@Override public Set<String> getCallerGroups(CredentialValidationResult validationResult) { Set<String> result = groupsPerCaller.get(validationResult.getCallerPrincipal().getName()); if (result == null) { result = emptySet(); } return result; }
@Override public Set<String> getCallerGroups(CredentialValidationResult validationResult) { SecurityManager securityManager = System.getSecurityManager(); if (securityManager != null) { securityManager.checkPermission(new IdentityStorePermission("getGroups")); } Credentials credentials = callerToCredentials.get(validationResult.getCallerPrincipal().getName()); return credentials != null ? new HashSet<>(asList(credentials.groups())) : emptySet(); }
@Override public Set<String> getCallerGroups(CredentialValidationResult validationResult) { SecurityManager securityManager = System.getSecurityManager(); if (securityManager != null) { securityManager.checkPermission(new IdentityStorePermission("getGroups")); } Credentials credentials = callerToCredentials.get(validationResult.getCallerPrincipal().getName()); return credentials != null ? new HashSet<>(asList(credentials.groups())) : emptySet(); }
@Override public Set<String> getCallerGroups(CredentialValidationResult validationResult) { SecurityManager securityManager = System.getSecurityManager(); if (securityManager != null) { securityManager.checkPermission(new IdentityStorePermission("getGroups")); } DataSource dataSource = getDataSource(); return new HashSet<>(executeQuery( dataSource, dataBaseIdentityStoreDefinition.groupsQuery(), validationResult.getCallerPrincipal().getName()) ); }
@Override public Set<String> getCallerGroups(CredentialValidationResult validationResult) { SecurityManager securityManager = System.getSecurityManager(); if (securityManager != null) { securityManager.checkPermission(new IdentityStorePermission("getGroups")); } DataSource dataSource = getDataSource(); return new HashSet<>(executeQuery( dataSource, dataBaseIdentityStoreDefinition.groupsQuery(), validationResult.getCallerPrincipal().getName()) ); }
@Override public AuthenticationStatus notifyContainerAboutLogin(CredentialValidationResult result) { if (result.getStatus() == VALID) { return notifyContainerAboutLogin( result.getCallerPrincipal(), result.getCallerGroups()); } return SEND_FAILURE; }
@Override public AuthenticationStatus notifyContainerAboutLogin(CredentialValidationResult result) { if (result.getStatus() == VALID) { return notifyContainerAboutLogin( result.getCallerPrincipal(), result.getCallerGroups()); } return SEND_FAILURE; }
/** * Create the JWT using CredentialValidationResult received from * IdentityStoreHandler * * @param result the result from validation of UsernamePasswordCredential * @param context * @return the AuthenticationStatus to notify the container */ private AuthenticationStatus createToken(CredentialValidationResult result, HttpMessageContext context) { if (!isRememberMe(context)) { String jwt = tokenProvider.createToken(result.getCallerPrincipal().getName(), result.getCallerGroups(), false); context.getResponse().setHeader(AUTHORIZATION_HEADER, BEARER + jwt); } return context.notifyContainerAboutLogin(result.getCallerPrincipal(), result.getCallerGroups()); }
@Override public Set<String> getCallerGroups(CredentialValidationResult validationResult) { // Make sure caller has permission to invoke this method SecurityManager securityManager = System.getSecurityManager(); if (securityManager != null) { securityManager.checkPermission(new IdentityStorePermission("getGroups")); } LdapContext searchContext = createSearchLdapContext(); try { String callerDn = validationResult.getCallerDn(); if (callerDn == null || callerDn.isEmpty()) { callerDn = getCallerDn(searchContext, validationResult.getCallerPrincipal().getName()); } return retrieveGroupsForCallerDn(searchContext, callerDn); } finally { closeContext(searchContext); } }
@Override public Set<String> getCallerGroups(CredentialValidationResult validationResult) { // Make sure caller has permission to invoke this method SecurityManager securityManager = System.getSecurityManager(); if (securityManager != null) { securityManager.checkPermission(new IdentityStorePermission("getGroups")); } LdapContext searchContext = createSearchLdapContext(); try { String callerDn = validationResult.getCallerDn(); if (callerDn == null || callerDn.isEmpty()) { callerDn = getCallerDn(searchContext, validationResult.getCallerPrincipal().getName()); } return retrieveGroupsForCallerDn(searchContext, callerDn); } finally { closeContext(searchContext); } }
validationResult.getCallerPrincipal(), validationResult.getCallerDn(), validationResult.getCallerUniqueId(),
validationResult.getCallerPrincipal(), validationResult.getCallerDn(), validationResult.getCallerUniqueId(),
@Override public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMsgContext) throws AuthenticationException { String[] credentials = getCredentials(request); if (!isEmpty(credentials)) { IdentityStoreHandler identityStoreHandler = CDI.current().select(IdentityStoreHandler.class).get(); CredentialValidationResult result = identityStoreHandler.validate( new UsernamePasswordCredential(credentials[0], new Password(credentials[1]))); if (result.getStatus() == VALID) { return httpMsgContext.notifyContainerAboutLogin( result.getCallerPrincipal(), result.getCallerGroups()); } } if (httpMsgContext.isProtected()) { response.setHeader("WWW-Authenticate", format("Basic realm=\"%s\"", basicAuthenticationMechanismDefinition.realmName())); return httpMsgContext.responseUnauthorized(); } return httpMsgContext.doNothing(); }
@Override public AuthenticationStatus validateRequest(HttpServletRequest request, HttpServletResponse response, HttpMessageContext httpMsgContext) throws AuthenticationException { String[] credentials = getCredentials(request); if (!isEmpty(credentials)) { IdentityStoreHandler identityStoreHandler = CDI.current().select(IdentityStoreHandler.class).get(); CredentialValidationResult result = identityStoreHandler.validate( new UsernamePasswordCredential(credentials[0], new Password(credentials[1]))); if (result.getStatus() == VALID) { return httpMsgContext.notifyContainerAboutLogin( result.getCallerPrincipal(), result.getCallerGroups()); } } if (httpMsgContext.isProtected()) { response.setHeader("WWW-Authenticate", format("Basic realm=\"%s\"", basicAuthenticationMechanismDefinition.realmName())); return httpMsgContext.responseUnauthorized(); } return httpMsgContext.doNothing(); }
result.getCallerPrincipal(), result.getCallerGroups()); } else {
result.getCallerPrincipal(), result.getCallerGroups()); } else {