org.eclipse.jetty.security.UserStore Java Examples

The following examples show how to use org.eclipse.jetty.security.UserStore. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SpnegoUserStoreAuthorizationServiceTest.java    From cruise-control with BSD 2-Clause "Simplified" License 6 votes vote down vote up
@Test
public void testPrincipalNames() {
  UserStore users = new UserStore();
  users.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] { DefaultRoleSecurityProvider.ADMIN });
  UserStoreAuthorizationService usas = new SpnegoUserStoreAuthorizationService(users);

  UserIdentity result = usas.getUserIdentity(null, TEST_USER + "/host@REALM");
  assertNotNull(result);
  assertEquals(TEST_USER, result.getUserPrincipal().getName());

  result = usas.getUserIdentity(null, TEST_USER + "@REALM");
  assertNotNull(result);
  assertEquals(TEST_USER, result.getUserPrincipal().getName());

  result = usas.getUserIdentity(null, TEST_USER + "/host");
  assertNotNull(result);
  assertEquals(TEST_USER, result.getUserPrincipal().getName());

  result = usas.getUserIdentity(null, TEST_USER);
  assertNotNull(result);
  assertEquals(TEST_USER, result.getUserPrincipal().getName());
}
 
Example #2
Source File: GatewayMicroService.java    From apiman with Apache License 2.0 6 votes vote down vote up
/**
 * Creates a basic auth security handler.
 */
protected SecurityHandler createSecurityHandler() throws Exception {
    HashLoginService l = new HashLoginService();
    UserStore userStore = new UserStore();
    l.setUserStore(userStore);
    for (User user : Users.getUsers()) {
        userStore.addUser(user.getId(), Credential.getCredential(user.getPassword()), user.getRolesAsArray());
    }
    l.setName("apimanrealm");

    ConstraintSecurityHandler csh = new ConstraintSecurityHandler();
    csh.setAuthenticator(new BasicAuthenticator());
    csh.setRealmName("apimanrealm");
    csh.setLoginService(l);

    return csh;
}
 
Example #3
Source File: BasicAuthTest.java    From apiman with Apache License 2.0 6 votes vote down vote up
/**
 * Creates a basic auth security handler.
 */
private static SecurityHandler createSecurityHandler() {
    UserStore userStore = new UserStore();
    String user = "user";
    String pwd = "user123!";
    String[] roles = new String[] { "user" };
    userStore.addUser(user, Credential.getCredential(pwd), roles);

    HashLoginService l = new HashLoginService();
    l.setName("apimanrealm");
    l.setUserStore(userStore);

    ConstraintSecurityHandler csh = new ConstraintSecurityHandler();
    csh.setAuthenticator(new BasicAuthenticator());
    csh.setRealmName("apimanrealm");
    csh.setLoginService(l);

    return csh;
}
 
Example #4
Source File: ManagerApiTestServer.java    From apiman with Apache License 2.0 6 votes vote down vote up
/**
 * Creates a basic auth security handler.
 */
private SecurityHandler createSecurityHandler() {
    HashLoginService l = new HashLoginService();
    UserStore userStore = new UserStore();
    l.setUserStore(userStore);

    for (String [] userInfo : TestUsers.USERS) {
        String user = userInfo[0];
        String pwd = userInfo[1];
        String[] roles = new String[] { "apiuser" };
        if (user.startsWith("admin")) {
            roles = new String[] { "apiuser", "apiadmin"};
        }
        userStore.addUser(user, Credential.getCredential(pwd), roles);
    }
    l.setName("apimanrealm");

    ConstraintSecurityHandler csh = new ConstraintSecurityHandler();
    csh.setAuthenticator(new BasicAuthenticator());
    csh.setRealmName("apimanrealm");
    csh.setLoginService(l);

    return csh;
}
 
Example #5
Source File: ManagerApiMicroService.java    From apiman with Apache License 2.0 6 votes vote down vote up
/**
 * Creates a basic auth security handler.
 * @throws Exception
 */
protected SecurityHandler createSecurityHandler() throws Exception {
    HashLoginService l = new HashLoginService();
    // UserStore is now separate store entity and must be added to HashLoginService
    UserStore userStore = new UserStore();
    l.setUserStore(userStore);
    for (User user : Users.getUsers()) {
        userStore.addUser(user.getId(), Credential.getCredential(user.getPassword()), user.getRolesAsArray());
    }
    l.setName("apimanrealm");

    ConstraintSecurityHandler csh = new ConstraintSecurityHandler();
    csh.setAuthenticator(new BasicAuthenticator());
    csh.setRealmName("apimanrealm");
    csh.setLoginService(l);

    return csh;
}
 
Example #6
Source File: JwtLoginServiceTest.java    From cruise-control with BSD 2-Clause "Simplified" License 6 votes vote down vote up
@Test
public void testRevalidateTokenFails() throws Exception {
  UserStore testUserStore = new UserStore();
  testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] {"USER"});
  Instant now = Instant.now();
  TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER, now.plusSeconds(10).toEpochMilli());
  Clock fixedClock = Clock.fixed(now, ZoneOffset.UTC);
  JwtLoginService loginService = new JwtLoginService(
      new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null, fixedClock);

  SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token());
  HttpServletRequest request = mock(HttpServletRequest.class);
  expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token());

  replay(request);
  UserIdentity identity = loginService.login(TEST_USER, jwtToken, request);
  verify(request);
  assertNotNull(identity);
  assertEquals(TEST_USER, identity.getUserPrincipal().getName());
  loginService.setClock(Clock.offset(fixedClock, Duration.ofSeconds(20)));
  assertFalse(loginService.validate(identity));
}
 
Example #7
Source File: JwtLoginServiceTest.java    From cruise-control with BSD 2-Clause "Simplified" License 6 votes vote down vote up
@Test
public void testRevalidateTokenPasses() throws Exception {
  UserStore testUserStore = new UserStore();
  testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] {"USER"});
  TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER);
  JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null);

  SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token());
  HttpServletRequest request = mock(HttpServletRequest.class);
  expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token());

  replay(request);
  UserIdentity identity = loginService.login(TEST_USER, jwtToken, request);
  verify(request);
  assertNotNull(identity);
  assertEquals(TEST_USER, identity.getUserPrincipal().getName());
  assertTrue(loginService.validate(identity));
}
 
Example #8
Source File: JwtLoginServiceTest.java    From cruise-control with BSD 2-Clause "Simplified" License 6 votes vote down vote up
@Test
public void testValidateTokenSuccessfully() throws Exception {
  UserStore testUserStore = new UserStore();
  testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] {"USER"});
  TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER);
  JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null);

  SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token());
  HttpServletRequest request = mock(HttpServletRequest.class);
  expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token());

  replay(request);
  UserIdentity identity = loginService.login(TEST_USER, jwtToken, request);
  verify(request);
  assertNotNull(identity);
  assertEquals(TEST_USER, identity.getUserPrincipal().getName());
}
 
Example #9
Source File: JwtLoginServiceTest.java    From cruise-control with BSD 2-Clause "Simplified" License 5 votes vote down vote up
@Test
public void testFailSignatureValidation() throws Exception {
  UserStore testUserStore = new UserStore();
  testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] {"USER"});
  TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER);
  TokenGenerator.TokenAndKeys tokenAndKeys2 = TokenGenerator.generateToken(TEST_USER); // this will be signed with a different key
  JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys2.publicKey(), null);

  SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token());
  HttpServletRequest request = mock(HttpServletRequest.class);

  UserIdentity identity = loginService.login(TEST_USER, jwtToken, request);
  assertNull(identity);
}
 
Example #10
Source File: JwtAuthenticatorTest.java    From cruise-control with BSD 2-Clause "Simplified" License 5 votes vote down vote up
@Test
public void testSuccessfulLogin() throws Exception {
  UserStore testUserStore = new UserStore();
  testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[]{USER_ROLE});
  TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER);
  JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null);

  Authenticator.AuthConfiguration configuration = mock(Authenticator.AuthConfiguration.class);
  expect(configuration.getLoginService()).andReturn(loginService);
  expect(configuration.getIdentityService()).andReturn(new DefaultIdentityService());
  expect(configuration.isSessionRenewedOnAuthentication()).andReturn(true);

  Request request = niceMock(Request.class);
  expect(request.getMethod()).andReturn(HttpMethod.GET.asString());
  expect(request.getHeader(HttpHeader.AUTHORIZATION.asString())).andReturn(null);
  request.setAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE, tokenAndKeys.token());
  expectLastCall().andVoid();
  expect(request.getCookies()).andReturn(new Cookie[] {new Cookie(JWT_TOKEN, tokenAndKeys.token())});
  expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token());

  HttpServletResponse response = mock(HttpServletResponse.class);

  replay(configuration, request, response);
  JwtAuthenticator authenticator = new JwtAuthenticator(TOKEN_PROVIDER, JWT_TOKEN);
  authenticator.setConfiguration(configuration);
  UserAuthentication authentication = (UserAuthentication) authenticator.validateRequest(request, response, true);
  verify(configuration, request, response);

  assertNotNull(authentication);
  assertTrue(authentication.getUserIdentity().getUserPrincipal() instanceof JwtUserPrincipal);
  JwtUserPrincipal userPrincipal = (JwtUserPrincipal) authentication.getUserIdentity().getUserPrincipal();
  assertEquals(TEST_USER, userPrincipal.getName());
  assertEquals(tokenAndKeys.token(), userPrincipal.getSerializedToken());
}
 
Example #11
Source File: DigestAuthSupplierJettyTest.java    From cxf with Apache License 2.0 5 votes vote down vote up
@Override
protected void run() {
    server = new Server(PORT);

    HashLoginService loginService = new HashLoginService();
    loginService.setName("My Realm");
    UserStore userStore = new UserStore();
    String[] roles = new String[] {"user"};
    userStore.addUser(USER, Credential.getCredential(PWD), roles);
    loginService.setUserStore(userStore);

    Constraint constraint = new Constraint();
    constraint.setName(Constraint.__DIGEST_AUTH);
    constraint.setRoles(roles);
    constraint.setAuthenticate(true);

    ConstraintMapping cm = new ConstraintMapping();
    cm.setConstraint(constraint);
    cm.setPathSpec("/*");

    ConstraintSecurityHandler csh = new ConstraintSecurityHandler();
    csh.setAuthenticator(new DigestAuthenticator());
    csh.addConstraintMapping(cm);
    csh.setLoginService(loginService);

    ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
    context.setSecurityHandler(csh);
    context.setContextPath("/");
    server.setHandler(context);
    context.addServlet(new ServletHolder(new TestServlet()), "/*");

    try {
        server.start();
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}
 
Example #12
Source File: HttpReceiverServerPush.java    From datacollector with Apache License 2.0 5 votes vote down vote up
public static SecurityHandler getBasicAuthHandler(HttpSourceConfigs httpCourceConf) {
  List<CredentialValueUserPassBean> basicAuthUsers = httpCourceConf.getBasicAuthUsers();

  HashLoginService loginService = new HashLoginService();
  UserStore userStore = new UserStore();

  boolean empty = true;
  for (CredentialValueUserPassBean userPassBean : basicAuthUsers) {
    String username = userPassBean.getUsername();
    String password = userPassBean.get();
    if(StringUtils.isNotEmpty(username) && StringUtils.isNotEmpty(password)) {
      userStore.addUser(username, new Password(password), new String[]{"sdc"});
      empty = false;
    }
  }
  if(empty) {
    return null;
  }

  loginService.setUserStore(userStore);

  Constraint constraint = new Constraint(Constraint.__BASIC_AUTH,"sdc");
  constraint.setAuthenticate(true);

  ConstraintMapping mapping = new ConstraintMapping();
  mapping.setConstraint(constraint);
  mapping.setPathSpec("/*");

  ConstraintSecurityHandler handler = new ConstraintSecurityHandler();
  handler.setAuthenticator(new BasicAuthenticator());
  handler.addConstraintMapping(mapping);
  handler.setLoginService(loginService);

  return handler;
}
 
Example #13
Source File: BaleenWebApi.java    From baleen with Apache License 2.0 5 votes vote down vote up
private void configureServer(Server server, WebAuthConfig authConfig, Handler servletHandler)
    throws BaleenException {
  Handler serverHandler;

  if (authConfig == null || authConfig.getType() == AuthType.NONE) {
    LOGGER.warn("No security applied to API");
    // No security
    serverHandler = servletHandler;
  } else if (authConfig.getType() == AuthType.BASIC) {
    // Basic authentication
    LOGGER.info("Using Basic HTTP authentication for API");

    HashLoginService loginService = new HashLoginService(authConfig.getName());

    UserStore userStore = new UserStore();
    for (WebUser user : authConfig.getUsers()) {
      Credential credential = Credential.getCredential(user.getPassword());
      userStore.addUser(user.getUsername(), credential, user.getRolesAsArray());
    }
    loginService.setUserStore(userStore);
    server.addBean(loginService);

    ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();

    securityHandler.setHandler(servletHandler);
    securityHandler.setConstraintMappings(constraintMappings);
    securityHandler.setAuthenticator(new BasicAuthenticator());
    securityHandler.setLoginService(loginService);

    serverHandler = securityHandler;
  } else {
    throw new InvalidParameterException("Configuration of authentication failed");
  }

  server.setHandler(serverHandler);
}
 
Example #14
Source File: HudsonTestCase.java    From jenkins-test-harness with MIT License 5 votes vote down vote up
/**
 * Configures a security realm for a test.
 */
protected LoginService configureUserRealm() {
    HashLoginService realm = new HashLoginService();
    realm.setName("default");   // this is the magic realm name to make it effective on everywhere
    UserStore userStore = new UserStore();
    realm.setUserStore( userStore );
    userStore.addUser("alice", new Password("alice"), new String[]{"user","female"});
    userStore.addUser("bob", new Password("bob"), new String[]{"user","male"});
    userStore.addUser("charlie", new Password("charlie"), new String[]{"user","male"});

    return realm;
}
 
Example #15
Source File: JenkinsRule.java    From jenkins-test-harness with MIT License 5 votes vote down vote up
/**
 * Creates a {@link HashLoginService} with three users: alice, bob and charlie
 *
 * The password is same as the username
 * @return a new login service
 * @since 2.50
 */
public static LoginService _configureUserRealm() {
    HashLoginService realm = new HashLoginService();
    realm.setName("default");   // this is the magic realm name to make it effective on everywhere
    UserStore userStore = new UserStore();
    realm.setUserStore( userStore );
    userStore.addUser("alice", new Password("alice"), new String[]{"user","female"});
    userStore.addUser("bob", new Password("bob"), new String[]{"user","male"});
    userStore.addUser("charlie", new Password("charlie"), new String[]{"user","male"});

    return realm;
}
 
Example #16
Source File: TrustedProxyAuthorizationService.java    From cruise-control with BSD 2-Clause "Simplified" License 5 votes vote down vote up
TrustedProxyAuthorizationService(List<String> userNames, String trustedProxyIpPattern) {
  _adminUserStore = new UserStore();
  userNames.forEach(u -> _adminUserStore.addUser(u, SecurityUtils.NO_CREDENTIAL, new String[] { DefaultRoleSecurityProvider.ADMIN }));
  if (trustedProxyIpPattern != null) {
    _trustedProxyIpPattern = Pattern.compile(trustedProxyIpPattern);
  } else {
    _trustedProxyIpPattern = null;
  }
}
 
Example #17
Source File: JwtAuthenticatorTest.java    From cruise-control with BSD 2-Clause "Simplified" License 5 votes vote down vote up
@Test
public void testFailedLoginWithUserNotFound() throws Exception {
  UserStore testUserStore = new UserStore();
  testUserStore.addUser(TEST_USER_2, SecurityUtils.NO_CREDENTIAL, new String[] {USER_ROLE});
  TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER);
  JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null);

  Authenticator.AuthConfiguration configuration = mock(Authenticator.AuthConfiguration.class);
  expect(configuration.getLoginService()).andReturn(loginService);
  expect(configuration.getIdentityService()).andReturn(new DefaultIdentityService());
  expect(configuration.isSessionRenewedOnAuthentication()).andReturn(true);

  Request request = niceMock(Request.class);
  expect(request.getMethod()).andReturn(HttpMethod.GET.asString());
  expect(request.getHeader(HttpHeader.AUTHORIZATION.asString())).andReturn(null);
  request.setAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE, tokenAndKeys.token());
  expectLastCall().andVoid();
  expect(request.getCookies()).andReturn(new Cookie[] {new Cookie(JWT_TOKEN, tokenAndKeys.token())});
  expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token());

  HttpServletResponse response = mock(HttpServletResponse.class);
  response.setStatus(HttpStatus.UNAUTHORIZED_401);
  expectLastCall().andVoid();

  replay(configuration, request, response);
  JwtAuthenticator authenticator = new JwtAuthenticator(TOKEN_PROVIDER, JWT_TOKEN);
  authenticator.setConfiguration(configuration);
  Authentication authentication = authenticator.validateRequest(request, response, true);
  verify(configuration, request, response);

  assertNotNull(authentication);
  assertEquals(Authentication.SEND_FAILURE, authentication);
}
 
Example #18
Source File: JwtAuthenticatorTest.java    From cruise-control with BSD 2-Clause "Simplified" License 5 votes vote down vote up
@Test
public void testFailedLoginWithInvalidToken() throws Exception {
  UserStore testUserStore = new UserStore();
  testUserStore.addUser(TEST_USER_2, SecurityUtils.NO_CREDENTIAL, new String[] {USER_ROLE});
  TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER);
  TokenGenerator.TokenAndKeys tokenAndKeys2 = TokenGenerator.generateToken(TEST_USER);
  JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null);

  Authenticator.AuthConfiguration configuration = mock(Authenticator.AuthConfiguration.class);
  expect(configuration.getLoginService()).andReturn(loginService);
  expect(configuration.getIdentityService()).andReturn(new DefaultIdentityService());
  expect(configuration.isSessionRenewedOnAuthentication()).andReturn(true);

  Request request = niceMock(Request.class);
  expect(request.getMethod()).andReturn(HttpMethod.GET.asString());
  expect(request.getHeader(HttpHeader.AUTHORIZATION.asString())).andReturn(null);
  request.setAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE, tokenAndKeys2.token());
  expectLastCall().andVoid();
  expect(request.getCookies()).andReturn(new Cookie[] {new Cookie(JWT_TOKEN, tokenAndKeys2.token())});

  HttpServletResponse response = mock(HttpServletResponse.class);
  response.setStatus(HttpStatus.UNAUTHORIZED_401);
  expectLastCall().andVoid();

  replay(configuration, request, response);
  JwtAuthenticator authenticator = new JwtAuthenticator(TOKEN_PROVIDER, JWT_TOKEN);
  authenticator.setConfiguration(configuration);
  Authentication authentication = authenticator.validateRequest(request, response, true);
  verify(configuration, request, response);

  assertNotNull(authentication);
  assertEquals(Authentication.SEND_FAILURE, authentication);
}
 
Example #19
Source File: JwtLoginServiceTest.java    From cruise-control with BSD 2-Clause "Simplified" License 5 votes vote down vote up
@Test
public void testFailExpirationValidation() throws Exception {
  UserStore testUserStore = new UserStore();
  testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] {"USER"});
  TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER, 1L);
  JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null);

  SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token());
  HttpServletRequest request = mock(HttpServletRequest.class);

  UserIdentity identity = loginService.login(TEST_USER, jwtToken, request);
  assertNull(identity);
}
 
Example #20
Source File: JwtLoginServiceTest.java    From cruise-control with BSD 2-Clause "Simplified" License 5 votes vote down vote up
@Test
public void testFailAudienceValidation() throws Exception {
  UserStore testUserStore = new UserStore();
  testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[] {"USER"});
  TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER, Arrays.asList("A", "B"));
  JwtLoginService loginService = new JwtLoginService(
      new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), Arrays.asList("C", "D"));

  SignedJWT jwtToken = SignedJWT.parse(tokenAndKeys.token());
  HttpServletRequest request = mock(HttpServletRequest.class);

  UserIdentity identity = loginService.login(TEST_USER, jwtToken, request);
  assertNull(identity);
}
 
Example #21
Source File: HttpProtocolServer.java    From gitflow-incremental-builder with MIT License 4 votes vote down vote up
private UserStore buildUserStore() {
    UserStore userStore = new UserStore();
    userStore.addUser(username, new Password(password), ROLES);
    return userStore;
}
 
Example #22
Source File: InMemoryIdentityManager.java    From crnk-framework with Apache License 2.0 4 votes vote down vote up
public void addUser(String userId, String password, String... roles) {
	UserStore userStore = new UserStore();
	userStore.addUser(userId, Credential.getCredential(password), roles);
	loginService.setUserStore(userStore);
}
 
Example #23
Source File: SdcHashLoginService.java    From datacollector with Apache License 2.0 4 votes vote down vote up
/**
 * Configure the {@link UserStore} implementation to use.
 * If none, for backward compat if none the {@link PropertyUserStore} will be used
 * @param userStore the {@link UserStore} implementation to use
 */
public void setUserStore(UserStore userStore)
{
  Utils.checkArgument(userStore instanceof PropertyUserStore, "Only PropertyUserStore is supported.");
  this._userStore = userStore;
}
 
Example #24
Source File: JettyHttpServer.java    From everrest with Eclipse Public License 2.0 4 votes vote down vote up
public void start() throws Exception {
    RequestLogHandler handler = new RequestLogHandler();

    if (context == null) {
        context = new ServletContextHandler(handler, "/", ServletContextHandler.SESSIONS);
    }

    context.setEventListeners(new EventListener[]{new EverrestInitializedListener()});
    ServletHolder servletHolder = new ServletHolder(new EverrestServlet());

    context.addServlet(servletHolder, UNSECURE_PATH_SPEC);
    context.addServlet(servletHolder, SECURE_PATH_SPEC);

    //set up security
    Constraint constraint = new Constraint();
    constraint.setName(Constraint.__BASIC_AUTH);
    constraint.setRoles(new String[]{"cloud-admin", "users", "user", "temp_user"});
    constraint.setAuthenticate(true);

    ConstraintMapping constraintMapping = new ConstraintMapping();
    constraintMapping.setConstraint(constraint);
    constraintMapping.setPathSpec(SECURE_PATH_SPEC);

    ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
    securityHandler.addConstraintMapping(constraintMapping);

    HashLoginService loginService = new HashLoginService();

    UserStore userStore = new UserStore();

    userStore.addUser(ADMIN_USER_NAME, new Password(ADMIN_USER_PASSWORD),
                         new String[]{"cloud-admin",
                                      "users",
                                      "user",
                                      "temp_user",
                                      "developer",
                                      "admin",
                                      "workspace/developer",
                                      "workspace/admin",
                                      "account/owner",
                                      "account/member",
                                      "system/admin",
                                      "system/manager"
                         });
    userStore.addUser(MANAGER_USER_NAME, new Password(MANAGER_USER_PASSWORD), new String[]{"cloud-admin",
                                                                                              "user",
                                                                                              "temp_user",
                                                                                              "users"});
    loginService.setUserStore(userStore);

    securityHandler.setLoginService(loginService);
    securityHandler.setAuthenticator(new BasicAuthenticator());

    context.setSecurityHandler(securityHandler);

    server.setHandler(handler);

    server.start();
    ResourceBinder binder =
            (ResourceBinder)context.getServletContext().getAttribute(ResourceBinder.class.getName());
    DependencySupplier dependencies =
            (DependencySupplier)context.getServletContext().getAttribute(DependencySupplier.class.getName());
    GroovyResourcePublisher groovyPublisher = new GroovyResourcePublisher(binder, dependencies);
    context.getServletContext().setAttribute(GroovyResourcePublisher.class.getName(), groovyPublisher);

}
 
Example #25
Source File: SpnegoUserStoreAuthorizationService.java    From cruise-control with BSD 2-Clause "Simplified" License 4 votes vote down vote up
public SpnegoUserStoreAuthorizationService(UserStore userStore) {
  super(userStore);
}
 
Example #26
Source File: UserStoreAuthorizationService.java    From cruise-control with BSD 2-Clause "Simplified" License 4 votes vote down vote up
private static UserStore userStoreFromFile(String privilegesFilePath) {
  PropertyUserStore userStore = new PropertyUserStore();
  userStore.setConfig(privilegesFilePath);
  return userStore;
}
 
Example #27
Source File: UserStoreAuthorizationService.java    From cruise-control with BSD 2-Clause "Simplified" License 4 votes vote down vote up
public UserStoreAuthorizationService(UserStore userStore) {
  _userStore = userStore;
}