@Override public Set<String> pamAuthenticate(String serviceName, String userName, String password) throws NativeAccessException { if (serviceName == null) { serviceName = "sshd"; // use sshd as the default } try { UnixUser unixUser = new PAM(serviceName).authenticate(userName, password); return unixUser.getGroups(); } catch (Throwable exc) { throw new NativeAccessException("Failed to do Pam Authentication. " + exc.getLocalizedMessage()); } }
@Override public void authenticate(String user, String password) throws UserAuthenticationException { for (String profile : profiles) { PAM pam = null; try { pam = new PAM(profile); pam.authenticate(user, password); } catch (PAMException ex) { logger.error("PAM auth failed for user: {} against {} profile. Exception: {}", user, profile, ex.getMessage()); throw new UserAuthenticationException(String.format("PAM auth failed for user: %s using profile: %s", user, profile)); } finally { if (pam != null) { pam.dispose(); } } // No need to check for null unixUser as in case of failure we will not reach here. logger.trace("PAM authentication was successful for user: {} using profile: {}", user, profile); } }
@Override public Enumeration getGroupNames(String username) throws NoSuchUserException { try { Set<String> groupsSet = Collections.EMPTY_SET; groupsSet = new PAM(PAM_SERVICE).getGroupsOfUser(username); return Collections.enumeration(groupsSet); } catch (PAMException ex) { Logger.getLogger(PamRealm.class.getName()).log(Level.SEVERE, "pam_exception_getgroupsofuser", ex); return null; } }
UnixUser user = null; try { user = new PAM("pam service").authenticate("username","password"); // authentication success } catch (PAMException ex){ // authentication failed }
private void cleanup() { authSucceeded = false; username = null; password = null; principal = null; pam.dispose(); } }
private boolean performLogin() throws LoginException { try { UnixUser user = _pam.authenticate(_username, _password); _principal = new PamPrincipal(user); _authSucceeded = true; return true; } catch (PAMException ex) { LoginException le = new FailedLoginException("Invalid username or password"); le.initCause(ex); throw le; } }
/** * Authenticate the user with a password. * * @return * Upon a successful authentication, return information about the user. * @throws PAMException * If the authentication fails. */ public UnixUser authenticate(String username, String password) throws PAMException { this.password = password; try { check(libpam.pam_set_item(pht,PAM_USER,username),"pam_set_item failed"); check(libpam.pam_authenticate(pht,0),"pam_authenticate failed"); check(libpam.pam_setcred(pht,0),"pam_setcred failed"); // several different error code seem to be used to represent authentication failures check(libpam.pam_acct_mgmt(pht,0),"pam_acct_mgmt failed"); PointerByReference r = new PointerByReference(); check(libpam.pam_get_item(pht,PAM_USER,r),"pam_get_item failed"); String userName = r.getValue().getString(0); passwd pwd = libc.getpwnam(userName); if(pwd==null) throw new PAMException("Authentication succeeded but no user information is available"); return new UnixUser(userName,pwd); } finally { this.password = null; } }
private void createPam(String service) throws LoginException { try { pam = new PAM(service); } catch (PAMException ex) { LoginException le = new LoginException("Error initializing PAM"); le.initCause(ex); throw le; } }
private void cleanup() { _authSucceeded = false; _username = null; _password = null; _principal = null; _pam.dispose(); } }
private boolean performLogin() throws LoginException { try { UnixUser user = pam.authenticate(username, password); principal = new PamPrincipal(user); authSucceeded = true; return true; } catch (PAMException ex) { LoginException le = new FailedLoginException("Invalid username or password"); le.initCause(ex); throw le; } }
/** * Authenticate the user with a password. * * @return * Upon a successful authentication, return information about the user. * @throws PAMException * If the authentication fails. */ public UnixUser authenticate(String username, String password) throws PAMException { this.password = password; try { check(libpam.pam_set_item(pht,PAM_USER,username),"pam_set_item failed"); check(libpam.pam_authenticate(pht,0),"pam_authenticate failed"); check(libpam.pam_setcred(pht,0),"pam_setcred failed"); // several different error code seem to be used to represent authentication failures // check(libpam.pam_acct_mgmt(pht,0),"pam_acct_mgmt failed"); PointerByReference r = new PointerByReference(); check(libpam.pam_get_item(pht,PAM_USER,r),"pam_get_item failed"); String userName = r.getValue().getString(0); Passwd pwd = libc.getpwnam(userName); if(pwd==null) throw new PAMException("Authentication succeeded but no user information is available"); return new UnixUser(userName,pwd); } finally { this.password = null; } }
/** * Invokes the authentication call.This class uses the default PAM service * - sshd * @param username OS User to authenticate. * @param password Given password. * @returns null if authentication failed, * returns the UnixUser object if authentication succeeded. * */ private UnixUser authenticate(String username, String password) throws LoginException { UnixUser user = null; String pamService = null; if(_currentRealm instanceof PamRealm) { pamService = ((PamRealm)_currentRealm).getPamService(); } else { throw new LoginException("pamrealm.invalid_realm"); } try { user = new PAM(pamService).authenticate(username, password); } catch (PAMException e) { _logger.log(Level.SEVERE, "pam_exception_authenticate", e); } return user; } }
@Override public Account authenticate(final String username, final String password) { PAM pam = null; try { pam = new PAM(serviceName); pam.authenticate(username, password); log.debug("Authentication succeeded for '{}' against '{}'", username, getRealmName()); Account account = new Account(null, new StandardCredentials(username, password)); cacheAccount(account); return account; } catch (PAMException e) { log.debug("Authentication failed for '{}' against '{}'", username, getRealmName()); log.error(e.getMessage()); } finally { if (pam != null) { pam.dispose(); } } return null; }
private void createPam(String service) throws LoginException { try { _pam = new PAM(service); } catch (PAMException ex) { LoginException le = new LoginException("Error initializing PAM"); le.initCause(ex); throw le; } }
@Override protected void finalize() throws Throwable { super.finalize(); dispose(); }
@Override public Enumeration getGroupNames(String username) throws NoSuchUserException { try { Set<String> groupsSet = new PAM(PAM_SERVICE).getGroupsOfUser(username); return Collections.enumeration(groupsSet); } catch (PAMException ex) { Logger.getLogger(PamRealm.class.getName()).log(Level.SEVERE, "pam_exception_getgroupsofuser", ex); return null; } }
private boolean performLogin() throws LoginException { try { if (_passwordchar != null) { UnixUser user = _pam.authenticate(_username, String.valueOf(_passwordchar)); _principal = new PamPrincipal(user); _authSucceeded = true; return true; } else { throw new PAMException("Password is Null or Empty!!!"); } } catch (PAMException ex) { LoginException le = new FailedLoginException("Invalid username or password"); le.initCause(ex); throw le; } }
/** * Authenticate the user with a password. * * @return * Upon a successful authentication, return information about the user. * @throws PAMException * If the authentication fails. */ public UnixUser authenticate(String username, String password) throws PAMException { this.password = password; try { check(libpam.pam_set_item(pht,PAM_USER,username),"pam_set_item failed"); check(libpam.pam_authenticate(pht,0),"pam_authenticate failed"); // several different error code seem to be used to represent authentication failures // check(libpam.pam_acct_mgmt(pht,0),"pam_acct_mgmt failed"); PointerByReference r = new PointerByReference(); check(libpam.pam_get_item(pht,PAM_USER,r),"pam_get_item failed"); String userName = r.getValue().getString(0); passwd pwd = libc.getpwnam(userName); if(pwd==null) throw new PAMException("Authentication succeeded but no user information is available"); return new UnixUser(userName,pwd); } finally { this.password = null; } }
/** * Invokes the authentication call.This class uses the default PAM service * - sshd * @param username OS User to authenticate. * @param password Given password. * @returns null if authentication failed, * returns the UnixUser object if authentication succeeded. * */ private UnixUser authenticate(String username, String password) throws LoginException { UnixUser user = null; String pamService = null; if(_currentRealm instanceof PamRealm) { pamService = ((PamRealm)_currentRealm).getPamService(); } else { throw new LoginException("pamrealm.invalid_realm"); } try { user = new PAM(pamService).authenticate(username, password); } catch (PAMException e) { _logger.log(Level.SEVERE, "pam_exception_authenticate", e); } return user; } }
private void createPam(String service) throws LoginException { try { _pam = new PAM(service); } catch (PAMException ex) { LoginException le = new LoginException("Error initializing PAM"); le.initCause(ex); throw le; } }