Java Code Examples for javax.security.auth.login.Configuration#getAppConfigurationEntry()
The following examples show how to use
javax.security.auth.login.Configuration#getAppConfigurationEntry() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SaslNettyServer.java From herddb with Apache License 2.0 | 6 votes |
|
public SaslServerCallbackHandler(Configuration configuration) throws IOException {
AppConfigurationEntry[] configurationEntries = configuration.getAppConfigurationEntry(JASS_SERVER_SECTION);
if (configurationEntries == null) {
String errorMessage = "Could not find a '" + JASS_SERVER_SECTION + "' entry in this configuration: Server cannot start.";
throw new IOException(errorMessage);
}
credentials.clear();
for (AppConfigurationEntry entry : configurationEntries) {
Map<String, ?> options = entry.getOptions();
// Populate DIGEST-MD5 user -> password map with JAAS configuration entries from the "Server" section.
// Usernames are distinguished from other options by prefixing the username with a "user_" prefix.
for (Map.Entry<String, ?> pair : options.entrySet()) {
String key = pair.getKey();
if (key.startsWith(USER_PREFIX)) {
String userName = key.substring(USER_PREFIX.length());
credentials.put(userName, (String) pair.getValue());
}
}
}
}
Example 2
| Source File: StormJaasCreator.java From streamline with Apache License 2.0 | 6 votes |
|
public StormJaasCreator() {
try (InputStream configStream = getClass().getClassLoader().getResourceAsStream(STORM_JAAS_CONFIG_TEMPLATE)) {
List<String> lines = IOUtils.readLines(configStream, Charset.forName("UTF-8"));
stormJaasConfigTemplate = String.join("\n", lines);
} catch (IOException | NullPointerException e) {
throw new RuntimeException("Unable to read JAAS template file for Storm.");
}
Configuration configuration = Configuration.getConfiguration();
AppConfigurationEntry[] streamlineConfigurations = configuration.getAppConfigurationEntry(Constants.JAAS_STREAMLINE_APP_CONFIG_ENTRY_NAME);
if (streamlineConfigurations == null || streamlineConfigurations.length == 0) {
throw new RuntimeException("Streamline is not initialized with JAAS config. Unable to create JAAS for Storm.");
}
AppConfigurationEntry streamlineConf = streamlineConfigurations[0];
Map<String, ?> options = streamlineConf.getOptions();
keyTabPath = (String) options.get("keyTab");
streamlinePrincipal = (String) options.get("principal");
}
Example 3
| Source File: SaslNettyServer.java From blazingcache with Apache License 2.0 | 6 votes |
|
public SaslServerCallbackHandler(Configuration configuration) throws IOException {
AppConfigurationEntry configurationEntries[] = configuration.getAppConfigurationEntry(SERVER_JAAS_SECTION);
if (configurationEntries == null) {
String errorMessage = "Could not find a '" + SERVER_JAAS_SECTION + "' entry in this configuration: Server cannot start.";
throw new IOException(errorMessage);
}
credentials.clear();
for (AppConfigurationEntry entry : configurationEntries) {
Map<String, ?> options = entry.getOptions();
// Populate DIGEST-MD5 user -> password map with JAAS configuration entries from the "Server" section.
// Usernames are distinguished from other options by prefixing the username with a "user_" prefix.
for (Map.Entry<String, ?> pair : options.entrySet()) {
String key = pair.getKey();
if (key.startsWith(USER_PREFIX)) {
String userName = key.substring(USER_PREFIX.length());
credentials.put(userName, (String) pair.getValue());
}
}
}
}
Example 4
| Source File: ServerCallbackHandler.java From jstorm with Apache License 2.0 | 6 votes |
|
public ServerCallbackHandler(Configuration configuration) throws IOException {
if (configuration == null)
return;
AppConfigurationEntry configurationEntries[] = configuration.getAppConfigurationEntry(AuthUtils.LOGIN_CONTEXT_SERVER);
if (configurationEntries == null) {
String errorMessage = "Could not find a '" + AuthUtils.LOGIN_CONTEXT_SERVER + "' entry in this configuration: Server cannot start.";
throw new IOException(errorMessage);
}
credentials.clear();
for (AppConfigurationEntry entry : configurationEntries) {
Map<String, ?> options = entry.getOptions();
// Populate DIGEST-MD5 user -> password map with JAAS configuration entries from the "Server" section.
// Usernames are distinguished from other options by prefixing the username with a "user_" prefix.
for (Map.Entry<String, ?> pair : options.entrySet()) {
String key = pair.getKey();
if (key.startsWith(USER_PREFIX)) {
String userName = key.substring(USER_PREFIX.length());
credentials.put(userName, (String) pair.getValue());
}
}
}
}
Example 5
| Source File: ClientCallbackHandler.java From jstorm with Apache License 2.0 | 6 votes |
|
/**
* Constructor based on a JAAS configuration
*
* For digest, you should have a pair of user name and password defined.
*
* @param configuration
* @throws IOException
*/
public ClientCallbackHandler(Configuration configuration) throws IOException {
if (configuration == null)
return;
AppConfigurationEntry configurationEntries[] = configuration.getAppConfigurationEntry(AuthUtils.LOGIN_CONTEXT_CLIENT);
if (configurationEntries == null) {
String errorMessage = "Could not find a '" + AuthUtils.LOGIN_CONTEXT_CLIENT + "' entry in this configuration: Client cannot start.";
throw new IOException(errorMessage);
}
_password = "";
for (AppConfigurationEntry entry : configurationEntries) {
if (entry.getOptions().get(USERNAME) != null) {
_username = (String) entry.getOptions().get(USERNAME);
}
if (entry.getOptions().get(PASSWORD) != null) {
_password = (String) entry.getOptions().get(PASSWORD);
}
}
}
Example 6
| Source File: ZkClient.java From DDMQ with Apache License 2.0 | 5 votes |
|
private boolean isZkSaslEnabled() {
boolean isSecurityEnabled = false;
boolean zkSaslEnabled = Boolean.parseBoolean(System.getProperty(ZK_SASL_CLIENT, "true"));
String zkLoginContextName = System.getProperty(ZK_LOGIN_CONTEXT_NAME_KEY, "Client");
if (!zkSaslEnabled) {
LOG.warn("Client SASL has been explicitly disabled with " + ZK_SASL_CLIENT);
return false;
}
String loginConfigFile = System.getProperty(JAVA_LOGIN_CONFIG_PARAM);
if (loginConfigFile != null && loginConfigFile.length() > 0) {
LOG.info("JAAS File name: " + loginConfigFile);
File configFile = new File(loginConfigFile);
if (!configFile.canRead()) {
throw new IllegalArgumentException("File " + loginConfigFile + "cannot be read.");
}
try {
Configuration loginConf = Configuration.getConfiguration();
isSecurityEnabled = loginConf.getAppConfigurationEntry(zkLoginContextName) != null;
} catch (Exception e) {
throw new ZkException(e);
}
}
return isSecurityEnabled;
}
Example 7
| Source File: ZkClient.java From DDMQ with Apache License 2.0 | 5 votes |
|
private boolean isZkSaslEnabled() {
boolean isSecurityEnabled = false;
boolean zkSaslEnabled = Boolean.parseBoolean(System.getProperty(ZK_SASL_CLIENT, "true"));
String zkLoginContextName = System.getProperty(ZK_LOGIN_CONTEXT_NAME_KEY, "Client");
if (!zkSaslEnabled) {
LOG.warn("Client SASL has been explicitly disabled with " + ZK_SASL_CLIENT);
return false;
}
String loginConfigFile = System.getProperty(JAVA_LOGIN_CONFIG_PARAM);
if (loginConfigFile != null && loginConfigFile.length() > 0) {
LOG.info("JAAS File name: " + loginConfigFile);
File configFile = new File(loginConfigFile);
if (!configFile.canRead()) {
throw new IllegalArgumentException("File " + loginConfigFile + "cannot be read.");
}
try {
Configuration loginConf = Configuration.getConfiguration();
isSecurityEnabled = loginConf.getAppConfigurationEntry(zkLoginContextName) != null;
} catch (Exception e) {
throw new ZkException(e);
}
}
return isSecurityEnabled;
}
Example 8
| Source File: ZKConnectionImpl.java From zkclient with Apache License 2.0 | 5 votes |
|
private boolean isZkSaslEnabled() {
boolean isSecurityEnabled = false;
boolean zkSaslEnabled = Boolean.parseBoolean(System.getProperty(ZK_SASL_CLIENT, "true"));
String zkLoginContextName = System.getProperty(ZK_LOGIN_CONTEXT_NAME_KEY, "Client");
if (!zkSaslEnabled) {
LOG.warn("Client SASL has been explicitly disabled with " + ZK_SASL_CLIENT);
return false;
}
String loginConfigFile = System.getProperty(JAVA_LOGIN_CONFIG_PARAM);
if (loginConfigFile != null && loginConfigFile.length() > 0) {
LOG.info("JAAS File name: " + loginConfigFile);
File configFile = new File(loginConfigFile);
if (!configFile.canRead()) {
throw new IllegalArgumentException("File " + loginConfigFile + "cannot be read.");
}
try {
Configuration loginConf = Configuration.getConfiguration();
isSecurityEnabled = loginConf.getAppConfigurationEntry(zkLoginContextName) != null;
} catch (Exception e) {
throw new ZKException(e);
}
}
return isSecurityEnabled;
}
Example 9
| Source File: AuthUtils.java From jstorm with Apache License 2.0 | 5 votes |
|
public static String get(Configuration configuration, String section, String key) throws IOException {
AppConfigurationEntry configurationEntries[] = configuration.getAppConfigurationEntry(section);
if (configurationEntries == null) {
String errorMessage = "Could not find a '" + section + "' entry in this configuration.";
throw new IOException(errorMessage);
}
for (AppConfigurationEntry entry : configurationEntries) {
Object val = entry.getOptions().get(key);
if (val != null)
return (String) val;
}
return null;
}
Example 10
| Source File: ServerCallbackHandler.java From jstorm with Apache License 2.0 | 5 votes |
|
public ServerCallbackHandler(Configuration configuration, Map stormConf) throws IOException {
if (configuration == null)
return;
AppConfigurationEntry configurationEntries[] = configuration.getAppConfigurationEntry(AuthUtils.LOGIN_CONTEXT_SERVER);
if (configurationEntries == null) {
String errorMessage = "Could not find a '" + AuthUtils.LOGIN_CONTEXT_SERVER + "' entry in this configuration: Server cannot start.";
LOG.error(errorMessage);
throw new IOException(errorMessage);
}
}
Example 11
| Source File: ClientCallbackHandler.java From jstorm with Apache License 2.0 | 5 votes |
|
/**
* Constructor based on a JAAS configuration
*
* For digest, you should have a pair of user name and password defined in this figgure.
*
* @param configuration
* @throws IOException
*/
public ClientCallbackHandler(Configuration configuration) throws IOException {
if (configuration == null)
return;
AppConfigurationEntry configurationEntries[] = configuration.getAppConfigurationEntry(AuthUtils.LOGIN_CONTEXT_CLIENT);
if (configurationEntries == null) {
String errorMessage = "Could not find a '" + AuthUtils.LOGIN_CONTEXT_CLIENT + "' entry in this configuration: Client cannot start.";
LOG.error(errorMessage);
throw new IOException(errorMessage);
}
}
Example 12
| Source File: SolrProcessor.java From localization_nifi with Apache License 2.0 | 4 votes |
|
@Override
protected final Collection<ValidationResult> customValidate(ValidationContext context) {
final List<ValidationResult> problems = new ArrayList<>();
if (SOLR_TYPE_CLOUD.equals(context.getProperty(SOLR_TYPE).getValue())) {
final String collection = context.getProperty(COLLECTION).getValue();
if (collection == null || collection.trim().isEmpty()) {
problems.add(new ValidationResult.Builder()
.subject(COLLECTION.getName())
.input(collection).valid(false)
.explanation("A collection must specified for Solr Type of Cloud")
.build());
}
}
// If a JAAS Client App Name is provided then the system property for the JAAS config file must be set,
// and that config file must contain an entry for the name provided by the processor
final String jaasAppName = context.getProperty(JAAS_CLIENT_APP_NAME).getValue();
if (!StringUtils.isEmpty(jaasAppName)) {
final String loginConf = System.getProperty(Krb5HttpClientConfigurer.LOGIN_CONFIG_PROP);
if (StringUtils.isEmpty(loginConf)) {
problems.add(new ValidationResult.Builder()
.subject(JAAS_CLIENT_APP_NAME.getDisplayName())
.valid(false)
.explanation("the system property " + Krb5HttpClientConfigurer.LOGIN_CONFIG_PROP + " must be set when providing a JAAS Client App Name")
.build());
} else {
final Configuration config = javax.security.auth.login.Configuration.getConfiguration();
if (config.getAppConfigurationEntry(jaasAppName) == null) {
problems.add(new ValidationResult.Builder()
.subject(JAAS_CLIENT_APP_NAME.getDisplayName())
.valid(false)
.explanation("'" + jaasAppName + "' does not exist in " + loginConf)
.build());
}
}
}
// For solr cloud the location will be the ZooKeeper host:port so we can't validate the SSLContext, but for standard solr
// we can validate if the url starts with https we need an SSLContextService, if it starts with http we can't have an SSLContextService
if (SOLR_TYPE_STANDARD.equals(context.getProperty(SOLR_TYPE).getValue())) {
final String solrLocation = context.getProperty(SOLR_LOCATION).evaluateAttributeExpressions().getValue();
if (solrLocation != null) {
final SSLContextService sslContextService = context.getProperty(SSL_CONTEXT_SERVICE).asControllerService(SSLContextService.class);
if (solrLocation.startsWith("https:") && sslContextService == null) {
problems.add(new ValidationResult.Builder()
.subject(SSL_CONTEXT_SERVICE.getDisplayName())
.valid(false)
.explanation("an SSLContextService must be provided when using https")
.build());
} else if (solrLocation.startsWith("http:") && sslContextService != null) {
problems.add(new ValidationResult.Builder()
.subject(SSL_CONTEXT_SERVICE.getDisplayName())
.valid(false)
.explanation("an SSLContextService can not be provided when using http")
.build());
}
}
}
// Validate that we username and password are provided together, or that neither are provided
final String username = context.getProperty(BASIC_USERNAME).evaluateAttributeExpressions().getValue();
final String password = context.getProperty(BASIC_PASSWORD).evaluateAttributeExpressions().getValue();
if (!StringUtils.isBlank(username) && StringUtils.isBlank(password)) {
problems.add(new ValidationResult.Builder()
.subject(BASIC_PASSWORD.getDisplayName())
.valid(false)
.explanation("a password must be provided for the given username")
.build());
}
if (!StringUtils.isBlank(password) && StringUtils.isBlank(username)) {
problems.add(new ValidationResult.Builder()
.subject(BASIC_USERNAME.getDisplayName())
.valid(false)
.explanation("a username must be provided for the given password")
.build());
}
Collection<ValidationResult> otherProblems = this.additionalCustomValidation(context);
if (otherProblems != null) {
problems.addAll(otherProblems);
}
return problems;
}
Example 13
| Source File: GetInstance.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
|
private int doCommon(Configuration c, int testnum) throws Exception {
AppConfigurationEntry[] entries = c.getAppConfigurationEntry("EMPTY");
if (entries == null) {
System.out.println("test " + testnum + ".1 passed");
} else {
throw new SecurityException("test " + testnum + ".1 failed");
}
entries = c.getAppConfigurationEntry("one");
if (entries.length == 1 &&
MOD0.equals(entries[0].getLoginModuleName()) &&
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED ==
entries[0].getControlFlag()) {
System.out.println("test " + testnum + ".2 passed");
} else {
throw new SecurityException("test " + testnum + ".2 failed");
}
entries = c.getAppConfigurationEntry("two");
if (entries.length == 2 &&
MOD0.equals(entries[0].getLoginModuleName()) &&
AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT ==
entries[0].getControlFlag() &&
MOD1.equals(entries[1].getLoginModuleName()) &&
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED ==
entries[1].getControlFlag()) {
System.out.println("test " + testnum + ".3 passed");
} else {
throw new SecurityException("test " + testnum + ".3 failed");
}
entries = c.getAppConfigurationEntry("three");
if (entries.length == 3 &&
MOD0.equals(entries[0].getLoginModuleName()) &&
AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT ==
entries[0].getControlFlag() &&
MOD1.equals(entries[1].getLoginModuleName()) &&
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED ==
entries[1].getControlFlag() &&
MOD2.equals(entries[2].getLoginModuleName()) &&
AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL ==
entries[2].getControlFlag()) {
System.out.println("test " + testnum + ".4 passed");
} else {
throw new SecurityException("test " + testnum + ".4 failed");
}
return testnum;
}
Example 14
| Source File: GetInstance.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
|
private void doTestURI(Configuration c,
Configuration.Parameters uriParam,
int testnum) throws Exception {
AppConfigurationEntry[] entries = c.getAppConfigurationEntry("four");
if (entries.length == 4 &&
MOD0.equals(entries[0].getLoginModuleName()) &&
AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT ==
entries[0].getControlFlag() &&
MOD1.equals(entries[1].getLoginModuleName()) &&
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED ==
entries[1].getControlFlag() &&
MOD2.equals(entries[2].getLoginModuleName()) &&
AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL ==
entries[2].getControlFlag() &&
MOD3.equals(entries[3].getLoginModuleName()) &&
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED ==
entries[3].getControlFlag()) {
System.out.println("test " + testnum + ".1 passed");
} else {
throw new SecurityException("test " + testnum + ".1 failed");
}
// test getProvider
if ("SUN".equals(c.getProvider().getName())) {
System.out.println("test " + testnum + " (getProvider) passed");
} else {
throw new SecurityException("test " + testnum +
" (getProvider) failed");
}
// test getType
if (JAVA_CONFIG.equals(c.getType())) {
System.out.println("test " + testnum + " (getType) passed");
} else {
throw new SecurityException("test " + testnum +
" (getType) failed");
}
// test getParameters
if (uriParam.equals(c.getParameters())) {
System.out.println("test " + testnum + " (getParameters) passed");
} else {
throw new SecurityException("test " + testnum +
" (getParameters) failed");
}
}
Example 15
| Source File: PropertiesLoginModuleConfigurator.java From activemq-artemis with Apache License 2.0 | 4 votes |
|
public PropertiesLoginModuleConfigurator(String entryName, String brokerEtc) throws Exception {
if (entryName == null || entryName.length() == 0) {
entryName = "activemq";
}
Configuration securityConfig = Configuration.getConfiguration();
AppConfigurationEntry[] entries = securityConfig.getAppConfigurationEntry(entryName);
if (entries == null || entries.length == 0) {
throw ActiveMQMessageBundle.BUNDLE.failedToLoadSecurityConfig();
}
int entriesInspected = 0;
for (AppConfigurationEntry entry : entries) {
entriesInspected++;
if (entry.getLoginModuleName().equals(PropertiesLoginModule.class.getName())) {
String userFileName = (String) entry.getOptions().get(USER_FILE_PROP_NAME);
String roleFileName = (String) entry.getOptions().get(ROLE_FILE_PROP_NAME);
File etcDir = new File(brokerEtc);
File userFile = new File(etcDir, userFileName);
File roleFile = new File(etcDir, roleFileName);
if (!userFile.exists()) {
throw ActiveMQMessageBundle.BUNDLE.failedToLoadUserFile(brokerEtc + userFileName);
}
if (!roleFile.exists()) {
throw ActiveMQMessageBundle.BUNDLE.failedToLoadRoleFile(brokerEtc + roleFileName);
}
Configurations configs = new Configurations();
userBuilder = configs.propertiesBuilder(userFile);
roleBuilder = configs.propertiesBuilder(roleFile);
userConfig = userBuilder.getConfiguration();
roleConfig = roleBuilder.getConfiguration();
String roleHeader = roleConfig.getLayout().getHeaderComment();
String userHeader = userConfig.getLayout().getHeaderComment();
if (userHeader == null) {
if (userConfig.isEmpty()) {
//clean and reset header
userConfig.clear();
userConfig.setHeader(LICENSE_HEADER);
}
}
if (roleHeader == null) {
if (roleConfig.isEmpty()) {
//clean and reset header
roleConfig.clear();
roleConfig.setHeader(LICENSE_HEADER);
}
}
return;
}
}
if (entriesInspected == entries.length) {
throw ActiveMQMessageBundle.BUNDLE.failedToFindLoginModuleEntry(entryName);
}
}
