DomainInfo cacheInfo = getCacheInfo(principal, true); if( trace ) log.trace("Begin isValid, principal:"+principal+", cache info: "+cacheInfo); if( cacheInfo != null ) isValid = validateCache(cacheInfo, credential, activeSubject); if( cacheInfo != null ) cacheInfo.release(); isValid = authenticate(principal, credential, activeSubject); if( trace ) log.trace("End isValid, "+isValid);
/** Validate that the given credential is correct for principal. This returns the value from invoking isValid(principal, credential, null). @param principal - the security domain principal attempting access @param credential - the proof of identity offered by the principal @return true if the principal was authenticated, false otherwise. */ public boolean isValid(Principal principal, Object credential) { return isValid(principal, credential, null); }
LoginContext lc = defaultLogin(principal, credential); subject = lc.getSubject(); updateCache(lc, subject, principal, credential);
/** Validate that the given credential is correct for principal. This first will check the current CachePolicy object if one exists to see if the user's cached credentials match the given credential. If there is no credential cache or the cache information is invalid or does not match, the user is authenticated against the JAAS login modules configured for the security domain. @param principal - the security domain principal attempting access @param credential the proof of identity offered by the principal @param activeSubject - if not null, a Subject that will be populated with the state of the authenticated Subject. @return true if the principal was authenticated, false otherwise. */ public boolean isValid(Principal principal, Object credential, Subject activeSubject) { PicketBoxLogger.LOGGER.traceBeginIsValid(principal, null); boolean isValid = false; if( isValid == false ) isValid = authenticate(principal, credential, activeSubject); PicketBoxLogger.LOGGER.traceEndIsValid(isValid); return isValid; }
LoginContext lc = defaultLogin(principal, credential); subject = lc.getSubject();
properties.setProperty("security-domain", super.getSecurityDomain()); PicketBoxLogger.LOGGER.errorGettingServerAuthContext(authContextId, super.getSecurityDomain(), ae); return false;
/** Map the argument principal from the deployment environment principal to the developer environment. This is called by the EJB context getCallerPrincipal() to return the Principal as described by the EJB developer domain. @return a Principal object that is valid in the deployment environment if one exists. If no Subject exists or the Subject has no principals then the argument principal is returned. */ public Principal getPrincipal(Principal principal) { if(domainCache == null) return principal; Principal result = principal; // Get the CallerPrincipal group member synchronized( domainCache ) { DomainInfo info = getCacheInfo(principal, false); if( trace ) log.trace("getPrincipal, cache info: "+info); if( info != null ) { result = info.callerPrincipal; // If the mapping did not have a callerPrincipal just use principal if( result == null ) result = principal; info.release(); } } return result; }
return proceedWithJaasLogin(principal, credential, theSubject); return proceedWithJaasLogin(principal, credential, theSubject);
properties.setProperty("security-domain", super.getSecurityDomain()); Subject serviceSubject = new Subject(); ServerAuthContext sctx = null; PicketBoxLogger.LOGGER.errorGettingServerAuthContext(authContextId, super.getSecurityDomain(), ae); return;
/** Validate that the given credential is correct for principal. This returns the value from invoking isValid(principal, credential, null). @param principal - the security domain principal attempting access @param credential - the proof of identity offered by the principal @return true if the principal was authenticated, false otherwise. */ public boolean isValid(Principal principal, Object credential) { return isValid(principal, credential, null); }
properties.setProperty("security-domain", super.getSecurityDomain()); if (serviceSubject == null) serviceSubject = new Subject(); PicketBoxLogger.LOGGER.errorGettingServerAuthContext(authContextId, super.getSecurityDomain(), ae); return;