@Override public Set<String> pamAuthenticate(String serviceName, String userName, String password) throws NativeAccessException { if (serviceName == null) { serviceName = "sshd"; // use sshd as the default } try { UnixUser unixUser = new PAM(serviceName).authenticate(userName, password); return unixUser.getGroups(); } catch (Throwable exc) { throw new NativeAccessException("Failed to do Pam Authentication. " + exc.getLocalizedMessage()); } }
/** * Invokes the authentication call.This class uses the default PAM service * - sshd * @param username OS User to authenticate. * @param password Given password. * @returns null if authentication failed, * returns the UnixUser object if authentication succeeded. * */ private UnixUser authenticate(String username, String password) throws LoginException { UnixUser user = null; String pamService = null; if(_currentRealm instanceof PamRealm) { pamService = ((PamRealm)_currentRealm).getPamService(); } else { throw new LoginException("pamrealm.invalid_realm"); } try { user = new PAM(pamService).authenticate(username, password); } catch (PAMException e) { _logger.log(Level.SEVERE, "pam_exception_authenticate", e); } return user; } }
/** * Invokes the authentication call.This class uses the default PAM service * - sshd * @param username OS User to authenticate. * @param password Given password. * @returns null if authentication failed, * returns the UnixUser object if authentication succeeded. * */ private UnixUser authenticate(String username, String password) throws LoginException { UnixUser user = null; String pamService = null; if(_currentRealm instanceof PamRealm) { pamService = ((PamRealm)_currentRealm).getPamService(); } else { throw new LoginException("pamrealm.invalid_realm"); } try { user = new PAM(pamService).authenticate(username, password); } catch (PAMException e) { _logger.log(Level.SEVERE, "pam_exception_authenticate", e); } return user; } }
@Override public void authenticate(String user, String password) throws UserAuthenticationException { for (String profile : profiles) { PAM pam = null; try { pam = new PAM(profile); pam.authenticate(user, password); } catch (PAMException ex) { logger.error("PAM auth failed for user: {} against {} profile. Exception: {}", user, profile, ex.getMessage()); throw new UserAuthenticationException(String.format("PAM auth failed for user: %s using profile: %s", user, profile)); } finally { if (pam != null) { pam.dispose(); } } // No need to check for null unixUser as in case of failure we will not reach here. logger.trace("PAM authentication was successful for user: {} using profile: {}", user, profile); } }
private boolean performLogin() throws LoginException { try { UnixUser user = _pam.authenticate(_username, _password); _principal = new PamPrincipal(user); _authSucceeded = true; return true; } catch (PAMException ex) { LoginException le = new FailedLoginException("Invalid username or password"); le.initCause(ex); throw le; } }
private boolean performLogin() throws LoginException { try { UnixUser user = pam.authenticate(username, password); principal = new PamPrincipal(user); authSucceeded = true; return true; } catch (PAMException ex) { LoginException le = new FailedLoginException("Invalid username or password"); le.initCause(ex); throw le; } }
private boolean performLogin() throws LoginException { try { if (_passwordchar != null) { UnixUser user = _pam.authenticate(_username, String.valueOf(_passwordchar)); _principal = new PamPrincipal(user); _authSucceeded = true; return true; } else { throw new PAMException("Password is Null or Empty!!!"); } } catch (PAMException ex) { LoginException le = new FailedLoginException("Invalid username or password"); le.initCause(ex); throw le; } }
public Authentication authenticate(Authentication authentication) throws AuthenticationException { String username = authentication.getPrincipal().toString(); String password = authentication.getCredentials().toString(); try { UnixUser u = new PAM(serviceName).authenticate(username, password); Set<String> grps = u.getGroups(); GrantedAuthority[] groups = new GrantedAuthority[grps.size()]; int i=0; for (String g : grps) groups[i++] = new GrantedAuthorityImpl(g); EnvVars.setHudsonUserEnvVar(username); // I never understood why Acegi insists on keeping the password... return new UsernamePasswordAuthenticationToken(username, password, groups); } catch (PAMException e) { throw new BadCredentialsException(e.getMessage(),e); } }
public Authentication authenticate(Authentication authentication) throws AuthenticationException { String username = authentication.getPrincipal().toString(); String password = authentication.getCredentials().toString(); try { UnixUser u = new PAM(serviceName).authenticate(username, password); Set<String> grps = u.getGroups(); GrantedAuthority[] groups = new GrantedAuthority[grps.size()]; int i=0; for (String g : grps) groups[i++] = new GrantedAuthorityImpl(g); EnvVars.setHudsonUserEnvVar(username); // I never understood why Acegi insists on keeping the password... return new UsernamePasswordAuthenticationToken(username, password, groups); } catch (PAMException e) { throw new BadCredentialsException(e.getMessage(),e); } }
@Override public Account authenticate(final String username, final String password) { PAM pam = null; try { pam = new PAM(serviceName); pam.authenticate(username, password); log.debug("Authentication succeeded for '{}' against '{}'", username, getRealmName()); Account account = new Account(null, new StandardCredentials(username, password)); cacheAccount(account); return account; } catch (PAMException e) { log.debug("Authentication failed for '{}' against '{}'", username, getRealmName()); log.error(e.getMessage()); } finally { if (pam != null) { pam.dispose(); } } return null; }
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { UsernamePasswordToken upToken = (UsernamePasswordToken) token; UnixUser user = null; try { user = (new PAM(this.getService())).authenticate(upToken.getUsername(), new String(upToken.getPassword())); } catch (PAMException e) { handleAuthFailure(token, e.getMessage(), e); } HashRequest.Builder builder = new HashRequest.Builder(); Hash credentialsHash = hashService .computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build()); /* Coverity Scan CID 1361684 */ if (credentialsHash == null) { handleAuthFailure(token, "Failed to compute hash", null); } return new SimpleAuthenticationInfo(new UnixUserPrincipal(user), credentialsHash.toHex(), credentialsHash.getSalt(), getName()); }
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { UsernamePasswordToken upToken = (UsernamePasswordToken) token; UnixUser user = null; try { user = (new PAM(this.getService())).authenticate(upToken.getUsername(), new String(upToken.getPassword())); } catch (PAMException e) { handleAuthFailure(token, e.getMessage(), e); } HashRequest.Builder builder = new HashRequest.Builder(); Hash credentialsHash = hashService .computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build()); /* Coverity Scan CID 1361684 */ if (credentialsHash == null) { handleAuthFailure(token, "Failed to compute hash", null); } return new SimpleAuthenticationInfo(new UnixUserPrincipal(user), credentialsHash.toHex(), credentialsHash.getSalt(), getName()); }