Refine search
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage(); try { response.getWriter().write("validateRequest invoked\n"); boolean isMandatory = Boolean.valueOf((String) messageInfo.getMap().get("javax.security.auth.message.MessagePolicy.isMandatory")); response.getWriter().write("isMandatory: " + isMandatory + "\n"); handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } return SUCCESS; }
log.trace("Handling CallerPrincipalCallback"); final CallerPrincipalCallback cpc = (CallerPrincipalCallback) callback; Principal originalPrincipal = cpc.getPrincipal(); final String callerName = cpc.getName(); final Principal callerPrincipal = originalPrincipal != null ? originalPrincipal : callerName != null ? new NamePrincipal(callerName) : null; final Subject subject = cpc.getSubject(); if (subject != null && !subject.isReadOnly()) { subject.getPrincipals().add(authorizedIdentity.getPrincipal()); log.trace("Handling GroupPrincipalCallback"); GroupPrincipalCallback gpc = (GroupPrincipalCallback) callback; String[] groups = gpc.getGroups(); if (groups != null && groups.length > 0) { roles.addAll(Arrays.asList(groups));
Principal callbackPrincipal = callerPrincipalCallback.getPrincipal(); callerPrincipal = callbackPrincipal != null ? new NamePrincipal(callbackPrincipal.getName()) : callerPrincipalCallback.getName() != null ? new NamePrincipal(callerPrincipalCallback.getName()) : null; String[] groups = groupPrincipalCallback.getGroups(); if (groups != null) { Set<String> roles = new HashSet<>(Arrays.asList(groups)); this.executionSubject.getPrincipals().add(identity.getPrincipal()); this.addPrivateCredential(executionSubject, identity);
Subject clientSubject = new Subject(); Set<UserIdentity> ids = clientSubject.getPrivateCredentials(UserIdentity.class); UserIdentity userIdentity; if (ids.size() > 0) Principal principal = principalCallback.getPrincipal(); if (principal == null) String principalName = principalCallback.getName(); Set<Principal> principals = principalCallback.getSubject().getPrincipals(); for (Principal p : principals) String[] groups = groupPrincipalCallback == null ? null : groupPrincipalCallback.getGroups(); userIdentity = _identityService.newUserIdentity(clientSubject, principal, groups);
private void processResults(Callback[] mappedCallbacks, boolean hasCallerPrincipalCallback) { if (mappedCallbacks != null) { Subject s = new Subject(); Set<Principal> principals = executionSubject.getPrincipals(); if (principals != null && principals.size() == 1) { s.getPrincipals().add(mappedPrincipal); if (callback instanceof CallerPrincipalCallback) { CallerPrincipalCallback cpc = (CallerPrincipalCallback) callback; s.getPrincipals().addAll(cpc.getSubject().getPrincipals()); s.getPublicCredentials().addAll(cpc.getSubject().getPublicCredentials()); s.getPrivateCredentials().addAll(cpc.getSubject().getPrivateCredentials()); } else if (callback instanceof GroupPrincipalCallback) { GroupPrincipalCallback gpc = (GroupPrincipalCallback) callback; s.getPrincipals().addAll(gpc.getSubject().getPrincipals()); s.getPublicCredentials().addAll(gpc.getSubject().getPublicCredentials()); s.getPrivateCredentials().addAll(gpc.getSubject().getPrivateCredentials()); } else if (callback instanceof PasswordValidationCallback) { PasswordValidationCallback pvc = (PasswordValidationCallback) callback;
Principal userPrincipal = null; String[] assignedGroups = null; for (Principal p : clientSubject.getPrincipals()) { String tmp = p.getName(); LOGGER.log(Level.FINE, "Principal utilis\u00e9: {0}", tmp); CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(clientSubject, userPrincipal); if (callerPrincipalCallback.getName() == null && callerPrincipalCallback.getPrincipal() == null) { assignGroups = false; handler.handle((assignGroups ? new Callback[]{ callerPrincipalCallback, new GroupPrincipalCallback(callerPrincipalCallback.getSubject(), assignedGroups)} : new Callback[]{callerPrincipalCallback})); LOGGER.log(Level.FINE, "jmac.caller_principal:{0} {1}", new Object[]{callerPrincipalCallback.getName(), callerPrincipalCallback.getPrincipal()}); } catch (Exception ex) { LOGGER.log(Level.SEVERE, "ERROR SAM!!!", ex);
private static void _setCallerPrincipals(Subject s, CallbackHandler handler, Subject pvcSubject) throws AuthException { if (handler != null) { // handler should be non-null Set<Principal> ps = s.getPrincipals(); if (ps == null || ps.isEmpty()) { return; } Iterator<Principal> it = ps.iterator(); Callback[] callbacks = new Callback[] { new CallerPrincipalCallback(s, it.next().getName()) }; if (pvcSubject != null) { s.getPrincipals().addAll(pvcSubject.getPrincipals()); } try { handler.handle(callbacks); } catch (Exception e) { AuthException aex = new AuthException(); aex.initCause(e); throw aex; } } }
throw PicketBoxMessages.MESSAGES.invalidNullSecurityContext(); String[] rolesArray = groupPrincipalCallback.getGroups(); int sizeOfRoles = rolesArray != null ? rolesArray.length : 0; Subject subject = groupPrincipalCallback.getSubject(); if( subject != null ) subject.getPrincipals().addAll(currentSubject.getPrincipals()); subject.getPublicCredentials().addAll(currentSubject.getPublicCredentials()); subject.getPrivateCredentials().addAll(currentSubject.getPrivateCredentials()); Subject subject = callerPrincipalCallback.getSubject(); if( currentSC == null ) throw PicketBoxMessages.MESSAGES.invalidNullSecurityContext(); Principal callerPrincipal = callerPrincipalCallback.getPrincipal(); if (callerPrincipal == null && callerPrincipalCallback.getName() != null) callerPrincipal = new SimplePrincipal(callerPrincipalCallback.getName());
protected boolean login(Subject clientSubject, String username, Credential credential, String authMethod, MessageInfo messageInfo) throws IOException, UnsupportedCallbackException { CredentialValidationCallback credValidationCallback = new CredentialValidationCallback(clientSubject, username, credential); callbackHandler.handle(new Callback[] { credValidationCallback }); if (credValidationCallback.getResult()) { Set<LoginCallbackImpl> loginCallbacks = clientSubject.getPrivateCredentials(LoginCallbackImpl.class); if (!loginCallbacks.isEmpty()) { LoginCallbackImpl loginCallback = loginCallbacks.iterator().next(); CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(clientSubject, loginCallback.getUserPrincipal()); GroupPrincipalCallback groupPrincipalCallback = new GroupPrincipalCallback(clientSubject, loginCallback.getRoles()); callbackHandler.handle(new Callback[] { callerPrincipalCallback, groupPrincipalCallback }); } messageInfo.getMap().put(JaspiMessageInfo.AUTH_METHOD_KEY, authMethod); } return credValidationCallback.getResult(); } }
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { try { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage(); if ("include".equals(request.getParameter("dispatch"))) { request.getRequestDispatcher("/includedServlet") .include(request, response); // "Do nothing", required protocol when returning SUCCESS handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) }); // When using includes, the response stays open and the main // resource can also write to the response return SUCCESS; } else { request.getRequestDispatcher("/forwardedServlet") .forward(request, response); // MUST NOT invoke the resource, so CAN NOT return SUCCESS here. return SEND_CONTINUE; } } catch (IOException | ServletException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } }
executionSubject = new Subject(); new CallerPrincipalCallback(executionSubject, defaultPrincipal); new GroupPrincipalCallback(executionSubject, defaultGroups); cbh.handle(callbacks.toArray(cb));
private static void handleCallbacks(Subject clientSubject, CallbackHandler handler, CallerPrincipalCallback callerPrincipalCallback, Set<String> groups) { if (clientSubject == null) { throw new IllegalArgumentException("Null clientSubject!"); } if (handler == null) { throw new IllegalArgumentException("Null callback handler!"); } try { if (groups == null || isEmpty(groups) || (callerPrincipalCallback.getPrincipal() == null && callerPrincipalCallback.getName() == null)) { // don't handle groups if null/empty or if caller is null handler.handle(new Callback[] { callerPrincipalCallback }); } else { handler.handle(new Callback[] { callerPrincipalCallback, new GroupPrincipalCallback(clientSubject, groups.toArray(new String[groups.size()])) }); } } catch (IOException | UnsupportedCallbackException e) { // Should not happen throw new IllegalStateException(e); } }
if(sam != null) result = sam.isValid(messageInfo, new Subject(), messageLayer, cbh); this.register(request, response, cpcb.getPrincipal(), authMethod, pvc.getUsername(), new String(pvc.getPassword()));
if (callback instanceof CallerPrincipalCallback) { CallerPrincipalCallback cpc = (CallerPrincipalCallback) callback; name = cpc.getName(); principal = cpc.getPrincipal(); subject = cpc.getSubject(); } else if (callback instanceof GroupPrincipalCallback) { GroupPrincipalCallback gpc = (GroupPrincipalCallback) callback; groups = gpc.getGroups(); } else { subject.getPrivateCredentials().add(gp);
Principal p = null; Principal callerPrincipal = callerPrincipalCallback.getPrincipal(); if (callerPrincipal != null) name = callerPrincipal.getName(); if (name == null && callerPrincipalCallback.getName() != null) name = callerPrincipalCallback.getName(); l.add(new CallerPrincipalCallback(callerPrincipalCallback.getSubject(), p)); if (groupPrincipalCallback.getGroups() != null && groupPrincipalCallback.getGroups().length > 0) List<String> gs = new ArrayList<String>(groupPrincipalCallback.getGroups().length); for (String g : groupPrincipalCallback.getGroups())
public Callback handleCallerPrincipalCallbackWithMapping(CallerPrincipalCallback cpc) { CallerPrincipalCallback asCPC; Principal eisPrincipal = cpc.getPrincipal(); String eisName = cpc.getName(); Principal asPrincipal = getMappedPrincipal(eisPrincipal, eisName); asCPC = new CallerPrincipalCallback(cpc.getSubject(), asPrincipal); return asCPC; /* Set<Principal> principals = cpc.getSubject().getPrincipals(); for (Principal p : principals) { Principal mappedPrincipal = (Principal) securityMap.get(p); if (mappedPrincipal != null) { DistinguishedPrincipalCredential dpc = new DistinguishedPrincipalCredential(mappedPrincipal); cpc.getSubject().getPublicCredentials().add(dpc); } } SecurityContext.setCurrent(new SecurityContext(cpc.getSubject())); */ }
private void processCallerPrincipal(CallerPrincipalCallback cpCallback) { final Subject fs = cpCallback.getSubject(); Principal principal = cpCallback.getPrincipal(); if (cpCallback.getName() != null) { if (isCertRealm) { principal = new X500Principal(cpCallback.getName()); } else { principal = new PrincipalImpl(cpCallback.getName());
public static void notifyContainerAboutLogin(Subject clientSubject, CallbackHandler handler, Principal callerPrincipal, Set<String> groups) { handleCallbacks(clientSubject, handler, new CallerPrincipalCallback(clientSubject, callerPrincipal), groups); }
groupPrincipalCallback = (GroupPrincipalCallback) callback; if (this.executionSubject == null) { this.executionSubject = groupPrincipalCallback.getSubject(); } else if (!this.executionSubject.equals(groupPrincipalCallback.getSubject())) { callerPrincipalCallback = (CallerPrincipalCallback) callback; if (this.executionSubject == null) { this.executionSubject = callerPrincipalCallback.getSubject(); } else if (!this.executionSubject.equals(callerPrincipalCallback.getSubject())) { if (this.executionSubject == null) { this.executionSubject = passwordValidationCallback.getSubject(); } else if (!this.executionSubject.equals(passwordValidationCallback.getSubject())) {
callerPrincipal = ((CallerPrincipalCallback) callback).getPrincipal(); } else if (callback instanceof GroupPrincipalCallback) { groupsArray = ((GroupPrincipalCallback) callback).getGroups(); } else if (callback instanceof PasswordValidationCallback) { final PasswordValidationCallback passwordValidationCallback = (PasswordValidationCallback) callback;