org.jboss.security.SimplePrincipal Java Examples
The following examples show how to use
org.jboss.security.SimplePrincipal.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: DatawaveUsersRolesLoginModule.java From datawave with Apache License 2.0 | 6 votes |
|
@Override
protected Principal createIdentity(String username) throws Exception {
// Create a simple principal if our thread-local indicates we are supposed to,
// which only happens during the getRolesSets method call.
if (Boolean.TRUE.equals(createSimplePrincipal.get())) {
if (log.isTraceEnabled()) {
log.trace("Creating simple principal, passing username: " + username);
}
return new SimplePrincipal(username);
} else {
String normalizedUsername = normalizeUsername(username);
if (log.isTraceEnabled()) {
log.trace("original username: " + username + " normalizedUsername: " + normalizedUsername);
}
return super.createIdentity(normalizedUsername);
}
}
Example #2
| Source File: DomainAuthorizationPolicy.java From wildfly-camel with Apache License 2.0 | 6 votes |
|
@Override
protected void authorize(LoginContext context) throws LoginException {
HashSet<String> required = new HashSet<>(requiredRoles);
Set<Group> groups = context.getSubject().getPrincipals(Group.class);
if (groups != null) {
for (Group group : groups) {
if ("Roles".equals(group.getName())) {
for (String role : requiredRoles) {
if (group.isMember(new SimplePrincipal(role))) {
required.remove(role);
}
}
}
}
}
if (!required.isEmpty())
throw new LoginException("User does not have required roles: " + required);
}
Example #3
| Source File: JaasSecurityDomainIdentityLoginModule.java From lams with GNU General Public License v2.0 | 6 votes |
|
public boolean commit() throws LoginException
{
Principal principal = new SimplePrincipal(username);
SubjectActions.addPrincipals(subject, principal);
sharedState.put("javax.security.auth.login.name", username);
// Decode the encrypted password
// try
// {
// char[] decodedPassword = DecodeAction.decode(password,
// jaasSecurityDomain, getServer());
// PasswordCredential cred = new PasswordCredential(username, decodedPassword);
// cred.setManagedConnectionFactory(getMcf());
// SubjectActions.addCredentials(subject, cred);
// }
// catch(Exception e)
// {
// throw new LoginException(ErrorCodes.PROCESSING_FAILED + "Failed to decode password: " + e.getMessage());
// }
return true;
}
Example #4
| Source File: ConfiguredIdentityLoginModule.java From lams with GNU General Public License v2.0 | 6 votes |
|
@Override
public boolean login() throws LoginException
{
PicketBoxLogger.LOGGER.traceBeginLogin();
if (super.login())
return true;
Principal principal = new SimplePrincipal(principalName);
SubjectActions.addPrincipals(subject, principal);
// Put the principal name into the sharedState map
sharedState.put("javax.security.auth.login.name", principalName);
PasswordCredential cred = new PasswordCredential(userName, password.toCharArray());
SubjectActions.addCredentials(subject, cred);
super.loginOk = true;
return true;
}
Example #5
| Source File: PBEIdentityLoginModule.java From lams with GNU General Public License v2.0 | 6 votes |
|
@SuppressWarnings("unchecked")
@Override
public boolean commit() throws LoginException
{
Principal principal = new SimplePrincipal(username);
SubjectActions.addPrincipals(subject, principal);
sharedState.put("javax.security.auth.login.name", username);
// Decode the encrypted password
try
{
char[] decodedPassword = decode(password);
PasswordCredential cred = new PasswordCredential(username, decodedPassword);
SubjectActions.addCredentials(subject, cred);
}
catch(Exception e)
{
LoginException le = new LoginException(e.getLocalizedMessage());
le.initCause(e);
throw le;
}
return true;
}
Example #6
| Source File: SecureIdentityLoginModule.java From lams with GNU General Public License v2.0 | 6 votes |
|
@Override
public boolean commit() throws LoginException
{
Principal principal = new SimplePrincipal(username);
SubjectActions.addPrincipals(subject, principal);
sharedState.put("javax.security.auth.login.name", username);
// Decode the encrypted password
try
{
char[] decodedPassword = decode(password);
PasswordCredential cred = new PasswordCredential(username, decodedPassword);
SubjectActions.addCredentials(subject, cred);
}
catch(Exception e)
{
LoginException le = new LoginException(e.getLocalizedMessage());
le.initCause(e);
throw le;
}
return true;
}
Example #7
| Source File: AbstractJACCModuleDelegate.java From lams with GNU General Public License v2.0 | 6 votes |
|
private Set<Principal> getPrincipalSetFromRole(Role role)
{
Set<Principal> principalsSet = new HashSet<Principal>();
if(role instanceof RoleGroup)
{
RoleGroup rg = (RoleGroup) role;
Collection<Role> rolesList = rg.getRoles();
for(Role r: rolesList)
{
principalsSet.add(new SimplePrincipal(r.getRoleName()));
}
}
else
principalsSet.add(new SimplePrincipal(role.getRoleName()));
return principalsSet;
}
Example #8
| Source File: DatawaveCertRolesLoginModuleTest.java From datawave with Apache License 2.0 | 6 votes |
|
@Test
public void testSuccessfulLoginNoIssuer() throws Exception {
HashMap<String,String> sharedState = new HashMap<>();
HashMap<String,String> options = new HashMap<>();
options.put("rolesProperties", "rolesNoIssuer.properties");
options.put("principalClass", SimplePrincipal.class.getName());
options.put("verifier", MockDatawaveCertVerifier.class.getName());
options.put("addIssuerDN", Boolean.FALSE.toString());
loginModule = new DatawaveCertRolesLoginModule();
loginModule.initialize(new Subject(), callbackHandler, sharedState, options);
callbackHandler.name = testUserCert.getSubjectDN().getName();
callbackHandler.credential = testUserCert;
boolean success = loginModule.login();
assertTrue("Login didn't succeed for alias in rolesNoIssuer.properties", success);
SimplePrincipal principal = (SimplePrincipal) field(DatawaveCertRolesLoginModule.class, "identity").get(loginModule);
assertEquals(testUserCert.getSubjectDN().getName().toLowerCase(), principal.getName());
}
Example #9
| Source File: DatawaveUsersRolesLoginModuleTest.java From datawave with Apache License 2.0 | 5 votes |
|
@Test
public void testReverseDnSuccessfulLogin() throws Exception {
String name = SUBJECT_DN_WITH_CN_LAST + "<" + ISSUER_DN_WITH_CN_LAST + ">";
callbackHandler.setSecurityInfo(new SimplePrincipal(name),
new DatawaveCredential(SUBJECT_DN_WITH_CN_LAST, ISSUER_DN_WITH_CN_LAST, null, null).toString());
boolean success = loginModule.login();
assertTrue("Login didn't succeed for alias in users/roles.properties", success);
DatawavePrincipal principal = (DatawavePrincipal) field(DatawaveUsersRolesLoginModule.class, "identity").get(loginModule);
assertEquals(NORMALIZED_SUBJECT_DN_WITH_ISSUER_DN, principal.getName());
}
Example #10
| Source File: SecurityInfoHelper.java From keycloak with Apache License 2.0 | 5 votes |
|
protected static Group[] getRoleSets(Collection<String> roleSet) {
SimpleGroup roles = new SimpleGroup("Roles");
Group[] roleSets = {roles};
for (String role : roleSet) {
roles.addMember(new SimplePrincipal(role));
}
return roleSets;
}
Example #11
| Source File: KeycloakLoginModule.java From keycloak with Apache License 2.0 | 5 votes |
|
@Override
protected Group[] getRoleSets() throws LoginException {
//log.info("getRoleSets");
SimpleGroup roles = new SimpleGroup("Roles");
Group[] roleSets = {roles};
for (String role : roleSet) {
//log.info(" adding role: " + role);
roles.addMember(new SimplePrincipal(role));
}
return roleSets;
}
Example #12
| Source File: SecurityInfoHelper.java From keycloak with Apache License 2.0 | 5 votes |
|
protected static Group[] getRoleSets(Collection<String> roleSet) {
SimpleGroup roles = new SimpleGroup("Roles");
Group[] roleSets = {roles};
for (String role : roleSet) {
roles.addMember(new SimplePrincipal(role));
}
return roleSets;
}
Example #13
| Source File: WildflyRequestAuthenticator.java From keycloak with Apache License 2.0 | 5 votes |
|
protected Group[] getRoleSets(Collection<String> roleSet) {
SimpleGroup roles = new SimpleGroup("Roles");
Group[] roleSets = {roles};
for (String role : roleSet) {
roles.addMember(new SimplePrincipal(role));
}
return roleSets;
}
Example #14
| Source File: JBossWebPrincipalFactory.java From keycloak with Apache License 2.0 | 5 votes |
|
protected Group[] getRoleSets(Collection<String> roleSet) {
SimpleGroup roles = new SimpleGroup("Roles");
Group[] roleSets = {roles};
for (String role : roleSet) {
roles.addMember(new SimplePrincipal(role));
}
return roleSets;
}
Example #15
| Source File: DatawaveCertRolesLoginModule.java From datawave with Apache License 2.0 | 5 votes |
|
@Override
protected Principal createIdentity(String username) throws Exception {
// Create a simple principal if our thread-local indicates we are supposed to,
// which only happens during the getRolesSets method call.
if (Boolean.TRUE.equals(createSimplePrincipal.get())) {
return new SimplePrincipal(username);
} else {
return super.createIdentity(DatawaveUsersRolesLoginModule.normalizeUsername(username));
}
}
Example #16
| Source File: JWTLoginModule.java From thorntail with Apache License 2.0 | 5 votes |
|
@Override
public boolean commit() throws LoginException {
subject.getPrincipals().add(jwtPrincipal);
SimpleGroup roles = new SimpleGroup("Roles");
for (String name : jwtPrincipal.getGroups()) {
roles.addMember(new SimplePrincipal(name));
}
subject.getPrincipals().add(roles);
sharedState.put("JsonWebToken", jwtPrincipal);
return super.commit();
}
Example #17
| Source File: DatawaveUsersRolesLoginModuleTest.java From datawave with Apache License 2.0 | 5 votes |
|
@Test
public void testSuccessfulLogin() throws Exception {
String name = testUserCert.getSubjectDN().getName() + "<" + testUserCert.getIssuerDN().getName() + ">";
callbackHandler.setSecurityInfo(new SimplePrincipal(name), new DatawaveCredential(testUserCert.getSubjectDN().getName(), testUserCert.getIssuerDN()
.getName(), null, null).toString());
boolean success = loginModule.login();
assertTrue("Login didn't succeed for alias in users/roles.properties", success);
DatawavePrincipal principal = (DatawavePrincipal) field(DatawaveUsersRolesLoginModule.class, "identity").get(loginModule);
assertEquals(NORMALIZED_SUBJECT_DN_WITH_ISSUER_DN, principal.getName());
}
Example #18
| Source File: MappingProviderUtil.java From lams with GNU General Public License v2.0 | 5 votes |
|
private static Class<?> getPrincipalClass(Group roles)
{
//Assume that the roles all belong to the same principal class
Class<?> principalClass = SimplePrincipal.class;
Enumeration<? extends Principal> en = roles.members();
if(en.hasMoreElements())
{
principalClass = roles.members().nextElement().getClass();
}
return principalClass;
}
Example #19
| Source File: DatawaveUsersRolesLoginModuleTest.java From datawave with Apache License 2.0 | 5 votes |
|
@Test
public void testFailedLoginBadPassword() throws Exception {
expectedException.expect(FailedLoginException.class);
expectedException.expectMessage("Password invalid/Password required");
callbackHandler.setSecurityInfo(new SimplePrincipal("testUser<testIssuer>"), new DatawaveCredential("testUser", "testIssuer", null, null).toString());
boolean success = loginModule.login();
assertFalse("Login succeed for alias in users.properties with bad password", success);
}
Example #20
| Source File: SimplePrincipalMappingProvider.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void performMapping(Map<String, Object> map, Principal mappedObject)
{
if(mappedObject instanceof SimplePrincipal == false)
return;
SimplePrincipal simplePrincipal = (SimplePrincipal) mappedObject;
if(principalMapProperties != null)
{
String newPrincipalName = principalMapProperties.getProperty(simplePrincipal.getName());
if(newPrincipalName != null && newPrincipalName.length() > 0)
{
result.setMappedObject(new SimplePrincipal(newPrincipalName));
}
}
}
Example #21
| Source File: SimpleServerLoginModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
protected boolean validatePassword(String inputPassword, String expectedPassword)
{
boolean isValid = false;
if( inputPassword == null )
{
guestOnly = true;
isValid = true;
user = new SimplePrincipal("guest");
}
else
{
isValid = inputPassword.equals(expectedPassword);
}
return isValid;
}
Example #22
| Source File: SimpleServerLoginModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
protected Group[] getRoleSets() throws LoginException
{
Group[] roleSets = {new SimpleGroup("Roles")};
if( guestOnly == false )
roleSets[0].addMember(new SimplePrincipal("user"));
roleSets[0].addMember(new SimplePrincipal("guest"));
return roleSets;
}
Example #23
| Source File: RemoteHostTrustLoginModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
protected Group[] getRoleSets() throws LoginException
{
SimpleGroup roles = new SimpleGroup("Roles");
Group[] roleSets = {roles};
if( roleNames != null )
{
String[] tokens = roleNames.split(",");
for ( String token:tokens )
{
String roleName = token != null ? token.trim() : token;
roles.addMember(new SimplePrincipal(roleName));
}
}
return roleSets;
}
Example #24
| Source File: JBossTimeBasedOTPLoginModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
private void appendRoles( Group group )
{
if( ! group.getName().equals( SecurityConstants.ROLES_IDENTIFIER ) )
return;
if(additionalRoles != null && !additionalRoles.isEmpty())
{
StringTokenizer st = new StringTokenizer( additionalRoles , "," );
while(st.hasMoreTokens())
{
group.addMember( new SimplePrincipal( st.nextToken().trim() ) );
}
}
}
Example #25
| Source File: IdentityLoginModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
@SuppressWarnings("unchecked")
public boolean login() throws LoginException
{
if( super.login() == true )
return true;
Principal principal = new SimplePrincipal(principalName);
subject.getPrincipals().add(principal);
// Put the principal name into the sharedState map
sharedState.put("javax.security.auth.login.name", principalName);
super.loginOk = true;
return true;
}
Example #26
| Source File: IdentityLoginModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
protected Group[] getRoleSets() throws LoginException
{
SimpleGroup roles = new SimpleGroup("Roles");
Group[] roleSets = {roles};
if( roleNames != null )
{
StringTokenizer tokenizer = new StringTokenizer(roleNames, ",");
while( tokenizer.hasMoreTokens() )
{
String roleName = tokenizer.nextToken();
roles.addMember(new SimplePrincipal(roleName));
}
}
return roleSets;
}
Example #27
| Source File: SerialNumberIssuerDNMapping.java From lams with GNU General Public License v2.0 | 5 votes |
|
/** Create a SimplePrincipal with the name composed from
* certs[0].getSerialNumber() + " " + certs[0].getIssuerDN()
*
* @param certs Array of client certificates, with the first one in
* the array being the certificate of the client itself.
*/
public Principal toPrincipal(X509Certificate[] certs)
{
BigInteger serialNumber = certs[0].getSerialNumber();
Principal issuer = certs[0].getIssuerDN();
SimplePrincipal principal = new SimplePrincipal(serialNumber+" "+issuer);
return principal;
}
Example #28
| Source File: HttpServletServerAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
private Principal getUserName(MessageInfo messageInfo)
{
Object requestInfo = messageInfo.getRequestMessage();
String userNameParam = (String) options.get("userNameParam");
if(requestInfo instanceof HttpServletRequest == false)
throw PicketBoxMessages.MESSAGES.invalidType(HttpServletRequest.class.getName());
HttpServletRequest hsr = (HttpServletRequest)requestInfo;
return new SimplePrincipal(hsr.getParameter(userNameParam));
}
Example #29
| Source File: SimpleClientAuthModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* @see ClientAuthModule#validateResponse(javax.security.auth.message.MessageInfo, javax.security.auth.Subject, javax.security.auth.Subject)
*/
public AuthStatus validateResponse(MessageInfo messageInfo, Subject source, Subject recipient) throws AuthException
{
//Custom check: Check that the source of the response and the recipient
// of the response have identical credentials
Set sourceSet = source.getPrincipals(SimplePrincipal.class);
Set recipientSet = recipient.getPrincipals(SimplePrincipal.class);
if(sourceSet == null && recipientSet == null)
throw new AuthException();
if(sourceSet.size() != recipientSet.size())
throw new AuthException(PicketBoxMessages.MESSAGES.sizeMismatchMessage("source", "recipient"));
return AuthStatus.SUCCESS;
}
Example #30
| Source File: JBossAuthorizationManager.java From lams with GNU General Public License v2.0 | 5 votes |
|
private HashSet<Principal> getRolesAsSet(RoleGroup roles)
{
HashSet<Principal> userRoles = null;
if( roles != null )
{
userRoles = new HashSet<Principal>();
Collection<Role> rolesList = roles.getRoles();
for(Role r: rolesList)
{
userRoles.add(new SimplePrincipal(r.getRoleName()));
}
}
return userRoles;
}
