Java Code Examples for org.apache.catalina.Realm#authenticate()
The following examples show how to use
org.apache.catalina.Realm#authenticate() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: CombinedRealm.java From tomcatsrc with Apache License 2.0 | 6 votes |
|
/**
* Return the Principal associated with the specified username and
* credentials, if there is one; otherwise return <code>null</code>.
*
* @param username Username of the Principal to look up
* @param credentials Password or other credentials to use in
* authenticating this username
*/
@Override
public Principal authenticate(String username, String credentials) {
Principal authenticatedUser = null;
for (Realm realm : realms) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authStart", username, realm.getInfo()));
}
authenticatedUser = realm.authenticate(username, credentials);
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authFail", username, realm.getInfo()));
}
} else {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authSuccess", username, realm.getInfo()));
}
break;
}
}
return authenticatedUser;
}
Example 2
| Source File: CombinedRealm.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
/**
* Return the Principal associated with the specified user name otherwise
* return <code>null</code>.
*
* @param username User name of the Principal to look up
*/
@Override
public Principal authenticate(String username) {
Principal authenticatedUser = null;
for (Realm realm : realms) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authStart", username,
realm.getClass().getName()));
}
authenticatedUser = realm.authenticate(username);
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authFail", username,
realm.getClass().getName()));
}
} else {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authSuccess",
username, realm.getClass().getName()));
}
break;
}
}
return authenticatedUser;
}
Example 3
| Source File: CombinedRealm.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
/**
* Return the Principal associated with the specified user name otherwise
* return <code>null</code>.
*
* @param username User name of the Principal to look up
*/
@Override
public Principal authenticate(String username) {
Principal authenticatedUser = null;
for (Realm realm : realms) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authStart", username,
realm.getClass().getName()));
}
authenticatedUser = realm.authenticate(username);
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authFail", username,
realm.getClass().getName()));
}
} else {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authSuccess",
username, realm.getClass().getName()));
}
break;
}
}
return authenticatedUser;
}
Example 4
| Source File: CombinedRealm.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
/**
* Return the Principal associated with the specified username, which
* matches the digest calculated using the given parameters using the
* method described in RFC 2069; otherwise return <code>null</code>.
*
* @param username Username of the Principal to look up
* @param clientDigest Digest which has been submitted by the client
* @param nonce Unique (or supposedly unique) token which has been used
* for this request
* @param realmName Realm name
* @param md5a2 Second MD5 digest used to calculate the digest :
* MD5(Method + ":" + uri)
*/
@Override
public Principal authenticate(String username, String clientDigest,
String nonce, String nc, String cnonce, String qop,
String realmName, String md5a2) {
Principal authenticatedUser = null;
for (Realm realm : realms) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authStart", username, realm.getInfo()));
}
authenticatedUser = realm.authenticate(username, clientDigest, nonce,
nc, cnonce, qop, realmName, md5a2);
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authFail", username, realm.getInfo()));
}
} else {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authSuccess", username, realm.getInfo()));
}
break;
}
}
return authenticatedUser;
}
Example 5
| Source File: DigestAuthenticator.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
public Principal authenticate(Realm realm) {
// Second MD5 digest used to calculate the digest :
// MD5(Method + ":" + uri)
String a2 = method + ":" + uri;
byte[] buffer = ConcurrentMessageDigest.digestMD5(
a2.getBytes(B2CConverter.ISO_8859_1));
String md5a2 = MD5Encoder.encode(buffer);
return realm.authenticate(userName, response, nonce, nc, cnonce,
qop, realmName, md5a2);
}
Example 6
| Source File: SingleSignOn.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
/**
* Attempts reauthentication to the given <code>Realm</code> using
* the credentials associated with the single sign-on session
* identified by argument <code>ssoId</code>.
* <p>
* If reauthentication is successful, the <code>Principal</code> and
* authorization type associated with the SSO session will be bound
* to the given <code>Request</code> object via calls to
* {@link Request#setAuthType Request.setAuthType()} and
* {@link Request#setUserPrincipal Request.setUserPrincipal()}
* </p>
*
* @param ssoId identifier of SingleSignOn session with which the
* caller is associated
* @param realm Realm implementation against which the caller is to
* be authenticated
* @param request the request that needs to be authenticated
*
* @return <code>true</code> if reauthentication was successful,
* <code>false</code> otherwise.
*/
protected boolean reauthenticate(String ssoId, Realm realm,
Request request) {
if (ssoId == null || realm == null) {
return false;
}
boolean reauthenticated = false;
SingleSignOnEntry entry = cache.get(ssoId);
if (entry != null && entry.getCanReauthenticate()) {
String username = entry.getUsername();
if (username != null) {
Principal reauthPrincipal =
realm.authenticate(username, entry.getPassword());
if (reauthPrincipal != null) {
reauthenticated = true;
// Bind the authorization credentials to the request
request.setAuthType(entry.getAuthType());
request.setUserPrincipal(reauthPrincipal);
}
}
}
return reauthenticated;
}
Example 7
| Source File: JwalaAuthenticationProvider.java From jwala with Apache License 2.0 | 5 votes |
|
/**
*
* @param authentication
* @return Authentication
*/
@Override
public Authentication authenticate(Authentication authentication) {
Realm realm;
Set<GrantedAuthority> auths = new HashSet<>();
try {
realm = getTomcatContextRealm();
if(realm instanceof NullRealm) {
throw new ProviderNotFoundException("No Realms configured for Jwala to Authenticate");
}
Principal principal = realm.authenticate(authentication.getName(),
authentication.getCredentials().toString());
if (principal == null) {
throw new BadCredentialsException("Username or Password not found.");
} else {
if (principal instanceof GenericPrincipal) {
String[] roles = ((GenericPrincipal) principal).getRoles();
for (String role : roles) {
auths.add(new SimpleGrantedAuthority(role));
}
}
GrantedAuthoritiesMapperImpl grantedAuthoritiesMapper = new GrantedAuthoritiesMapperImpl();
return new UsernamePasswordAuthenticationToken(authentication.getName(),
authentication.getCredentials(), grantedAuthoritiesMapper.mapAuthorities(auths));
}
} catch (AttributeNotFoundException | InstanceNotFoundException | MBeanException | ReflectionException e) {
LOGGER.error("Error getting realms", e);
throw new ProviderNotFoundException(e.getMessage());
}
}
Example 8
| Source File: CombinedRealm.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
/**
* Return the Principal associated with the specified chain of X509
* client certificates. If there is none, return <code>null</code>.
*
* @param certs Array of client certificates, with the first one in
* the array being the certificate of the client itself.
*/
@Override
public Principal authenticate(X509Certificate[] certs) {
Principal authenticatedUser = null;
String username = null;
if (certs != null && certs.length >0) {
username = certs[0].getSubjectDN().getName();
}
for (Realm realm : realms) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authStart", username, realm.getInfo()));
}
authenticatedUser = realm.authenticate(certs);
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authFail", username, realm.getInfo()));
}
} else {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authSuccess", username, realm.getInfo()));
}
break;
}
}
return authenticatedUser;
}
Example 9
| Source File: TomcatValve4150.java From flex-blazeds with Apache License 2.0 | 5 votes |
|
public Principal login(String username, String password, HttpServletRequest servletRequest)
{
Realm realm = container.getRealm();
if (realm == null)
return null;
Principal principal = realm.authenticate(username, password);
if (principal != null)
{
if (this.request != null && this.request.getRequest() == servletRequest)
{
request.setAuthType("flexmessaging"); //was "flashgateway"
request.setUserPrincipal(principal);
Session session = getSession(request, true);
// Cache the authentication information in our session, if any
if (session != null)
{
session.setAuthType("flexmessaging"); //was "flashgateway"
session.setPrincipal(principal);
if (username != null)
session.setNote(Constants.SESS_USERNAME_NOTE, username);
else
session.removeNote(Constants.SESS_USERNAME_NOTE);
if (password != null)
session.setNote(Constants.SESS_PASSWORD_NOTE, password);
else
session.removeNote(Constants.SESS_PASSWORD_NOTE);
}
}
}
return principal;
}
Example 10
| Source File: TomcatValve.java From flex-blazeds with Apache License 2.0 | 5 votes |
|
public Principal login(String username, String password, HttpServletRequest servletRequest)
{
Realm realm = container.getRealm();
if (realm == null)
return null;
Principal principal = realm.authenticate(username, password);
if (principal == null)
return null;
if (servletRequestMatches(servletRequest))
{
request.setAuthType(AUTH_TYPE);
request.setUserPrincipal(principal);
Session session = getSession(request, true);
// Cache the authentication information in our session.
if (session != null)
{
session.setAuthType(AUTH_TYPE);
session.setPrincipal(principal);
if (username != null)
session.setNote(Constants.SESS_USERNAME_NOTE, username);
else
session.removeNote(Constants.SESS_USERNAME_NOTE);
if (password != null)
session.setNote(Constants.SESS_PASSWORD_NOTE, password);
else
session.removeNote(Constants.SESS_PASSWORD_NOTE);
}
}
return principal;
}
Example 11
| Source File: CombinedRealm.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
/**
* Return the Principal associated with the specified username, which
* matches the digest calculated using the given parameters using the
* method described in RFC 2069; otherwise return <code>null</code>.
*
* @param username Username of the Principal to look up
* @param clientDigest Digest which has been submitted by the client
* @param nonce Unique (or supposedly unique) token which has been used
* for this request
* @param realmName Realm name
* @param md5a2 Second MD5 digest used to calculate the digest :
* MD5(Method + ":" + uri)
*/
@Override
public Principal authenticate(String username, String clientDigest,
String nonce, String nc, String cnonce, String qop,
String realmName, String md5a2) {
Principal authenticatedUser = null;
for (Realm realm : realms) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authStart", username, realm.getInfo()));
}
authenticatedUser = realm.authenticate(username, clientDigest, nonce,
nc, cnonce, qop, realmName, md5a2);
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authFail", username, realm.getInfo()));
}
} else {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authSuccess", username, realm.getInfo()));
}
break;
}
}
return authenticatedUser;
}
Example 12
| Source File: CombinedRealm.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
/**
* Return the Principal associated with the specified chain of X509
* client certificates. If there is none, return <code>null</code>.
*
* @param certs Array of client certificates, with the first one in
* the array being the certificate of the client itself.
*/
@Override
public Principal authenticate(X509Certificate[] certs) {
Principal authenticatedUser = null;
String username = null;
if (certs != null && certs.length >0) {
username = certs[0].getSubjectDN().getName();
}
for (Realm realm : realms) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authStart", username, realm.getInfo()));
}
authenticatedUser = realm.authenticate(certs);
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authFail", username, realm.getInfo()));
}
} else {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authSuccess", username, realm.getInfo()));
}
break;
}
}
return authenticatedUser;
}
Example 13
| Source File: SingleSignOn.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
/**
* Attempts reauthentication to the given <code>Realm</code> using
* the credentials associated with the single sign-on session
* identified by argument <code>ssoId</code>.
* <p>
* If reauthentication is successful, the <code>Principal</code> and
* authorization type associated with the SSO session will be bound
* to the given <code>Request</code> object via calls to
* {@link Request#setAuthType Request.setAuthType()} and
* {@link Request#setUserPrincipal Request.setUserPrincipal()}
* </p>
*
* @param ssoId identifier of SingleSignOn session with which the
* caller is associated
* @param realm Realm implementation against which the caller is to
* be authenticated
* @param request the request that needs to be authenticated
*
* @return <code>true</code> if reauthentication was successful,
* <code>false</code> otherwise.
*/
protected boolean reauthenticate(String ssoId, Realm realm,
Request request) {
if (ssoId == null || realm == null) {
return false;
}
boolean reauthenticated = false;
SingleSignOnEntry entry = cache.get(ssoId);
if (entry != null && entry.getCanReauthenticate()) {
String username = entry.getUsername();
if (username != null) {
Principal reauthPrincipal =
realm.authenticate(username, entry.getPassword());
if (reauthPrincipal != null) {
reauthenticated = true;
// Bind the authorization credentials to the request
request.setAuthType(entry.getAuthType());
request.setUserPrincipal(reauthPrincipal);
}
}
}
return reauthenticated;
}
Example 14
| Source File: CombinedRealm.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
/**
* Return the Principal associated with the specified chain of X509
* client certificates. If there is none, return <code>null</code>.
*
* @param certs Array of client certificates, with the first one in
* the array being the certificate of the client itself.
*/
@Override
public Principal authenticate(X509Certificate[] certs) {
Principal authenticatedUser = null;
String username = null;
if (certs != null && certs.length >0) {
username = certs[0].getSubjectDN().getName();
}
for (Realm realm : realms) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authStart", username,
realm.getClass().getName()));
}
authenticatedUser = realm.authenticate(certs);
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authFail", username,
realm.getClass().getName()));
}
} else {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authSuccess",
username, realm.getClass().getName()));
}
break;
}
}
return authenticatedUser;
}
Example 15
| Source File: Tomcat7Valve.java From flex-blazeds with Apache License 2.0 | 5 votes |
|
public Principal login(String username, String password, HttpServletRequest servletRequest)
{
Realm realm = valve.getContainer().getRealm();
if (realm == null)
return null;
Principal principal = realm.authenticate(username, password);
if (principal == null)
return null;
if (servletRequestMatches(servletRequest))
{
request.setAuthType(AUTH_TYPE);
request.setUserPrincipal(principal);
Session session = getSession(request, true);
// Cache the authentication information in our session.
if (session != null)
{
session.setAuthType(AUTH_TYPE);
session.setPrincipal(principal);
if (username != null)
session.setNote(Constants.SESS_USERNAME_NOTE, username);
else
session.removeNote(Constants.SESS_USERNAME_NOTE);
if (password != null)
session.setNote(Constants.SESS_PASSWORD_NOTE, password);
else
session.removeNote(Constants.SESS_PASSWORD_NOTE);
}
}
return principal;
}
Example 16
| Source File: CombinedRealm.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
/**
* Return the Principal associated with the specified username, which
* matches the digest calculated using the given parameters using the
* method described in RFC 2069; otherwise return <code>null</code>.
*
* @param username Username of the Principal to look up
* @param clientDigest Digest which has been submitted by the client
* @param nonce Unique (or supposedly unique) token which has been used
* for this request
* @param realmName Realm name
* @param md5a2 Second MD5 digest used to calculate the digest :
* MD5(Method + ":" + uri)
*/
@Override
public Principal authenticate(String username, String clientDigest,
String nonce, String nc, String cnonce, String qop,
String realmName, String md5a2) {
Principal authenticatedUser = null;
for (Realm realm : realms) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authStart", username,
realm.getClass().getName()));
}
authenticatedUser = realm.authenticate(username, clientDigest, nonce,
nc, cnonce, qop, realmName, md5a2);
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authFail", username,
realm.getClass().getName()));
}
} else {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authSuccess",
username, realm.getClass().getName()));
}
break;
}
}
return authenticatedUser;
}
Example 17
| Source File: DigestAuthenticator.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
public Principal authenticate(Realm realm) {
// Second MD5 digest used to calculate the digest :
// MD5(Method + ":" + uri)
String a2 = method + ":" + uri;
byte[] buffer = ConcurrentMessageDigest.digestMD5(
a2.getBytes(StandardCharsets.ISO_8859_1));
String md5a2 = MD5Encoder.encode(buffer);
return realm.authenticate(userName, response, nonce, nc, cnonce,
qop, realmName, md5a2);
}
Example 18
| Source File: CombinedRealm.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
|
/**
* {@inheritDoc}
*/
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
if (gssContext.isEstablished()) {
Principal authenticatedUser = null;
String username = null;
GSSName name = null;
try {
name = gssContext.getSrcName();
} catch (GSSException e) {
log.warn(sm.getString("realmBase.gssNameFail"), e);
return null;
}
username = name.toString();
for (Realm realm : realms) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authStart",
username, realm.getInfo()));
}
authenticatedUser = realm.authenticate(gssContext, storeCreds);
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authFail",
username, realm.getInfo()));
}
} else {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authSuccess",
username, realm.getInfo()));
}
break;
}
}
return authenticatedUser;
}
// Fail in all other cases
return null;
}
Example 19
| Source File: CombinedRealm.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
/**
* {@inheritDoc}
*/
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCred) {
if (gssContext.isEstablished()) {
Principal authenticatedUser = null;
String username = null;
GSSName name = null;
try {
name = gssContext.getSrcName();
} catch (GSSException e) {
log.warn(sm.getString("realmBase.gssNameFail"), e);
return null;
}
username = name.toString();
for (Realm realm : realms) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authStart",
username, realm.getClass().getName()));
}
authenticatedUser = realm.authenticate(gssContext, storeCred);
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authFail",
username, realm.getClass().getName()));
}
} else {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authSuccess",
username, realm.getClass().getName()));
}
break;
}
}
return authenticatedUser;
}
// Fail in all other cases
return null;
}
Example 20
| Source File: CombinedRealm.java From tomcatsrc with Apache License 2.0 | 4 votes |
|
/**
* {@inheritDoc}
*/
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
if (gssContext.isEstablished()) {
Principal authenticatedUser = null;
String username = null;
GSSName name = null;
try {
name = gssContext.getSrcName();
} catch (GSSException e) {
log.warn(sm.getString("realmBase.gssNameFail"), e);
return null;
}
username = name.toString();
for (Realm realm : realms) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authStart",
username, realm.getInfo()));
}
authenticatedUser = realm.authenticate(gssContext, storeCreds);
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authFail",
username, realm.getInfo()));
}
} else {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authSuccess",
username, realm.getInfo()));
}
break;
}
}
return authenticatedUser;
}
// Fail in all other cases
return null;
}
