Package org.gatein.wci.security

Examples of org.gatein.wci.security.Credentials

115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
      if (propertyMap.containsKey(WSHandlerConstants.USER) && propertyMap.get(WSHandlerConstants.USER).equals(GTN_CURRENT_USER))
      {
         CredentialsAccessor credentialsAccessor = WebServiceSecurityFactory.getInstance().getCredentialsAccessor();
         if (credentialsAccessor != null && credentialsAccessor.getCredentials() != null)
         {
            Credentials credentials = credentialsAccessor.getCredentials();
            propertyMap.put(WSHandlerConstants.USER, credentials.getUsername());

            String actionProperty = (String)propertyMap.get(WSHandlerConstants.ACTION);
            //Note: the action property can contain a space separated list of multiple actions
            if (actionProperty != null && actionProperty.contains(GTN_USERNAME_TOKEN_IF_AUTHENTICATED))
            {
               if (credentials.getPassword() != null)
               {
                  actionProperty = actionProperty.replace(GTN_USERNAME_TOKEN_IF_AUTHENTICATED, WSHandlerConstants.USERNAME_TOKEN);
               }
               else
               {
View Full Code Here
56
57
58
59
60
61
62
63
64
65
66
67
68
69
            {
               CredentialsAccessor credentialsAccessor = WebServiceSecurityFactory.getInstance().getCredentialsAccessor();

               if (credentialsAccessor != null && credentialsAccessor.getCredentials() != null)
               {
                  Credentials credentials = credentialsAccessor.getCredentials();
                  if (credentials.getUsername().equals(wspasswordCallBack.getIdentifier()))
                  {
                     wspasswordCallBack.setPassword(credentials.getPassword());
                  }
                  else
                  {
                     log.warn("The username in the callback does not match the currently authenticated user. Password not added to callback.");
                  }
View Full Code Here
43
44
45
46
47
48
49
50
51
52
53
   public void saveSSOCredentials(String username, HttpServletRequest httpRequest)
   {
      //Use empty password....it shouldn't be needed...this is a SSO login. The password has
      //already been presented with the SSO server. It should not be passed around for
      //better security
      Credentials credentials = new Credentials(username, "");

      httpRequest.getSession().setAttribute(Credentials.CREDENTIALS, credentials);

      // This is needed when using default login module stack instead of SSOLoginModule. In this case, GateIn authentication is done thanks to PortalLoginModule.
      httpRequest.getSession().setAttribute(GenericAgent.AUTHENTICATED_CREDENTIALS, credentials);
View Full Code Here
124
125
126
127
128
129
130
131
132
133
134
            email = user.getEmail();

            // Create token
            RemindPasswordTokenService tokenService = uiForm.getApplicationComponent(RemindPasswordTokenService.class);
            Credentials credentials = new Credentials(user.getUserName(), "");
            tokenId = tokenService.createToken(credentials);

            String portalName = URLEncoder.encode(Util.getUIPortal().getName(), "UTF-8");

            ResourceBundle res = requestContext.getApplicationResourceBundle();
View Full Code Here
130
131
132
133
134
135
136
137
138
139
140
        //
        int status;
        if (req.getRemoteUser() == null) {
            if (username != null && password != null) {
                Credentials credentials = new Credentials(username, password);
                ServletContainer container = ServletContainerFactory.getServletContainer();

                // This will login or send an AuthenticationException
                try {
                    container.login(req, resp, credentials);
View Full Code Here
177
178
179
180
181
182
183
184
185
186
187
                    String hashedRandomString = hashToken(randomString);
                    long expirationTimeMillis = System.currentTimeMillis() + validityMillis;

                    /* the symmetric encryption happens here */
                    String encryptedPassword = codec.encode(credentials.getPassword());
                    Credentials encodedCredentials = new Credentials(credentials.getUsername(), encryptedPassword);

                    try {
                        tokenContainer.saveToken(context.getSession(), id, hashedRandomString, encodedCredentials, new Date(expirationTimeMillis));
                    } catch (TokenExistsException e) {
                        cookieTokenString = null;
View Full Code Here
350
351
352
353
354
355
356
357
358
359
360
361
                HashedToken hashedToken = getMixin(en, HashedToken.class);
                if (hashedToken != null && hashedToken.getHashedToken() != null) {
                    try {
                        if (saltedHashService.validate(token.getRandomString(), hashedToken.getHashedToken())) {
                            GateInToken encryptedToken = en.getToken();
                            Credentials encryptedCredentials = encryptedToken.getPayload();
                            Credentials decryptedCredentials = new Credentials(encryptedCredentials.getUsername(),

                            codec.decode(encryptedCredentials.getPassword()));
                            if (remove) {
                                en.remove();
                            }
View Full Code Here
54
55
56
57
58
59
60
    @Destroy
    public abstract void remove();

    public GateInToken getToken() {
        return new GateInToken(getExpirationTime().getTime(), new Credentials(getUserName(), getPassword()));
    }
View Full Code Here
149
150
151
152
153
154
155
156
157
158
159
        //
        int status;
        if (req.getRemoteUser() == null) {
            if (username != null && password != null) {
                Credentials credentials = new Credentials(username, password);
                ServletContainer container = ServletContainerFactory.getServletContainer();

                // This will login or send an AuthenticationException
                try {
                    container.login(req, resp, credentials);
View Full Code Here
56
57
58
59
60
61
62
63
64
65
66
                AuthenticationRegistry.class);

        // This should happen during first request of authenticated user. We need to bind credentials to ConversationState
        // and unregister them from authenticationRegistry
        if (hreq.getRemoteUser() != null && authRegistry.getCredentials(hreq) != null) {
            Credentials credentials = authRegistry.removeCredentials(hreq);
            bindCredentialsToConversationState(credentials);
        }

        // Continue with filter chain
        chain.doFilter(request, response);
View Full Code Here
TOP

Related Classes of org.gatein.wci.security.Credentials

  • org.exoplatform.portal.webui.login.UIForgetPassword$SendActionListener
  • org.exoplatform.web.login.ClusteredSSOFilter
  • org.exoplatform.web.login.ConversationStateUpdateFilter
  • org.exoplatform.web.login.DoLoginServlet
  • org.exoplatform.web.login.GateinWCIController
  • org.exoplatform.web.login.InitiateLoginServlet
  • org.exoplatform.web.login.LoginServlet
  • org.exoplatform.web.login.RememberMeFilter
  • org.exoplatform.web.security.AuthenticationRegistryImpl
  • org.exoplatform.web.security.PortalLoginController
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.