Package org.jboss.security

Examples of org.jboss.security.ServerAuthenticationManager

97
98
99
100
101
102
103
104
105
106
107
108
109
110
      //Put bits of information needed by tomcat server auth modules
      messageInfo.getMap().put("CACHE", cache);
     
      TomcatJASPICallbackHandler cbh = new TomcatJASPICallbackHandler();
     
      ServerAuthenticationManager sam = getServerAuthenticationManager();
      if(sam != null)
      {
         result = sam.isValid(messageInfo, new Subject(), messageLayer, cbh);
      }
     
      //The Authentication process has been a success. We need to register
      //the principal, username, password with the container
      if(result)
View Full Code Here
138
139
140
141
142
143
144
145
146
147
148
      this.serverAuthenticationManagerClass = serverAuthenticationManagerClass;
   }
  
   protected ServerAuthenticationManager getServerAuthenticationManager()
   {
      ServerAuthenticationManager sam = null;
      Class<?> clazz;
      try
      {
         clazz = SecurityActions.loadClass(serverAuthenticationManagerClass);
         sam = (ServerAuthenticationManager) clazz.newInstance();
View Full Code Here
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
        // put bits of information needed by tomcat server auth modules
        messageInfo.getMap().put("CACHE", String.valueOf(cache));
        messageInfo.getMap().put("javax.security.auth.message.MessagePolicy.isMandatory", "true");

        WebJASPICallbackHandler cbh = new WebJASPICallbackHandler();
        ServerAuthenticationManager sam = getServerAuthenticationManager();
        String appContext = request.getLocalName() + " " + request.getContextPath();
        Subject clientSubject = new Subject();
        if (sam != null) {
            result = sam.isValid(messageInfo, clientSubject, messageLayer, appContext, cbh);
        }

        // the authentication process has been a success. We need to register the principal, username, password and roles
        // with the container
        if (result) {
            PasswordValidationCallback pvc = cbh.getPasswordValidationCallback();
            CallerPrincipalCallback cpc = cbh.getCallerPrincipalCallback();

            // get the client principal from the callback.
            Principal clientPrincipal = cpc.getPrincipal();
            if (clientPrincipal == null) {
                clientPrincipal = new SimplePrincipal(cpc.getName());
            }

            // if the client principal is not a jboss generic principal, we need to build one before registering.
            if (!(clientPrincipal instanceof JBossGenericPrincipal))
                clientPrincipal = this.buildJBossPrincipal(clientSubject, clientPrincipal);

            this.register(request, response, clientPrincipal, authMethod, pvc.getUsername(),
                    new String(pvc.getPassword()));

            if (this.secureResponse)
                sam.secureResponse(messageInfo, new Subject(), messageLayer, appContext, cbh);
        }

        return result;
    }
View Full Code Here
191
192
193
194
195
196
197
198
199
200
201
     * </p>
     *
     * @return a reference to the instantiated {@code ServerAuthenticationManager} instance.
     */
    protected ServerAuthenticationManager getServerAuthenticationManager() {
        ServerAuthenticationManager sam = null;
        // if the default authentication manager is to be used, just instantiate it.
        if (this.serverAuthenticationManagerClass ==  null) {
            SecurityContext context = SecurityActions.getSecurityContext();
            if (context != null) {
                WebLogger.WEB_SECURITY_LOGGER.debugf("Instantiating JASPI authentication manager with security domain %s",
View Full Code Here
96
97
98
99
100
101
102
103
104
105
106
107
108
109
      //Put bits of information needed by tomcat server auth modules
      messageInfo.getMap().put("CACHE", cache);
     
      TomcatJASPICallbackHandler cbh = new TomcatJASPICallbackHandler();
     
      ServerAuthenticationManager sam = getServerAuthenticationManager();
      if(sam != null)
      {
         result = sam.isValid(messageInfo, new Subject(), messageLayer, cbh);
      }
     
      //The Authentication process has been a success. We need to register
      //the principal, username, password with the container
      if(result)
View Full Code Here
137
138
139
140
141
142
143
144
145
146
147
      this.serverAuthenticationManagerClass = serverAuthenticationManagerClass;
   }
  
   protected ServerAuthenticationManager getServerAuthenticationManager()
   {
      ServerAuthenticationManager sam = null;
      Class<?> clazz;
      try
      {
         clazz = SecurityActions.loadClass(serverAuthenticationManagerClass);
         sam = (ServerAuthenticationManager) clazz.newInstance();
View Full Code Here
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
        // put bits of information needed by tomcat server auth modules
        messageInfo.getMap().put("CACHE", String.valueOf(cache));
        messageInfo.getMap().put("javax.security.auth.message.MessagePolicy.isMandatory", "true");

        WebJASPICallbackHandler cbh = new WebJASPICallbackHandler();
        ServerAuthenticationManager sam = getServerAuthenticationManager();
        String appContext = request.getLocalName() + " " + request.getContextPath();
        Subject clientSubject = new Subject();
        if (sam != null) {
            result = sam.isValid(messageInfo, clientSubject, messageLayer, appContext, cbh);
        }

        // the authentication process has been a success. We need to register the principal, username, password and roles
        // with the container
        if (result) {
            PasswordValidationCallback pvc = cbh.getPasswordValidationCallback();
            CallerPrincipalCallback cpc = cbh.getCallerPrincipalCallback();

            // get the client principal from the callback.
            Principal clientPrincipal = cpc.getPrincipal();
            if (clientPrincipal == null) {
                clientPrincipal = new SimplePrincipal(cpc.getName());
            }

            // if the client principal is not a jboss generic principal, we need to build one before registering.
            if (!(clientPrincipal instanceof JBossGenericPrincipal))
                clientPrincipal = this.buildJBossPrincipal(clientSubject, clientPrincipal);

            this.register(request, response, clientPrincipal, authMethod, pvc.getUsername(),
                    new String(pvc.getPassword()));

            if (this.secureResponse)
                sam.secureResponse(messageInfo, new Subject(), messageLayer, appContext, cbh);
        }

        return result;
    }
View Full Code Here
193
194
195
196
197
198
199
200
201
202
203
     * </p>
     *
     * @return a reference to the instantiated {@code ServerAuthenticationManager} instance.
     */
    protected ServerAuthenticationManager getServerAuthenticationManager() {
        ServerAuthenticationManager sam = null;
        // if the default authentication manager is to be used, just instantiate it.
        if (this.serverAuthenticationManagerClass ==  null) {
            SecurityContext context = SecurityActions.getSecurityContext();
            if (context != null) {
                log.debugf("Instantiating JASPI authentication manager with security domain %s",
View Full Code Here
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
            // authentication here is not mandatory.
            messageInfo.getMap().put("javax.security.auth.message.MessagePolicy.isMandatory", "false");

            WebJASPICallbackHandler cbh = new WebJASPICallbackHandler();
            ServerAuthenticationManager sam = new JASPIServerAuthenticationManager();

            String appContext = request.getLocalName() + " " + request.getContextPath();
            String messageLayer = "HttpServlet";

            boolean isValid = sam.isValid(messageInfo, new Subject(), messageLayer, appContext, cbh);
            if (isValid) {
                log.debugf("JASPI validation for unprotected request context %s succeeded", request.getServletPath());
                sam.secureResponse(messageInfo, new Subject(),  messageLayer, appContext, cbh);
            }
            else {
                // just log an error - this situation indicates a problem with the JASPI implementation but the call is
                // safe to proceed to the unprotected resource.
                log.errorf("JASPI validation for unprotected request context %s failed", request.getServletPath());
View Full Code Here
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
        // put bits of information needed by tomcat server auth modules
        messageInfo.getMap().put("CACHE", String.valueOf(cache));
        messageInfo.getMap().put("javax.security.auth.message.MessagePolicy.isMandatory", "true");

        WebJASPICallbackHandler cbh = new WebJASPICallbackHandler();
        ServerAuthenticationManager sam = getServerAuthenticationManager();
        String appContext = request.getLocalName() + " " + request.getContextPath();
        Subject clientSubject = new Subject();
        if (sam != null) {
            result = sam.isValid(messageInfo, clientSubject, messageLayer, appContext, cbh);
        }

        // the authentication process has been a success. We need to register the principal, username, password and roles
        // with the container
        if (result) {
            PasswordValidationCallback pvc = cbh.getPasswordValidationCallback();
            CallerPrincipalCallback cpc = cbh.getCallerPrincipalCallback();

            // get the client principal from the callback.
            Principal clientPrincipal = cpc.getPrincipal();
            if (clientPrincipal == null) {
                clientPrincipal = new SimplePrincipal(cpc.getName());
            }

            // if the client principal is not a jboss generic principal, we need to build one before registering.
            if (!(clientPrincipal instanceof JBossGenericPrincipal))
                clientPrincipal = this.buildJBossPrincipal(clientSubject, clientPrincipal);

            this.register(request, response, clientPrincipal, authMethod, pvc.getUsername(),
                    new String(pvc.getPassword()));

            if (this.secureResponse)
                sam.secureResponse(messageInfo, new Subject(), messageLayer, appContext, cbh);
        }

        return result;
    }
View Full Code Here
TOP

Related Classes of org.jboss.security.ServerAuthenticationManager

  • org.jboss.as.web.security.jaspi.WebJASPIAuthenticator
  • org.jboss.as.web.security.jaspi.WebJASPIOptionalAuthenticator
  • org.jboss.test.authentication.WebJASPIAuthMgrUnitTestCase
  • org.jboss.web.tomcat.security.jaspi.TomcatJASPIAuthenticator
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.