Examples of org.gatein.wci.security.Credentials

org.gatein.wci.security.Credentials
@author Alain Defrance @version $Revision$

      if (propertyMap.containsKey(WSHandlerConstants.USER) && propertyMap.get(WSHandlerConstants.USER).equals(GTN_CURRENT_USER))
      {
         CredentialsAccessor credentialsAccessor = WebServiceSecurityFactory.getInstance().getCredentialsAccessor();
         if (credentialsAccessor != null && credentialsAccessor.getCredentials() != null)
         {
            Credentials credentials = credentialsAccessor.getCredentials();
            propertyMap.put(WSHandlerConstants.USER, credentials.getUsername());
            
            String actionProperty = (String)propertyMap.get(WSHandlerConstants.ACTION);
            //Note: the action property can contain a space separated list of multiple actions
            if (actionProperty != null && actionProperty.contains(GTN_USERNAME_TOKEN_IF_AUTHENTICATED))
            {
               if (credentials.getPassword() != null)
               {
                  actionProperty = actionProperty.replace(GTN_USERNAME_TOKEN_IF_AUTHENTICATED, WSHandlerConstants.USERNAME_TOKEN);
               }
               else
               {

View Full Code Here

            {
               CredentialsAccessor credentialsAccessor = WebServiceSecurityFactory.getInstance().getCredentialsAccessor();


               if (credentialsAccessor != null && credentialsAccessor.getCredentials() != null)
               {
                  Credentials credentials = credentialsAccessor.getCredentials();
                  if (credentials.getUsername() == wspasswordCallBack.getIdentifier())
                  {
                     wspasswordCallBack.setPassword(credentials.getPassword());
                  }
                  else
                  {
                     log.warn("The username in the callback does not match the currently authenticated user. Password not added to callback.");
                  }

View Full Code Here

   @Override
   public Credentials getCredentials(final HttpServletRequest req, final HttpServletResponse resp)
   {
      AuthenticationRegistry credRegistry = (AuthenticationRegistry)PortalContainer.getCurrentInstance(servletContext).
            getComponentInstanceOfType(AuthenticationRegistry.class);
      Credentials credentials = credRegistry.getCredentials(req);
      
      // Try to find AuthenticatedCredentials in HTTP session
      if (credentials == null)
      {
         credentials = (Credentials)req.getSession().getAttribute(PortalLoginModule.AUTHENTICATED_CREDENTIALS);

View Full Code Here

         initialURI = req.getContextPath();
      }


      // Now user is successfuly authenticated, so that we can remove credentials from temporary AuthenticationRegistry
      // and add them to ConversationState
      Credentials credentials = removeCredentialsFromRegistry(req);
      setCredentialsToConversationState(credentials);


      //
      resp.sendRedirect(resp.encodeRedirectURL(initialURI));
   }

View Full Code Here

   {
      if (ExoContainer.getProfiles().contains("cluster"))
      {
         HttpServletRequest httpRequest = (HttpServletRequest)request;


         Credentials credentials  = (Credentials)httpRequest.getSession().getAttribute(PortalLoginModule.AUTHENTICATED_CREDENTIALS);
         
         // Make programatic login if authenticated credentials are present in session - they were set in another cluster node
         if (credentials != null && httpRequest.getRemoteUser() == null)
         {
            WebAuthentication pwl = new WebAuthentication();
            pwl.login(credentials.getUsername(), credentials.getPassword());


         }


         chain.doFilter(request, response);

View Full Code Here

   @Override
   protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
   {
      resp.setContentType("text/html; charset=UTF-8");


      Credentials credentials = getWCIController().getCredentials(req, resp);


      //
      if (credentials == null)
      {
         //

View Full Code Here

            boolean isRemember = "true".equals(req.getParameter(InitiateLoginServlet.COOKIE_NAME));
            if (isRemember)
            {
               //Create token
               AbstractTokenService tokenService = AbstractTokenService.getInstance(CookieTokenService.class);
               Credentials credentials = getCredentials(req);
               String cookieToken = tokenService.createToken(credentials);


               log.debug("Found a remember me request parameter, created a persistent token " + cookieToken + " for it and set it up " +
                  "in the next response");
               Cookie cookie = new Cookie(InitiateLoginServlet.COOKIE_NAME, cookieToken);

View Full Code Here

   {
      String sessionId = getSessionId(request);


      Map<String, Object> attributesOfClient = getAttributesOfClient(sessionId);


      Credentials credentials = (Credentials)attributesOfClient.remove(Credentials.CREDENTIALS);


      // Clear map if no more attributes are here.
      if (attributesOfClient.size() == 0)
      {
         removeClient(sessionId);

View Full Code Here

      Map<String, TokenEntry> tokens = getTokens();
      TokenEntry entry = tokens.get(tokenId);
      if(entry != null)
      {
         GateInToken gateInToken = entry.getToken();
         Credentials payload = gateInToken.getPayload();
         
         //Return a cloned GateInToken
         return new GateInToken(gateInToken.getExpirationTimeMillis(), new Credentials(payload.getUsername(), codec
               .decode(payload.getPassword())));


      }
      return null;
   }

View Full Code Here

   @SuppressWarnings("unchecked")
   public boolean login() throws LoginException
   {
      if (getContextMethod != null)
      {
         Credentials authCredentials = null;


         try
         {
            HttpServletRequest request = getCurrentHttpServletRequest();


            // This can be the case with CLI login
            if (request == null)
            {
               log.debug("Unable to find HTTPServletRequest.");
               return false;
            }


            authCredentials = (Credentials)request.getSession().getAttribute(AUTHENTICATED_CREDENTIALS);


            // If authenticated credentials were presented in HTTP session, it means that we were already logged on different cluster node
            // with this HTTP session. We don't need to validate password again in this case (We don't have password anyway)
            if (authCredentials != null)
            {
               Authenticator authenticator = (Authenticator)getContainer().getComponentInstanceOfType(Authenticator.class);
               if (authenticator == null)
               {
                  throw new LoginException("No Authenticator component found, check your configuration");
               }


               String username = authCredentials.getUsername();
               Identity identity = authenticator.createIdentity(username);


               sharedState.put("exo.security.identity", identity);
               sharedState.put("javax.security.auth.login.name", username);

View Full Code Here

0 1 2 3 4 5 6

TOP

Related Classes of org.gatein.wci.security.Credentials

org.exoplatform.portal.webui.login.UIForgetPassword$SendActionListener

org.exoplatform.web.login.ClusteredSSOFilter

org.exoplatform.web.login.ConversationStateUpdateFilter

org.exoplatform.web.login.DoLoginServlet

org.exoplatform.web.login.GateinWCIController

org.exoplatform.web.login.InitiateLoginServlet

org.exoplatform.web.login.LoginServlet

org.exoplatform.web.login.RememberMeFilter

org.exoplatform.web.security.AuthenticationRegistryImpl

org.exoplatform.web.security.PortalLoginController

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.