@Override public Account verify(String id, Credential credential) { AccountImpl account = getAccount(id); if (credential instanceof DigestCredential) { DigestCredential digestCredential = (DigestCredential) credential; DigestCallbackHandler handler = new DigestCallbackHandler(id, digestCredential.getNonce(), digestCredential.getNonceCount(), digestCredential.getClientNonce(), digestCredential.getQop(), digestCredential.getRealm(), digestCredential.getHA2()); CallbackHandlerPolicyContextHandler.setCallbackHandler(handler); return verifyCredential(account, digestCredential.getClientDigest()); } else if(credential instanceof PasswordCredential) { final char[] password = ((PasswordCredential) credential).getPassword(); // The original array may be cleared, this integration relies on it being cached for use later. final char[] duplicate = Arrays.copyOf(password, password.length); return verifyCredential(account, duplicate); } else { return verifyCredential(account, credential); } }
CallbackHandlerPolicyContextHandler chandler = new CallbackHandlerPolicyContextHandler(); PolicyContext.registerHandler(SecurityConstants.CALLBACK_HANDLER_KEY, chandler, true);
CallbackHandlerPolicyContextHandler.setCallbackHandler(handler); CallbackHandlerPolicyContextHandler.setCallbackHandler(null);
CallbackHandlerPolicyContextHandler chandler = new CallbackHandlerPolicyContextHandler(); PolicyContext.registerHandler(SecurityConstants.CALLBACK_HANDLER_KEY, chandler, true);
private static Account authenticate(String userName, String storedPassword, String clientDigest, String nOnce, String nc, String cnonce, String method, String uri, String qop, String realmName, String md5a2, Deployment deployment, boolean storedPasswordIsA1Hash) { CallbackHandlerPolicyContextHandler.setCallbackHandler(new DigestCallbackHandler(userName, nOnce, nc, cnonce, qop, realmName, md5a2)); String serverDigest = ""; if (storedPasswordIsA1Hash) { // storedPassword is HA1 in this case serverDigest = MessageDigestResponseAlgorithm.calculateResponse(md5Helper.getAlgorithm(), storedPassword, nOnce, nc, cnonce, method, uri, "", qop); } else { serverDigest = MessageDigestResponseAlgorithm.calculateResponse(md5Helper.getAlgorithm(), userName, realmName, storedPassword, nOnce, nc, cnonce, method, uri, "", qop); } if (serverDigest.equals(clientDigest)) { // lest's reauth with stored password (to force successful authentication) to make wildfly to create Account and // Principal for us // this is because wildfly bug: https://issues.jboss.org/browse/WFLY-3659 final IdentityManager identityManager = deployment.getDeploymentInfo().getIdentityManager(); PasswordCredential credential = new PasswordCredential(storedPassword.toCharArray()); Account account = identityManager.verify(userName, credential); return account; } return null; }
CallbackHandlerPolicyContextHandler chandler = new CallbackHandlerPolicyContextHandler(); PolicyContext.registerHandler(SecurityConstants.CALLBACK_HANDLER_KEY, chandler, true);
private static Account authenticate(String userName, String storedPassword, String clientDigest, String nOnce, String nc, String cnonce, String method, String uri, String qop, String realmName, String md5a2, Deployment deployment, boolean storedPasswordIsA1Hash) { CallbackHandlerPolicyContextHandler.setCallbackHandler(new DigestCallbackHandler(userName, nOnce, nc, cnonce, qop, realmName, md5a2)); String serverDigest = ""; if (storedPasswordIsA1Hash) { // storedPassword is HA1 in this case serverDigest = MessageDigestResponseAlgorithm.calculateResponse(md5Helper.getAlgorithm(), storedPassword, nOnce, nc, cnonce, method, uri, "", qop); } else { serverDigest = MessageDigestResponseAlgorithm.calculateResponse(md5Helper.getAlgorithm(), userName, realmName, storedPassword, nOnce, nc, cnonce, method, uri, "", qop); } if (serverDigest.equals(clientDigest)) { // lest's reauth with stored password (to force successful authentication) to make wildfly to create Account and // Principal for us // this is because wildfly bug: https://issues.jboss.org/browse/WFLY-3659 final IdentityManager identityManager = deployment.getDeploymentInfo().getIdentityManager(); PasswordCredential credential = new PasswordCredential(storedPassword.toCharArray()); Account account = identityManager.verify(userName, credential); return account; } return null; }
CallbackHandlerPolicyContextHandler chandler = new CallbackHandlerPolicyContextHandler(); PolicyContext.registerHandler(SecurityConstants.CALLBACK_HANDLER_KEY, chandler, true);
CallbackHandlerPolicyContextHandler.setCallbackHandler(handler); CallbackHandlerPolicyContextHandler.setCallbackHandler(null);
@Override public Account verify(String id, Credential credential) { AccountImpl account = getAccount(id); if (credential instanceof DigestCredential) { DigestCredential digestCredential = (DigestCredential) credential; DigestCallbackHandler handler = new DigestCallbackHandler(id, digestCredential.getNonce(), digestCredential.getNonceCount(), digestCredential.getClientNonce(), digestCredential.getQop(), digestCredential.getRealm(), digestCredential.getHA2()); CallbackHandlerPolicyContextHandler.setCallbackHandler(handler); return verifyCredential(account, digestCredential.getClientDigest()); } else if(credential instanceof PasswordCredential) { final char[] password = ((PasswordCredential) credential).getPassword(); // The original array may be cleared, this integration relies on it being cached for use later. final char[] duplicate = Arrays.copyOf(password, password.length); return verifyCredential(account, duplicate); } else { return verifyCredential(account, credential); } }
@Override public Account verify(String id, Credential credential) { AccountImpl account = getAccount(id); if (credential instanceof DigestCredential) { DigestCredential digestCredential = (DigestCredential) credential; DigestCallbackHandler handler = new DigestCallbackHandler(id, digestCredential.getNonce(), digestCredential.getNonceCount(), digestCredential.getClientNonce(), digestCredential.getQop(), digestCredential.getRealm(), digestCredential.getHA2()); CallbackHandlerPolicyContextHandler.setCallbackHandler(handler); return verifyCredential(account, digestCredential.getClientDigest()); } else if(credential instanceof PasswordCredential) { final char[] password = ((PasswordCredential) credential).getPassword(); // The original array may be cleared, this integration relies on it being cached for use later. final char[] duplicate = Arrays.copyOf(password, password.length); return verifyCredential(account, duplicate); } else { return verifyCredential(account, credential); } }
CallbackHandlerPolicyContextHandler.setCallbackHandler(handler); CallbackHandlerPolicyContextHandler.setCallbackHandler(null);