public void checkRoles(SecuritySubject subject, Collection<String> roles) throws AuthorizationException { if (delegate != null) { delegate.checkRoles(subject, roles); } BasicSecuritySubject basicSubject = subject.getDelegate(BasicSecuritySubject.class); for (String role : roles) { if (!basicSubject.hasRole(role)) { throw new NotAuthorizedException("Subject not authorized for role"); } } }
public void checkRole(SecuritySubject subject, String role) throws AuthorizationException { if (delegate != null) { delegate.checkRole(subject, role); } BasicSecuritySubject basicSubject = subject.getDelegate(BasicSecuritySubject.class); if (!basicSubject.hasRole(role)) { throw new NotAuthorizedException("Subject not authorized for role"); } }
public void checkRole(SecuritySubject subject, String role) throws AuthorizationException { BasicSecuritySubject basicSubject = subject.getDelegate(BasicSecuritySubject.class); if (!basicSubject.hasRole(role)) { throw new NotAuthorizedException("Subject not authorized for role: " + role); } }
public boolean authenticateUser(Map context, String username, String password) throws XWSSecurityRuntimeException { WorkContext workContext = (WorkContext) context.get(MetroConstants.WORK_CONTEXT); if (workContext == null) { // programming error throw new AssertionError("Work context not set"); } UsernamePasswordToken token = new UsernamePasswordToken(username, password); try { SecuritySubject subject = authenticationService.authenticate(token); workContext.setSubject(subject); return true; } catch (AuthenticationException e) { throw new XWSSecurityRuntimeException(e); } }
public SecuritySubject authenticate(AuthenticationToken<?, ?> token) throws AuthenticationException { if (delegate != null) { // if a security extension is installed, delegate to it return delegate.authenticate(token); } if (realm != null) { if (token instanceof UsernamePasswordToken) { UsernamePasswordToken usernamePassword = (UsernamePasswordToken) token; String username = usernamePassword.getPrincipal(); String password = usernamePassword.getCredentials(); Principal principal = realm.authenticate(username, password); if (principal instanceof GenericPrincipal) { GenericPrincipal generic = (GenericPrincipal) principal; Set<Role> roles = new HashSet<Role>(); for (String name : generic.getRoles()) { roles.add(new Role(name)); } return new BasicSecuritySubject(generic.getName(), generic.getPassword(), roles); } else { return new BasicSecuritySubject(username, password, Collections.<Role>emptySet()); } } } throw new AuthenticationException("Unable to authenticate because a Tomcat Realm or Fabric3 Security extension has not been configured"); } }
public void authenticate(HttpServletRequest request, WorkContext context) throws AuthenticationException, NoCredentialsException { if (context.getSubject() != null) { // subject was previously authenticated return; } if (authenticationService == null) { throw new AuthenticationException("Authentication service not installed"); } String header = request.getHeader("Authorization"); if ((header == null) || !header.startsWith("Basic ")) { throw new NoCredentialsException(); } String base64Token = header.substring(6); try { String decoded = new String(Base64.decode(base64Token), "UTF-8"); String username = ""; String password = ""; int delimeter = decoded.indexOf(":"); if (delimeter != -1) { username = decoded.substring(0, delimeter); password = decoded.substring(delimeter + 1); } UsernamePasswordToken token = new UsernamePasswordToken(username, password); SecuritySubject subject = authenticationService.authenticate(token); context.setSubject(subject); // authorized } catch (UnsupportedEncodingException e) { throw new AssertionError(e); } }
public SecuritySubject authenticate(AuthenticationToken<?, ?> token) throws AuthenticationException { if (token == null) { throw new IllegalArgumentException("Null token"); } if (!(token instanceof UsernamePasswordToken)) { throw new UnsupportedOperationException("Token type not supported: " + token.getClass().getName()); } UsernamePasswordToken userToken = (UsernamePasswordToken) token; try { String principal = userToken.getPrincipal(); if (principal == null) { throw new AuthenticationException("Principal was null"); } BasicSecuritySubject subject = store.find(principal); if (subject == null) { throw new InvalidAuthenticationException("Invalid authentication information"); } if (!userToken.getCredentials().equals(subject.getPassword())) { throw new InvalidAuthenticationException("Invalid authentication information"); } return subject; } catch (SecurityStoreException e) { throw new AuthenticationException(e); } }
public SecuritySubject authenticate(AuthenticationToken<?, ?> token) throws AuthenticationException { if (disabled) { monitor.error("Attempt to authenticate when authentication is disabled"); throw new AuthenticationException("Authentication is disabled"); } ClassLoader old = Thread.currentThread().getContextClassLoader(); try { // set the TCCL as the Sun JNDI LDAP provider implementation requires it Thread.currentThread().setContextClassLoader(getClass().getClassLoader()); Authentication authentication; if (token instanceof UsernamePasswordToken) { UsernamePasswordToken userToken = (UsernamePasswordToken) token; authentication = new UsernamePasswordAuthenticationToken(userToken.getPrincipal(), userToken.getCredentials()); } else { // TODO support other tokens throw new UnsupportedOperationException("Support for token type not yet implemented"); } authentication = authenticate(authentication); return new SpringSecuritySubject(authentication); } finally { Thread.currentThread().setContextClassLoader(old); } } }
public Subject authenticate(Object credentials) { if (!(credentials instanceof String[])) { if (credentials == null) { throw new SecurityException("Credentials were null"); } throw new SecurityException("Credentials must be a String[]"); } String[] params = (String[]) credentials; if (params.length != 2) { throw new SecurityException("Credentials must consist of a username and password"); } UsernamePasswordToken token = new UsernamePasswordToken(params[0], params[1]); try { SecuritySubject subject = authenticate(token); return subject.getJaasSubject(); } catch (AuthenticationException e) { throw new SecurityException(e); } }
@Init public void init() { keyStore = keyStoreManager.getKeyStore(); String password = keyStoreManager.getKeyStorePassword(); if (password != null) { keyStorePassword = password.toCharArray(); } trustStore = keyStoreManager.getTrustStore(); }
raiseInvalidConfiguration("Password is missing", reader); BasicSecuritySubject subject = new BasicSecuritySubject(username, password, roles); cache.put(subject.getUsername(), subject); username = null; password = null;
public SecuritySubject authenticate(AuthenticationToken<?, ?> token) throws AuthenticationException { return new BasicSecuritySubject("disabled", "disabled", Collections.<Role>emptySet()); } };
public Message invoke(Message msg) { WorkContext workContext = msg.getWorkContext(); try { SecuritySubject subject = workContext.getSubject(); if (subject == null) { msg.setBodyWithFault(new ServiceRuntimeException("Subject not authenticated")); return msg; } authorizationService.checkRoles(subject, roles); return next.invoke(msg); } catch (AuthorizationException e) { msg.setBodyWithFault(new ServiceRuntimeException(e)); return msg; } }
public void checkPermission(SecuritySubject subject, String role) throws AuthorizationException { if (delegate != null) { delegate.checkPermission(subject, role); } throw new UnsupportedOperationException(); }
public void checkPermissions(SecuritySubject subject, Collection<String> roles) throws AuthorizationException { if (delegate != null) { delegate.checkPermissions(subject, roles); } throw new UnsupportedOperationException(); } }
public Message invoke(Message msg) { UsernamePasswordToken token = new UsernamePasswordToken(username, password); try { SecuritySubject subject = authenticationService.authenticate(token); msg.getWorkContext().setSubject(subject); } catch (AuthenticationException e) { throw new ServiceUnavailableException("Error authenticating", e); } return next.invoke(msg); }
public void checkRoles(SecuritySubject subject, Collection<String> roles) throws AuthorizationException { BasicSecuritySubject basicSubject = subject.getDelegate(BasicSecuritySubject.class); for (String role : roles) { if (!basicSubject.hasRole(role)) { throw new NotAuthorizedException("Subject not authorized for role"); } } }
public UserIdentity login(String username, Object credentials) { UsernamePasswordToken token = new UsernamePasswordToken(username, credentials.toString()); try { SecuritySubject subject = authenticationService.authenticate(token); Subject jaasSubject = subject.getJaasSubject(); Set<Role> roles = subject.getRoles(); String[] roleNames = new String[roles.size()]; int i = 0; for (Role role : roles) { roleNames[i] = role.getName(); i++; } UserPrincipal principal = new UserPrincipal(username); return new DefaultUserIdentity(jaasSubject, principal, roleNames); } catch (AuthenticationException e) { // invalid token return null; } }
public UserIdentity login(String username, Object credentials, ServletRequest request) { UsernamePasswordToken token = new UsernamePasswordToken(username, credentials.toString()); try { SecuritySubject subject = authenticationService.authenticate(token); Subject jaasSubject = subject.getJaasSubject(); Set<Role> roles = subject.getRoles(); String[] roleNames = new String[roles.size()]; int i = 0; for (Role role : roles) { roleNames[i] = role.getName(); i++; } UserPrincipal principal = new UserPrincipal(username); return new DefaultUserIdentity(jaasSubject, principal, roleNames); } catch (AuthenticationException e) { // invalid token return null; } }
String username = req.getParameter("username"); String password = req.getParameter("password"); token = new UsernamePasswordToken(username, password); } else if (contentType != null && contentType.contains(APPLICATION_JSON)) { InputStream stream = req.getInputStream(); token = getXmlTransformer().transform(stream, loader); SecuritySubject subject = authService.authenticate(token); req.getSession().setAttribute(FABRIC3_SUBJECT, subject); } catch (TransformationException e) {