Java Code Examples for javax.security.auth.message.MessageInfo#getResponseMessage()

The following examples show how to use javax.security.auth.message.MessageInfo#getResponseMessage() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: CustomServerAuthContext.java    From eplmp with Eclipse Public License 1.0 6 votes vote down vote up
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {

    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
    AuthServices.addCORSHeaders(response);

    LOGGER.log(Level.FINE, "validateRequest @" + request.getMethod() + " " + request.getRequestURI());

    if (isOptionsRequest(request)) {
        return AuthStatus.SUCCESS;
    }

    CustomSAM module = getModule(messageInfo);

    if (module != null) {
        return module.validateRequest(messageInfo, clientSubject, serviceSubject);
    }

    response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);

    return AuthStatus.FAILURE;
}
 
Example 2
Source File: CustomServerAuthContext.java    From eplmp with Eclipse Public License 1.0 6 votes vote down vote up
@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException {

    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
    AuthServices.addCORSHeaders(response);

    LOGGER.log(Level.FINE, "secureResponse @" + request.getMethod() + " " + request.getRequestURI());

    if (isOptionsRequest(request)) {
        return AuthStatus.SEND_SUCCESS;
    }

    CustomSAM module = getModule(messageInfo);

    if (module != null) {
        return module.secureResponse(messageInfo, serviceSubject);
    }

    return AuthStatus.SEND_FAILURE;
}
 
Example 3
Source File: JWTSAM.java    From eplmp with Eclipse Public License 1.0 5 votes vote down vote up
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {

    HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
    HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();

    LOGGER.log(Level.FINE, "Validating request @" + request.getMethod() + " " + request.getRequestURI());

    String authorization = request.getHeader("Authorization");
    String[] splitAuthorization = authorization.split(" ");
    String jwt = splitAuthorization[1];

    JWTokenUserGroupMapping jwTokenUserGroupMapping = JWTokenFactory.validateAuthToken(key, jwt);

    if (jwTokenUserGroupMapping != null) {

        UserGroupMapping userGroupMapping = jwTokenUserGroupMapping.getUserGroupMapping();
        CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(clientSubject, userGroupMapping.getLogin());
        GroupPrincipalCallback groupPrincipalCallback = new GroupPrincipalCallback(clientSubject, new String[]{userGroupMapping.getGroupName()});
        Callback[] callbacks = new Callback[]{callerPrincipalCallback, groupPrincipalCallback};

        try {
            callbackHandler.handle(callbacks);
        } catch (IOException | UnsupportedCallbackException e) {
            throw new AuthException(e.getMessage());
        }

        JWTokenFactory.refreshTokenIfNeeded(key, response, jwTokenUserGroupMapping);

        return AuthStatus.SUCCESS;
    }

    response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
    return AuthStatus.FAILURE;

}