public void addUser( String username, Credential credential, String[] roles) { Principal userPrincipal = new AbstractLoginService.UserPrincipal( username, credential); Subject subject = new Subject(); subject.getPrincipals().add(userPrincipal); subject.getPrivateCredentials().add(credential); if (roles != null) { for (String role : roles) { subject.getPrincipals().add(new AbstractLoginService.RolePrincipal(role)); } } subject.setReadOnly(); _knownUserIdentities.put(username,_identityService.newUserIdentity(subject,userPrincipal,roles)); }
@Override protected String[] loadRoleInfo(UserPrincipal user) { UserIdentity id = _userStore.getUserIdentity(user.getName()); if (id == null) return null; Set<RolePrincipal> roles = id.getSubject().getPrincipals(RolePrincipal.class); if (roles == null) return null; List<String> list = roles.stream() .map( rolePrincipal -> rolePrincipal.getName() ) .collect( Collectors.toList() ); return list.toArray(new String[roles.size()]); }
/** * @see org.eclipse.jetty.security.LoginService#login(java.lang.String, java.lang.Object, javax.servlet.ServletRequest) */ @Override public UserIdentity login(String username, Object credentials, ServletRequest request) { if (username == null) return null; UserPrincipal userPrincipal = loadUserInfo(username); if (userPrincipal != null && userPrincipal.authenticate(credentials)) { //safe to load the roles String[] roles = loadRoleInfo(userPrincipal); Subject subject = new Subject(); subject.getPrincipals().add(userPrincipal); subject.getPrivateCredentials().add(userPrincipal._credential); if (roles!=null) for (String role : roles) subject.getPrincipals().add(new RolePrincipal(role)); subject.setReadOnly(); return _identityService.newUserIdentity(subject,userPrincipal,roles); } return null; }
LOG.warn("Problem loading user info for "+user.getName(), e);
/** * @see org.eclipse.jetty.security.LoginService#login(java.lang.String, java.lang.Object, javax.servlet.ServletRequest) */ @Override public UserIdentity login(String username, Object credentials, ServletRequest request) { if (username == null) return null; UserPrincipal userPrincipal = loadUserInfo(username); if (userPrincipal != null && userPrincipal.authenticate(credentials)) { //safe to load the roles String[] roles = loadRoleInfo(userPrincipal); Subject subject = new Subject(); subject.getPrincipals().add(userPrincipal); subject.getPrivateCredentials().add(userPrincipal._credential); if (roles!=null) for (String role : roles) subject.getPrincipals().add(new RolePrincipal(role)); subject.setReadOnly(); return _identityService.newUserIdentity(subject,userPrincipal,roles); } return null; }
@Override public UserIdentity login(String username, Object credentials, ServletRequest request) { try { Credential credential = Credential.getCredential((String) credentials); User user = lookupUser(username, credential); if (user != null) { UserIdentity userIdentity = createUserIdentity(username, credential); AbstractLoginService.UserPrincipal principal = (AbstractLoginService.UserPrincipal) userIdentity.getUserPrincipal(); if (principal.authenticate(credentials)) { bindUserDataToThread(user); ThreadContext.bind(userIdentity.getSubject()); return userIdentity; } } } catch (IResourceStore.ResourceStoreException e) { log.error("Could not process login.", e); } catch (IResourceStore.ResourceNotFoundException e) { //no user entity found for the given username } return null; }
/** * @see org.eclipse.jetty.security.LoginService#validate(org.eclipse.jetty.server.UserIdentity) */ @Override public boolean validate(UserIdentity user) { if (!isFullValidate()) return true; //if we have a user identity it must be valid //Do a full validation back against the user store UserPrincipal fresh = loadUserInfo(user.getUserPrincipal().getName()); if (fresh == null) return false; //user no longer exists if (user.getUserPrincipal() instanceof UserPrincipal) { return fresh.authenticate(((UserPrincipal)user.getUserPrincipal())._credential); } throw new IllegalStateException("UserPrincipal not KnownUser"); //can't validate }
@Override protected void loadUsers() throws IOException { for (User user : users) { Credential credential = Credential.getCredential(user.getPassword()); Principal userPrincipal = new AbstractLoginService.UserPrincipal(user.getName(),credential); Subject subject = new Subject(); subject.getPrincipals().add(userPrincipal); subject.getPrivateCredentials().add(credential); String[] roleArray = IdentityService.NO_ROLES; if (user.getRoles() != null && user.getRoles().length > 0) { roleArray = user.getRoles(); } for (String role : roleArray) { subject.getPrincipals().add(new AbstractLoginService.RolePrincipal(role)); } subject.setReadOnly(); getKnownUserIdentities().put(user.getName(), getIdentityService().newUserIdentity(subject, userPrincipal, roleArray)); } } }
public void addUser( String username, Credential credential, String[] roles) { Principal userPrincipal = new AbstractLoginService.UserPrincipal( username, credential); Subject subject = new Subject(); subject.getPrincipals().add(userPrincipal); subject.getPrivateCredentials().add(credential); if (roles != null) { for (String role : roles) { subject.getPrincipals().add(new AbstractLoginService.RolePrincipal(role)); } } subject.setReadOnly(); _knownUserIdentities.put(username,_identityService.newUserIdentity(subject,userPrincipal,roles)); }
@Override protected String[] loadRoleInfo(UserPrincipal user) { UserIdentity id = _userStore.getUserIdentity(user.getName()); if (id == null) return null; Set<RolePrincipal> roles = id.getSubject().getPrincipals(RolePrincipal.class); if (roles == null) return null; List<String> list = roles.stream() .map( rolePrincipal -> rolePrincipal.getName() ) .collect( Collectors.toList() ); return list.toArray(new String[roles.size()]); }
private UserIdentity createUserIdentity(String username, Credential credential) { Principal userPrincipal = new AbstractLoginService.UserPrincipal(username, credential); Subject subject = new Subject(); subject.getPrincipals().add(userPrincipal); subject.getPrivateCredentials().add(credential); subject.setReadOnly(); return identityService.newUserIdentity(subject, userPrincipal, new String[]{"user"}); }
@Override protected String[] loadRoleInfo(UserPrincipal user) { if (users.get(user.getName()) == null) return null; else return new String[] { role }; }
@Override protected void doStart() throws Exception { UserPrincipal p = new UserPrincipal(username, new Password(password)); users.put(username, p); super.doStart(); }
/** * @see org.eclipse.jetty.security.LoginService#validate(org.eclipse.jetty.server.UserIdentity) */ @Override public boolean validate(UserIdentity user) { if (!isFullValidate()) return true; //if we have a user identity it must be valid //Do a full validation back against the user store UserPrincipal fresh = loadUserInfo(user.getUserPrincipal().getName()); if (fresh == null) return false; //user no longer exists if (user.getUserPrincipal() instanceof UserPrincipal) { return fresh.authenticate(((UserPrincipal)user.getUserPrincipal())._credential); } throw new IllegalStateException("UserPrincipal not KnownUser"); //can't validate }