List of usage examples for javax.security.auth Subject getPrincipals
public Set<Principal> getPrincipals()
From source file:org.apache.karaf.jaas.modules.ldap.LdapLoginModuleTest.java
@Test public void testEmptyPassword() throws Exception { Properties options = ldapLoginModuleOptions(); LDAPLoginModule module = new LDAPLoginModule(); CallbackHandler cb = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb : callbacks) { if (cb instanceof NameCallback) { ((NameCallback) cb).setName("imnothere"); } else if (cb instanceof PasswordCallback) { ((PasswordCallback) cb).setPassword("".toCharArray()); }/*from w ww . j a v a 2s .c o m*/ } } }; Subject subject = new Subject(); module.initialize(subject, cb, null, options); assertEquals("Precondition", 0, subject.getPrincipals().size()); try { module.login(); fail("Should have failed"); } catch (LoginException e) { assertTrue(e.getMessage().equals("Empty passwords not allowed")); } }
From source file:com.nulli.openam.plugins.NeoUniversalCondition.java
private String getUserId(Subject subject) throws EntitlementException { Principal principal = subject.getPrincipals().iterator().next(); String userDn = principal.getName(); int start = userDn.indexOf('='); int end = userDn.indexOf(','); if (end <= start) { throw new EntitlementException(EntitlementException.CONDITION_EVALUATION_FAILED, "Name is not a valid DN: " + userDn); }/* w w w . j a va 2 s .c o m*/ String userId = userDn.substring(start + 1, end); return userId; }
From source file:org.atricore.idbus.kernel.main.federation.AccountLinkLifecycleImpl.java
public Subject resolve(AccountLink accountLink) throws AccountLinkageException { Subject resolvedSubject = new Subject(); if (identityStore == null) { String userId = accountLink.getLocalAccountNameIdentifier() != null ? accountLink.getLocalAccountNameIdentifier() : accountLink.getId();/* w ww. j a v a2s . co m*/ // TODO : What type of username are we using here? resolvedSubject.getPrincipals().add(new SubjectNameID(userId, null)); if (logger.isDebugEnabled()) logger.debug("No local identity store, returning local subject as " + resolvedSubject); return resolvedSubject; } UserKey uid = new SimpleUserKey(accountLink.getLocalAccountNameIdentifier()); try { logger.debug("Resolving account link : " + accountLink.getLocalAccountNameIdentifier()); if (identityStore.userExists(uid)) { BaseUser user = identityStore.loadUser(uid); // map it to josso2 subject data model resolvedSubject.getPrincipals().add( // TODO : What type of username are we using here? new SubjectNameID(user.getName(), null)); SSONameValuePair[] ssoUserProperties = user.getProperties(); for (SSONameValuePair ssoUserProperty : ssoUserProperties) { resolvedSubject.getPrincipals() .add(new SubjectAttribute(ssoUserProperty.getName(), ssoUserProperty.getValue())); } BaseRole[] roles = identityStore.findRolesByUserKey(uid); for (BaseRole role : roles) { resolvedSubject.getPrincipals().add(new SubjectRole(role.getName())); } } else { logger.warn("User [" + uid + "] does not exists in Identity Store (" + identityStore + ") ! Cannot resolve account link " + accountLink.getId()); } } catch (SSOIdentityException e) { throw new AccountLinkageException( "Error resolving account link [" + accountLink.getId() + "] " + e.getMessage(), e); } return resolvedSubject; }
From source file:org.jboss.dashboard.security.UIPolicy.java
public PermissionCollection getPermissions(Subject usr) { Permissions userPermissions = new Permissions(); Iterator it = usr.getPrincipals().iterator(); while (it.hasNext()) { Principal principal = (Principal) it.next(); Permissions permissions = (Permissions) permissionMap.get(principal); if (permissions != null) { Enumeration permEnum = permissions.elements(); while (permEnum.hasMoreElements()) { Permission perm = (Permission) permEnum.nextElement(); userPermissions.add(perm); }/*from ww w . j av a 2 s. com*/ } } // Also retrieve permission assigned to the unspecified principal Permissions permissions = (Permissions) permissionMap.get(UNSPECIFIED_PRINCIPAL); if (permissions != null) { Enumeration permEnum = permissions.elements(); while (permEnum.hasMoreElements()) { Permission perm = (Permission) permEnum.nextElement(); userPermissions.add(perm); } } return userPermissions; }
From source file:org.apache.karaf.jaas.modules.ldap.LdapLoginModuleTest.java
@Test public void testAdminLogin() throws Exception { Properties options = ldapLoginModuleOptions(); LDAPLoginModule module = new LDAPLoginModule(); CallbackHandler cb = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb : callbacks) { if (cb instanceof NameCallback) { ((NameCallback) cb).setName("admin"); } else if (cb instanceof PasswordCallback) { ((PasswordCallback) cb).setPassword("admin123".toCharArray()); }//from w w w .j ava 2s .c o m } } }; Subject subject = new Subject(); module.initialize(subject, cb, null, options); assertEquals("Precondition", 0, subject.getPrincipals().size()); assertTrue(module.login()); assertTrue(module.commit()); assertEquals(2, subject.getPrincipals().size()); boolean foundUser = false; boolean foundRole = false; for (Principal pr : subject.getPrincipals()) { if (pr instanceof UserPrincipal) { assertEquals("admin", pr.getName()); foundUser = true; } else if (pr instanceof RolePrincipal) { assertEquals("admin", pr.getName()); foundRole = true; } } assertTrue(foundUser); assertTrue(foundRole); assertTrue(module.logout()); assertEquals("Principals should be gone as the user has logged out", 0, subject.getPrincipals().size()); }
From source file:org.apache.karaf.jaas.modules.ldap.LdapLoginModuleTest.java
@Test public void testNonAdminLogin() throws Exception { Properties options = ldapLoginModuleOptions(); LDAPLoginModule module = new LDAPLoginModule(); CallbackHandler cb = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb : callbacks) { if (cb instanceof NameCallback) { ((NameCallback) cb).setName("cheese"); } else if (cb instanceof PasswordCallback) { ((PasswordCallback) cb).setPassword("foodie".toCharArray()); }/*w ww .j av a 2s .co m*/ } } }; Subject subject = new Subject(); module.initialize(subject, cb, null, options); assertEquals("Precondition", 0, subject.getPrincipals().size()); assertTrue(module.login()); assertTrue(module.commit()); assertEquals(1, subject.getPrincipals().size()); boolean foundUser = false; boolean foundRole = false; for (Principal pr : subject.getPrincipals()) { if (pr instanceof UserPrincipal) { assertEquals("cheese", pr.getName()); foundUser = true; } else if (pr instanceof RolePrincipal) { assertEquals("admin", pr.getName()); foundRole = true; } } assertTrue(foundUser); // cheese is not an admin so no roles should be returned assertFalse(foundRole); assertTrue(module.logout()); assertEquals("Principals should be gone as the user has logged out", 0, subject.getPrincipals().size()); }
From source file:org.apache.karaf.jaas.modules.ldap.LdapLoginModuleTest.java
@Test public void testTrimmedUsernameLogin() throws Exception { Properties options = ldapLoginModuleOptions(); options.put("usernames.trim", "true"); LDAPLoginModule module = new LDAPLoginModule(); CallbackHandler cb = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb : callbacks) { if (cb instanceof NameCallback) { ((NameCallback) cb).setName("cheese "); } else if (cb instanceof PasswordCallback) { ((PasswordCallback) cb).setPassword("foodie".toCharArray()); }/*from ww w . j a va 2 s.c om*/ } } }; Subject subject = new Subject(); module.initialize(subject, cb, null, options); assertEquals("Precondition", 0, subject.getPrincipals().size()); assertTrue(module.login()); assertTrue(module.commit()); assertEquals(1, subject.getPrincipals().size()); boolean foundUser = false; boolean foundRole = false; for (Principal pr : subject.getPrincipals()) { if (pr instanceof UserPrincipal) { assertEquals("cheese", pr.getName()); foundUser = true; } else if (pr instanceof RolePrincipal) { assertEquals("admin", pr.getName()); foundRole = true; } } assertTrue(foundUser); // cheese is not an admin so no roles should be returned assertFalse(foundRole); assertTrue(module.logout()); assertEquals("Principals should be gone as the user has logged out", 0, subject.getPrincipals().size()); }
From source file:org.apache.karaf.jaas.modules.ldap.LdapLoginModuleTest.java
@Test public void testRoleMappingSimple() throws Exception { Properties options = ldapLoginModuleOptions(); options.put(LDAPOptions.ROLE_MAPPING, "admin=karaf"); LDAPLoginModule module = new LDAPLoginModule(); CallbackHandler cb = new CallbackHandler() { @Override/*from w w w . j a v a2s .c o m*/ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb : callbacks) { if (cb instanceof NameCallback) { ((NameCallback) cb).setName("admin"); } else if (cb instanceof PasswordCallback) { ((PasswordCallback) cb).setPassword("admin123".toCharArray()); } } } }; Subject subject = new Subject(); module.initialize(subject, cb, null, options); assertEquals("Precondition", 0, subject.getPrincipals().size()); assertTrue(module.login()); assertTrue(module.commit()); assertEquals(2, subject.getPrincipals().size()); boolean foundUser = false; boolean foundRole = false; for (Principal principal : subject.getPrincipals()) { if (principal instanceof UserPrincipal) { assertEquals("admin", principal.getName()); foundUser = true; } else if (principal instanceof RolePrincipal) { assertEquals("karaf", principal.getName()); foundRole = true; } } assertTrue(foundUser); assertTrue(foundRole); assertTrue(module.logout()); assertEquals("Principals should be gone as the user has logged out", 0, subject.getPrincipals().size()); }
From source file:org.apache.karaf.jaas.modules.ldap.LdapLoginModuleTest.java
@Test public void testRoleMappingAdvanced() throws Exception { Properties options = ldapLoginModuleOptions(); options.put(LDAPOptions.ROLE_MAPPING, "admin=karaf,test;admin=another"); LDAPLoginModule module = new LDAPLoginModule(); CallbackHandler cb = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb : callbacks) { if (cb instanceof NameCallback) { ((NameCallback) cb).setName("admin"); } else if (cb instanceof PasswordCallback) { ((PasswordCallback) cb).setPassword("admin123".toCharArray()); }// w ww. j a v a 2 s. c o m } } }; Subject subject = new Subject(); module.initialize(subject, cb, null, options); assertEquals("Precondition", 0, subject.getPrincipals().size()); assertTrue(module.login()); assertTrue(module.commit()); assertEquals(4, subject.getPrincipals().size()); final List<String> roles = new ArrayList<String>(Arrays.asList("karaf", "test", "another")); boolean foundUser = false; boolean foundRole = false; for (Principal principal : subject.getPrincipals()) { if (principal instanceof UserPrincipal) { assertEquals("admin", principal.getName()); foundUser = true; } else if (principal instanceof RolePrincipal) { assertTrue(roles.remove(principal.getName())); foundRole = true; } } assertTrue(foundUser); assertTrue(foundRole); assertTrue(roles.isEmpty()); assertTrue(module.logout()); assertEquals("Principals should be gone as the user has logged out", 0, subject.getPrincipals().size()); }
From source file:org.apache.karaf.jaas.modules.ldap.LdapLoginModuleTest.java
@Test public void testRoleMappingParsing() throws Exception { Properties options = ldapLoginModuleOptions(); options.put(LDAPOptions.ROLE_MAPPING, "admin = karaf, test; admin = another"); LDAPLoginModule module = new LDAPLoginModule(); CallbackHandler cb = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback cb : callbacks) { if (cb instanceof NameCallback) { ((NameCallback) cb).setName("admin"); } else if (cb instanceof PasswordCallback) { ((PasswordCallback) cb).setPassword("admin123".toCharArray()); }//from w ww . j ava2 s . c o m } } }; Subject subject = new Subject(); module.initialize(subject, cb, null, options); assertEquals("Precondition", 0, subject.getPrincipals().size()); assertTrue(module.login()); assertTrue(module.commit()); assertEquals(4, subject.getPrincipals().size()); final List<String> roles = new ArrayList<String>(Arrays.asList("karaf", "test", "another")); boolean foundUser = false; boolean foundRole = false; for (Principal pr : subject.getPrincipals()) { if (pr instanceof UserPrincipal) { assertEquals("admin", pr.getName()); foundUser = true; } else if (pr instanceof RolePrincipal) { assertTrue(roles.remove(pr.getName())); foundRole = true; } } assertTrue(foundUser); assertTrue(foundRole); assertTrue(roles.isEmpty()); assertTrue(module.logout()); assertEquals("Principals should be gone as the user has logged out", 0, subject.getPrincipals().size()); }