/** * Retrieves the user name by querying the property of * {@link PropertyKey#SECURITY_LOGIN_USERNAME} through {@link AppCallbackHandler}. * * @return true if user name provided by application is set and not empty * @throws LoginException when the login fails */ @Override public boolean login() throws LoginException { Callback[] callbacks = new Callback[1]; callbacks[0] = new NameCallback("user name: "); try { mCallbackHandler.handle(callbacks); } catch (IOException | UnsupportedCallbackException e) { throw new LoginException(e.getMessage()); } String userName = ((NameCallback) callbacks[0]).getName(); if (!userName.isEmpty()) { mUser = new User(userName); return true; } return false; }
NameCallback nc = new NameCallback("SASL PLAIN"); nc.setName(parts[1]); PasswordCallback pc = new PasswordCallback("SASL PLAIN", false); pc.setPassword(parts[2].toCharArray()); AuthorizeCallback ac = new AuthorizeCallback(parts[1], parts[0]); cbh.handle(new Callback[]{ nc, pc, ac }); if (ac.isAuthorized()) { authz = ac.getAuthorizedID();
final AuthenticationConfiguration configuration = AUTH_CONFIG_CLIENT.getAuthenticationConfiguration(this.targetURI, authenticationContext); final CallbackHandler handler = AUTH_CONFIG_CLIENT.getCallbackHandler(configuration); final NameCallback nameCallback = new NameCallback("Username: "); final PasswordCallback passwordCallback = new PasswordCallback("Password: ", false); final CredentialCallback credentialCallback = new CredentialCallback(GSSKerberosCredential.class); try { handler.handle(new Callback[]{nameCallback, passwordCallback, credentialCallback}); Subject subject = new Subject(); subject.getPrincipals().add(new KerberosPrincipal(gssName.toString())); if (nameCallback.getName() != null) { subject.getPrincipals().add(new NamePrincipal(nameCallback.getName())); if (passwordCallback.getPassword() != null) { this.addPrivateCredential(subject, new PasswordCredential(nameCallback.getName(), passwordCallback.getPassword()));
@Override public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) { try { NameCallback nameCallback = new NameCallback("name:"); PasswordCallback passwordCallback = new PasswordCallback("password:", false); callbackHandler.handle(new Callback[]{nameCallback, passwordCallback}); subject.getPublicCredentials().add(nameCallback.getName()); subject.getPrivateCredentials().add(new String(passwordCallback.getPassword())); } catch (Exception e) { throw new SaslAuthenticationException("Login initialization failed", e); } } }
@Override public boolean login() throws LoginException { NameCallback name = new NameCallback("username"); PasswordCallback password = new PasswordCallback("password", false); try { handler.handle(new Callback[] {name, password}); } catch (Exception e) { Logger.suppress(e); throw new LoginException(e.getMessage()); } subject.getPrincipals().add(new UserPrincipal(name.getName())); subject.getPrivateCredentials().add(name); subject.getPrivateCredentials().add(password); return true; }
@Override public boolean login() throws LoginException { val nameCallback = new NameCallback("username"); val passwordCallback = new PasswordCallback("password", false); try { callbackHandler.handle(new Callback[]{nameCallback, passwordCallback}); } catch (final Exception e) { LOGGER.error(e.getMessage(), e); throw new FailedLoginException(e.getMessage()); } val username = nameCallback.getName(); val password = new String(passwordCallback.getPassword()); if (accounts.containsKey(username)) { this.succeeded = accounts.get(username).equals(password); subject.getPrincipals().add(new StaticPrincipal(username)); return true; } this.succeeded = false; return false; }
/** * Tests that the callback can handle a non-existent user. */ @Test public void nullNameCallback() throws Exception { Callback[] callbacks = new Callback[2]; callbacks[0] = new NameCallback("Username:"); callbacks[1] = new PasswordCallback("Password:", true); String user = null; String password = "alluxio-user-3-password"; CallbackHandler clientCBHandler = new PlainSaslClientCallbackHandler(user, password); clientCBHandler.handle(callbacks); validateCallbacks(user, password, callbacks); }
throw new LoginException("No CallbackHandler specified"); Callback callbacks[] = new Callback[2]; callbacks[0] = new NameCallback("Username: "); callbacks[1] = new PasswordCallback("Password: ", false); String password = null; try { callbackHandler.handle(callbacks); username = ((NameCallback) callbacks[0]).getName(); password = new String(((PasswordCallback) callbacks[1]).getPassword()); } catch (IOException e) { throw new LoginException(e.toString()); } catch (UnsupportedCallbackException e) { throw new LoginException(e.toString()); } else { throw new FailedLoginException("Username or password is incorrect");
/** * Overriding to allow for certificate-based login. Standard JAAS. */ @Override public boolean login() throws LoginException { Callback[] callbacks = new Callback[1]; callbacks[0] = new CertificateCallback(); try { callbackHandler.handle(callbacks); } catch (IOException ioe) { throw new LoginException(ioe.getMessage()); } catch (UnsupportedCallbackException uce) { throw new LoginException(uce.getMessage() + " Unable to obtain client certificates."); } X509Certificate[] certificates = ((CertificateCallback)callbacks[0]).getCertificates(); username = getUserNameForCertificates(certificates); if (username == null) { throw new FailedLoginException("No user for client certificate: " + getDistinguishedName(certificates)); } if (debug) { LOG.debug("Certificate for user: " + username); } succeeded = true; return true; }
NameCallback nameCallback = new NameCallback("UserName:"); try { callbackHandler.handle(new Callback[]{nameCallback}); String userName = nameCallback.getName(); if (StringUtil.isNotNull(userName)) { return new SimplePrincipal(userName); Set<Principal> principals = subject.getPrincipals(); for (Principal p : principals) { if (!(p instanceof Group)) {
private byte[] getSaltedPasswordFromPasswordCallback() throws AuthenticationMechanismException { PasswordCallback passwordCallback = new PasswordCallback("User password: ", false); callbackHandler.handle(new Callback[]{ realmChoiceCallBack, nameCallback, passwordCallback }); int[] selected = realmChoiceCallBack.getSelectedIndexes(); if (selected == null || selected.length == 0) { if (e.getCallback() == realmChoiceCallBack) { realmChoiceCallBack = null; } else if (e.getCallback() == nameCallback) { throw log.mechCallbackHandlerDoesNotSupportUserName(e); } else if (e.getCallback() == passwordCallback) { throw log.mechCallbackHandlerDoesNotSupportCredentialAcquisition(e); } else { callbackHandler.handle(new Callback[]{ realmCallback, nameCallback, passwordCallback }); if (realmCallback.getText() != null) realm = realmCallback.getText(); } catch (UnsupportedCallbackException e) { callbackHandler.handle(new Callback[]{ nameCallback, passwordCallback }); } catch (UnsupportedCallbackException e) { if (e.getCallback() == nameCallback) { char[] passwordChars = passwordCallback.getPassword(); passwordCallback.clearPassword(); if ( ! readOnlyRealmUsername) { username = nameCallback.getName(); if (username == null) { throw log.mechNotProvidedUserName();
private static void _setCallerPrincipals(Subject s, CallbackHandler handler, Subject pvcSubject) throws AuthException { if (handler != null) { // handler should be non-null Set<Principal> ps = s.getPrincipals(); if (ps == null || ps.isEmpty()) { return; } Iterator<Principal> it = ps.iterator(); Callback[] callbacks = new Callback[] { new CallerPrincipalCallback(s, it.next().getName()) }; if (pvcSubject != null) { s.getPrincipals().addAll(pvcSubject.getPrincipals()); } try { handler.handle(callbacks); } catch (Exception e) { AuthException aex = new AuthException(); aex.initCause(e); throw aex; } } }
@Override public boolean login() throws LoginException { succeeded = true; if (credentialsInvalidate) { PasswordCallback passwordCallback = new PasswordCallback("Password: ", false); try { callbackHandler.handle(new Callback[]{passwordCallback}); if (passwordCallback.getPassword() != null) { if (debug) { LOG.debug("Guest login failing (credentialsInvalidate=true) on presence of a password"); } succeeded = false; passwordCallback.clearPassword(); }; } catch (IOException ioe) { } catch (UnsupportedCallbackException uce) { } } if (debug) { LOG.debug("Guest login " + succeeded); } return succeeded; }
public boolean login() throws LoginException { Callback[] callbacks = new Callback[1]; callbacks[0] = new CertificateCallback(); try { handler.handle(callbacks); } catch (IOException ioe) { throw (LoginException) new LoginException().initCause(ioe); } catch (UnsupportedCallbackException uce) { throw (LoginException) new LoginException().initCause(uce); } assert callbacks.length == 1; X509Certificate certificate = ((CertificateCallback)callbacks[0]).getCertificate(); if (certificate == null) { throw new FailedLoginException(); } principal = certificate.getSubjectX500Principal(); if(!users.containsKey(principal.getName())) { throw new FailedLoginException(); } return true; }
private void extractCredentials() throws LoginException { // Certificates are available as a List object in the Public Credentials. Set<List> creds = subject.getPublicCredentials(List.class); Iterator<List> itr = creds.iterator(); if (!itr.hasNext()) { success = false; throw new LoginException("No Certificate Credential found."); } List certCred = itr.next(); if (certCred == null || certCred.isEmpty()) { success = false; throw new LoginException("No Certificate(s) found."); } try { certs = (X509Certificate[]) certCred.toArray(new X509Certificate[certCred.size()]); } catch (Exception ex) { throw (LoginException) new LoginException("No Certificate(s) found.").initCause(ex); } x500Principal = certs[0].getSubjectX500Principal(); // Callback to get the application name. CertificateRealm.AppContextCallback appContext = new CertificateRealm.AppContextCallback(); try { callbackHandler.handle(new Callback[]{appContext}); appName = appContext.getModuleID(); } catch (Exception ex) { } }
callbackHandler.handle(new Callback[] { gssCredentialCallback }); serviceGssCredential = gssCredentialCallback.applyToCredential(GSSKerberosCredential.class, GSSKerberosCredential::getGssCredential); kerberosTicket = gssCredentialCallback.applyToCredential(GSSKerberosCredential.class, GSSKerberosCredential::getKerberosTicket); Subject subject = new Subject(true, Collections.emptySet(), Collections.emptySet(), kerberosTicket != null ? Collections.singleton(kerberosTicket) : Collections.emptySet()); responseToken = Subject.doAs(subject, (PrivilegedExceptionAction<byte[]>) () -> finalGssContext.acceptSecContext(decodedValue, 0, decodedValue.length)); } catch (PrivilegedActionException e) { httpSpnego.trace("Call to acceptSecContext failed.", e.getCause());
public <C extends Credential> C getCredential(final Class<C> credentialType, final String algorithmName, final AlgorithmParameterSpec parameterSpec) throws IOException { if (PasswordCredential.class.isAssignableFrom(credentialType) && (algorithmName == null || algorithmName.equals(ClearPassword.ALGORITHM_CLEAR)) && parameterSpec == null) { try { final PasswordCallback passwordCallback = new PasswordCallback("Password", false); callbackHandler.handle(new Callback[] { passwordCallback }); final char[] chars = passwordCallback.getPassword(); return chars == null ? null : credentialType.cast(new PasswordCredential(ClearPassword.createRaw(ClearPassword.ALGORITHM_CLEAR, chars))); } catch (UnsupportedCallbackException e) { // fall out and try CredentialCallback } } try { final CredentialCallback credentialCallback = new CredentialCallback(credentialType, algorithmName, parameterSpec); callbackHandler.handle(new Callback[] { credentialCallback }); return credentialCallback.getCredential(credentialType, algorithmName, parameterSpec); } catch (UnsupportedCallbackException e) { // no credentials can be acquired; fall out } return null; } }
protected boolean login(Subject clientSubject, String username, Credential credential, String authMethod, MessageInfo messageInfo) throws IOException, UnsupportedCallbackException { CredentialValidationCallback credValidationCallback = new CredentialValidationCallback(clientSubject, username, credential); callbackHandler.handle(new Callback[] { credValidationCallback }); if (credValidationCallback.getResult()) { Set<LoginCallbackImpl> loginCallbacks = clientSubject.getPrivateCredentials(LoginCallbackImpl.class); if (!loginCallbacks.isEmpty()) { LoginCallbackImpl loginCallback = loginCallbacks.iterator().next(); CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(clientSubject, loginCallback.getUserPrincipal()); GroupPrincipalCallback groupPrincipalCallback = new GroupPrincipalCallback(clientSubject, loginCallback.getRoles()); callbackHandler.handle(new Callback[] { callerPrincipalCallback, groupPrincipalCallback }); } messageInfo.getMap().put(JaspiMessageInfo.AUTH_METHOD_KEY, authMethod); } return credValidationCallback.getResult(); } }
private void fail() throws AuthenticationMechanismException { try { callbackHandler.handle(new Callback[] { AuthenticationCompleteCallback.FAILED }); } catch (Throwable t) { throw httpDigest.mechCallbackHandlerFailedForUnknownReason(t); } }
identity = createIdentity(name); } catch (Exception e) { LoginException le = new LoginException(); le.initCause(e); throw le; throw new LoginException(); final String username; try { callbackHandler.handle(callbacks); username = callback.getPrincipal().getName(); final Object c = callback.getCredential();