javax.security.auth.message.AuthStatus Java Examples
The following examples show how to use
javax.security.auth.message.AuthStatus.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: TheServerAuthModule.java From tomee with Apache License 2.0 | 6 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject)
throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
Callback[] callbacks;
if (request.getParameter("doLogin") != null) {
callbacks = new Callback[]{new CallerPrincipalCallback(clientSubject, "test"),
new GroupPrincipalCallback(clientSubject, new String[]{"architect"})};
} else {
callbacks = new Callback[]{new CallerPrincipalCallback(clientSubject, (Principal) null)};
}
try {
handler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw (AuthException) new AuthException().initCause(e);
}
cdi(messageInfo, "vr");
return SUCCESS;
}
Example #2
| Source File: TomEESecurityContext.java From tomee with Apache License 2.0 | 6 votes |
|
@Override
public AuthenticationStatus authenticate(final HttpServletRequest request,
final HttpServletResponse response,
final AuthenticationParameters parameters) {
try {
final MessageInfo messageInfo = new TomEEMessageInfo(request, response, true, parameters);
final ServerAuthContext serverAuthContext = getServerAuthContext(request);
final AuthStatus authStatus = serverAuthContext.validateRequest(messageInfo, new Subject(), null);
return mapToAuthenticationStatus(authStatus);
} catch (final AuthException e) {
return AuthenticationStatus.SEND_FAILURE;
}
}
Example #3
| Source File: CustomServerAuthContext.java From eplmp with Eclipse Public License 1.0 | 6 votes |
|
@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
AuthServices.addCORSHeaders(response);
LOGGER.log(Level.FINE, "secureResponse @" + request.getMethod() + " " + request.getRequestURI());
if (isOptionsRequest(request)) {
return AuthStatus.SEND_SUCCESS;
}
CustomSAM module = getModule(messageInfo);
if (module != null) {
return module.secureResponse(messageInfo, serviceSubject);
}
return AuthStatus.SEND_FAILURE;
}
Example #4
| Source File: CustomServerAuthContext.java From eplmp with Eclipse Public License 1.0 | 6 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
AuthServices.addCORSHeaders(response);
LOGGER.log(Level.FINE, "validateRequest @" + request.getMethod() + " " + request.getRequestURI());
if (isOptionsRequest(request)) {
return AuthStatus.SUCCESS;
}
CustomSAM module = getModule(messageInfo);
if (module != null) {
return module.validateRequest(messageInfo, clientSubject, serviceSubject);
}
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return AuthStatus.FAILURE;
}
Example #5
| Source File: JBossClientAuthContext.java From lams with GNU General Public License v2.0 | 6 votes |
|
/**
* @see ClientAuthContext#validateResponse(javax.security.auth.message.MessageInfo, javax.security.auth.Subject, javax.security.auth.Subject)
*/
@SuppressWarnings("rawtypes")
public AuthStatus validateResponse(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject) throws AuthException
{
Iterator iter = config.getClientAuthModules().iterator();
AuthStatus status = null;
while(iter.hasNext())
{
status = ((ClientAuthModule)iter.next()).validateResponse(messageInfo,clientSubject,
serviceSubject);
if(status == AuthStatus.FAILURE)
break;
}
return status;
}
Example #6
| Source File: GuestSAM.java From eplmp with Eclipse Public License 1.0 | 6 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
LOGGER.log(Level.FINE, "Validating request @" + request.getMethod() + " " + request.getRequestURI());
CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(clientSubject, "");
GroupPrincipalCallback groupPrincipalCallback = new GroupPrincipalCallback(clientSubject, new String[]{UserGroupMapping.GUEST_ROLE_ID});
Callback[] callbacks = {callerPrincipalCallback, groupPrincipalCallback};
try {
callbackHandler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
}
return AuthStatus.SUCCESS;
}
Example #7
| Source File: SessionSAM.java From eplmp with Eclipse Public License 1.0 | 6 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
LOGGER.log(Level.FINE, "Validating request @" + request.getMethod() + " " + request.getRequestURI());
String login = (String) request.getSession().getAttribute("login");
String groups = (String) request.getSession().getAttribute("groups");
CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(clientSubject, login);
GroupPrincipalCallback groupPrincipalCallback = new GroupPrincipalCallback(clientSubject, new String[]{groups});
Callback[] callbacks = new Callback[]{callerPrincipalCallback, groupPrincipalCallback};
try {
callbackHandler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
}
return AuthStatus.SUCCESS;
}
Example #8
| Source File: SimpleServerAuthContext.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@SuppressWarnings("unchecked") // JASPIC API uses raw types
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject) throws AuthException {
for (int moduleIndex = 0; moduleIndex < modules.size(); moduleIndex++) {
ServerAuthModule module = modules.get(moduleIndex);
AuthStatus result = module.validateRequest(messageInfo, clientSubject, serviceSubject);
if (result != AuthStatus.SEND_FAILURE) {
messageInfo.getMap().put("moduleIndex", Integer.valueOf(moduleIndex));
return result;
}
}
return AuthStatus.SEND_FAILURE;
}
Example #9
| Source File: TomEESecurityServerAuthModule.java From tomee with Apache License 2.0 | 5 votes |
|
private AuthStatus mapToAuthStatus(final AuthenticationStatus authenticationStatus) {
switch (authenticationStatus) {
case SUCCESS:
case NOT_DONE:
return AuthStatus.SUCCESS;
case SEND_FAILURE:
return AuthStatus.SEND_FAILURE;
case SEND_CONTINUE:
return AuthStatus.SEND_CONTINUE;
default:
throw new IllegalArgumentException();
}
}
Example #10
| Source File: TomEESecurityServerAuthModule.java From tomee with Apache License 2.0 | 5 votes |
|
@Override
public AuthStatus validateRequest(final MessageInfo messageInfo, final Subject clientSubject,
final Subject serviceSubject)
throws AuthException {
final HttpMessageContext httpMessageContext =
httpMessageContext(handler, messageInfo, clientSubject, serviceSubject);
final HttpAuthenticationMechanism authenticationMechanism =
CDI.current()
.select(TomEESecurityServletAuthenticationMechanismMapper.class)
.get()
.getCurrentAuthenticationMechanism(httpMessageContext);
final AuthenticationStatus authenticationStatus;
try {
authenticationStatus =
authenticationMechanism.validateRequest(httpMessageContext.getRequest(),
httpMessageContext.getResponse(),
httpMessageContext);
} catch (final AuthenticationException e) {
final AuthException authException = new AuthException(e.getMessage());
authException.initCause(e);
throw authException;
}
return mapToAuthStatus(authenticationStatus);
}
Example #11
| Source File: TomEESecurityContext.java From tomee with Apache License 2.0 | 5 votes |
|
private AuthenticationStatus mapToAuthenticationStatus(final AuthStatus authStatus) {
if (SUCCESS.equals(authStatus)) {
return AuthenticationStatus.SUCCESS;
}
if (SEND_FAILURE.equals(authStatus)) {
return AuthenticationStatus.SEND_FAILURE;
}
if (SEND_CONTINUE.equals(authStatus)) {
return AuthenticationStatus.SEND_CONTINUE;
}
throw new IllegalArgumentException();
}
Example #12
| Source File: JWTSAM.java From eplmp with Eclipse Public License 1.0 | 5 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
LOGGER.log(Level.FINE, "Validating request @" + request.getMethod() + " " + request.getRequestURI());
String authorization = request.getHeader("Authorization");
String[] splitAuthorization = authorization.split(" ");
String jwt = splitAuthorization[1];
JWTokenUserGroupMapping jwTokenUserGroupMapping = JWTokenFactory.validateAuthToken(key, jwt);
if (jwTokenUserGroupMapping != null) {
UserGroupMapping userGroupMapping = jwTokenUserGroupMapping.getUserGroupMapping();
CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(clientSubject, userGroupMapping.getLogin());
GroupPrincipalCallback groupPrincipalCallback = new GroupPrincipalCallback(clientSubject, new String[]{userGroupMapping.getGroupName()});
Callback[] callbacks = new Callback[]{callerPrincipalCallback, groupPrincipalCallback};
try {
callbackHandler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
}
JWTokenFactory.refreshTokenIfNeeded(key, response, jwTokenUserGroupMapping);
return AuthStatus.SUCCESS;
}
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return AuthStatus.FAILURE;
}
Example #13
| Source File: SimpleClientAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ClientAuthModule#validateResponse(javax.security.auth.message.MessageInfo, javax.security.auth.Subject, javax.security.auth.Subject)
*/
public AuthStatus validateResponse(MessageInfo messageInfo, Subject source, Subject recipient) throws AuthException
{
//Custom check: Check that the source of the response and the recipient
// of the response have identical credentials
Set sourceSet = source.getPrincipals(SimplePrincipal.class);
Set recipientSet = recipient.getPrincipals(SimplePrincipal.class);
if(sourceSet == null && recipientSet == null)
throw new AuthException();
if(sourceSet.size() != recipientSet.size())
throw new AuthException(PicketBoxMessages.MESSAGES.sizeMismatchMessage("source", "recipient"));
return AuthStatus.SUCCESS;
}
Example #14
| Source File: SimpleClientAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ClientAuthModule#secureRequest(javax.security.auth.message.MessageInfo, javax.security.auth.Subject)
*/
public AuthStatus secureRequest(MessageInfo param, Subject source)
throws AuthException
{
source.getPrincipals().add(this.principal);
source.getPublicCredentials().add(this.credential);
return AuthStatus.SUCCESS;
}
Example #15
| Source File: AbstractServerAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* This method delegates to a login module if configured in the module options.
* The sub classes will need to validate the request
*/
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject)
throws AuthException
{
String loginModuleName = (String) options.get("login-module-delegate");
if(loginModuleName != null)
{
ClassLoader tcl = SecurityActions.getContextClassLoader();
try
{
Class clazz = tcl.loadClass(loginModuleName);
LoginModule lm = (LoginModule) clazz.newInstance();
lm.initialize(clientSubject, callbackHandler, new HashMap(), options);
lm.login();
lm.commit();
}
catch (Exception e)
{
throw new AuthException(e.getLocalizedMessage());
}
}
else
{
return validate(clientSubject, messageInfo) ? AuthStatus.SUCCESS : AuthStatus.FAILURE;
}
return AuthStatus.SUCCESS;
}
Example #16
| Source File: JBossServerAuthContext.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ServerAuthContext#validateRequest(javax.security.auth.message.MessageInfo, javax.security.auth.Subject, javax.security.auth.Subject)
*/
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject) throws AuthException
{
List<ServerAuthModule> supportingModules = new ArrayList<ServerAuthModule>();
Class requestType = messageInfo.getRequestMessage().getClass();
Class[] requestInterfaces = requestType.getInterfaces();
List<Class> intfaee = Arrays.asList(requestInterfaces);
for(ServerAuthModule sam:modules)
{
List<Class> supportedTypes = Arrays.asList(sam.getSupportedMessageTypes());
//Check the interfaces
for(Class clazz:intfaee)
{
if(supportedTypes.contains(clazz) && !supportingModules.contains(sam))
supportingModules.add(sam);
}
//Check the class type also
if((supportedTypes.contains(Object.class) || supportedTypes.contains(requestType))
&& !supportingModules.contains(sam))
supportingModules.add(sam);
}
if(supportingModules.size() == 0)
throw PicketBoxMessages.MESSAGES.noServerAuthModuleForRequestType(requestType);
AuthStatus authStatus = invokeModules(messageInfo, clientSubject, serviceSubject);
return authStatus;
}
Example #17
| Source File: JBossServerAuthContext.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ServerAuthContext#secureResponse(javax.security.auth.message.MessageInfo, javax.security.auth.Subject)
*/
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException
{
AuthStatus status = null;
for(ServerAuthModule sam:modules)
{
status = sam.secureResponse(messageInfo, serviceSubject);
}
return status;
}
Example #18
| Source File: JBossClientAuthContext.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ClientAuthContext#secureRequest(javax.security.auth.message.MessageInfo, javax.security.auth.Subject
*/
@SuppressWarnings("rawtypes")
public AuthStatus secureRequest(MessageInfo messageInfo, Subject clientSubject) throws AuthException
{
Iterator iter = config.getClientAuthModules().iterator();
AuthStatus status = null;
while(iter.hasNext())
{
status = ((ClientAuthModule)iter.next()).secureRequest(messageInfo,clientSubject);
if(status == AuthStatus.FAILURE)
break;
}
return status;
}
Example #19
| Source File: DoNothingServerAuthModule.java From piranha with BSD 3-Clause "New" or "Revised" License | 5 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
try {
// The JASPIC protocol for "do nothing"
handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) });
return SUCCESS;
} catch (IOException | UnsupportedCallbackException e) {
throw (AuthException) new AuthException().initCause(e);
}
}
Example #20
| Source File: TheServerAuthContext.java From tomee with Apache License 2.0 | 4 votes |
|
@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException {
return serverAuthModule.secureResponse(messageInfo, serviceSubject);
}
Example #21
| Source File: TheServerAuthContext.java From tomee with Apache License 2.0 | 4 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject)
throws AuthException {
return serverAuthModule.validateRequest(messageInfo, clientSubject, serviceSubject);
}
Example #22
| Source File: TheServerAuthModule.java From tomee with Apache License 2.0 | 4 votes |
|
@Override
public AuthStatus secureResponse(final MessageInfo messageInfo, final Subject serviceSubject) throws AuthException {
cdi(messageInfo, "sr");
return AuthStatus.SEND_SUCCESS;
}
Example #23
| Source File: AuthenticatorBase.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
private boolean authenticateJaspic(Request request, Response response, JaspicState state,
boolean requirePrincipal) {
boolean cachedAuth = checkForCachedAuthentication(request, response, false);
Subject client = new Subject();
AuthStatus authStatus;
try {
authStatus = state.serverAuthContext.validateRequest(state.messageInfo, client, null);
} catch (AuthException e) {
log.debug(sm.getString("authenticator.loginFail"), e);
return false;
}
request.setRequest((HttpServletRequest) state.messageInfo.getRequestMessage());
response.setResponse((HttpServletResponse) state.messageInfo.getResponseMessage());
if (authStatus == AuthStatus.SUCCESS) {
GenericPrincipal principal = getPrincipal(client);
if (log.isDebugEnabled()) {
log.debug("Authenticated user: " + principal);
}
if (principal == null) {
request.setUserPrincipal(null);
request.setAuthType(null);
if (requirePrincipal) {
return false;
}
} else if (cachedAuth == false ||
!principal.getUserPrincipal().equals(request.getUserPrincipal())) {
// Skip registration if authentication credentials were
// cached and the Principal did not change.
@SuppressWarnings("rawtypes")// JASPIC API uses raw types
Map map = state.messageInfo.getMap();
if (map != null && map.containsKey("javax.servlet.http.registerSession")) {
register(request, response, principal, "JASPIC", null, null, true, true);
} else {
register(request, response, principal, "JASPIC", null, null);
}
}
request.setNote(Constants.REQ_JASPIC_SUBJECT_NOTE, client);
return true;
}
return false;
}
Example #24
| Source File: TomEESecurityServerAuthContext.java From tomee with Apache License 2.0 | 4 votes |
|
@Override
public AuthStatus validateRequest(final MessageInfo messageInfo, final Subject clientSubject,
final Subject serviceSubject)
throws AuthException {
return serverAuthModule.validateRequest(messageInfo, clientSubject, serviceSubject);
}
Example #25
| Source File: TomEESecurityServerAuthContext.java From tomee with Apache License 2.0 | 4 votes |
|
@Override
public AuthStatus secureResponse(final MessageInfo messageInfo, final Subject serviceSubject)
throws AuthException {
return serverAuthModule.secureResponse(messageInfo, serviceSubject);
}
Example #26
| Source File: SimpleServerAuthContext.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject)
throws AuthException {
ServerAuthModule module = modules.get(((Integer) messageInfo.getMap().get("moduleIndex")).intValue());
return module.secureResponse(messageInfo, serviceSubject);
}
Example #27
| Source File: TesterServerAuthModuleA.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject) throws AuthException {
return null;
}
Example #28
| Source File: TomEESecurityServerAuthModule.java From tomee with Apache License 2.0 | 4 votes |
|
@Override
public AuthStatus secureResponse(final MessageInfo messageInfo, final Subject serviceSubject) throws AuthException {
return AuthStatus.SUCCESS;
}
Example #29
| Source File: TesterServerAuthModuleA.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject)
throws AuthException {
return null;
}
Example #30
| Source File: DoNothingServerAuthModule.java From piranha with BSD 3-Clause "New" or "Revised" License | 4 votes |
|
@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException {
return SEND_SUCCESS;
}
