Java Code Examples for javax.security.sasl.AuthorizeCallback

The following examples show how to use javax.security.sasl.AuthorizeCallback. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: Bats   Source File: KerberosFactory.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException {
  for (final Callback callback : callbacks) {
    if (callback instanceof AuthorizeCallback) {
      final AuthorizeCallback authorizeCallback = (AuthorizeCallback) callback;
      if (!authorizeCallback.getAuthenticationID()
          .equals(authorizeCallback.getAuthorizationID())) {
        throw new SaslException("Drill expects authorization ID and authentication ID to match. " +
            "Use inbound impersonation feature so one entity can act on behalf of another.");
      } else {
        authorizeCallback.setAuthorized(true);
      }
    } else {
      throw new UnsupportedCallbackException(callback);
    }
  }
}
 
Example 2
Source Project: herddb   Source File: SaslNettyServer.java    License: Apache License 2.0 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
            + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        userNameBuilder.append("/").append(kerberosName.getHostName());
        userNameBuilder.append("@").append(kerberosName.getRealm());
        LOG.info("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.severe("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 3
Source Project: pulsar   Source File: PulsarSaslServer.java    License: Apache License 2.0 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();
    if (!authenticationID.equals(authorizationID)) {
        ac.setAuthorized(false);
        log.info("Forbidden access to client: authenticationID: {} is different from authorizationID: {}",
            authenticationID, authorizationID);
        return;
    }
    if (!allowedIdsPattern.matcher(authenticationID).matches()) {
        ac.setAuthorized(false);
        log.info("Forbidden access to client: authenticationID {}, is not allowed (see {} property).",
            authenticationID, SaslConstants.JAAS_CLIENT_ALLOWED_IDS);
        return;
    }

    ac.setAuthorized(true);
    log.info("Successfully authenticated client: authenticationID: {};  authorizationID: {}.",
        authenticationID, authorizationID);
}
 
Example 4
Source Project: blazingcache   Source File: SaslNettyServer.java    License: Apache License 2.0 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    String authorizationID = ac.getAuthorizationID();

    LOG.severe("Successfully authenticated client: authenticationID=" + authenticationID
        + ";  authorizationID=" + authorizationID + ".");
    ac.setAuthorized(true);

    KerberosName kerberosName = new KerberosName(authenticationID);
    try {
        StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
        userNameBuilder.append("/").append(kerberosName.getHostName());
        userNameBuilder.append("@").append(kerberosName.getRealm());
        LOG.severe("Setting authorizedID: " + userNameBuilder);
        ac.setAuthorizedID(userNameBuilder.toString());
    } catch (IOException e) {
        LOG.severe("Failed to set name based on Kerberos authentication rules.");
    }
}
 
Example 5
Source Project: glowroot   Source File: SaslCallbackHandler.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof AuthorizeCallback) {
            AuthorizeCallback authorizeCallback = (AuthorizeCallback) callback;
            String authenticationId = authorizeCallback.getAuthenticationID();
            String authorizationId = authorizeCallback.getAuthorizationID();
            authorizeCallback.setAuthorized(authenticationId.equals(authorizationId));
        } else if (callback instanceof NameCallback) {
            ((NameCallback) callback).setName("glowroot");
        } else if (callback instanceof PasswordCallback) {
            ((PasswordCallback) callback).setPassword(password);
        } else if (callback instanceof RealmCallback) {
            ((RealmCallback) callback).setText("glowroot");
        }
    }
}
 
Example 6
private CallbackHandler serverCallbackHandler(String username, String realm, String password) {
    return callbacks -> {
        for (Callback callback : callbacks) {
            if (callback instanceof NameCallback) {
                Assert.assertEquals(username, ((NameCallback) callback).getDefaultName());
            } else if (callback instanceof RealmCallback) {
                Assert.assertEquals(realm, ((RealmCallback) callback).getDefaultText());
            } else if (callback instanceof PasswordCallback) {
                ((PasswordCallback) callback).setPassword(password.toCharArray());
            } else if (callback instanceof AuthorizeCallback) {
                ((AuthorizeCallback) callback).setAuthorized(((AuthorizeCallback) callback).getAuthorizationID().equals(((AuthorizeCallback) callback).getAuthenticationID()));
            } else {
                throw new UnsupportedCallbackException(callback);
            }
        }
    };
}
 
Example 7
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (Callback current : callbacks) {
        if (current instanceof AuthorizeCallback) {
            AuthorizeCallback acb = (AuthorizeCallback) current;
            boolean authorized = acb.getAuthenticationID().equals(acb.getAuthorizationID());
            if (authorized == false) {
                SECURITY_LOGGER.tracef(
                        "Checking 'AuthorizeCallback', authorized=false, authenticationID=%s, authorizationID=%s.",
                        acb.getAuthenticationID(), acb.getAuthorizationID());
            }
            acb.setAuthorized(authorized);
        } else {
            throw new UnsupportedCallbackException(current);
        }
    }
}
 
Example 8
Source Project: tutorials   Source File: ServerCallbackHandler.java    License: MIT License 6 votes vote down vote up
@Override
public void handle(Callback[] cbs) throws IOException, UnsupportedCallbackException {
    for (Callback cb : cbs) {
        if (cb instanceof AuthorizeCallback) {
            AuthorizeCallback ac = (AuthorizeCallback) cb;
            ac.setAuthorized(true);
        } else if (cb instanceof NameCallback) {
            NameCallback nc = (NameCallback) cb;
            nc.setName("username");

        } else if (cb instanceof PasswordCallback) {
            PasswordCallback pc = (PasswordCallback) cb;
            pc.setPassword("password".toCharArray());
        } else if (cb instanceof RealmCallback) {
            RealmCallback rc = (RealmCallback) cb;
            rc.setText("myServer");
        }
    }
}
 
Example 9
Source Project: jstorm   Source File: ServerCallbackHandler.java    License: Apache License 2.0 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    LOG.info("Successfully authenticated client: authenticationID=" + authenticationID + " authorizationID= " + ac.getAuthorizationID());

    // if authorizationId is not set, set it to authenticationId.
    if (ac.getAuthorizationID() == null) {
        ac.setAuthorizedID(authenticationID);
    }

    // When authNid and authZid are not equal , authNId is attempting to impersonate authZid, We
    // add the authNid as the real user in reqContext's subject which will be used during authorization.
    if (!ac.getAuthenticationID().equals(ac.getAuthorizationID())) {
        ReqContext.context().setRealPrincipal(new SaslTransportPlugin.User(ac.getAuthenticationID()));
    }

    ac.setAuthorized(true);
}
 
Example 10
Source Project: jstorm   Source File: ServerCallbackHandler.java    License: Apache License 2.0 6 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authenticationID = ac.getAuthenticationID();
    LOG.info("Successfully authenticated client: authenticationID = " + authenticationID + " authorizationID = " + ac.getAuthorizationID());

    // if authorizationId is not set, set it to authenticationId.
    if (ac.getAuthorizationID() == null) {
        ac.setAuthorizedID(authenticationID);
    }

    // When authNid and authZid are not equal , authNId is attempting to impersonate authZid, We
    // add the authNid as the real user in reqContext's subject which will be used during authorization.
    if (!authenticationID.equals(ac.getAuthorizationID())) {
        LOG.info("Impersonation attempt  authenticationID = " + ac.getAuthenticationID() + " authorizationID = " + ac.getAuthorizationID());
        ReqContext.context().setRealPrincipal(new SaslTransportPlugin.User(ac.getAuthenticationID()));
    }

    ac.setAuthorized(true);
}
 
Example 11
@Override
public void handle(Callback[] callbacks) throws IOException,
        UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            System.out.println("NameCallback");
            ((NameCallback) callback).setName(userId);
        } else if (callback instanceof PasswordCallback) {
            System.out.println("PasswordCallback");
            ((PasswordCallback) callback).setPassword(passwd);
        } else if (callback instanceof RealmCallback) {
            System.out.println("RealmCallback");
            ((RealmCallback) callback).setText(realm);
        } else if (callback instanceof RealmChoiceCallback) {
            System.out.println("RealmChoiceCallback");
            RealmChoiceCallback choice = (RealmChoiceCallback) callback;
            if (realm == null) {
                choice.setSelectedIndex(choice.getDefaultChoice());
            } else {
                String[] choices = choice.getChoices();
                for (int j = 0; j < choices.length; j++) {
                    if (realm.equals(choices[j])) {
                        choice.setSelectedIndex(j);
                        break;
                    }
                }
            }
        } else if (callback instanceof AuthorizeCallback) {
            System.out.println("AuthorizeCallback");
            ((AuthorizeCallback) callback).setAuthorized(true);
            if (authId == null || authId.trim().length() == 0) {
                authId = userId;
            }
            ((AuthorizeCallback) callback).setAuthorizedID(authId);
        } else {
            throw new UnsupportedCallbackException(callback);
        }
    }
}
 
Example 12
@Override
public void handle(Callback[] callbacks) throws IOException,
        UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            System.out.println("NameCallback");
            ((NameCallback) callback).setName(userId);
        } else if (callback instanceof PasswordCallback) {
            System.out.println("PasswordCallback");
            ((PasswordCallback) callback).setPassword(passwd);
        } else if (callback instanceof RealmCallback) {
            System.out.println("RealmCallback");
            ((RealmCallback) callback).setText(realm);
        } else if (callback instanceof RealmChoiceCallback) {
            System.out.println("RealmChoiceCallback");
            RealmChoiceCallback choice = (RealmChoiceCallback) callback;
            if (realm == null) {
                choice.setSelectedIndex(choice.getDefaultChoice());
            } else {
                String[] choices = choice.getChoices();
                for (int j = 0; j < choices.length; j++) {
                    if (realm.equals(choices[j])) {
                        choice.setSelectedIndex(j);
                        break;
                    }
                }
            }
        } else if (callback instanceof AuthorizeCallback) {
            System.out.println("AuthorizeCallback");
            ((AuthorizeCallback) callback).setAuthorized(true);
            if (authId == null || authId.trim().length() == 0) {
                authId = userId;
            }
            ((AuthorizeCallback) callback).setAuthorizedID(authId);
        } else {
            throw new UnsupportedCallbackException(callback);
        }
    }
}
 
Example 13
@Override
public void handle(Callback[] callbacks) throws IOException,
        UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            System.out.println("NameCallback");
            ((NameCallback) callback).setName(userId);
        } else if (callback instanceof PasswordCallback) {
            System.out.println("PasswordCallback");
            ((PasswordCallback) callback).setPassword(passwd);
        } else if (callback instanceof RealmCallback) {
            System.out.println("RealmCallback");
            ((RealmCallback) callback).setText(realm);
        } else if (callback instanceof RealmChoiceCallback) {
            System.out.println("RealmChoiceCallback");
            RealmChoiceCallback choice = (RealmChoiceCallback) callback;
            if (realm == null) {
                choice.setSelectedIndex(choice.getDefaultChoice());
            } else {
                String[] choices = choice.getChoices();
                for (int j = 0; j < choices.length; j++) {
                    if (realm.equals(choices[j])) {
                        choice.setSelectedIndex(j);
                        break;
                    }
                }
            }
        } else if (callback instanceof AuthorizeCallback) {
            System.out.println("AuthorizeCallback");
            ((AuthorizeCallback) callback).setAuthorized(true);
            if (authId == null || authId.trim().length() == 0) {
                authId = userId;
            }
            ((AuthorizeCallback) callback).setAuthorizedID(authId);
        } else {
            throw new UnsupportedCallbackException(callback);
        }
    }
}
 
Example 14
@Override
public void handle(Callback[] callbacks) throws IOException,
        UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            System.out.println("NameCallback");
            ((NameCallback) callback).setName(userId);
        } else if (callback instanceof PasswordCallback) {
            System.out.println("PasswordCallback");
            ((PasswordCallback) callback).setPassword(passwd);
        } else if (callback instanceof RealmCallback) {
            System.out.println("RealmCallback");
            ((RealmCallback) callback).setText(realm);
        } else if (callback instanceof RealmChoiceCallback) {
            System.out.println("RealmChoiceCallback");
            RealmChoiceCallback choice = (RealmChoiceCallback) callback;
            if (realm == null) {
                choice.setSelectedIndex(choice.getDefaultChoice());
            } else {
                String[] choices = choice.getChoices();
                for (int j = 0; j < choices.length; j++) {
                    if (realm.equals(choices[j])) {
                        choice.setSelectedIndex(j);
                        break;
                    }
                }
            }
        } else if (callback instanceof AuthorizeCallback) {
            System.out.println("AuthorizeCallback");
            ((AuthorizeCallback) callback).setAuthorized(true);
            if (authId == null || authId.trim().length() == 0) {
                authId = userId;
            }
            ((AuthorizeCallback) callback).setAuthorizedID(authId);
        } else {
            throw new UnsupportedCallbackException(callback);
        }
    }
}
 
Example 15
@Override
public void handle(Callback[] callbacks) throws IOException,
        UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            System.out.println("NameCallback");
            ((NameCallback) callback).setName(userId);
        } else if (callback instanceof PasswordCallback) {
            System.out.println("PasswordCallback");
            ((PasswordCallback) callback).setPassword(passwd);
        } else if (callback instanceof RealmCallback) {
            System.out.println("RealmCallback");
            ((RealmCallback) callback).setText(realm);
        } else if (callback instanceof RealmChoiceCallback) {
            System.out.println("RealmChoiceCallback");
            RealmChoiceCallback choice = (RealmChoiceCallback) callback;
            if (realm == null) {
                choice.setSelectedIndex(choice.getDefaultChoice());
            } else {
                String[] choices = choice.getChoices();
                for (int j = 0; j < choices.length; j++) {
                    if (realm.equals(choices[j])) {
                        choice.setSelectedIndex(j);
                        break;
                    }
                }
            }
        } else if (callback instanceof AuthorizeCallback) {
            System.out.println("AuthorizeCallback");
            ((AuthorizeCallback) callback).setAuthorized(true);
            if (authId == null || authId.trim().length() == 0) {
                authId = userId;
            }
            ((AuthorizeCallback) callback).setAuthorizedID(authId);
        } else {
            throw new UnsupportedCallbackException(callback);
        }
    }
}
 
Example 16
Source Project: jdk8u-jdk   Source File: ClientServerTest.java    License: GNU General Public License v2.0 5 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws IOException,
        UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            System.out.println("NameCallback");
            ((NameCallback) callback).setName(userId);
        } else if (callback instanceof PasswordCallback) {
            System.out.println("PasswordCallback");
            ((PasswordCallback) callback).setPassword(passwd);
        } else if (callback instanceof RealmCallback) {
            System.out.println("RealmCallback");
            ((RealmCallback) callback).setText(realm);
        } else if (callback instanceof RealmChoiceCallback) {
            System.out.println("RealmChoiceCallback");
            RealmChoiceCallback choice = (RealmChoiceCallback) callback;
            if (realm == null) {
                choice.setSelectedIndex(choice.getDefaultChoice());
            } else {
                String[] choices = choice.getChoices();
                for (int j = 0; j < choices.length; j++) {
                    if (realm.equals(choices[j])) {
                        choice.setSelectedIndex(j);
                        break;
                    }
                }
            }
        } else if (callback instanceof AuthorizeCallback) {
            System.out.println("AuthorizeCallback");
            ((AuthorizeCallback) callback).setAuthorized(true);
            if (authId == null || authId.trim().length() == 0) {
                authId = userId;
            }
            ((AuthorizeCallback) callback).setAuthorizedID(authId);
        } else {
            throw new UnsupportedCallbackException(callback);
        }
    }
}
 
Example 17
Source Project: qpid-broker-j   Source File: KerberosNegotiator.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
    for(Callback callback : callbacks)
    {
        if (callback instanceof AuthorizeCallback)
        {
            ((AuthorizeCallback) callback).setAuthorized(true);
        }
        else
        {
            throw new UnsupportedCallbackException(callback);
        }
    }
}
 
Example 18
Source Project: hottub   Source File: ClientServerTest.java    License: GNU General Public License v2.0 5 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws IOException,
        UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            System.out.println("NameCallback");
            ((NameCallback) callback).setName(userId);
        } else if (callback instanceof PasswordCallback) {
            System.out.println("PasswordCallback");
            ((PasswordCallback) callback).setPassword(passwd);
        } else if (callback instanceof RealmCallback) {
            System.out.println("RealmCallback");
            ((RealmCallback) callback).setText(realm);
        } else if (callback instanceof RealmChoiceCallback) {
            System.out.println("RealmChoiceCallback");
            RealmChoiceCallback choice = (RealmChoiceCallback) callback;
            if (realm == null) {
                choice.setSelectedIndex(choice.getDefaultChoice());
            } else {
                String[] choices = choice.getChoices();
                for (int j = 0; j < choices.length; j++) {
                    if (realm.equals(choices[j])) {
                        choice.setSelectedIndex(j);
                        break;
                    }
                }
            }
        } else if (callback instanceof AuthorizeCallback) {
            System.out.println("AuthorizeCallback");
            ((AuthorizeCallback) callback).setAuthorized(true);
            if (authId == null || authId.trim().length() == 0) {
                authId = userId;
            }
            ((AuthorizeCallback) callback).setAuthorizedID(authId);
        } else {
            throw new UnsupportedCallbackException(callback);
        }
    }
}
 
Example 19
Source Project: herddb   Source File: SaslNettyServer.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws
        UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            NameCallback nc = (NameCallback) callback;
            nc.setName(nc.getDefaultName());
        } else {
            if (callback instanceof PasswordCallback) {
                PasswordCallback pc = (PasswordCallback) callback;
                if (password != null) {
                    pc.setPassword(this.password.toCharArray());
                }
            } else {
                if (callback instanceof RealmCallback) {
                    RealmCallback rc = (RealmCallback) callback;
                    rc.setText(rc.getDefaultText());
                } else {
                    if (callback instanceof AuthorizeCallback) {
                        AuthorizeCallback ac = (AuthorizeCallback) callback;
                        String authid = ac.getAuthenticationID();
                        String authzid = ac.getAuthorizationID();
                        if (authid.equals(authzid)) {
                            ac.setAuthorized(true);
                        } else {
                            ac.setAuthorized(false);
                        }
                        if (ac.isAuthorized()) {
                            ac.setAuthorizedID(authzid);
                        }
                    } else {
                        throw new UnsupportedCallbackException(callback, "Unrecognized SASL ClientCallback");
                    }
                }
            }
        }
    }
}
 
Example 20
Source Project: herddb   Source File: SaslNettyServer.java    License: Apache License 2.0 5 votes vote down vote up
public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            handleNameCallback((NameCallback) callback);
        } else if (callback instanceof PasswordCallback) {
            handlePasswordCallback((PasswordCallback) callback);
        } else if (callback instanceof RealmCallback) {
            handleRealmCallback((RealmCallback) callback);
        } else if (callback instanceof AuthorizeCallback) {
            handleAuthorizeCallback((AuthorizeCallback) callback);
        }
    }
}
 
Example 21
Source Project: herddb   Source File: SaslNettyClient.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws
        UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            NameCallback nc = (NameCallback) callback;
            nc.setName(nc.getDefaultName());
        } else {
            if (callback instanceof PasswordCallback) {
                PasswordCallback pc = (PasswordCallback) callback;
                if (password != null) {
                    pc.setPassword(this.password.toCharArray());
                }
            } else {
                if (callback instanceof RealmCallback) {
                    RealmCallback rc = (RealmCallback) callback;
                    rc.setText(rc.getDefaultText());
                } else {
                    if (callback instanceof AuthorizeCallback) {
                        AuthorizeCallback ac = (AuthorizeCallback) callback;
                        String authid = ac.getAuthenticationID();
                        String authzid = ac.getAuthorizationID();
                        if (authid.equals(authzid)) {
                            ac.setAuthorized(true);
                        } else {
                            ac.setAuthorized(false);
                        }
                        if (ac.isAuthorized()) {
                            ac.setAuthorizedID(authzid);
                        }
                    } else {
                        throw new UnsupportedCallbackException(callback, "Unrecognized SASL ClientCallback");
                    }
                }
            }
        }
    }
}
 
Example 22
Source Project: jdk8u_jdk   Source File: ClientServerTest.java    License: GNU General Public License v2.0 5 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws IOException,
        UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            System.out.println("NameCallback");
            ((NameCallback) callback).setName(userId);
        } else if (callback instanceof PasswordCallback) {
            System.out.println("PasswordCallback");
            ((PasswordCallback) callback).setPassword(passwd);
        } else if (callback instanceof RealmCallback) {
            System.out.println("RealmCallback");
            ((RealmCallback) callback).setText(realm);
        } else if (callback instanceof RealmChoiceCallback) {
            System.out.println("RealmChoiceCallback");
            RealmChoiceCallback choice = (RealmChoiceCallback) callback;
            if (realm == null) {
                choice.setSelectedIndex(choice.getDefaultChoice());
            } else {
                String[] choices = choice.getChoices();
                for (int j = 0; j < choices.length; j++) {
                    if (realm.equals(choices[j])) {
                        choice.setSelectedIndex(j);
                        break;
                    }
                }
            }
        } else if (callback instanceof AuthorizeCallback) {
            System.out.println("AuthorizeCallback");
            ((AuthorizeCallback) callback).setAuthorized(true);
            if (authId == null || authId.trim().length() == 0) {
                authId = userId;
            }
            ((AuthorizeCallback) callback).setAuthorizedID(authId);
        } else {
            throw new UnsupportedCallbackException(callback);
        }
    }
}
 
Example 23
Source Project: pulsar   Source File: PulsarSaslClient.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof AuthorizeCallback) {
            handleAuthorizeCallback((AuthorizeCallback) callback);
        } else {
            throw new UnsupportedCallbackException(callback, "Unrecognized SASL GSSAPI Client Callback.");
        }
    }
}
 
Example 24
Source Project: pulsar   Source File: PulsarSaslClient.java    License: Apache License 2.0 5 votes vote down vote up
private void handleAuthorizeCallback(AuthorizeCallback ac) {
    String authid = ac.getAuthenticationID();
    String authzid = ac.getAuthorizationID();
    if (authid.equals(authzid)) {
        ac.setAuthorized(true);
    } else {
        ac.setAuthorized(false);
    }
    if (ac.isAuthorized()) {
        ac.setAuthorizedID(authzid);
    }
    log.info("Successfully authenticated. authenticationID: {};  authorizationID: {}.",
        authid, authzid);
}
 
Example 25
Source Project: pulsar   Source File: PulsarSaslServer.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof AuthorizeCallback) {
            handleAuthorizeCallback((AuthorizeCallback) callback);
        } else {
            throw new UnsupportedCallbackException(callback, "Unrecognized SASL GSSAPI Server Callback.");
        }
    }
}
 
Example 26
Source Project: activemq-artemis   Source File: GSSAPIServerSASL.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public byte[] processSASL(byte[] bytes) {
   try {
      if (jaasId == null) {
         // populate subject with acceptor private credentials
         LoginContext loginContext = new LoginContext(loginConfigScope);
         loginContext.login();
         jaasId = loginContext.getSubject();
      }

      if (saslServer == null) {
         saslServer = Subject.doAs(jaasId, (PrivilegedExceptionAction<SaslServer>) () -> Sasl.createSaslServer(NAME, null, null, new HashMap<String, String>(), new CallbackHandler() {
            @Override
            public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
               for (Callback callback : callbacks) {
                  if (callback instanceof AuthorizeCallback) {
                     AuthorizeCallback authorizeCallback = (AuthorizeCallback) callback;
                     // only ok to authenticate as self
                     authorizeCallback.setAuthorized(authorizeCallback.getAuthenticationID().equals(authorizeCallback.getAuthorizationID()));
                  }
               }
            }
         }));
      }

      byte[] challenge = Subject.doAs(jaasId, (PrivilegedExceptionAction<byte[]>) () -> saslServer.evaluateResponse(bytes));
      if (saslServer.isComplete()) {
         result = new PrincipalSASLResult(true, new KerberosPrincipal(saslServer.getAuthorizationID()));
      }
      return challenge;

   } catch (Exception outOfHere) {
      log.info("Error on sasl input: " + outOfHere.toString(), outOfHere);
      result = new PrincipalSASLResult(false, null);
   }
   return null;
}
 
Example 27
Source Project: blazingcache   Source File: SaslNettyServer.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws
    UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            NameCallback nc = (NameCallback) callback;
            nc.setName(nc.getDefaultName());
        } else {
            if (callback instanceof PasswordCallback) {
                PasswordCallback pc = (PasswordCallback) callback;
                if (password != null) {
                    pc.setPassword(this.password.toCharArray());
                }
            } else {
                if (callback instanceof RealmCallback) {
                    RealmCallback rc = (RealmCallback) callback;
                    rc.setText(rc.getDefaultText());
                } else {
                    if (callback instanceof AuthorizeCallback) {
                        AuthorizeCallback ac = (AuthorizeCallback) callback;
                        String authid = ac.getAuthenticationID();
                        String authzid = ac.getAuthorizationID();
                        if (authid.equals(authzid)) {
                            ac.setAuthorized(true);
                        } else {
                            ac.setAuthorized(false);
                        }
                        if (ac.isAuthorized()) {
                            ac.setAuthorizedID(authzid);
                        }
                    } else {
                        throw new UnsupportedCallbackException(callback, "Unrecognized SASL ClientCallback");
                    }
                }
            }
        }
    }
}
 
Example 28
Source Project: blazingcache   Source File: SaslNettyServer.java    License: Apache License 2.0 5 votes vote down vote up
public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            handleNameCallback((NameCallback) callback);
        } else if (callback instanceof PasswordCallback) {
            handlePasswordCallback((PasswordCallback) callback);
        } else if (callback instanceof RealmCallback) {
            handleRealmCallback((RealmCallback) callback);
        } else if (callback instanceof AuthorizeCallback) {
            handleAuthorizeCallback((AuthorizeCallback) callback);
        }
    }
}
 
Example 29
Source Project: blazingcache   Source File: SaslNettyClient.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void handle(Callback[] callbacks) throws
    UnsupportedCallbackException {
    for (Callback callback : callbacks) {
        if (callback instanceof NameCallback) {
            NameCallback nc = (NameCallback) callback;
            nc.setName(nc.getDefaultName());
        } else {
            if (callback instanceof PasswordCallback) {
                PasswordCallback pc = (PasswordCallback) callback;
                if (password != null) {
                    pc.setPassword(this.password.toCharArray());
                }
            } else {
                if (callback instanceof RealmCallback) {
                    RealmCallback rc = (RealmCallback) callback;
                    rc.setText(rc.getDefaultText());
                } else {
                    if (callback instanceof AuthorizeCallback) {
                        AuthorizeCallback ac = (AuthorizeCallback) callback;
                        String authid = ac.getAuthenticationID();
                        String authzid = ac.getAuthorizationID();
                        if (authid.equals(authzid)) {
                            ac.setAuthorized(true);
                        } else {
                            ac.setAuthorized(false);
                        }
                        if (ac.isAuthorized()) {
                            ac.setAuthorizedID(authzid);
                        }
                    } else {
                        throw new UnsupportedCallbackException(callback, "Unrecognized SASL ClientCallback");
                    }
                }
            }
        }
    }
}
 
Example 30
/**
 * @see javax.security.auth.callback.CallbackHandler#handle(javax.security.auth.callback.Callback[])
 */
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
    for (Callback current : callbacks) {
        if (current instanceof NameCallback) {
            NameCallback ncb = (NameCallback) current;
            String userName = ncb.getDefaultName();
            if ((allowAll || allowedUsersSet.contains(userName)) == false) {
                SECURITY_LOGGER.tracef("Username '%s' is not permitted for local authentication.", userName);
                throw DomainManagementLogger.ROOT_LOGGER.invalidLocalUser(userName);
            }
        } else if (current instanceof AuthorizeCallback) {
            AuthorizeCallback acb = (AuthorizeCallback) current;
            boolean authorized = acb.getAuthenticationID().equals(acb.getAuthorizationID());
            if (authorized == false) {
                SECURITY_LOGGER.tracef(
                        "Checking 'AuthorizeCallback', authorized=false, authenticationID=%s, authorizationID=%s.",
                        acb.getAuthenticationID(), acb.getAuthorizationID());
            }
            acb.setAuthorized(authorized);

            if (authorized && skipGroupLoading) {
                sharedState.put(SKIP_GROUP_LOADING_KEY, Boolean.TRUE);
            }
        } else {
            throw new UnsupportedCallbackException(current);
        }
    }
}