Package javax.security.auth.message

Examples of javax.security.auth.message.AuthException

1218
1219
1220
1221
1222
1223
1224
1225
            if (module != null) {
                module.cleanSubject(messageInfo, subject);
            } else if (oldModule != null) {
                oldModule.disposeSubject(subject, messageInfo.getMap());
            } else {
                 throw new AuthException();
            }
        }
View Full Code Here
1257
1258
1259
1260
1261
1262
1263
1264
                oldModule.secureRequest(config.getAuthParam(messageInfo),
                        clientSubject,
                        messageInfo.getMap());
                return AuthStatus.SEND_SUCCESS;
            } else {
                throw new AuthException();
            }
        }
View Full Code Here
1272
1273
1274
1275
1276
1277
1278
1279
            } else if (oldModule != null) {
                oldModule.validateResponse(config.getAuthParam(messageInfo),
                        clientSubject, messageInfo.getMap());
                return AuthStatus.SUCCESS;
            } else {
                throw new AuthException();
            }
        }
View Full Code Here
1283
1284
1285
1286
1287
1288
1289
1290
            if (module != null) {
                module.cleanSubject(messageInfo, subject);
            } else if (oldModule != null) {
                oldModule.disposeSubject(subject, messageInfo.getMap());
            } else {
                 throw new AuthException();
            }
        }
View Full Code Here
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
                if (rvalue) { // cache it only if validateRequest = true
                    messageInfo.getMap().put(SERVER_AUTH_CONTEXT, sAC);
                    req.setAttribute(MESSAGE_INFO, messageInfo);
                }
            } else {
    throw new AuthException("null ServerAuthContext");
      }
        } catch(AuthException ae) {
            if (_logger.isLoggable(Level.FINE)) {
                _logger.log(Level.FINE,
                "JAMC: http msg authentication fail",ae);
View Full Code Here
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
        this.handler = handler;
        if (options != null) {
            // Save the REST URL we need to authenticate the user.
            this.restURL = (String) options.get("restAuthURL");
            if (restURL == null) {
                throw new AuthException("'restAuthURL' "
                        + "must be supplied as a property in the provider-config "
                        + "in the domain.xml file!");
            }
            this.loginPage = (String) options.get("loginPage");
            if (loginPage == null) {
                throw new AuthException("'loginPage' "
                        + "must be supplied as a property in the provider-config "
                        + "in the domain.xml file!");
            }
            this.loginErrorPage = (String) options.get("loginErrorPage");
            if (loginErrorPage == null) {
                throw new AuthException("'loginErrorPage' "
                        + "must be supplied as a property in the provider-config "
                        + "in the domain.xml file!");
            }
            ServiceLocator habitat = SecurityServicesUtil.getInstance().getHabitat();
            Domain domain = habitat.getService(Domain.class);
View Full Code Here
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
            RequestDispatcher rd = request.getRequestDispatcher(loginPage);
            try {
                RestUtil.initialize(null);
                rd.forward(request, response);
            } catch (Exception ex) {
                AuthException ae = new AuthException();
                ae.initCause(ex);
                throw ae;
            }
            return AuthStatus.SEND_CONTINUE;
        }

// Don't use the PasswordValidationCallback... use REST authorization instead.
//  char[] pwd = new char[password.length()];
//  password.getChars(0, password.length(), pwd, 0);
//  PasswordValidationCallback pwdCallback =
//      new PasswordValidationCallback(clientSubject, username, pwd);

        // Make REST Request

        Client client2 = ClientFactory.newClient();
        RestUtil.initialize(client2);
        WebTarget target = client2.target(restURL);
        target.register(new HttpBasicAuthFilter(username, password));
        MultivaluedMap payLoad = new MultivaluedHashMap();
        payLoad.putSingle("remoteHostName", request.getRemoteHost());

        Response resp = target.request(RESPONSE_TYPE).post(Entity.entity(payLoad, MediaType.APPLICATION_FORM_URLENCODED), Response.class);
        RestResponse restResp = RestResponse.getRestResponse(resp);

        // Check to see if successful..
        if (restResp.isSuccess()) {
            // Username and Password sent in... validate them!
            CallerPrincipalCallback cpCallback =
                    new CallerPrincipalCallback(clientSubject, username);
            try {
                handler.handle(new Callback[]{ /*pwdCallback,*/cpCallback});
            } catch (Exception ex) {
                AuthException ae = new AuthException();
                ae.initCause(ex);
                throw ae;
            }

            // recreate the session
            Map<String, Object> map = new HashMap<String, Object>();
            Enumeration<String> names = session.getAttributeNames();
            while (names.hasMoreElements()) {
                String key = names.nextElement();
                map.put(key, session.getAttribute(key));
            }
            session.invalidate();
            session = request.getSession(true);
            for (Map.Entry<String, Object> e : map.entrySet()) {
                session.setAttribute(e.getKey(), e.getValue());
            }

            if (session != null) {
                // Get the "extraProperties" section of the response...
                Object obj = restResp.getResponse().get("data");
                Map extraProperties = null;
                if ((obj != null) && (obj instanceof Map)) {
                    obj = ((Map) obj).get("extraProperties");
                    if ((obj != null) && (obj instanceof Map)) {
                        extraProperties = (Map) obj;
                    }
                }

                // Save the Rest Token...
                if (extraProperties != null) {
                    session.putValue(REST_TOKEN, extraProperties.get("token"));
                }

                // Save the Subject...
                session.putValue(SAVED_SUBJECT, clientSubject);

                // Save the userName
                session.putValue(USER_NAME, username);
            }

            try {
                // Redirect...
                String origRequest = (String)session.getAttribute(ORIG_REQUEST_PATH);
                // Explicitly test for favicon.ico, as Firefox seems to ask for this on
                // every page
                if ((origRequest == null) || "/favicon.ico".equals(origRequest)) {
                    origRequest = "/index.jsf";
                }
                logger.log(Level.INFO, "Redirecting to {0}", origRequest);
                response.sendRedirect(response.encodeRedirectURL(origRequest));
            } catch (Exception ex) {
                AuthException ae = new AuthException();
                ae.initCause(ex);
                throw ae;
            }

            // Continue...
            return AuthStatus.SEND_CONTINUE;
        } else {
            int status = restResp.getResponseCode();
            if (status == 403) {
                request.setAttribute("errorText", GuiUtil.getMessage("alert.ConfigurationError"));
                request.setAttribute("messageText", GuiUtil.getMessage("alert.EnableSecureAdmin"));
            }
            RequestDispatcher rd = request.getRequestDispatcher(this.loginErrorPage);
            try {
                rd.forward(request, response);
            } catch (Exception ex) {
                AuthException ae = new AuthException();
                ae.initCause(ex);
                throw ae;
            }
            return AuthStatus.SEND_FAILURE;
        }
    }
View Full Code Here
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
    public void initialize(MessagePolicy requestPolicy, MessagePolicy responsePolicy, CallbackHandler handler, Map options) throws AuthException {
        this.handler = handler;
        if (options != null) {
            this.loginPage = (String) options.get("loginPage");
            if (loginPage == null) {
                throw new AuthException("'loginPage' "
                        + "must be supplied as a property in the provider-config "
                        + "in the domain.xml file!");
            }
            this.loginErrorPage = (String) options.get("loginErrorPage");
            if (loginErrorPage == null) {
                throw new AuthException("'loginErrorPage' "
                        + "must be supplied as a property in the provider-config "
                        + "in the domain.xml file!");
            }
            ServiceLocator habitat = SecurityServicesUtil.getInstance().getHabitat();
            Domain domain = habitat.getService(Domain.class);
View Full Code Here
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
            session.setAttribute(ORIG_REQUEST_PATH, origPath);
            RequestDispatcher rd = request.getRequestDispatcher(loginPage);
            try {
                rd.forward(request, response);
            } catch (Exception ex) {
                AuthException ae = new AuthException();
                ae.initCause(ex);
                throw ae;
            }
            return AuthStatus.SEND_CONTINUE;
        }

// Don't use the PasswordValidationCallback... use REST authorization instead.
//  char[] pwd = new char[password.length()];
//  password.getChars(0, password.length(), pwd, 0);
//  PasswordValidationCallback pwdCallback =
//      new PasswordValidationCallback(clientSubject, username, pwd);

        // Make REST Request

        Client client2 = RestUtil.initialize(ClientBuilder.newBuilder()).build();
        WebTarget target = client2.target(restURL);
        target.register(new HttpBasicAuthFilter(username, password));
        MultivaluedMap payLoad = new MultivaluedHashMap();
        payLoad.putSingle("remoteHostName", request.getRemoteHost());

        Response resp = target.request(RESPONSE_TYPE).post(Entity.entity(payLoad, MediaType.APPLICATION_FORM_URLENCODED), Response.class);
        RestResponse restResp = RestResponse.getRestResponse(resp);

        // Check to see if successful..
        if (restResp.isSuccess()) {
            // Username and Password sent in... validate them!
            CallerPrincipalCallback cpCallback =
                    new CallerPrincipalCallback(clientSubject, username);
            try {
                handler.handle(new Callback[]{ /*pwdCallback,*/cpCallback});
            } catch (Exception ex) {
                AuthException ae = new AuthException();
                ae.initCause(ex);
                throw ae;
            }

            request.changeSessionId();

            if (session != null) {
                // Get the "extraProperties" section of the response...
                Object obj = restResp.getResponse().get("data");
                Map extraProperties = null;
                if ((obj != null) && (obj instanceof Map)) {
                    obj = ((Map) obj).get("extraProperties");
                    if ((obj != null) && (obj instanceof Map)) {
                        extraProperties = (Map) obj;
                    }
                }

                // Save the Rest Token...
                if (extraProperties != null) {
                    session.putValue(REST_TOKEN, extraProperties.get("token"));
                }

                // Save the Subject...
                session.putValue(SAVED_SUBJECT, clientSubject);

                // Save the userName
                session.putValue(USER_NAME, username);
            }

            try {
                // Redirect...
                String origRequest = (String)session.getAttribute(ORIG_REQUEST_PATH);
                // Explicitly test for favicon.ico, as Firefox seems to ask for this on
                // every page
                if ((origRequest == null) || "/favicon.ico".equals(origRequest)) {
                    origRequest = "/index.jsf";
                }
                logger.log(Level.INFO, "Redirecting to {0}", origRequest);
                response.sendRedirect(response.encodeRedirectURL(origRequest));
            } catch (Exception ex) {
                AuthException ae = new AuthException();
                ae.initCause(ex);
                throw ae;
            }

            // Continue...
            return AuthStatus.SEND_CONTINUE;
        } else {
            int status = restResp.getResponseCode();
            if (status == 403) {
                request.setAttribute("errorText", GuiUtil.getMessage("alert.ConfigurationError"));
                request.setAttribute("messageText", GuiUtil.getMessage("alert.EnableSecureAdmin"));
            }
            RequestDispatcher rd = request.getRequestDispatcher(this.loginErrorPage);
            try {
                rd.forward(request, response);
            } catch (Exception ex) {
                AuthException ae = new AuthException();
                ae.initCause(ex);
                throw ae;
            }
            return AuthStatus.SEND_FAILURE;
        }
    }
View Full Code Here
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
                if (rvalue) { // cache it only if validateRequest = true
                    messageInfo.getMap().put(SERVER_AUTH_CONTEXT, sAC);
                    req.setAttribute(MESSAGE_INFO, messageInfo);
                }
            } else {
                throw new AuthException("null ServerAuthContext");
            }
        } catch (AuthException ae) {
            if (_logger.isLoggable(Level.FINE)) {
                _logger.log(Level.FINE,
                        "JMAC: http msg authentication fail", ae);
View Full Code Here
TOP

Related Classes of javax.security.auth.message.AuthException

  • com.evasion.sam.SAM
  • com.evasion.sam.ServletAuthModule
  • com.sun.enterprise.security.jmac.config.GFServerConfigProvider
  • com.sun.enterprise.security.jmac.config.GFServerConfigProvider$Entry
  • com.sun.enterprise.security.jmac.config.GFServerConfigProvider$GFAuthConfig
  • com.sun.enterprise.security.jmac.config.GFServerConfigProvider$GFClientAuthContext
  • com.sun.enterprise.security.jmac.config.GFServerConfigProvider$GFServerAuthContext
  • com.sun.jaspic.config.helper.AuthConfigHelper
  • com.sun.jaspic.config.helper.AuthConfigProviderHelper
  • com.sun.jaspic.config.jaas.JAASAuthContextHelper
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.