@Override public void handle(Callback[] callbacks) throws UnsupportedCallbackException { for (Callback callback : callbacks) { if (callback instanceof NameCallback) { NameCallback nc = (NameCallback) callback; nc.setName(nc.getDefaultName()); } else if (callback instanceof PasswordCallback) { String errorMessage = "Could not login: the client is being asked for a password, but the Kafka" + " client code does not currently support obtaining a password from the user."; errorMessage += " Make sure -Djava.security.auth.login.config property passed to JVM and" + " the client is configured to use a ticket cache (using" + " the JAAS configuration setting 'useTicketCache=true)'. Make sure you are using" + " FQDN of the Kafka broker you are trying to connect to."; throw new UnsupportedCallbackException(callback, errorMessage); } else if (callback instanceof RealmCallback) { RealmCallback rc = (RealmCallback) callback; rc.setText(rc.getDefaultText()); } else if (callback instanceof AuthorizeCallback) { AuthorizeCallback ac = (AuthorizeCallback) callback; String authId = ac.getAuthenticationID(); String authzId = ac.getAuthorizationID(); ac.setAuthorized(authId.equals(authzId)); if (ac.isAuthorized()) ac.setAuthorizedID(authzId); } else { throw new UnsupportedCallbackException(callback, "Unrecognized SASL ClientCallback"); } } }
public byte[] handleUserRealmPasswordCallbacks() throws AuthenticationMechanismException { realmChoiceCallBack = skipRealmCallbacks || realms == null || realms.length <= 1 ? null : new RealmChoiceCallback("User realm: ", realms, 0, false); realmCallback = skipRealmCallbacks ? null : realm != null ? new RealmCallback("User realm: ", realm) : new RealmCallback("User realm: "); nameCallback = username != null && ! username.isEmpty() ? new NameCallback("User name: ", username) : new NameCallback("User name: "); byte[] digest = getPredigestedSaltedPassword(); if (digest != null) return digest; digest = getSaltedPasswordFromTwoWay(); if (digest != null) return digest; digest = getSaltedPasswordFromPasswordCallback(); if (digest != null) return digest; throw log.mechCallbackHandlerDoesNotSupportCredentialAcquisition(null); }
private static void log(String type, AuthorizeCallback ac, NameCallback nc, PasswordCallback pc, RealmCallback rc) { if (LOG.isDebugEnabled()) { String acs = "null"; if (ac != null) { acs = "athz: " + ac.getAuthorizationID() + " athn: " + ac.getAuthenticationID() + " authorized: " + ac.getAuthorizedID(); } String ncs = "null"; if (nc != null) { ncs = "default: " + nc.getDefaultName() + " name: " + nc.getName(); } String pcs = "null"; if (pc != null) { char[] pwd = pc.getPassword(); pcs = "password: " + (pwd == null ? "null" : "not null " + pwd.length); } String rcs = "null"; if (rc != null) { rcs = "default: " + rc.getDefaultText() + " text: " + rc.getText(); } LOG.debug("{}\nAC: {}\nNC: {}\nPC: {}\nRC: {}", type, acs, ncs, pcs, rcs); } }
private void handleRealmCallback(RealmCallback rc) { LOG.trace("Client supplied realm: {} ", rc.getDefaultText()); rc.setText(rc.getDefaultText()); }
@Override public void handle(Callback[] callbacks) throws UnsupportedCallbackException { for (Callback callback : callbacks) { if (callback instanceof NameCallback) { NameCallback nc = (NameCallback) callback; nc.setName(nc.getDefaultName()); } else if (callback instanceof PasswordCallback) { String errorMessage = "Could not login: the client is being asked for a password, but the Kafka" + " client code does not currently support obtaining a password from the user."; throw new UnsupportedCallbackException(callback, errorMessage); } else if (callback instanceof RealmCallback) { RealmCallback rc = (RealmCallback) callback; rc.setText(rc.getDefaultText()); } else { throw new UnsupportedCallbackException(callback, "Unrecognized SASL Login callback"); } } }
@Override public void handle(Callback[] callbacks) { for (Callback cb : callbacks) { if (cb instanceof NameCallback) { ((NameCallback)cb).setName(clientId); } else if (cb instanceof PasswordCallback) { ((PasswordCallback)cb).setPassword(secret.toCharArray()); } else if (cb instanceof RealmCallback) { RealmCallback rb = (RealmCallback) cb; rb.setText(rb.getDefaultText()); } } }
if (callback instanceof NameCallback) { final NameCallback nameCallback = (NameCallback) callback; final String defaultName = nameCallback.getDefaultName(); log.tracef("User name requested; prompt '%s', default is '%s', ours is '%s'", nameCallback.getPrompt(), defaultName, actualUserName); if (actualUserName == null) { if (defaultName != null) { nameCallback.setName(defaultName); final String defaultRealm = realmCallback.getDefaultText(); log.tracef("Realm requested; prompt '%s', default is '%s', ours is '%s'", realmCallback.getPrompt(), defaultRealm, actualUserRealm); if (actualUserRealm == null) { if (defaultRealm != null) { realmCallback.setText(defaultRealm); realmCallback.setText(actualUserRealm); throw new UnsupportedCallbackException(callback, "No realm choices match realm '" + actualUserRealm + "'"); } else if (callback instanceof TextOutputCallback) { final TextOutputCallback textOutputCallback = (TextOutputCallback) callback; } else if (callback instanceof PasswordCallback) { final PasswordCallback passwordCallback = (PasswordCallback) callback; passwordCallback.setPassword(password); } else { throw new UnsupportedCallbackException(callback);
} else if (callback instanceof AuthorizeCallback) { final AuthorizeCallback authorizeCallback = (AuthorizeCallback) callback; String authenticationID = authorizeCallback.getAuthenticationID(); if (authenticationID != null) { String authorizationID = authorizeCallback.getAuthorizationID(); boolean authorized = authorizationID != null ? authorize(authorizationID) : authorize(); log.tracef("Handling AuthorizeCallback: authenticationID = %s authorizationID = %s authorized = %b", authenticationID, authorizationID, authorized); authorizeCallback.setAuthorized(authorized); handleOne(callbacks, idx + 1); } else if (callback instanceof ExclusiveNameCallback) { } else if (callback instanceof NameCallback) { final String name = ((NameCallback) callback).getDefaultName(); try { log.tracef("Handling NameCallback: authenticationName = %s", name); passwordCallback.setPassword(clearPasswordSpec.getEncodedPassword()); handleOne(callbacks, idx + 1); return; } else if (callback instanceof RealmCallback) { RealmCallback rcb = (RealmCallback) callback; String mechanismRealm = rcb.getText(); if (mechanismRealm == null) { mechanismRealm = rcb.getDefaultText();
((RealmCallback) callback).setText( XMPPServer.getInstance().getServerInfo().getXMPPDomain() ); name = ((NameCallback) callback).getName(); if (name == null) { name = ((NameCallback) callback).getDefaultName(); .setPassword(AuthFactory.getPassword(name).toCharArray()); String principal = authCallback.getAuthenticationID(); String username = authCallback.getAuthorizationID(); authCallback.setAuthorized(true); authCallback.setAuthorizedID(username); throw new UnsupportedCallbackException(callback, "Unrecognized Callback");
@Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback callback : callbacks) { if (callback instanceof NameCallback) { NameCallback nameCallback = (NameCallback) callback; nameCallback.setName(username); } else if (callback instanceof PasswordCallback) { PasswordCallback passwordCallback = (PasswordCallback) callback; passwordCallback.setPassword(password); } else if (callback instanceof AuthorizeCallback) { AuthorizeCallback authorizeCallback = (AuthorizeCallback) callback; authorizeCallback.setAuthorized(authorizeCallback.getAuthenticationID().equals( authorizeCallback.getAuthorizationID())); } else if (callback instanceof RealmCallback) { RealmCallback realmCallback = (RealmCallback) callback; realmCallback.setText(realm); } else { throw new UnsupportedCallbackException(callback); } } }
private byte[] getSaltedPasswordFromPasswordCallback() throws AuthenticationMechanismException { PasswordCallback passwordCallback = new PasswordCallback("User password: ", false); if (e.getCallback() == realmChoiceCallBack) { realmChoiceCallBack = null; } else if (e.getCallback() == nameCallback) { throw log.mechCallbackHandlerDoesNotSupportUserName(e); } else if (e.getCallback() == passwordCallback) { throw log.mechCallbackHandlerDoesNotSupportCredentialAcquisition(e); } else { try { callbackHandler.handle(new Callback[]{ realmCallback, nameCallback, passwordCallback }); if (realmCallback.getText() != null) realm = realmCallback.getText(); } catch (UnsupportedCallbackException e) { if (e.getCallback() == realmCallback) { char[] passwordChars = passwordCallback.getPassword(); passwordCallback.clearPassword(); if ( ! readOnlyRealmUsername) { username = nameCallback.getName(); if (username == null) { throw log.mechNotProvidedUserName();
/** * @see org.jboss.security.auth.spi.UsernamePasswordLoginModule#getUsersPassword() */ @Override protected String getUsersPassword() throws LoginException { if (validationMode == ValidationMode.VALIDATION) { return null; } RealmCallback rcb = new RealmCallback("Realm", securityRealm.getName()); NameCallback ncb = new NameCallback("User Name", getUsername()); String password = null; switch (validationMode) { case DIGEST: CredentialCallback cc = new CredentialCallback(PasswordCredential.class, ALGORITHM_DIGEST_MD5); handle(new Callback[]{rcb, ncb, cc}); PasswordCredential passwordCredential = (PasswordCredential) cc.getCredential(); DigestPassword digestPassword = passwordCredential.getPassword(DigestPassword.class); password = ByteIterator.ofBytes(digestPassword.getDigest()).hexEncode().drainToString(); break; case PASSWORD: PasswordCallback pcb = new PasswordCallback("Password", false); handle(new Callback[]{rcb, ncb, pcb}); password = String.valueOf(pcb.getPassword()); break; } return password; }
@Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback callback : callbacks) { if (callback instanceof PasswordCallback) { ((PasswordCallback) callback).setPassword(password); } else if (callback instanceof RealmCallback) { ((RealmCallback) callback).setText(realm); } else if (callback instanceof NameCallback) { ((NameCallback) callback).setName(name); } } }
protected boolean authenticate(String realmName, String username, char[] password) throws HttpAuthenticationException { RealmCallback realmCallback = realmName != null ? new RealmCallback("User realm", realmName) : null; NameCallback nameCallback = new NameCallback("Remote Authentication Name", username); nameCallback.setName(username); final PasswordGuessEvidence evidence = new PasswordGuessEvidence(password); EvidenceVerifyCallback evidenceVerifyCallback = new EvidenceVerifyCallback(evidence);
new NameCallback("DIGEST-MD5 authentication ID: ") : new NameCallback("DIGEST-MD5 authentication ID: ", authzid); Callback credentialCallback = preDigestedPasswords ? new DigestHashCallback("DIGEST-MD5 hash: ") : new PasswordCallback("DIGEST-MD5 password: ", false); (negotiatedRealm == null? new RealmCallback("DIGEST-MD5 realm: ") : new RealmCallback("DIGEST-MD5 realm: ", negotiatedRealm)); negotiatedRealm = tcb.getText(); if (negotiatedRealm == null) { negotiatedRealm = ""; } else { PasswordCallback pcb = (PasswordCallback) credentialCallback; passwd = pcb.getPassword(); pcb.clearPassword(); username = ncb.getName();
try { callbackHandler.handle(new Callback[]{ realmCallback }); if (realmCallback.getText() != null) realm = realmCallback.getText(); } catch (UnsupportedCallbackException e) { realmCallback = null; callbackHandler.handle(new Callback[]{ nameCallback }); if ( ! readOnlyRealmUsername) { username = nameCallback.getName(); if (username == null) { throw log.mechNotProvidedUserName(); ); } catch (UnsupportedCallbackException e) { if (e.getCallback() == nameCallback) { throw log.mechCallbackHandlerDoesNotSupportUserName(e); } else if (credentialCallback == null || e.getCallback() != credentialCallback) { throw log.mechCallbackHandlerFailedForUnknownReason(e);
final NameCallback nameCallback = new NameCallback("User name", authenticationId); final AuthorizeCallback authorizeCallback = new AuthorizeCallback(authenticationId, authorizationId); if (authenticationRealm == null) { handleCallbacks(nameCallback, authorizeCallback); } else { final RealmCallback realmCallback = new RealmCallback("User realm", authenticationRealm); handleCallbacks(realmCallback, nameCallback, authorizeCallback); if (!authorizeCallback.isAuthorized()) { throw saslLocal.mechAuthorizationFailed(authenticationId, authorizationId).toSaslException();
/** * Tests that an exception is thrown in case an unsupported callback is used. */ @Test public void unsupportCallback() throws Exception { mThrown.expect(UnsupportedCallbackException.class); mThrown.expectMessage(RealmCallback.class + " is unsupported."); Callback[] callbacks = new Callback[3]; callbacks[0] = new NameCallback("Username:"); callbacks[1] = new PasswordCallback("Password:", true); callbacks[2] = new RealmCallback("Realm:"); String user = "alluxio-user-2"; String password = "alluxio-user-2-password"; CallbackHandler clientCBHandler = new PlainSaslClientCallbackHandler(user, password); clientCBHandler.handle(callbacks); }
final NameCallback nameCallback = authenticationId != null && ! authenticationId.isEmpty() ? new OptionalNameCallback("User name", authenticationId) : new OptionalNameCallback("User name"); final RealmCallback realmCallback = new RealmCallback("User realm"); authenticationId = nameCallback.getName(); authenticationRealm = realmCallback.getText(); } catch (UnsupportedCallbackException e) { saslLocal.trace("CallbackHandler does not support name or realm callback", e);
@Override public void handle(final Callback[] callbacks) throws IOException, UnsupportedCallbackException { callbackHandler.handle(callbacks); for(Callback callback : callbacks) { if(callback instanceof RealmCallback) { final RealmCallback realmCallback = (RealmCallback)callback; if(realmCallback.getText() == null) { realmCallback.setText(realmCallback.getDefaultText()); } } } } }