@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); Callback[] callbacks; if (request.getParameter("doLogin") != null) { callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }; } else { // The JASPIC protocol for "do nothing" callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) }; } try { handler.handle(callbacks); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } return SUCCESS; }
groupPrincipalCallback = (GroupPrincipalCallback) callback; if (this.executionSubject == null) { this.executionSubject = groupPrincipalCallback.getSubject(); } else if (!this.executionSubject.equals(groupPrincipalCallback.getSubject())) { callerPrincipalCallback = (CallerPrincipalCallback) callback; if (this.executionSubject == null) { this.executionSubject = callerPrincipalCallback.getSubject(); } else if (!this.executionSubject.equals(callerPrincipalCallback.getSubject())) { passwordValidationCallback = (PasswordValidationCallback) callback; if (this.executionSubject == null) { this.executionSubject = passwordValidationCallback.getSubject(); } else if (!this.executionSubject.equals(passwordValidationCallback.getSubject())) {
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { try { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage(); if ("include".equals(request.getParameter("dispatch"))) { request.getRequestDispatcher("/includedServlet") .include(request, response); // "Do nothing", required protocol when returning SUCCESS handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) }); // When using includes, the response stays open and the main // resource can also write to the response return SUCCESS; } else { request.getRequestDispatcher("/forwardedServlet") .forward(request, response); // MUST NOT invoke the resource, so CAN NOT return SUCCESS here. return SEND_CONTINUE; } } catch (IOException | ServletException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } }
Principal callbackPrincipal = callerPrincipalCallback.getPrincipal(); callerPrincipal = callbackPrincipal != null ? new NamePrincipal(callbackPrincipal.getName()) : callerPrincipalCallback.getName() != null ? new NamePrincipal(callerPrincipalCallback.getName()) : null; final String username = passwordValidationCallback.getUsername(); final char[] password = passwordValidationCallback.getPassword(); try { identity = this.authenticate(username, password); passwordValidationCallback.setResult(true); } catch (SecurityException e) { passwordValidationCallback.setResult(false); return; String[] groups = groupPrincipalCallback.getGroups(); if (groups != null) { Set<String> roles = new HashSet<>(Arrays.asList(groups));
/** * Get the Request object which identifies the private key to be returned. * * @return the Request object which identifies the private key * to be returned, or null. If null, the handler of the callback * relies on its own default. */ public Request getRequest() { return (Request)super.getRequest(); } }
/** * Get the Request object which identifies the secret key to be returned. * * @return the Request object which identifies the private key * to be returned, or null. If null, the handler of the callback * relies on its own deafult. */ public Request getRequest() { return (Request)super.getRequest(); } }
PasswordValidationCallback pvc = (PasswordValidationCallback) callback; final String username = pvc.getUsername(); log.tracef("Handling PasswordValidationCallback for '%s'", username); final Evidence evidence = new PasswordGuessEvidence(pvc.getPassword()); pvc.setResult(true); pvc.setResult(false); Principal originalPrincipal = cpc.getPrincipal(); final String callerName = cpc.getName(); final Principal callerPrincipal = originalPrincipal != null ? originalPrincipal : callerName != null ? new NamePrincipal(callerName) : null; final Subject subject = cpc.getSubject(); if (subject != null && !subject.isReadOnly()) { subject.getPrincipals().add(authorizedIdentity.getPrincipal()); log.trace("Handling GroupPrincipalCallback"); GroupPrincipalCallback gpc = (GroupPrincipalCallback) callback; String[] groups = gpc.getGroups(); if (groups != null && groups.length > 0) { roles.addAll(Arrays.asList(groups));
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); Callback[] callbacks; if (request.getParameter("doLogin") != null) { callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }; } else { // The JASPIC protocol for "do nothing" callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) }; } try { handler.handle(callbacks); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } return SUCCESS; }
handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) });
/** * Get the Request object which identifies the private key to be returned. * * @return the Request object which identifies the private key * to be returned, or null. If null, the handler of the callback * relies on its own default. */ public Request getRequest() { return (Request)super.getRequest(); } }
/** * Get the Request object which identifies the secret key to be returned. * * @return the Request object which identifies the private key * to be returned, or null. If null, the handler of the callback * relies on its own deafult. */ public Request getRequest() { return (Request)super.getRequest(); } }
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); Callback[] callbacks; if (request.getParameter("doLogin") != null) { // For the test perform a login by directly "returning" the details of the authenticated user. // Normally credentials would be checked and the details fetched from some repository callbacks = new Callback[] { // The name of the authenticated user new CallerPrincipalCallback(clientSubject, "test"), // the roles of the authenticated user new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }; } else { // The JASPIC protocol for "do nothing" callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) }; } try { // Communicate the details of the authenticated user to the container. In many // cases the handler will just store the details and the container will actually handle // the login after we return from this method. handler.handle(callbacks); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } return SUCCESS; }
public static void notifyContainerAboutLogin(Subject clientSubject, CallbackHandler handler, Principal callerPrincipal, Set<String> groups) { handleCallbacks(clientSubject, handler, new CallerPrincipalCallback(clientSubject, callerPrincipal), groups); }
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); Callback[] callbacks; if (request.getParameter("doLogin") != null) { // For the test perform a login by directly "returning" the details of the authenticated user. // Normally credentials would be checked and the details fetched from some repository callbacks = new Callback[] { // The name of the authenticated user new CallerPrincipalCallback(clientSubject, "test"), // the roles of the authenticated user new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }; } else { // The JASPIC protocol for "do nothing" callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) }; } try { // Communicate the details of the authenticated user to the container. In many // cases the handler will just store the details and the container will actually handle // the login after we return from this method. handler.handle(callbacks); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } return SUCCESS; }
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); Callback[] callbacks; if (request.getParameter("doLogin") != null) { // For the test perform a login by directly "returning" the details of the authenticated user. // Normally credentials would be checked and the details fetched from some repository callbacks = new Callback[] { // The name of the authenticated user new CallerPrincipalCallback(clientSubject, "test"), // the roles of the authenticated user new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }; } else { // The JASPIC protocol for "do nothing" callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) }; } try { // Communicate the details of the authenticated user to the container. In many // cases the handler will just store the details and the container will actually handle // the login after we return from this method. handler.handle(callbacks); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } return SUCCESS; }
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); Callback[] callbacks; if (request.getAttribute("doLogin") != null) { // notice "getAttribute" here, this is set by the Servlet // For the test perform a login by directly "returning" the details of the authenticated user. // Normally credentials would be checked and the details fetched from some repository callbacks = new Callback[] { // The name of the authenticated user new CallerPrincipalCallback(clientSubject, "test"), // the roles of the authenticated user new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }; } else { // The JASPIC protocol for "do nothing" callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) }; } try { // Communicate the details of the authenticated user to the container. In many // cases the handler will just store the details and the container will actually handle // the login after we return from this method. handler.handle(callbacks); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } return SUCCESS; }
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage(); try { response.getWriter().write("validateRequest invoked\n"); boolean isMandatory = Boolean.valueOf((String) messageInfo.getMap().get("javax.security.auth.message.MessagePolicy.isMandatory")); response.getWriter().write("isMandatory: " + isMandatory + "\n"); handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } return SUCCESS; }
callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, userPrincipal) }; new CallerPrincipalCallback(clientSubject, "test") : new CallerPrincipalCallback(clientSubject, new MyPrincipal("test")), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }; callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) };
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage(); if ("cdi".equals(request.getParameter("tech"))) { callCDIBean(request, response, "validateRequest"); } else if ("ejb".equals(request.getParameter("tech"))) { callEJBBean(response, "validateRequest"); } try { handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }); return SUCCESS; } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } }
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { try { handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } // Wrap the request - the resource to be invoked should get to see this messageInfo.setRequestMessage(new TestHttpServletRequestWrapper( (HttpServletRequest) messageInfo.getRequestMessage()) ); // Wrap the response - the resource to be invoked should get to see this messageInfo.setResponseMessage(new TestHttpServletResponseWrapper( (HttpServletResponse) messageInfo.getResponseMessage()) ); return SUCCESS; }