javax.security.auth.message.MessageInfo Java Examples
The following examples show how to use
javax.security.auth.message.MessageInfo.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: CustomServerAuthContext.java From eplmp with Eclipse Public License 1.0 | 6 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
AuthServices.addCORSHeaders(response);
LOGGER.log(Level.FINE, "validateRequest @" + request.getMethod() + " " + request.getRequestURI());
if (isOptionsRequest(request)) {
return AuthStatus.SUCCESS;
}
CustomSAM module = getModule(messageInfo);
if (module != null) {
return module.validateRequest(messageInfo, clientSubject, serviceSubject);
}
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return AuthStatus.FAILURE;
}
Example #2
| Source File: SimpleServerAuthModule.java From lams with GNU General Public License v2.0 | 6 votes |
|
@Override
protected boolean validate(Subject clientSubject, MessageInfo messageInfo) throws AuthException
{
//Construct Callbacks
NameCallback nc = new NameCallback("Dummy");
PasswordCallback pc = new PasswordCallback("B" , true);
try
{
this.callbackHandler.handle(new Callback[]{nc,pc});
String userName = nc.getName();
String pwd = new String(pc.getPassword());
//Check the options
if(!(userName.equals(options.get("principal"))
&& (pwd.equals(options.get("pass")))))
{
return false;
}
}
catch (Exception e)
{
throw new AuthException(e.getLocalizedMessage());
}
return true;
}
Example #3
| Source File: TomEESecurityContext.java From tomee with Apache License 2.0 | 6 votes |
|
@Override
public AuthenticationStatus authenticate(final HttpServletRequest request,
final HttpServletResponse response,
final AuthenticationParameters parameters) {
try {
final MessageInfo messageInfo = new TomEEMessageInfo(request, response, true, parameters);
final ServerAuthContext serverAuthContext = getServerAuthContext(request);
final AuthStatus authStatus = serverAuthContext.validateRequest(messageInfo, new Subject(), null);
return mapToAuthenticationStatus(authStatus);
} catch (final AuthException e) {
return AuthenticationStatus.SEND_FAILURE;
}
}
Example #4
| Source File: JBossClientAuthContext.java From lams with GNU General Public License v2.0 | 6 votes |
|
/**
* @see ClientAuthContext#validateResponse(javax.security.auth.message.MessageInfo, javax.security.auth.Subject, javax.security.auth.Subject)
*/
@SuppressWarnings("rawtypes")
public AuthStatus validateResponse(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject) throws AuthException
{
Iterator iter = config.getClientAuthModules().iterator();
AuthStatus status = null;
while(iter.hasNext())
{
status = ((ClientAuthModule)iter.next()).validateResponse(messageInfo,clientSubject,
serviceSubject);
if(status == AuthStatus.FAILURE)
break;
}
return status;
}
Example #5
| Source File: CustomServerAuthContext.java From eplmp with Eclipse Public License 1.0 | 6 votes |
|
@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
AuthServices.addCORSHeaders(response);
LOGGER.log(Level.FINE, "secureResponse @" + request.getMethod() + " " + request.getRequestURI());
if (isOptionsRequest(request)) {
return AuthStatus.SEND_SUCCESS;
}
CustomSAM module = getModule(messageInfo);
if (module != null) {
return module.secureResponse(messageInfo, serviceSubject);
}
return AuthStatus.SEND_FAILURE;
}
Example #6
| Source File: GuestSAM.java From eplmp with Eclipse Public License 1.0 | 6 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
LOGGER.log(Level.FINE, "Validating request @" + request.getMethod() + " " + request.getRequestURI());
CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(clientSubject, "");
GroupPrincipalCallback groupPrincipalCallback = new GroupPrincipalCallback(clientSubject, new String[]{UserGroupMapping.GUEST_ROLE_ID});
Callback[] callbacks = {callerPrincipalCallback, groupPrincipalCallback};
try {
callbackHandler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
}
return AuthStatus.SUCCESS;
}
Example #7
| Source File: TheServerAuthModule.java From tomee with Apache License 2.0 | 6 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject)
throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
Callback[] callbacks;
if (request.getParameter("doLogin") != null) {
callbacks = new Callback[]{new CallerPrincipalCallback(clientSubject, "test"),
new GroupPrincipalCallback(clientSubject, new String[]{"architect"})};
} else {
callbacks = new Callback[]{new CallerPrincipalCallback(clientSubject, (Principal) null)};
}
try {
handler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw (AuthException) new AuthException().initCause(e);
}
cdi(messageInfo, "vr");
return SUCCESS;
}
Example #8
| Source File: SessionSAM.java From eplmp with Eclipse Public License 1.0 | 6 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
LOGGER.log(Level.FINE, "Validating request @" + request.getMethod() + " " + request.getRequestURI());
String login = (String) request.getSession().getAttribute("login");
String groups = (String) request.getSession().getAttribute("groups");
CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(clientSubject, login);
GroupPrincipalCallback groupPrincipalCallback = new GroupPrincipalCallback(clientSubject, new String[]{groups});
Callback[] callbacks = new Callback[]{callerPrincipalCallback, groupPrincipalCallback};
try {
callbackHandler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
}
return AuthStatus.SUCCESS;
}
Example #9
| Source File: TheServerAuthModule.java From tomee with Apache License 2.0 | 5 votes |
|
private void cdi(final MessageInfo messageInfo, final String msg) throws AuthException {
final HttpServletRequest request = HttpServletRequest.class.cast(messageInfo.getRequestMessage());
final HttpServletResponse response = HttpServletResponse.class.cast(messageInfo.getResponseMessage());
if (request.getParameter("bean") != null) {
final TheBean cdiBean = CDI.current().select(TheBean.class).get();
cdiBean.set(msg);
try {
response.getWriter().write(String.valueOf(request.getAttribute("cdi")));
} catch (final IOException e) {
throw new AuthException(e.getMessage());
}
}
}
Example #10
| Source File: JBossClientAuthContext.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ClientAuthContext#cleanSubject(javax.security.auth.message.MessageInfo, javax.security.auth.Subject)
*/
@SuppressWarnings({"rawtypes"})
public void cleanSubject(MessageInfo messageInfo, Subject subject)
throws AuthException
{
Iterator iter = config.getClientAuthModules().iterator();
while(iter.hasNext())
{
((ClientAuthModule)iter.next()).cleanSubject(messageInfo,subject);
}
}
Example #11
| Source File: TomEESecurityServerAuthModule.java From tomee with Apache License 2.0 | 5 votes |
|
@Override
public AuthStatus validateRequest(final MessageInfo messageInfo, final Subject clientSubject,
final Subject serviceSubject)
throws AuthException {
final HttpMessageContext httpMessageContext =
httpMessageContext(handler, messageInfo, clientSubject, serviceSubject);
final HttpAuthenticationMechanism authenticationMechanism =
CDI.current()
.select(TomEESecurityServletAuthenticationMechanismMapper.class)
.get()
.getCurrentAuthenticationMechanism(httpMessageContext);
final AuthenticationStatus authenticationStatus;
try {
authenticationStatus =
authenticationMechanism.validateRequest(httpMessageContext.getRequest(),
httpMessageContext.getResponse(),
httpMessageContext);
} catch (final AuthenticationException e) {
final AuthException authException = new AuthException(e.getMessage());
authException.initCause(e);
throw authException;
}
return mapToAuthStatus(authenticationStatus);
}
Example #12
| Source File: AbstractServerAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException
{
//Clear out the principals and credentials
subject.getPrincipals().clear();
subject.getPublicCredentials().clear();
subject.getPrivateCredentials().clear();
}
Example #13
| Source File: SimpleServerAuthContext.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@SuppressWarnings("unchecked") // JASPIC API uses raw types
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject) throws AuthException {
for (int moduleIndex = 0; moduleIndex < modules.size(); moduleIndex++) {
ServerAuthModule module = modules.get(moduleIndex);
AuthStatus result = module.validateRequest(messageInfo, clientSubject, serviceSubject);
if (result != AuthStatus.SEND_FAILURE) {
messageInfo.getMap().put("moduleIndex", Integer.valueOf(moduleIndex));
return result;
}
}
return AuthStatus.SEND_FAILURE;
}
Example #14
| Source File: DoNothingServerAuthModule.java From piranha with BSD 3-Clause "New" or "Revised" License | 5 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
try {
// The JASPIC protocol for "do nothing"
handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) });
return SUCCESS;
} catch (IOException | UnsupportedCallbackException e) {
throw (AuthException) new AuthException().initCause(e);
}
}
Example #15
| Source File: DelegatingServerAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException
{
if(loginContext != null)
try
{
loginContext.logout();
}
catch (LoginException e)
{
throw new AuthException(e.getLocalizedMessage());
}
}
Example #16
| Source File: DelegatingServerAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
protected boolean validate(Subject clientSubject, MessageInfo messageInfo) throws AuthException
{
try
{
loginContext = SecurityActions.createLoginContext(getSecurityDomainName(), clientSubject, this.callbackHandler);
loginContext.login();
return true;
}
catch (Exception e)
{
throw new AuthException(e.getLocalizedMessage());
}
}
Example #17
| Source File: TomEEHttpMessageContext.java From tomee with Apache License 2.0 | 5 votes |
|
public static TomEEHttpMessageContext httpMessageContext(
final CallbackHandler handler,
final MessageInfo messageInfo,
final Subject clientSubject,
final Subject serviceSubject) {
return new TomEEHttpMessageContext(handler, messageInfo, clientSubject, serviceSubject);
}
Example #18
| Source File: JBossServerAuthContext.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ServerAuthContext#cleanSubject(javax.security.auth.message.MessageInfo, javax.security.auth.Subject)
*/
public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException
{
for(ServerAuthModule sam:modules)
{
sam.cleanSubject(messageInfo, subject);
}
}
Example #19
| Source File: JBossServerAuthContext.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ServerAuthContext#validateRequest(javax.security.auth.message.MessageInfo, javax.security.auth.Subject, javax.security.auth.Subject)
*/
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject) throws AuthException
{
List<ServerAuthModule> supportingModules = new ArrayList<ServerAuthModule>();
Class requestType = messageInfo.getRequestMessage().getClass();
Class[] requestInterfaces = requestType.getInterfaces();
List<Class> intfaee = Arrays.asList(requestInterfaces);
for(ServerAuthModule sam:modules)
{
List<Class> supportedTypes = Arrays.asList(sam.getSupportedMessageTypes());
//Check the interfaces
for(Class clazz:intfaee)
{
if(supportedTypes.contains(clazz) && !supportingModules.contains(sam))
supportingModules.add(sam);
}
//Check the class type also
if((supportedTypes.contains(Object.class) || supportedTypes.contains(requestType))
&& !supportingModules.contains(sam))
supportingModules.add(sam);
}
if(supportingModules.size() == 0)
throw PicketBoxMessages.MESSAGES.noServerAuthModuleForRequestType(requestType);
AuthStatus authStatus = invokeModules(messageInfo, clientSubject, serviceSubject);
return authStatus;
}
Example #20
| Source File: TomEEHttpMessageContext.java From tomee with Apache License 2.0 | 5 votes |
|
private TomEEHttpMessageContext(
final CallbackHandler handler,
final MessageInfo messageInfo,
final Subject clientSubject,
final Subject serviceSubject) {
this.handler = handler;
this.messageInfo = messageInfo;
this.clientSubject = clientSubject;
this.serviceSubject = serviceSubject;
}
Example #21
| Source File: AuthenticatorBase.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public void logout(Request request) {
AuthConfigProvider provider = getJaspicProvider();
if (provider != null) {
MessageInfo messageInfo = new MessageInfoImpl(request, request.getResponse(), true);
Subject client = (Subject) request.getNote(Constants.REQ_JASPIC_SUBJECT_NOTE);
if (client != null) {
ServerAuthContext serverAuthContext;
try {
ServerAuthConfig serverAuthConfig = provider.getServerAuthConfig("HttpServlet",
jaspicAppContextID, CallbackHandlerImpl.getInstance());
String authContextID = serverAuthConfig.getAuthContextID(messageInfo);
serverAuthContext = serverAuthConfig.getAuthContext(authContextID, null, null);
serverAuthContext.cleanSubject(messageInfo, client);
} catch (AuthException e) {
log.debug(sm.getString("authenticator.jaspicCleanSubjectFail"), e);
}
}
}
Principal p = request.getPrincipal();
if (p instanceof TomcatPrincipal) {
try {
((TomcatPrincipal) p).logout();
} catch (Throwable t) {
ExceptionUtils.handleThrowable(t);
log.debug(sm.getString("authenticator.tomcatPrincipalLogoutFail"), t);
}
}
register(request, request.getResponse(), null, null, null, null);
}
Example #22
| Source File: AbstractServerAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* This method delegates to a login module if configured in the module options.
* The sub classes will need to validate the request
*/
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject)
throws AuthException
{
String loginModuleName = (String) options.get("login-module-delegate");
if(loginModuleName != null)
{
ClassLoader tcl = SecurityActions.getContextClassLoader();
try
{
Class clazz = tcl.loadClass(loginModuleName);
LoginModule lm = (LoginModule) clazz.newInstance();
lm.initialize(clientSubject, callbackHandler, new HashMap(), options);
lm.login();
lm.commit();
}
catch (Exception e)
{
throw new AuthException(e.getLocalizedMessage());
}
}
else
{
return validate(clientSubject, messageInfo) ? AuthStatus.SUCCESS : AuthStatus.FAILURE;
}
return AuthStatus.SUCCESS;
}
Example #23
| Source File: CustomServerAuthContext.java From eplmp with Eclipse Public License 1.0 | 5 votes |
|
@Override
public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
CustomSAM module = getModule(messageInfo);
if (module != null) {
module.cleanSubject(messageInfo, subject);
}
}
Example #24
| Source File: HttpServletServerAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
@Override
protected boolean validate(Subject clientSubject, MessageInfo messageInfo) throws AuthException
{
callbackHandler = new JBossCallbackHandler(getUserName(messageInfo),
getCredential(messageInfo));
return super.validate(clientSubject, messageInfo);
}
Example #25
| Source File: HttpServletServerAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
private Principal getUserName(MessageInfo messageInfo)
{
Object requestInfo = messageInfo.getRequestMessage();
String userNameParam = (String) options.get("userNameParam");
if(requestInfo instanceof HttpServletRequest == false)
throw PicketBoxMessages.MESSAGES.invalidType(HttpServletRequest.class.getName());
HttpServletRequest hsr = (HttpServletRequest)requestInfo;
return new SimplePrincipal(hsr.getParameter(userNameParam));
}
Example #26
| Source File: SimpleClientAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ClientAuthModule#secureRequest(javax.security.auth.message.MessageInfo, javax.security.auth.Subject)
*/
public AuthStatus secureRequest(MessageInfo param, Subject source)
throws AuthException
{
source.getPrincipals().add(this.principal);
source.getPublicCredentials().add(this.credential);
return AuthStatus.SUCCESS;
}
Example #27
| Source File: SimpleClientAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ClientAuthModule#validateResponse(javax.security.auth.message.MessageInfo, javax.security.auth.Subject, javax.security.auth.Subject)
*/
public AuthStatus validateResponse(MessageInfo messageInfo, Subject source, Subject recipient) throws AuthException
{
//Custom check: Check that the source of the response and the recipient
// of the response have identical credentials
Set sourceSet = source.getPrincipals(SimplePrincipal.class);
Set recipientSet = recipient.getPrincipals(SimplePrincipal.class);
if(sourceSet == null && recipientSet == null)
throw new AuthException();
if(sourceSet.size() != recipientSet.size())
throw new AuthException(PicketBoxMessages.MESSAGES.sizeMismatchMessage("source", "recipient"));
return AuthStatus.SUCCESS;
}
Example #28
| Source File: SessionSAM.java From eplmp with Eclipse Public License 1.0 | 5 votes |
|
@Override
public boolean canHandle(MessageInfo messageInfo) {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpSession session = request.getSession(false);
if(session == null){
return false;
}
String login = (String) session.getAttribute("login");
String groups = (String) session.getAttribute("groups");
return login != null && !login.isEmpty() && groups != null && !groups.isEmpty();
}
Example #29
| Source File: JWTSAM.java From eplmp with Eclipse Public License 1.0 | 5 votes |
|
@Override
public boolean canHandle(MessageInfo messageInfo) {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
// Check in headers
String authorization = request.getHeader("Authorization");
if (authorization != null && authorization.startsWith("Bearer ")) {
return authorization.split(" ").length == 2;
}
return false;
}
Example #30
| Source File: JWTSAM.java From eplmp with Eclipse Public License 1.0 | 5 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
LOGGER.log(Level.FINE, "Validating request @" + request.getMethod() + " " + request.getRequestURI());
String authorization = request.getHeader("Authorization");
String[] splitAuthorization = authorization.split(" ");
String jwt = splitAuthorization[1];
JWTokenUserGroupMapping jwTokenUserGroupMapping = JWTokenFactory.validateAuthToken(key, jwt);
if (jwTokenUserGroupMapping != null) {
UserGroupMapping userGroupMapping = jwTokenUserGroupMapping.getUserGroupMapping();
CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(clientSubject, userGroupMapping.getLogin());
GroupPrincipalCallback groupPrincipalCallback = new GroupPrincipalCallback(clientSubject, new String[]{userGroupMapping.getGroupName()});
Callback[] callbacks = new Callback[]{callerPrincipalCallback, groupPrincipalCallback};
try {
callbackHandler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
}
JWTokenFactory.refreshTokenIfNeeded(key, response, jwTokenUserGroupMapping);
return AuthStatus.SUCCESS;
}
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return AuthStatus.FAILURE;
}
