List of usage examples for javax.security.auth Subject getPrincipals
public Set<Principal> getPrincipals()
From source file:org.helios.ember.auth.SSHLoginService.java
/** * /*from www.jav a 2 s . com*/ * <p><b><code>username</code></b> can be:<ol> * <li><code>username</code></li> * <li><code>username@hostname</code></li> * <li><code>username@hostname:port</code></li> * </ol></p> * <p>However, a <code>":<port>"</code> in the username will be parsed out (in the browser ?) and prepended to the credentials as <code>"<port>:"</code> * so technically #3 will never been seen, so:<ul> * <li>If we see #1, strip and ignore (or error out) on a leading <code>":<port>"</code> in the credentials</li> * <li>If we see #2, check the credentials a leading <code>":<port>"</code> and strip it out.</li> * </ul></p> * {@inheritDoc} * @see org.eclipse.jetty.security.LoginService#login(java.lang.String, java.lang.Object) */ @SuppressWarnings("unchecked") @Override public UserIdentity login(String username, Object credentials) { SessionLogin sessionLogin = SessionLogin.newSessionLogin(pkRepo.getJSch(), username, credentials); if (sessionLogin == null) return null; if (!sessionLogin.login(5000)) { // should be a param return null; } // ===== user authenticated, set up subject and principal Subject subject = new Subject(); subject.getPrincipals().add(new RolePrincipal("foo")); if (subject.getPrivateCredentials().isEmpty()) { subject.getPrivateCredentials().add(new HashMap<String, String>( Collections.singletonMap(sessionLogin.getSessionKey(), sessionLogin.getPassword()))); subject.getPublicCredentials().add(new HashMap<String, SessionLogin>( Collections.singletonMap(sessionLogin.getSessionKey(), sessionLogin))); } else { ((HashMap<String, String>) subject.getPrivateCredentials().iterator().next()) .put(sessionLogin.getSessionKey(), sessionLogin.getPassword()); ((HashMap<String, SessionLogin>) subject.getPublicCredentials().iterator().next()) .put(sessionLogin.getSessionKey(), sessionLogin); } subject.getPrivateCredentials().add(sessionLogin.getPassword()); subject.getPublicCredentials().add(sessionLogin.getSession()); return new DefaultUserIdentity(subject, sessionLogin, new String[] { "foo" }); }
From source file:org.apache.karaf.jaas.modules.krb5.Krb5LoginModuleTest.java
@Test(expected = LoginException.class) public void testKeytabFailure() throws Exception { Map<String, Object> props = new HashMap<>(); props.put("debug", "true"); props.put("useKeyTab", "true"); props.put("keyTab", createKeytab()); props.put("principal", "hnelson0@EXAMPLE.COM"); props.put("doNotPrompt", "true"); props.put("storeKey", "true"); props.put("detailed.login.exception", "true"); Subject subject = new Subject(); Krb5LoginModule module = new Krb5LoginModule(); module.initialize(subject, null, null, props); assertEquals("Precondition", 0, subject.getPrincipals().size()); Assert.assertFalse(module.login());//from w ww. j a v a 2 s .c om }
From source file:com.jivesoftware.authHelper.customescheme.negotiate.CustomNegotiateScheme.java
/** * Init GSSContext for negotiation./*w w w . jav a2 s . co m*/ * * @param server servername only (e.g: radar.it.su.se) */ protected void init(String server, UsernamePasswordCredentials credentials) throws GSSException { LOG.info("init " + server); // Create a callback handler Configuration.setConfiguration(null); CallbackHandler callbackHandler = new CustomNegotiateCallbackHandler(credentials.getUserName(), credentials.getPassword()); PrivilegedExceptionAction action = new MyAction(server); LoginContext con = null; try { CustomConfiguration cc = getCustomConfiguration(credentials); // Create a LoginContext with a callback handler con = new LoginContext("com.sun.security.jgss.login", null, callbackHandler, cc); Configuration.setConfiguration(cc); // Perform authentication con.login(); } catch (LoginException e) { System.err.println("Login failed"); e.printStackTrace(); // System.exit(-1); throw new RuntimeException(e); } catch (Exception e) { System.err.println("Login failed"); e.printStackTrace(); // System.exit(-1); throw new RuntimeException(e); } // Perform action as authenticated user Subject subject = con.getSubject(); //LOG.trace("Subject is :"+ subject.toString()); LOG.info("Authenticated principal:**** " + subject.getPrincipals()); try { Subject.doAs(subject, action); } catch (PrivilegedActionException e) { e.printStackTrace(); } catch (Exception e) { e.printStackTrace(); } }
From source file:org.apache.karaf.jaas.modules.krb5.Krb5LoginModuleTest.java
@Test(expected = LoginException.class) public void testLoginUsernameFailure() throws Exception { CallbackHandler cb = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb : callbacks) { if (cb instanceof NameCallback) { ((NameCallback) cb).setName("hnelson0"); } else if (cb instanceof PasswordCallback) { ((PasswordCallback) cb).setPassword("secret".toCharArray()); }//from ww w.ja va 2 s . c o m } } }; Subject subject = new Subject(); Krb5LoginModule module = new Krb5LoginModule(); module.initialize(subject, cb, null, new HashMap<>()); assertEquals("Precondition", 0, subject.getPrincipals().size()); Assert.assertFalse(module.login()); }
From source file:org.apache.karaf.jaas.modules.krb5.Krb5LoginModuleTest.java
@Test(expected = LoginException.class) public void testLoginPasswordFailure() throws Exception { CallbackHandler cb = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb : callbacks) { if (cb instanceof NameCallback) { ((NameCallback) cb).setName("hnelson"); } else if (cb instanceof PasswordCallback) { ((PasswordCallback) cb).setPassword("secret0".toCharArray()); }/* w ww . j av a2s .co m*/ } } }; Subject subject = new Subject(); Krb5LoginModule module = new Krb5LoginModule(); module.initialize(subject, cb, null, new HashMap<>()); assertEquals("Precondition", 0, subject.getPrincipals().size()); Assert.assertFalse(module.login()); }
From source file:com.yoshio3.modules.AzureADServerAuthModule.java
@Override public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException { try {/*from ww w .j a v a2s .c om*/ if (subject != null) { subject.getPrincipals().clear(); } loginContext.logout(); } catch (LoginException ex) { LOGGER.log(Level.SEVERE, null, ex); } }
From source file:org.apache.karaf.jaas.modules.krb5.Krb5LoginModuleTest.java
@Test public void testKeytabSuccess() throws Exception { Map<String, Object> props = new HashMap<>(); props.put("debug", "true"); props.put("useKeyTab", "true"); props.put("keyTab", createKeytab()); props.put("principal", "hnelson@EXAMPLE.COM"); props.put("doNotPrompt", "true"); props.put("storeKey", "true"); props.put("detailed.login.exception", "true"); Subject subject = new Subject(); Krb5LoginModule module = new Krb5LoginModule(); module.initialize(subject, null, null, props); assertEquals("Precondition", 0, subject.getPrincipals().size()); Assert.assertTrue(module.login());/*from w w w. j a v a2 s . c om*/ Assert.assertTrue(module.commit()); assertEquals(1, subject.getPrincipals().size()); boolean foundUser = false; for (Principal pr : subject.getPrincipals()) { if (pr instanceof KerberosPrincipal) { assertEquals("hnelson@EXAMPLE.COM", pr.getName()); foundUser = true; break; } } assertTrue(foundUser); boolean foundToken = false; for (Object crd : subject.getPrivateCredentials()) { if (crd instanceof KerberosTicket) { assertEquals("hnelson@EXAMPLE.COM", ((KerberosTicket) crd).getClient().getName()); assertEquals("krbtgt/EXAMPLE.COM@EXAMPLE.COM", ((KerberosTicket) crd).getServer().getName()); foundToken = true; break; } } assertTrue(foundToken); Assert.assertTrue(module.logout()); }
From source file:org.apache.karaf.jaas.modules.krb5.Krb5LoginModuleTest.java
@Test public void testLoginSuccess() throws Exception { CallbackHandler cb = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb : callbacks) { if (cb instanceof NameCallback) { ((NameCallback) cb).setName("hnelson"); } else if (cb instanceof PasswordCallback) { ((PasswordCallback) cb).setPassword("secret".toCharArray()); }//from w w w . j a v a 2 s .c om } } }; Subject subject = new Subject(); Krb5LoginModule module = new Krb5LoginModule(); module.initialize(subject, cb, null, new HashMap<>()); assertEquals("Precondition", 0, subject.getPrincipals().size()); Assert.assertTrue(module.login()); Assert.assertTrue(module.commit()); assertEquals(1, subject.getPrincipals().size()); boolean foundUser = false; for (Principal pr : subject.getPrincipals()) { if (pr instanceof KerberosPrincipal) { assertEquals("hnelson@EXAMPLE.COM", pr.getName()); foundUser = true; break; } } assertTrue(foundUser); boolean foundToken = false; for (Object crd : subject.getPrivateCredentials()) { if (crd instanceof KerberosTicket) { assertEquals("hnelson@EXAMPLE.COM", ((KerberosTicket) crd).getClient().getName()); assertEquals("krbtgt/EXAMPLE.COM@EXAMPLE.COM", ((KerberosTicket) crd).getServer().getName()); foundToken = true; break; } } assertTrue(foundToken); Assert.assertTrue(module.logout()); }
From source file:org.apache.karaf.jaas.modules.ldap.LdapLoginModuleTest.java
@Test public void testUserNotFound() throws Exception { Properties options = ldapLoginModuleOptions(); LDAPLoginModule module = new LDAPLoginModule(); CallbackHandler cb = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb : callbacks) { if (cb instanceof NameCallback) { ((NameCallback) cb).setName("imnothere"); } else if (cb instanceof PasswordCallback) { ((PasswordCallback) cb).setPassword("admin123".toCharArray()); }/* w w w.j a va 2s .c o m*/ } } }; Subject subject = new Subject(); module.initialize(subject, cb, null, options); assertEquals("Precondition", 0, subject.getPrincipals().size()); assertFalse(module.login()); }
From source file:org.apache.karaf.jaas.modules.ldap.LdapLoginModuleTest.java
@Test public void testBadPassword() throws Exception { Properties options = ldapLoginModuleOptions(); LDAPLoginModule module = new LDAPLoginModule(); CallbackHandler cb = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb : callbacks) { if (cb instanceof NameCallback) { ((NameCallback) cb).setName("admin"); } else if (cb instanceof PasswordCallback) { ((PasswordCallback) cb).setPassword("blahblah".toCharArray()); }//from w w w . j av a 2 s .c o m } } }; Subject subject = new Subject(); module.initialize(subject, cb, null, options); assertEquals("Precondition", 0, subject.getPrincipals().size()); try { module.login(); fail("Should have thrown LoginException"); } catch (LoginException e) { assertTrue(e.getMessage().startsWith("Authentication failed")); } }