public void addUser( String username, Credential credential, String[] roles) { Principal userPrincipal = new AbstractLoginService.UserPrincipal( username, credential); Subject subject = new Subject(); subject.getPrincipals().add(userPrincipal); subject.getPrivateCredentials().add(credential); if (roles != null) { for (String role : roles) { subject.getPrincipals().add(new AbstractLoginService.RolePrincipal(role)); } } subject.setReadOnly(); _knownUserIdentities.put(username,_identityService.newUserIdentity(subject,userPrincipal,roles)); }
/** * @see org.eclipse.jetty.server.Authentication.Deferred#authenticate(javax.servlet.ServletRequest, javax.servlet.ServletResponse) */ @Override public Authentication authenticate(ServletRequest request, ServletResponse response) { try { LoginService login_service= _authenticator.getLoginService(); IdentityService identity_service=login_service.getIdentityService(); Authentication authentication = _authenticator.validateRequest(request,response,true); if (authentication instanceof Authentication.User && identity_service!=null) _previousAssociation=identity_service.associate(((Authentication.User)authentication).getUserIdentity()); return authentication; } catch (ServerAuthException e) { LOG.debug(e); } return this; }
public void logout(Authentication.User user) { LOG.debug("logout {}",user); LoginService login_service=getLoginService(); if (login_service!=null) { login_service.logout(user.getUserIdentity()); } IdentityService identity_service=getIdentityService(); if (identity_service!=null) { // TODO recover previous from threadlocal (or similar) Object previous=null; identity_service.disassociate(previous); } }
LOG.warn("No authenticator for: "+roleInfo); if (!baseRequest.isHandled()) baseRequest.setAuthentication(authentication); if (_identityService!=null) previousIdentity = _identityService.associate(userAuth.getUserIdentity()); previousIdentity = _identityService.associate(null); handler.handle(pathInContext, baseRequest, request, response); if (authenticator!=null) _identityService.disassociate(previousIdentity);
public void doStop() throws Exception { Object old_run_as = null; if (_servlet!=null) { try { if (_identityService!=null) old_run_as=_identityService.setRunAs(_identityService.getSystemUserIdentity(),_runAsToken); destroyInstance(_servlet); } catch (Exception e) { LOG.warn(e); } finally { if (_identityService!=null) _identityService.unsetRunAs(old_run_as); } } if (!_extInstance) _servlet=null; _config=null; }
LOG.debug("SpnegoUserRealm: failed to establish GSSContext"); String role = clientName.substring(clientName.indexOf('@') + 1); LOG.debug("SpnegoUserRealm: established a security context"); LOG.debug("Client Principal is: " + gContext.getSrcName()); LOG.debug("Server Principal is: " + gContext.getTargName()); LOG.debug("Client Default Role: " + role); Subject subject = new Subject(); subject.getPrincipals().add(user); return _identityService.newUserIdentity(subject,user, new String[]{role});
Subject subject = new Subject(); Principal principal = new SAMLUserPrincipal(samlSubject); subject.getPrincipals().add(principal); for (String role : roles) { subject.getPrincipals().add(new SAMLRolePrincipal(role)); return _identityService.newUserIdentity(subject, principal, roles.toArray(new String[roles.size()]));
if (LOG.isDebugEnabled()) LOG.debug("Checking for precompiled servlet {} for jsp {}", precompiled, _forcedPath); ServletHolder jsp=getServletHandler().getServlet(precompiled); if (jsp!=null && jsp.getClassName() != null) if (LOG.isDebugEnabled()) LOG.debug("JSP file {} for {} mapped to Servlet {}",_forcedPath, getName(),jsp.getClassName()); _runAsToken=_identityService.newRunAsToken(_runAsRole);
old_run_as=_identityService.setRunAs(_identityService.getSystemUserIdentity(),_runAsToken); LOG.debug("Filter.init {}",_servlet); _servlet.init(_config); _identityService.unsetRunAs(old_run_as);
if (_servletHandler.isStartWithUnavailable()) LOG.ignore(ue); return; if (_servletHandler.isStartWithUnavailable()) LOG.ignore(ue); return; _runAsToken=_identityService.newRunAsToken(_runAsRole); LOG.ignore(e); else throw e;
old_run_as=_identityService.setRunAs(baseRequest.getResolvedUserIdentity(),_runAsToken); _identityService.unsetRunAs(old_run_as);
old_run_as=_identityService.setRunAs(_identityService.getSystemUserIdentity(),_runAsToken); _identityService.unsetRunAs(old_run_as);
/** * @see org.eclipse.jetty.server.Authentication.Deferred#login(String, Object, ServletRequest) */ @Override public Authentication login(String username, Object password, ServletRequest request) { if (username == null) return null; UserIdentity identity = _authenticator.login(username, password, request); if (identity != null) { IdentityService identity_service = _authenticator.getLoginService().getIdentityService(); UserAuthentication authentication = new UserAuthentication("API",identity); if (identity_service != null) _previousAssociation=identity_service.associate(identity); return authentication; } return null; }
if (LOG.isDebugEnabled()) LOG.debug("Checking for precompiled servlet {} for jsp {}", precompiled, _forcedPath); ServletHolder jsp=getServletHandler().getServlet(precompiled); if (jsp!=null && jsp.getClassName() != null) if (LOG.isDebugEnabled()) LOG.debug("JSP file {} for {} mapped to Servlet {}",_forcedPath, getName(),jsp.getClassName()); _runAsToken=_identityService.newRunAsToken(_runAsRole);
old_run_as=_identityService.setRunAs(_identityService.getSystemUserIdentity(),_runAsToken); LOG.debug("Filter.init {}",_servlet); _servlet.init(_config); _identityService.unsetRunAs(old_run_as);
LOG.warn("No authenticator for: "+roleInfo); if (!baseRequest.isHandled()) baseRequest.setAuthentication(authentication); if (_identityService!=null) previousIdentity = _identityService.associate(userAuth.getUserIdentity()); previousIdentity = _identityService.associate(null); handler.handle(pathInContext, baseRequest, request, response); if (authenticator!=null) _identityService.disassociate(previousIdentity);
public void doStop() throws Exception { Object old_run_as = null; if (_servlet!=null) { try { if (_identityService!=null) old_run_as=_identityService.setRunAs(_identityService.getSystemUserIdentity(),_runAsToken); destroyInstance(_servlet); } catch (Exception e) { LOG.warn(e); } finally { if (_identityService!=null) _identityService.unsetRunAs(old_run_as); } } if (!_extInstance) _servlet=null; _config=null; _initialized = false; }
if (_servletHandler.isStartWithUnavailable()) LOG.ignore(ue); return; if (_servletHandler.isStartWithUnavailable()) LOG.ignore(ue); return; _runAsToken=_identityService.newRunAsToken(_runAsRole); LOG.ignore(e); else throw e;
old_run_as=_identityService.setRunAs(baseRequest.getResolvedUserIdentity(),_runAsToken); _identityService.unsetRunAs(old_run_as);
old_run_as=_identityService.setRunAs(_identityService.getSystemUserIdentity(),_runAsToken); _identityService.unsetRunAs(old_run_as);