javax.security.auth.message.config.AuthConfigFactory Java Examples

The following examples show how to use javax.security.auth.message.config.AuthConfigFactory. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: TestAuthConfigFactoryImpl.java    From Tomcat8-Source-Read with MIT License 6 votes vote down vote up
private void doTestSearchOrder(String layer, String appContext, int expected) {
    AuthConfigFactory factory = new AuthConfigFactoryImpl();
    AuthConfigProvider acp1 = new SimpleAuthConfigProvider(null, null);
    factory.registerConfigProvider(acp1, null, null, "1");
    AuthConfigProvider acp2 = new SimpleAuthConfigProvider(null, null);
    factory.registerConfigProvider(acp2, null, "AC_1", "2");
    AuthConfigProvider acp3 = new SimpleAuthConfigProvider(null, null);
    factory.registerConfigProvider(acp3, "L_1", null, "3");
    AuthConfigProvider acp4 = new SimpleAuthConfigProvider(null, null);
    factory.registerConfigProvider(acp4, "L_2", "AC_2", "4");

    AuthConfigProvider searchResult = factory.getConfigProvider(layer, appContext, null);
    int searchIndex;
    if (searchResult == acp1) {
        searchIndex = 1;
    } else if (searchResult == acp2) {
        searchIndex = 2;
    } else if (searchResult == acp3) {
        searchIndex = 3;
    } else if (searchResult == acp4) {
        searchIndex = 4;
    } else {
        searchIndex = -1;
    }
    Assert.assertEquals(expected, searchIndex);
}
 
Example #2
Source File: TestAuthConfigFactoryImpl.java    From Tomcat8-Source-Read with MIT License 6 votes vote down vote up
private void doTestResistration(String layer, String appContext, String expectedRegId) {
    AuthConfigFactory factory = new AuthConfigFactoryImpl();
    AuthConfigProvider acp1 = new SimpleAuthConfigProvider(null, null);
    SimpleRegistrationListener listener = new SimpleRegistrationListener(layer, appContext);

    String regId = factory.registerConfigProvider(acp1, layer, appContext, null);
    Assert.assertEquals(expectedRegId, regId);

    factory.getConfigProvider(layer, appContext, listener);
    factory.removeRegistration(regId);
    Assert.assertTrue(listener.wasCorrectlyCalled());

    listener.reset();
    factory.registerConfigProvider(acp1, layer, appContext, null);
    factory.getConfigProvider(layer, appContext, listener);
    // Replace it
    AuthConfigProvider acp2 = new SimpleAuthConfigProvider(null, null);
    factory.registerConfigProvider(acp2, layer, appContext, null);
    Assert.assertTrue(listener.wasCorrectlyCalled());
}
 
Example #3
Source File: TestAuthConfigFactoryImpl.java    From Tomcat8-Source-Read with MIT License 6 votes vote down vote up
@Test
public void testRemovePersistentRegistration() {
        AuthConfigFactory factory = new AuthConfigFactoryImpl();
        factory.registerConfigProvider(
                SimpleAuthConfigProvider.class.getName(), null, "L_1", "AC_1", null);
        String registrationId2 = factory.registerConfigProvider(
                SimpleAuthConfigProvider.class.getName(), null, "L_2", "AC_2", null);

        factory.removeRegistration(registrationId2);
        factory.refresh();

        String[] registrationIds = factory.getRegistrationIDs(null);
        for (String registrationId : registrationIds) {
            Assert.assertNotEquals(registrationId2, registrationId);
        }
}
 
Example #4
Source File: ExampleApplicationTest.java    From crnk-example with Apache License 2.0 6 votes vote down vote up
@Before
public void setup() {
    RestAssured.port = port;

    docs = setupAsciidoc();

    client = new CrnkClient("http://localhost:" + port + "/api");
    client.addModule(docs);
    client.addModule(new PlainJsonFormatModule());
    client.findModules();

    // NPE fix
    if (AuthConfigFactory.getFactory() == null) {
        AuthConfigFactory.setFactory(new AuthConfigFactoryImpl());
    }
}
 
Example #5
Source File: BasicSpringBoot2Test.java    From crnk-framework with Apache License 2.0 5 votes vote down vote up
@Before
public void setup() {
	TestModule.clear();

	// NPE fix
	if (AuthConfigFactory.getFactory() == null) {
		AuthConfigFactory.setFactory(new AuthConfigFactoryImpl());
	}
}
 
Example #6
Source File: Init.java    From tomee with Apache License 2.0 5 votes vote down vote up
@Override
public void contextInitialized(final ServletContextEvent sce) {
    final ServletContext context = sce.getServletContext();
    AuthConfigFactory.getFactory().registerConfigProvider(
            new TheAuthConfigProvider(new TheServerAuthModule()),
            "HttpServlet", context.getVirtualServerName() + " " + context.getContextPath(),
            "Test authentication config provider");
}
 
Example #7
Source File: TomEESecurityContext.java    From tomee with Apache License 2.0 5 votes vote down vote up
private ServerAuthContext getServerAuthContext(final HttpServletRequest request) throws AuthException {
    final String appContext = request.getServletContext().getVirtualServerName() + " " + request.getContextPath();

    final AuthConfigProvider authConfigProvider =
            AuthConfigFactory.getFactory().getConfigProvider("HttpServlet", appContext, null);
    final ServerAuthConfig serverAuthConfig =
            authConfigProvider.getServerAuthConfig("HttpServlet", appContext, CallbackHandlerImpl.getInstance());

    return serverAuthConfig.getAuthContext(null, null, null);
}
 
Example #8
Source File: TomEESecurityServletContainerInitializer.java    From tomee with Apache License 2.0 5 votes vote down vote up
@Override
public void onStartup(final Set<Class<?>> c, final ServletContext ctx) throws ServletException {
    final TomEESecurityExtension securityExtension =
            CDI.current().getBeanManager().getExtension(TomEESecurityExtension.class);

    if (securityExtension.hasAuthenticationMechanisms()) {
        AuthConfigFactory.getFactory().registerConfigProvider(
                new TomEESecurityAuthConfigProvider(),
                "HttpServlet",                                              // from AuthenticatorBase.java:1245
                ctx.getVirtualServerName() + " " + ctx.getContextPath(),    // from AuthenticatorBase.java:1178
                "TomEE Security JSR-375");
    }
}
 
Example #9
Source File: ElytronDefinition.java    From wildfly-core with GNU Lesser General Public License v2.1 5 votes vote down vote up
private static AuthConfigFactory getAuthConfigFactory() {
    ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
    try {
        Thread.currentThread().setContextClassLoader(ElytronDefinition.class.getClassLoader());
        return AuthConfigFactory.getFactory();
    } catch (Exception e) {
        ROOT_LOGGER.trace("Unable to load default AuthConfigFactory.", e);
        return null;
    } finally {
        Thread.currentThread().setContextClassLoader(classLoader);
    }
}
 
Example #10
Source File: JaspiDefinition.java    From wildfly-core with GNU Lesser General Public License v2.1 5 votes vote down vote up
private static void removeRegistration(final OperationContext context) {
    final String registrationId = REGISTRATION_MAP.remove(context.getCurrentAddressValue());
    if (registrationId != null) {
        AuthConfigFactory authConfigFactory = AuthConfigFactory.getFactory();
        authConfigFactory.removeRegistration(registrationId);
    }
}
 
Example #11
Source File: JBossAuthConfigProvider.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Create a new JBossAuthConfigProvider.
 * 
 * @param props Context Properties
 */
public JBossAuthConfigProvider(Map<String,Object> props, AuthConfigFactory factory)
{
   this.contextProperties = props;
   
   // if a factory has been supplied this provider needs to register itself.
   if (factory != null)
      factory.registerConfigProvider(this, null, null, "JBossAuthConfigProvider Self Registration");
}
 
Example #12
Source File: SpringBootSimpleExampleApplicationTests.java    From crnk-framework with Apache License 2.0 5 votes vote down vote up
@Before
public void setup() {
    // NPE fix
    if (AuthConfigFactory.getFactory() == null) {
        AuthConfigFactory.setFactory(new AuthConfigFactoryImpl());
    }
}
 
Example #13
Source File: BasicSpringBoot1Test.java    From crnk-framework with Apache License 2.0 5 votes vote down vote up
@Before
public void setup() {
	TestModule.clear();

	// NPE fix
	if (AuthConfigFactory.getFactory() == null) {
		AuthConfigFactory.setFactory(new AuthConfigFactoryImpl());
	}
}
 
Example #14
Source File: AuthenticatorBase.java    From Tomcat8-Source-Read with MIT License 5 votes vote down vote up
private AuthConfigProvider findJaspicProvider() {
    AuthConfigFactory factory = AuthConfigFactory.getFactory();
    AuthConfigProvider provider = null;
    if (factory != null) {
        provider = factory.getConfigProvider("HttpServlet", jaspicAppContextID, this);
    }
    if (provider == null) {
        provider = NO_PROVIDER_AVAILABLE;
    }
    jaspicProvider = provider;
    return provider;
}
 
Example #15
Source File: TestAuthConfigFactoryImpl.java    From Tomcat8-Source-Read with MIT License 5 votes vote down vote up
private void doTestNullClassName(boolean shouldOverrideExistingProvider, String layer, String appContext) {
        AuthConfigFactory factory = new AuthConfigFactoryImpl();
        if (shouldOverrideExistingProvider) {
            factory.registerConfigProvider(SimpleAuthConfigProvider.class.getName(), null, layer, appContext, null);
        }
        String registrationId = factory.registerConfigProvider(null, null, layer, appContext, null);
        factory.refresh();

        String[] registrationIds = factory.getRegistrationIDs(null);
        Set<String> ids = new HashSet<>(Arrays.asList(registrationIds));
        Assert.assertTrue(ids.contains(registrationId));
        AuthConfigProvider provider = factory.getConfigProvider(layer, appContext, null);
        Assert.assertNull(provider);
}
 
Example #16
Source File: TestAuthConfigFactoryImpl.java    From Tomcat8-Source-Read with MIT License 5 votes vote down vote up
@Test
public void testAllRegistrationIds() {
    AuthConfigFactory factory = new AuthConfigFactoryImpl();
    AuthConfigProvider acp1 = new SimpleAuthConfigProvider(null, null);
    String registrationId1 = factory.registerConfigProvider(acp1, "L_1", "AC_1", null);
    AuthConfigProvider acp2 = new SimpleAuthConfigProvider(null, null);
    String registrationId2 = factory.registerConfigProvider(acp2, "L_2", "AC_2", null);

    String[] registrationIds = factory.getRegistrationIDs(null);
    Assert.assertTrue(registrationIds.length == 2);
    Set<String> ids = new HashSet<>(Arrays.asList(registrationIds));
    Assert.assertTrue(ids.contains(registrationId1));
    Assert.assertTrue(ids.contains(registrationId2));
}
 
Example #17
Source File: TestAuthConfigFactoryImpl.java    From Tomcat8-Source-Read with MIT License 5 votes vote down vote up
@Test
public void testRegistrationNullListener() {
    AuthConfigFactory factory = new AuthConfigFactoryImpl();
    AuthConfigProvider acp1 = new SimpleAuthConfigProvider(null, null);
    String registrationId = factory.registerConfigProvider(acp1, "L_1", "AC_1", null);

    factory.getConfigProvider("L_1", "AC_1", null);

    boolean result = factory.removeRegistration(registrationId);
    Assert.assertTrue(result);
}
 
Example #18
Source File: TestAuthConfigFactoryImpl.java    From Tomcat8-Source-Read with MIT License 5 votes vote down vote up
@Test
public void testDetachListener() {
    AuthConfigFactory factory = new AuthConfigFactoryImpl();
    AuthConfigProvider acp1 = new SimpleAuthConfigProvider(null, null);
    String registrationId = factory.registerConfigProvider(acp1, "L_1", "AC_1", null);

    SimpleRegistrationListener listener1 = new SimpleRegistrationListener("L_1", "AC_1");
    factory.getConfigProvider("L_1", "AC_1", listener1);

    String[] registrationIds = factory.detachListener(listener1, "L_1", "AC_1");
    Assert.assertTrue(registrationIds.length == 1);
    Assert.assertEquals(registrationId, registrationIds[0]);
}
 
Example #19
Source File: TestAuthConfigFactoryImpl.java    From Tomcat8-Source-Read with MIT License 5 votes vote down vote up
@Test
public void testDetachListenerNonexistingRegistration() {
    AuthConfigFactory factory = new AuthConfigFactoryImpl();
    AuthConfigProvider acp1 = new SimpleAuthConfigProvider(null, null);
    String registrationId = factory.registerConfigProvider(acp1, "L_1", "AC_1", null);

    SimpleRegistrationListener listener1 = new SimpleRegistrationListener("L_1", "AC_1");
    factory.getConfigProvider("L_1", "AC_1", listener1);

    factory.removeRegistration(registrationId);
    String[] registrationIds = factory.detachListener(listener1, "L_1", "AC_1");
    Assert.assertTrue(registrationIds.length == 0);
}
 
Example #20
Source File: ElytronDefinition.java    From wildfly-core with GNU Lesser General Public License v2.1 4 votes vote down vote up
private static void registerAuthConfigFactory(final AuthConfigFactory authConfigFactory) {
    doPrivileged((PrivilegedAction<Void>) () -> {
        AuthConfigFactory.setFactory(authConfigFactory);
        return null;
    });
}
 
Example #21
Source File: ElytronDefinition.java    From wildfly-core with GNU Lesser General Public License v2.1 4 votes vote down vote up
private boolean registerJaspiFactory(final OperationContext context, final ModelNode model) throws OperationFailedException {
    String jaspiFactory = doPrivileged(new ReadPropertyAction(AuthConfigFactory.DEFAULT_FACTORY_SECURITY_PROPERTY));

    return jaspiFactory == null && REGISTER_JASPI_FACTORY.resolveModelAttribute(context, model).asBoolean();
}
 
Example #22
Source File: ServingLayer.java    From oryx with Apache License 2.0 4 votes vote down vote up
private void makeContext(Tomcat tomcat, Path noSuchBaseDir) throws IOException {
  Path contextPath = noSuchBaseDir.resolve("context");
  Files.createDirectories(contextPath);

  context = tomcat.addContext(contextPathURIBase, contextPath.toAbsolutePath().toString());

  context.setWebappVersion("3.1");
  context.setName("Oryx");

  context.addWelcomeFile("index.html");
  addErrorPages(context);

  // OryxApplication only needs one config value, so just pass it
  context.addParameter(OryxApplication.class.getName() + ".packages", appResourcesPackages);
  // ModelManagerListener will need whole config
  String serializedConfig = ConfigUtils.serialize(config);
  context.addParameter(ConfigUtils.class.getName() + ".serialized", serializedConfig);

  Wrapper wrapper =
      Tomcat.addServlet(context, "Jersey", "org.glassfish.jersey.servlet.ServletContainer");
  wrapper.addInitParameter("javax.ws.rs.Application", OryxApplication.class.getName());
  //wrapper.addInitParameter(OryxApplication.class.getName() + ".packages", appResourcesPackage);
  wrapper.addMapping("/*");
  wrapper.setLoadOnStartup(1);
  wrapper.setMultipartConfigElement(new MultipartConfigElement(""));

  if (!doNotInitTopics) { // Only for tests
    context.addApplicationListener(ModelManagerListener.class.getName());
  }

  // Better way to configure JASPIC?
  AuthConfigFactory.setFactory(new AuthConfigFactoryImpl());

  boolean needHTTPS = keystoreFile != null;
  boolean needAuthentication = userName != null;

  if (needHTTPS || needAuthentication) {

    SecurityCollection securityCollection = new SecurityCollection();
    securityCollection.addPattern("/*");
    SecurityConstraint securityConstraint = new SecurityConstraint();
    securityConstraint.addCollection(securityCollection);

    if (needHTTPS) {
      securityConstraint.setUserConstraint("CONFIDENTIAL");
    }

    if (needAuthentication) {

      LoginConfig loginConfig = new LoginConfig();
      loginConfig.setAuthMethod("DIGEST");
      loginConfig.setRealmName(InMemoryRealm.NAME);
      context.setLoginConfig(loginConfig);

      securityConstraint.addAuthRole(InMemoryRealm.AUTH_ROLE);

      context.addSecurityRole(InMemoryRealm.AUTH_ROLE);
      DigestAuthenticator authenticator = new DigestAuthenticator();
      authenticator.setNonceValidity(10 * 1000L); // Shorten from 5 minutes to 10 seconds
      authenticator.setNonceCacheSize(20000); // Increase from 1000 to 20000
      context.getPipeline().addValve(authenticator);
    }

    context.addConstraint(securityConstraint);
  }

  context.setCookies(false);
}
 
Example #23
Source File: TestAuthConfigFactoryImpl.java    From Tomcat8-Source-Read with MIT License 4 votes vote down vote up
private void doTestRegistrationInsert(String newLayer, String newAppContext,
        String expectedListenerLayer, String expectedListenerAppContext) {
    // Set up
    AuthConfigFactory factory = new AuthConfigFactoryImpl();
    AuthConfigProvider acp1 = new SimpleAuthConfigProvider(null, null);
    factory.registerConfigProvider(acp1, "L_1", "AC_1", null);
    AuthConfigProvider acp2 = new SimpleAuthConfigProvider(null, null);
    factory.registerConfigProvider(acp2, null, "AC_2", null);
    AuthConfigProvider acp3 = new SimpleAuthConfigProvider(null, null);
    factory.registerConfigProvider(acp3, "L_2", null, null);
    AuthConfigProvider acp4 = new SimpleAuthConfigProvider(null, null);
    factory.registerConfigProvider(acp4, null, null, null);

    SimpleRegistrationListener listener1 = new SimpleRegistrationListener("L_1", "AC_1");
    factory.getConfigProvider("L_1", "AC_1", listener1);
    SimpleRegistrationListener listener2 = new SimpleRegistrationListener("L_3", "AC_2");
    factory.getConfigProvider("L_3", "AC_2", listener2);
    SimpleRegistrationListener listener3 = new SimpleRegistrationListener("L_2", "AC_3");
    factory.getConfigProvider("L_2", "AC_3", listener3);
    SimpleRegistrationListener listener4 = new SimpleRegistrationListener("L_4", "AC_4");
    factory.getConfigProvider("L_4", "AC_4", listener4);

    List<SimpleRegistrationListener> listeners = new ArrayList<>();
    listeners.add(listener1);
    listeners.add(listener2);
    listeners.add(listener3);
    listeners.add(listener4);

    // Register a new provider that will impact some existing registrations
    AuthConfigProvider acpNew = new SimpleAuthConfigProvider(null, null);
    factory.registerConfigProvider(acpNew, newLayer, newAppContext, null);

    // Check to see if the expected listener fired.
    for (SimpleRegistrationListener listener : listeners) {
        if (listener.wasCalled()) {
            Assert.assertEquals(listener.layer, expectedListenerLayer);
            Assert.assertEquals(listener.appContext,  expectedListenerAppContext);
            Assert.assertTrue(listener.wasCorrectlyCalled());
        } else {
            Assert.assertFalse((listener.layer.equals(expectedListenerLayer) &&
                    listener.appContext.equals(expectedListenerAppContext)));
        }
    }
}
 
Example #24
Source File: SimpleAuthConfigProvider.java    From Tomcat8-Source-Read with MIT License 4 votes vote down vote up
public SimpleAuthConfigProvider(Map<String,String> properties, AuthConfigFactory factory) {
    this.properties = properties;
    if (factory != null) {
        factory.registerConfigProvider(this, null, null, "Automatic registration");
    }
}
 
Example #25
Source File: CustomServletContextListener.java    From eplmp with Eclipse Public License 1.0 3 votes vote down vote up
@Override
public void contextInitialized(ServletContextEvent sce) {

    LOGGER.log(Level.INFO, "Registering authentication provider");

    AuthConfigFactory.getFactory()
            .registerConfigProvider(new CustomAuthConfigProvider(authConfig), "HttpServlet",
                    getAppContextID(sce.getServletContext()), "Custom authentication modules registration on HttpServlet layer");

}