Examples of org.gatein.wci.security.Credentials

• org.gatein.wci.security.Credentials
  @author Alain Defrance @version $Revision$

        if (getContextMethod != null && isClusteredSSO() && sharedState.containsKey("javax.security.auth.login.name")
                && sharedState.containsKey("javax.security.auth.login.password")
                && sharedState.get(LOGIN_ON_DIFFERENT_NODE) == null) {
            String uid = (String) sharedState.get("javax.security.auth.login.name");

            Credentials wc = new Credentials(uid, "");

            HttpServletRequest request = null;
            try {
                request = getCurrentHttpServletRequest();

        //
        int status;
        if (req.getRemoteUser() == null) {
            if (username != null && password != null) {
                Credentials credentials = new Credentials(username, password);
                ServletContainer container = ServletContainerFactory.getServletContainer();

                // This will login or send an AuthenticationException
                try {
                    container.login(req, resp, credentials);

    public GateInToken getTokenAndDecode(String tokenId, AbstractCodec codec) {
        Map<String, TokenEntry> tokens = getTokens();
        TokenEntry entry = tokens.get(tokenId);
        if (entry != null) {
            GateInToken gateInToken = entry.getToken();
            Credentials payload = gateInToken.getPayload();

            // Return a cloned GateInToken
            return new GateInToken(gateInToken.getExpirationTimeMillis(), new Credentials(payload.getUsername(),
                    codec.decode(payload.getPassword())));

        }
        return null;
    }

            String token = LoginServlet.getRememberMeTokenCookie(req);
            if (token != null) {
                ExoContainer container = getContainer();
                CookieTokenService tokenservice = (CookieTokenService) container
                        .getComponentInstanceOfType(CookieTokenService.class);
                Credentials credentials = tokenservice.validateToken(token, false);
                if (credentials != null) {
                    ServletContainer servletContainer = ServletContainerFactory.getServletContainer();
                    try {
                        servletContainer.login(req, resp, credentials);
                    } catch (Exception e) {

    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
            ServletException {
        if (ExoContainer.getProfiles().contains("cluster")) {
            HttpServletRequest httpRequest = (HttpServletRequest) request;

            Credentials credentials = (Credentials) httpRequest.getSession().getAttribute(
                    PortalLoginModule.AUTHENTICATED_CREDENTIALS);

            // Make programatic login if authenticated credentials are present in session - they were set in another cluster
            // node
            if (credentials != null && httpRequest.getRemoteUser() == null) {
                WebAuthentication pwl = new WebAuthentication();
                pwl.login(credentials.getUsername(), credentials.getPassword());

            }

            chain.doFilter(request, response);

      if (GTN_CURRENT_USER.equals(userValue))
      {
         CredentialsAccessor credentialsAccessor = CredentialsAccess.getInstance().getCredentialsAccessor();
         if (credentialsAccessor != null && credentialsAccessor.getCredentials() != null)
         {
            Credentials credentials = credentialsAccessor.getCredentials();
            propertyMap.put(WSHandlerConstants.USER, credentials.getUsername());

            String actionProperty = (String)propertyMap.get(WSHandlerConstants.ACTION);
            //Note: the action property can contain a space separated list of multiple actions
            if (actionProperty != null && actionProperty.contains(GTN_USERNAME_TOKEN_IF_AUTHENTICATED))
            {
               if (credentials.getPassword() != null)
               {
                  actionProperty = actionProperty.replace(GTN_USERNAME_TOKEN_IF_AUTHENTICATED, WSHandlerConstants.USERNAME_TOKEN);
               }
               else
               {

            resp.setStatus(200);
            break;
         case 1:
            try
            {
               sc.login(req, resp, new Credentials("foo", "foo"));
               throw new ServletException("Was expecting an authentication exception");
            }
            catch (AuthenticationException ignore)
            {
            }
            resp.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            break;
         case 2 :
            sc.login(req, resp, new Credentials("foo", "bar"));
            try
            {
               sc.login(req, resp, new Credentials("foo", "bar"));
               throw new ServletException("Was expecting authenticated login to throw IllegalStateException");
            }
            catch (IllegalStateException ignore)
            {
            }

      }
      catch (ServletException se)
      {
         try
         {
            String ticket = GenericAuthentication.TICKET_SERVICE.createTicket(new Credentials(userName, password), TicketService.DEFAULT_VALIDITY);
            String url = "j_security_check?j_username=" + userName + "&j_password=" + ticket;
            url = response.encodeRedirectURL(url);
            response.sendRedirect(url);
            response.flushBuffer();
         }

   private WCIController wciController = new TestController();

   @Override
   public DriverResponse service(TestServlet testServlet, WebRequest req, WebResponse resp) throws ServletException, IOException
   {
      Credentials credentials = wciController.getCredentials(req, resp);

      if (getRequestCount() == 0)
      {
         assertEquals("/home", wciController.getInitialURI(req));
         req.setAttribute("javax.servlet.forward.request_uri", "/foo");
         assertEquals("/foo", wciController.getInitialURI(req));

         // Test Ticket Expiration
         String expireTicket = GenericAuthentication.TICKET_SERVICE.createTicket(new Credentials("foo", "bar"), 5);
         boolean expired = false;
         try
         {
            Thread.sleep(5);
            GenericAuthentication.TICKET_SERVICE.validateTicket(expireTicket, true);
         }
         catch (InterruptedException ignore)
         {
         }
         catch (AuthenticationException ae)
         {
            expired = true;
         }
         if (!expired) return new FailureResponse(Failure.createAssertionFailure(""));

         assertNull(req.getUserPrincipal());
         container = DefaultServletContainerFactory.getInstance().getServletContainer();
         container.addAuthenticationListener(new TestListener(v));
         assertEquals("", v.value);
         container.login(req, resp, credentials, TicketService.DEFAULT_VALIDITY);

         if ("Tomcat/7.x".equals(container.getContainerInfo()) || "JBossas/6.x".equals(container.getContainerInfo()))
         {
            assertEquals("login", v.value);
            assertNotNull(req.getUserPrincipal());
            assertTrue(req.isUserInRole("test"));
         }
         else
         {
            // Test Ticket Service
            String ticket = GenericAuthentication.TICKET_SERVICE.createTicket(credentials, TicketService.DEFAULT_VALIDITY);
            Credentials resultCredentials = GenericAuthentication.TICKET_SERVICE.validateTicket(ticket, false);
            assertEquals(credentials.getUsername(), resultCredentials.getUsername());
            assertEquals(credentials.getPassword(), resultCredentials.getPassword());
            assertNotNull(GenericAuthentication.TICKET_SERVICE.validateTicket(ticket, true));
            assertNull(GenericAuthentication.TICKET_SERVICE.validateTicket(ticket, true));

            // Test login Event
            assertEquals("login", v.value);

    */
   private static final String COUNT_KEY = "count";

   public DriverResponse service(TestServlet testServlet, WebRequest req, WebResponse resp) throws ServletException, IOException
   {
      Credentials credentials = wciController.getCredentials(req, resp);

      if (getRequestCount() == 1)
      {
         assertNull(req.getUserPrincipal());
         container = DefaultServletContainerFactory.getInstance().getServletContainer();
         container.addAuthenticationListener(new TestListener(v));
         assertEquals("", v.value);
         container.login(req, resp, credentials, TicketService.DEFAULT_VALIDITY);

         if ("Tomcat/7.x".equals(container.getContainerInfo()) || "JBossas/6.x".equals(container.getContainerInfo()))
         {
            assertEquals("login", v.value);
            assertNotNull(req.getUserPrincipal());
            assertTrue(req.isUserInRole("test"));
         }
         else
         {
            // Test Ticket Service
            String ticket = GenericAuthentication.TICKET_SERVICE.createTicket(credentials, TicketService.DEFAULT_VALIDITY);
            Credentials resultCredentials = GenericAuthentication.TICKET_SERVICE.validateTicket(ticket, false);
            assertEquals(credentials.getUsername(), resultCredentials.getUsername());
            assertEquals(credentials.getPassword(), resultCredentials.getPassword());
            assertNotNull(GenericAuthentication.TICKET_SERVICE.validateTicket(ticket, true));
            assertNull(GenericAuthentication.TICKET_SERVICE.validateTicket(ticket, true));

            // Test login Event
            assertEquals("login", v.value);