Examples of org.apache.qpid.server.security.auth.manager.AuthenticationManager

• org.apache.qpid.server.security.auth.manager.AuthenticationManager
  Implementations of the AuthenticationManager are responsible for determining the authenticity of a user's credentials.

  If the authentication is successful, the manager is responsible for producing an {@link AuthenticationResult} containing the user's main {@link Principal} and zero ormore other implementation-specific principals.

  The {@link #initialise()} method is responsible for registering SASL mechanisms required bythe manager. The {@link #close()} method must reverse this registration.

        AMQProtocolSession session = stateManager.getProtocolSession();
        final ConnectionStartOkBody body = evt.getMethod();
        _logger.info("SASL Mechanism selected: " + body.mechanism);
        _logger.info("Locale selected: " + body.locale);

        AuthenticationManager authMgr = ApplicationRegistry.getInstance().getAuthenticationManager();//session.getVirtualHost().getAuthenticationManager();

        SaslServer ss = null;
        try
        {
            ss = authMgr.createSaslServer(String.valueOf(body.mechanism), session.getLocalFQDN());

            if (ss == null)
            {
                throw body.getConnectionException(AMQConstant.RESOURCE_ERROR, "Unable to create SASL Server:" + body.mechanism
                );
            }

            session.setSaslServer(ss);

            AuthenticationResult authResult = authMgr.authenticate(ss, body.response);

            //save clientProperties
            if (session.getClientProperties() == null)
            {
                session.setClientProperties(body.clientProperties);

        AMQProtocolSession session = stateManager.getProtocolSession();
        ConnectionSecureOkBody body = evt.getMethod();

        //fixme Vhost not defined yet
        //session.getVirtualHost().getAuthenticationManager();
        AuthenticationManager authMgr = ApplicationRegistry.getInstance().getAuthenticationManager();

        SaslServer ss = session.getSaslServer();
        if (ss == null)
        {
            throw new AMQException("No SASL context set up in session");
        }

        AuthenticationResult authResult = authMgr.authenticate(ss, body.response);
        switch (authResult.status)
        {
            case ERROR:
                // Can't do this as we violate protocol. Need to send Close
                // throw new AMQException(AMQConstant.NOT_ALLOWED.getCode(), AMQConstant.NOT_ALLOWED.getName());

        {
            throw new ConfigurationException("No authentication manager factory plugins found.  Check the desired authentication" +
                    "manager plugin has been placed in the plugins directory.");
        }

        AuthenticationManager authMgr = null;

        for (final Iterator<AuthenticationManagerPluginFactory<? extends Plugin>> iterator = factories.iterator(); iterator.hasNext();)
        {
            final AuthenticationManagerPluginFactory<? extends Plugin> factory = (AuthenticationManagerPluginFactory<? extends Plugin>) iterator.next();
            final AuthenticationManager tmp = factory.newInstance(securityConfiguration);
            if (tmp != null)
            {
                if (authMgr != null)
                {
                    throw new ConfigurationException("Cannot configure more than one authentication manager."
                            + " Both " + tmp.getClass() + " and " + authMgr.getClass() + " are configured."
                            + " Remove configuration for one of the authentication manager, or remove the plugin JAR"
                            + " from the classpath.");
                }
                authMgr = tmp;
            }

    public void methodReceived(AMQStateManager stateManager, ConnectionSecureOkBody body, int channelId) throws AMQException
    {
        AMQProtocolSession session = stateManager.getProtocolSession();

        AuthenticationManager authMgr = ApplicationRegistry.getInstance().getAuthenticationManager();

        SaslServer ss = session.getSaslServer();
        if (ss == null)
        {
            throw new AMQException("No SASL context set up in session");
        }
        MethodRegistry methodRegistry = session.getMethodRegistry();
        AuthenticationResult authResult = authMgr.authenticate(ss, body.getResponse());
        switch (authResult.getStatus())
        {
            case ERROR:
                Exception cause = authResult.getCause();

        AMQProtocolSession session = stateManager.getProtocolSession();

        _logger.info("SASL Mechanism selected: " + body.getMechanism());
        _logger.info("Locale selected: " + body.getLocale());

        AuthenticationManager authMgr = ApplicationRegistry.getInstance().getAuthenticationManager();
        SaslServer ss = null;
        try
        {
            ss = authMgr.createSaslServer(String.valueOf(body.getMechanism()), session.getLocalFQDN());

            if (ss == null)
            {
                throw body.getConnectionException(AMQConstant.RESOURCE_ERROR, "Unable to create SASL Server:" + body.getMechanism());
            }

            session.setSaslServer(ss);

            final AuthenticationResult authResult = authMgr.authenticate(ss, body.getResponse());
            //save clientProperties
            if (session.getClientProperties() == null)
            {
                session.setClientProperties(body.getClientProperties());
            }

    @Override
    protected void changeAttributes(Map<String, Object> attributes)
    {
        Map<String, Object> effectiveAttributes = super.generateEffectiveAttributes(attributes);
        AuthenticationManager manager = validateAttributes(effectiveAttributes);
        manager.initialise();
        super.changeAttributes(attributes);
        _authManager = (T)manager;

        // if provider was previously in ERRORED state then set its state to ACTIVE
        _state.compareAndSet(State.ERRORED, State.ACTIVE);

        AuthenticationManagerFactory managerFactory = _factories.get(newType);
        if (managerFactory == null)
        {
            throw new IllegalConfigurationException("Cannot find authentication provider factory for type " + newType);
        }
        AuthenticationManager manager = managerFactory.createInstance(attributes);
        if (manager == null)
        {
            throw new IllegalConfigurationException("Cannot change authentication provider " + newName + " of type " + newType + " with the given attributes");
        }
        return manager;

public class AuthenticationProviderFactoryTest extends TestCase
{

    public void testCreatePasswordCredentialManagingAuthenticationProvider()
    {
        AuthenticationManager am = mock(PrincipalDatabaseAuthenticationManager.class);
        AuthenticationProvider provider = testForFactory(am, true);
        assertTrue("The created provider should match the factory's AuthenticationManager type",
                provider instanceof PasswordCredentialManagingAuthenticationProvider);
        verify(am).onCreate();
    }

        verify(am).onCreate();
    }

    public void testCreateNonPasswordCredentialManagingAuthenticationProvider()
    {
        AuthenticationManager am = mock(AuthenticationManager.class);
        AuthenticationProvider provider = testForFactory(am, true);
        assertFalse("The created provider should match the factory's AuthenticationManager type",
                provider instanceof PasswordCredentialManagingAuthenticationProvider);
        verify(am).onCreate();
    }

        verify(am).onCreate();
    }

    public void testRecoverPasswordCredentialManagingAuthenticationProvider()
    {
        AuthenticationManager am = mock(PrincipalDatabaseAuthenticationManager.class);
        AuthenticationProvider provider = testForFactory(am, false);
        assertTrue("The created provider should match the factory's AuthenticationManager type",
                provider instanceof PasswordCredentialManagingAuthenticationProvider);
        verify(am, never()).onCreate();
    }