.getMethod() + " " + request.getRequestURI());
if (isOptionsRequest(request)) {
return AuthStatus.SUCCESS;
}
CustomSAM module = getModule(messageInfo);
if (module != null) {
return module.validateRequest(messageInfo, clientSubject, serviceSubject);
}
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return AuthStatus.FAILURE;
}
Example #4
| Source File: TomEESecurityContext.java From tomee with Apache License 2.0 | 6 votes |
|
@Override
public AuthenticationStatus authenticate(final HttpServletRequest request,
final HttpServletResponse response,
final AuthenticationParameters parameters) {
try {
final MessageInfo messageInfo = new TomEEMessageInfo(request, response, true, parameters);
final ServerAuthContext serverAuthContext = getServerAuthContext(request);
final AuthStatus authStatus = serverAuthContext.validateRequest(messageInfo, new Subject(), null);
return mapToAuthenticationStatus(authStatus);
} catch (final AuthException e) {
return AuthenticationStatus.SEND_FAILURE;
}
}
Example #5
| Source File: JBossClientAuthContext.java From lams with GNU General Public License v2.0 | 6 votes |
|
/**
* @see ClientAuthContext#validateResponse(javax.security.auth.message.MessageInfo, javax.security.auth.Subject, javax.security.auth.Subject)
*/
@SuppressWarnings("rawtypes")
public AuthStatus validateResponse(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject) throws AuthException
{
Iterator iter = config.getClientAuthModules().iterator();
AuthStatus status = null;
while(iter.hasNext())
{
status = ((ClientAuthModule)iter.next()).validateResponse(messageInfo,clientSubject,
serviceSubject);
if(status == AuthStatus.FAILURE)
break;
}
return status;
}
Example #6
| Source File: JBossAuthConfigProvider.java From lams with GNU General Public License v2.0 | 6 votes |
|
/**
* @see AuthConfigProvider#getServerAuthConfig(String, String, CallbackHandler)
*/
public ServerAuthConfig getServerAuthConfig(String layer, String appContext,
CallbackHandler handler) throws AuthException
{
//TODO: Throw SecurityException if user has no perms
if(handler == null)
{
try
{
handler = this.instantiateCallbackHandler();
}
catch(Exception e)
{
throw new AuthException(e.getLocalizedMessage());
}
}
return new JBossServerAuthConfig(layer,appContext, handler, contextProperties);
}
Example #7
| Source File: GuestSAM.java From eplmp with Eclipse Public License 1.0 | 6 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
LOGGER.log(Level.FINE, "Validating request @" + request.getMethod() + " " + request.getRequestURI());
CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(clientSubject, "");
GroupPrincipalCallback groupPrincipalCallback = new GroupPrincipalCallback(clientSubject, new String[]{UserGroupMapping.GUEST_ROLE_ID});
Callback[] callbacks = {callerPrincipalCallback, groupPrincipalCallback};
try {
callbackHandler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
}
return AuthStatus.SUCCESS;
}
Example #8
| Source File: JBossAuthConfigProvider.java From lams with GNU General Public License v2.0 | 6 votes |
|
/**
* @see AuthConfigProvider#getClientAuthConfig(String, String, CallbackHandler)
*/
public ClientAuthConfig getClientAuthConfig(String layer, String appContext,
CallbackHandler handler) throws AuthException
{
//TODO: Throw SecurityException if user has no perms
if(handler == null)
{
try
{
handler = this.instantiateCallbackHandler();
}
catch(Exception e)
{
throw new AuthException(e.getLocalizedMessage());
}
}
return new JBossClientAuthConfig(layer,appContext, handler, contextProperties);
}
Example #9
| Source File: AuthenticatorBase.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
private JaspicState getJaspicState(AuthConfigProvider jaspicProvider, Request request,
Response response, boolean authMandatory) throws IOException {
JaspicState jaspicState = new JaspicState();
jaspicState.messageInfo =
new MessageInfoImpl(request.getRequest(), response.getResponse(), authMandatory);
try {
CallbackHandler callbackHandler = createCallbackHandler();
ServerAuthConfig serverAuthConfig = jaspicProvider.getServerAuthConfig(
"HttpServlet", jaspicAppContextID, callbackHandler);
String authContextID = serverAuthConfig.getAuthContextID(jaspicState.messageInfo);
jaspicState.serverAuthContext = serverAuthConfig.getAuthContext(authContextID, null, null);
} catch (AuthException e) {
log.warn(sm.getString("authenticator.jaspicServerAuthContextFail"), e);
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
return null;
}
return jaspicState;
}
Example #10
| Source File: SimpleServerAuthContext.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@SuppressWarnings("unchecked") // JASPIC API uses raw types
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject) throws AuthException {
for (int moduleIndex = 0; moduleIndex < modules.size(); moduleIndex++) {
ServerAuthModule module = modules.get(moduleIndex);
AuthStatus result = module.validateRequest(messageInfo, clientSubject, serviceSubject);
if (result != AuthStatus.SEND_FAILURE) {
messageInfo.getMap().put("moduleIndex", Integer.valueOf(moduleIndex));
return result;
}
}
return AuthStatus.SEND_FAILURE;
}
Example #11
| Source File: TomEESecurityServerAuthModule.java From tomee with Apache License 2.0 | 5 votes |
|
@Override
public AuthStatus validateRequest(final MessageInfo messageInfo, final Subject clientSubject,
final Subject serviceSubject)
throws AuthException {
final HttpMessageContext httpMessageContext =
httpMessageContext(handler, messageInfo, clientSubject, serviceSubject);
final HttpAuthenticationMechanism authenticationMechanism =
CDI.current()
.select(TomEESecurityServletAuthenticationMechanismMapper.class)
.get()
.getCurrentAuthenticationMechanism(httpMessageContext);
final AuthenticationStatus authenticationStatus;
try {
authenticationStatus =
authenticationMechanism.validateRequest(httpMessageContext.getRequest(),
httpMessageContext.getResponse(),
httpMessageContext);
} catch (final AuthenticationException e) {
final AuthException authException = new AuthException(e.getMessage());
authException.initCause(e);
throw authException;
}
return mapToAuthStatus(authenticationStatus);
}
Example #12
| Source File: CustomServerAuthContext.java From eplmp with Eclipse Public License 1.0 | 5 votes |
|
@Override
public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
CustomSAM module = getModule(messageInfo);
if (module != null) {
module.cleanSubject(messageInfo, subject);
}
}
Example #13
| Source File: JBossClientAuthContext.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ClientAuthContext#cleanSubject(javax.security.auth.message.MessageInfo, javax.security.auth.Subject)
*/
@SuppressWarnings({"rawtypes"})
public void cleanSubject(MessageInfo messageInfo, Subject subject)
throws AuthException
{
Iterator iter = config.getClientAuthModules().iterator();
while(iter.hasNext())
{
((ClientAuthModule)iter.next()).cleanSubject(messageInfo,subject);
}
}
Example #14
| Source File: JBossClientAuthContext.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ClientAuthContext#secureRequest(javax.security.auth.message.MessageInfo, javax.security.auth.Subject
*/
@SuppressWarnings("rawtypes")
public AuthStatus secureRequest(MessageInfo messageInfo, Subject clientSubject) throws AuthException
{
Iterator iter = config.getClientAuthModules().iterator();
AuthStatus status = null;
while(iter.hasNext())
{
status = ((ClientAuthModule)iter.next()).secureRequest(messageInfo,clientSubject);
if(status == AuthStatus.FAILURE)
break;
}
return status;
}
Example #15
| Source File: TheAuthConfigProvider.java From tomee with Apache License 2.0 | 5 votes |
|
private CallbackHandler createDefaultCallbackHandler() throws AuthException {
final String callBackClassName = System.getProperty(CALLBACK_HANDLER_PROPERTY_NAME);
if (callBackClassName == null) {
throw new AuthException("No default handler set via system property: " + CALLBACK_HANDLER_PROPERTY_NAME);
}
try {
return (CallbackHandler) Thread.currentThread().getContextClassLoader().loadClass(callBackClassName).newInstance();
} catch (Exception e) {
throw new AuthException(e.getMessage());
}
}
Example #16
| Source File: SimpleAuthConfigProvider.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public ServerAuthConfig getServerAuthConfig(String layer, String appContext,
CallbackHandler handler) throws AuthException {
ServerAuthConfig serverAuthConfig = this.serverAuthConfig;
if (serverAuthConfig == null) {
synchronized (this) {
if (this.serverAuthConfig == null) {
this.serverAuthConfig = createServerAuthConfig(layer, appContext, handler, properties);
}
serverAuthConfig = this.serverAuthConfig;
}
}
return serverAuthConfig;
}
Example #17
| Source File: JWTSAM.java From eplmp with Eclipse Public License 1.0 | 5 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
LOGGER.log(Level.FINE, "Validating request @" + request.getMethod() + " " + request.getRequestURI());
String authorization = request.getHeader("Authorization");
String[] splitAuthorization = authorization.split(" ");
String jwt = splitAuthorization[1];
JWTokenUserGroupMapping jwTokenUserGroupMapping = JWTokenFactory.validateAuthToken(key, jwt);
if (jwTokenUserGroupMapping != null) {
UserGroupMapping userGroupMapping = jwTokenUserGroupMapping.getUserGroupMapping();
CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(clientSubject, userGroupMapping.getLogin());
GroupPrincipalCallback groupPrincipalCallback = new GroupPrincipalCallback(clientSubject, new String[]{userGroupMapping.getGroupName()});
Callback[] callbacks = new Callback[]{callerPrincipalCallback, groupPrincipalCallback};
try {
callbackHandler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
}
JWTokenFactory.refreshTokenIfNeeded(key, response, jwTokenUserGroupMapping);
return AuthStatus.SUCCESS;
}
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return AuthStatus.FAILURE;
}
Example #18
| Source File: JBossClientAuthConfig.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ClientAuthConfig#getAuthContext(String, javax.security.auth.Subject, java.util.Map)
*/
@SuppressWarnings("rawtypes")
public ClientAuthContext getAuthContext(String authContextID,
Subject clientSubject, Map properties)
throws AuthException
{
return new JBossClientAuthContext(this);
}
Example #19
| Source File: JBossServerAuthContext.java From lams with GNU General Public License v2.0 | 5 votes |
|
public JBossServerAuthContext(List<ServerAuthModule> modules,
Map<String,Map> moduleNameToOptions, CallbackHandler cbh) throws AuthException
{
this.modules = modules;
this.moduleOptionsByName = moduleNameToOptions;
for(ServerAuthModule sam:modules)
{
sam.initialize(null, null, cbh,
moduleOptionsByName.get(sam.getClass().getName()));
}
}
Example #20
| Source File: JBossServerAuthContext.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ServerAuthContext#cleanSubject(javax.security.auth.message.MessageInfo, javax.security.auth.Subject)
*/
public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException
{
for(ServerAuthModule sam:modules)
{
sam.cleanSubject(messageInfo, subject);
}
}
Example #21
| Source File: JBossServerAuthContext.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ServerAuthContext#secureResponse(javax.security.auth.message.MessageInfo, javax.security.auth.Subject)
*/
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException
{
AuthStatus status = null;
for(ServerAuthModule sam:modules)
{
status = sam.secureResponse(messageInfo, serviceSubject);
}
return status;
}
Example #22
| Source File: JBossServerAuthContext.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ServerAuthContext#validateRequest(javax.security.auth.message.MessageInfo, javax.security.auth.Subject, javax.security.auth.Subject)
*/
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject) throws AuthException
{
List<ServerAuthModule> supportingModules = new ArrayList<ServerAuthModule>();
Class requestType = messageInfo.getRequestMessage().getClass();
Class[] requestInterfaces = requestType.getInterfaces();
List<Class> intfaee = Arrays.asList(requestInterfaces);
for(ServerAuthModule sam:modules)
{
List<Class> supportedTypes = Arrays.asList(sam.getSupportedMessageTypes());
//Check the interfaces
for(Class clazz:intfaee)
{
if(supportedTypes.contains(clazz) && !supportingModules.contains(sam))
supportingModules.add(sam);
}
//Check the class type also
if((supportedTypes.contains(Object.class) || supportedTypes.contains(requestType))
&& !supportingModules.contains(sam))
supportingModules.add(sam);
}
if(supportingModules.size() == 0)
throw PicketBoxMessages.MESSAGES.noServerAuthModuleForRequestType(requestType);
AuthStatus authStatus = invokeModules(messageInfo, clientSubject, serviceSubject);
return authStatus;
}
Example #23
| Source File: DelegatingServerAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException
{
if(loginContext != null)
try
{
loginContext.logout();
}
catch (LoginException e)
{
throw new AuthException(e.getLocalizedMessage());
}
}
Example #24
| Source File: TheServerAuthModule.java From tomee with Apache License 2.0 | 5 votes |
|
private void cdi(final MessageInfo messageInfo, final String msg) throws AuthException {
final HttpServletRequest request = HttpServletRequest.class.cast(messageInfo.getRequestMessage());
final HttpServletResponse response = HttpServletResponse.class.cast(messageInfo.getResponseMessage());
if (request.getParameter("bean") != null) {
final TheBean cdiBean = CDI.current().select(TheBean.class).get();
cdiBean.set(msg);
try {
response.getWriter().write(String.valueOf(request.getAttribute("cdi")));
} catch (final IOException e) {
throw new AuthException(e.getMessage());
}
}
}
Example #25
| Source File: SimpleClientAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ClientAuthModule#validateResponse(javax.security.auth.message.MessageInfo, javax.security.auth.Subject, javax.security.auth.Subject)
*/
public AuthStatus validateResponse(MessageInfo messageInfo, Subject source, Subject recipient) throws AuthException
{
//Custom check: Check that the source of the response and the recipient
// of the response have identical credentials
Set sourceSet = source.getPrincipals(SimplePrincipal.class);
Set recipientSet = recipient.getPrincipals(SimplePrincipal.class);
if(sourceSet == null && recipientSet == null)
throw new AuthException();
if(sourceSet.size() != recipientSet.size())
throw new AuthException(PicketBoxMessages.MESSAGES.sizeMismatchMessage("source", "recipient"));
return AuthStatus.SUCCESS;
}
Example #26
| Source File: AbstractServerAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException
{
//Clear out the principals and credentials
subject.getPrincipals().clear();
subject.getPublicCredentials().clear();
subject.getPrivateCredentials().clear();
}
Example #27
| Source File: AbstractServerAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* This method delegates to a login module if configured in the module options.
* The sub classes will need to validate the request
*/
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject)
throws AuthException
{
String loginModuleName = (String) options.get("login-module-delegate");
if(loginModuleName != null)
{
ClassLoader tcl = SecurityActions.getContextClassLoader();
try
{
Class clazz = tcl.loadClass(loginModuleName);
LoginModule lm = (LoginModule) clazz.newInstance();
lm.initialize(clientSubject, callbackHandler, new HashMap(), options);
lm.login();
lm.commit();
}
catch (Exception e)
{
throw new AuthException(e.getLocalizedMessage());
}
}
else
{
return validate(clientSubject, messageInfo) ? AuthStatus.SUCCESS : AuthStatus.FAILURE;
}
return AuthStatus.SUCCESS;
}
Example #28
| Source File: SimpleClientAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ClientAuthModule#secureRequest(javax.security.auth.message.MessageInfo, javax.security.auth.Subject)
*/
public AuthStatus secureRequest(MessageInfo param, Subject source)
throws AuthException
{
source.getPrincipals().add(this.principal);
source.getPublicCredentials().add(this.credential);
return AuthStatus.SUCCESS;
}
Example #29
| Source File: HttpServletServerAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
protected boolean validate(Subject clientSubject, MessageInfo messageInfo) throws AuthException
{
callbackHandler = new JBossCallbackHandler(getUserName(messageInfo),
getCredential(messageInfo));
return super.validate(clientSubject, messageInfo);
}
Example #30
| Source File: SimpleClientAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ClientAuthModule#initialize(javax.security.auth.message.MessagePolicy, javax.security.auth.message.MessagePolicy, javax.security.auth.callback.CallbackHandler, java.util.Map)
*/
public void initialize(MessagePolicy requestPolicy, MessagePolicy responsePolicy,
CallbackHandler handler, Map options)
throws AuthException
{
this.requestPolicy = requestPolicy;
this.responsePolicy = responsePolicy;
this.handler = handler;
this.options = options;
}
