org.eclipse.jetty.security.DefaultIdentityService Java Examples

The following examples show how to use org.eclipse.jetty.security.DefaultIdentityService. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: DrillSpnegoLoginService.java    From Bats with Apache License 2.0 5 votes vote down vote up 
public DrillSpnegoLoginService(DrillbitContext drillBitContext) throws DrillException {
  super(DrillSpnegoLoginService.class.getName());
  setIdentityService(new DefaultIdentityService());
  drillContext = drillBitContext;

  // Load and verify SPNEGO config. Then Login using creds to get an UGI instance
  spnegoConfig = new SpnegoConfig(drillBitContext.getConfig());
  spnegoConfig.validateSpnegoConfig();
  loggedInUgi = spnegoConfig.getLoggedInUgi();
}
Example #2
Source File: TestInvokeHttpCommon.java    From localization_nifi with Apache License 2.0 5 votes vote down vote up 
private DigestAuthHandler() {
    digestAuthenticator = new DigestAuthenticator();
    ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();

    HashLoginService hashLoginService = new HashLoginService("realm");
    hashLoginService.putUser("basic_user", new Password("basic_password"), new String[]{"realm"});
    securityHandler.setLoginService(hashLoginService);
    securityHandler.setIdentityService(new DefaultIdentityService());
    digestAuthenticator.setConfiguration(securityHandler);
}
Example #3
Source File: JwtLoginService.java    From cruise-control with BSD 2-Clause "Simplified" License 5 votes vote down vote up 
public JwtLoginService(AuthorizationService authorizationService, RSAPublicKey publicKey, List<String> audiences, Clock clock) {
  _authorizationService = authorizationService;
  _identityService = new DefaultIdentityService();
  _publicKey = publicKey;
  _audiences = audiences;
  _clock = clock;
}
Example #4
Source File: JwtAuthenticatorTest.java    From cruise-control with BSD 2-Clause "Simplified" License 5 votes vote down vote up 
@Test
public void testSuccessfulLogin() throws Exception {
  UserStore testUserStore = new UserStore();
  testUserStore.addUser(TEST_USER, SecurityUtils.NO_CREDENTIAL, new String[]{USER_ROLE});
  TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER);
  JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null);

  Authenticator.AuthConfiguration configuration = mock(Authenticator.AuthConfiguration.class);
  expect(configuration.getLoginService()).andReturn(loginService);
  expect(configuration.getIdentityService()).andReturn(new DefaultIdentityService());
  expect(configuration.isSessionRenewedOnAuthentication()).andReturn(true);

  Request request = niceMock(Request.class);
  expect(request.getMethod()).andReturn(HttpMethod.GET.asString());
  expect(request.getHeader(HttpHeader.AUTHORIZATION.asString())).andReturn(null);
  request.setAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE, tokenAndKeys.token());
  expectLastCall().andVoid();
  expect(request.getCookies()).andReturn(new Cookie[] {new Cookie(JWT_TOKEN, tokenAndKeys.token())});
  expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token());

  HttpServletResponse response = mock(HttpServletResponse.class);

  replay(configuration, request, response);
  JwtAuthenticator authenticator = new JwtAuthenticator(TOKEN_PROVIDER, JWT_TOKEN);
  authenticator.setConfiguration(configuration);
  UserAuthentication authentication = (UserAuthentication) authenticator.validateRequest(request, response, true);
  verify(configuration, request, response);

  assertNotNull(authentication);
  assertTrue(authentication.getUserIdentity().getUserPrincipal() instanceof JwtUserPrincipal);
  JwtUserPrincipal userPrincipal = (JwtUserPrincipal) authentication.getUserIdentity().getUserPrincipal();
  assertEquals(TEST_USER, userPrincipal.getName());
  assertEquals(tokenAndKeys.token(), userPrincipal.getSerializedToken());
}
Example #5
Source File: JwtAuthenticatorTest.java    From cruise-control with BSD 2-Clause "Simplified" License 5 votes vote down vote up 
@Test
public void testFailedLoginWithUserNotFound() throws Exception {
  UserStore testUserStore = new UserStore();
  testUserStore.addUser(TEST_USER_2, SecurityUtils.NO_CREDENTIAL, new String[] {USER_ROLE});
  TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER);
  JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null);

  Authenticator.AuthConfiguration configuration = mock(Authenticator.AuthConfiguration.class);
  expect(configuration.getLoginService()).andReturn(loginService);
  expect(configuration.getIdentityService()).andReturn(new DefaultIdentityService());
  expect(configuration.isSessionRenewedOnAuthentication()).andReturn(true);

  Request request = niceMock(Request.class);
  expect(request.getMethod()).andReturn(HttpMethod.GET.asString());
  expect(request.getHeader(HttpHeader.AUTHORIZATION.asString())).andReturn(null);
  request.setAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE, tokenAndKeys.token());
  expectLastCall().andVoid();
  expect(request.getCookies()).andReturn(new Cookie[] {new Cookie(JWT_TOKEN, tokenAndKeys.token())});
  expect(request.getAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE)).andReturn(tokenAndKeys.token());

  HttpServletResponse response = mock(HttpServletResponse.class);
  response.setStatus(HttpStatus.UNAUTHORIZED_401);
  expectLastCall().andVoid();

  replay(configuration, request, response);
  JwtAuthenticator authenticator = new JwtAuthenticator(TOKEN_PROVIDER, JWT_TOKEN);
  authenticator.setConfiguration(configuration);
  Authentication authentication = authenticator.validateRequest(request, response, true);
  verify(configuration, request, response);

  assertNotNull(authentication);
  assertEquals(Authentication.SEND_FAILURE, authentication);
}
Example #6
Source File: JwtAuthenticatorTest.java    From cruise-control with BSD 2-Clause "Simplified" License 5 votes vote down vote up 
@Test
public void testFailedLoginWithInvalidToken() throws Exception {
  UserStore testUserStore = new UserStore();
  testUserStore.addUser(TEST_USER_2, SecurityUtils.NO_CREDENTIAL, new String[] {USER_ROLE});
  TokenGenerator.TokenAndKeys tokenAndKeys = TokenGenerator.generateToken(TEST_USER);
  TokenGenerator.TokenAndKeys tokenAndKeys2 = TokenGenerator.generateToken(TEST_USER);
  JwtLoginService loginService = new JwtLoginService(new UserStoreAuthorizationService(testUserStore), tokenAndKeys.publicKey(), null);

  Authenticator.AuthConfiguration configuration = mock(Authenticator.AuthConfiguration.class);
  expect(configuration.getLoginService()).andReturn(loginService);
  expect(configuration.getIdentityService()).andReturn(new DefaultIdentityService());
  expect(configuration.isSessionRenewedOnAuthentication()).andReturn(true);

  Request request = niceMock(Request.class);
  expect(request.getMethod()).andReturn(HttpMethod.GET.asString());
  expect(request.getHeader(HttpHeader.AUTHORIZATION.asString())).andReturn(null);
  request.setAttribute(JwtAuthenticator.JWT_TOKEN_REQUEST_ATTRIBUTE, tokenAndKeys2.token());
  expectLastCall().andVoid();
  expect(request.getCookies()).andReturn(new Cookie[] {new Cookie(JWT_TOKEN, tokenAndKeys2.token())});

  HttpServletResponse response = mock(HttpServletResponse.class);
  response.setStatus(HttpStatus.UNAUTHORIZED_401);
  expectLastCall().andVoid();

  replay(configuration, request, response);
  JwtAuthenticator authenticator = new JwtAuthenticator(TOKEN_PROVIDER, JWT_TOKEN);
  authenticator.setConfiguration(configuration);
  Authentication authentication = authenticator.validateRequest(request, response, true);
  verify(configuration, request, response);

  assertNotNull(authentication);
  assertEquals(Authentication.SEND_FAILURE, authentication);
}
Example #7
Source File: JettyLauncher.java    From GeoTriples with Apache License 2.0 5 votes vote down vote up 
/**
 * Starts a Jetty server with D2R Server as root webapp.
 * 
 * @return <code>true</code> on success, <code>false</code> if webapp init failed 
 */
public boolean start() {
	Server jetty = new Server(port);

	// use Random (/dev/urandom) instead of SecureRandom to generate session keys - otherwise Jetty may hang during startup waiting for enough entropy
	// see http://jira.codehaus.org/browse/JETTY-331 and http://docs.codehaus.org/display/JETTY/Connectors+slow+to+startup
	jetty.setSessionIdManager(new HashSessionIdManager(new Random()));
	WebAppContext context = new WebAppContext(jetty, "webapp", "");

	// Wave a chicken at Jetty to make some annoying System.err.println noise go away
	context.getSecurityHandler().setIdentityService(new DefaultIdentityService());
	context.getSecurityHandler().setAuthenticator(null);
	context.getSecurityHandler().setAuthenticatorFactory(null);
	
	// Place the system loader into the servlet context. The webapp init
	// listener will find it there and create the D2RServer instance.
	D2RServer.storeSystemLoader(loader, context.getServletContext());
	try {
		jetty.start();
		D2RServer server = D2RServer.fromServletContext(context.getServletContext());
		if (server == null || server.errorOnStartup()) {
			jetty.stop();
			log.warn("[[[ Server startup failed, see messages above ]]]");
			return false;
		}
		log.info("[[[ Server started at " + loader.getSystemBaseURI() + " ]]]");
		return true;
	} catch (Exception ex) {
		throw new RuntimeException(ex);
	}
}
Example #8
Source File: AppEngineAuthentication.java    From appengine-java-vm-runtime with Apache License 2.0 5 votes vote down vote up 
/**
 * Inject custom {@link LoginService} and {@link Authenticator}
 * implementations into the specified {@link ConstraintSecurityHandler}.
 */
public static void configureSecurityHandler(
    ConstraintSecurityHandler handler, VmRuntimeTrustedAddressChecker checker) {

  LoginService loginService = new AppEngineLoginService();
  LoginAuthenticator authenticator = new AppEngineAuthenticator(checker);
  DefaultIdentityService identityService = new DefaultIdentityService();

  // Set allowed roles.
  handler.setRoles(new HashSet<String>(Arrays.asList(new String[] {USER_ROLE, ADMIN_ROLE})));
  handler.setLoginService(loginService);
  handler.setAuthenticator(authenticator);
  handler.setIdentityService(identityService);
  authenticator.setConfiguration(handler);
}
Example #9
Source File: Application.java    From rest-utils with Apache License 2.0 5 votes vote down vote up 
protected IdentityService createIdentityService() {
  final String method = config.getString(RestConfig.AUTHENTICATION_METHOD_CONFIG);
  if (enableBasicAuth(method) || enableBearerAuth(method)) {
    return new DefaultIdentityService();
  }
  return null;
}
Example #10
Source File: TestInvokeHttpCommon.java    From nifi with Apache License 2.0 5 votes vote down vote up 
private DigestAuthHandler() throws Exception {
    digestAuthenticator = new DigestAuthenticator();
    ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();

    final HashLoginService hashLoginService = new HashLoginService("realm", "src/test/resources/TestInvokeHttp/realm.properties");
    hashLoginService.start();

    securityHandler.setLoginService(hashLoginService);
    securityHandler.setIdentityService(new DefaultIdentityService());
    digestAuthenticator.setConfiguration(securityHandler);
}