@Override public Account run() { return identityManager.verify(username, new PasswordCredential(password.toCharArray())); } });
@Override public boolean login(final String username, final String password) { UndertowLogger.SECURITY_LOGGER.debugf("Attempting programatic login for user %s for request %s", username, exchange); final Account account; if(System.getSecurityManager() == null) { account = identityManager.verify(username, new PasswordCredential(password.toCharArray())); } else { account = AccessController.doPrivileged(new PrivilegedAction<Account>() { @Override public Account run() { return identityManager.verify(username, new PasswordCredential(password.toCharArray())); } }); } if (account == null) { return false; } authenticationComplete(account, programaticMechName, true); this.authenticationState = AuthenticationState.AUTHENTICATED; return true; }
PasswordCredential credential = new PasswordCredential(password); try { final AuthenticationMechanismOutcome result;
@Override public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) { String principal = getPrincipal(exchange); if(principal == null) { return NOT_ATTEMPTED; } String session = getSession(exchange); if(session == null) { return NOT_ATTEMPTED; } Account account = identityManager.verify(principal, new PasswordCredential(session.toCharArray())); if(account == null) { securityContext.authenticationFailed(UndertowMessages.MESSAGES.authenticationFailed(principal), mechanismName); return NOT_AUTHENTICATED; } securityContext.authenticationComplete(account, mechanismName, false); return AUTHENTICATED; }
final String password = jPassword.getValue(); AuthenticationMechanismOutcome outcome = null; PasswordCredential credential = new PasswordCredential(password.toCharArray()); try { IdentityManager identityManager = getIdentityManager(securityContext);
@Override public Account run() { return identityManager.verify(username, new PasswordCredential(password.toCharArray())); } });
@Override public Account run() { return identityManager.verify(username, new PasswordCredential(password.toCharArray())); } });
/** * * @param name * @param password * @param roles */ public SimpleAccount(String name, char[] password, Set<String> roles) { if (name == null) { throw new IllegalArgumentException("argument principal cannot be null"); } if (password == null) { throw new IllegalArgumentException("argument password cannot be null"); } if (roles == null || roles.isEmpty()) { roles = Sets.newHashSet(); } this.principal = new SimplePrincipal(name); this.credential = new PasswordCredential(password); this.roles = roles; }
@Override public boolean login(final String username, final String password) { UndertowLogger.SECURITY_LOGGER.debugf("Attempting programatic login for user %s for request %s", username, exchange); final Account account; if(System.getSecurityManager() == null) { account = identityManager.verify(username, new PasswordCredential(password.toCharArray())); } else { account = AccessController.doPrivileged(new PrivilegedAction<Account>() { @Override public Account run() { return identityManager.verify(username, new PasswordCredential(password.toCharArray())); } }); } if (account == null) { return false; } authenticationComplete(account, programaticMechName, true); this.authenticationState = AuthenticationState.AUTHENTICATED; return true; }
@Override public boolean login(final String username, final String password) { UndertowLogger.SECURITY_LOGGER.debugf("Attempting programatic login for user %s for request %s", username, exchange); final Account account; if(System.getSecurityManager() == null) { account = identityManager.verify(username, new PasswordCredential(password.toCharArray())); } else { account = AccessController.doPrivileged(new PrivilegedAction<Account>() { @Override public Account run() { return identityManager.verify(username, new PasswordCredential(password.toCharArray())); } }); } if (account == null) { return false; } authenticationComplete(account, programaticMechName, true); this.authenticationState = AuthenticationState.AUTHENTICATED; return true; }
@Override public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange hse, SecurityContext sc) { // verify the credentials against the configured IdentityManager Account sa = idm.verify(username, new PasswordCredential(pwd.toCharArray())); if (sa != null) { sc.authenticationComplete(sa, "IdentityAuthenticationManager", false); return AuthenticationMechanism.AuthenticationMechanismOutcome.AUTHENTICATED; } else { // by returning NOT_ATTEMPTED, in case the provided credentials // don't match any user of the IdentityManager, the authentication // will fallback to the default authentication manager (BasicAuthenticationManager) // to make it failing, return NOT_AUTHENTICATED return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_ATTEMPTED; } }
PasswordCredential credential = new PasswordCredential(password); try { final AuthenticationMechanismOutcome result;
PasswordCredential credential = new PasswordCredential(password); try { final AuthenticationMechanismOutcome result;
PasswordCredential credential = new PasswordCredential(password); try { final AuthenticationMechanismOutcome result;
@Override public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) { String principal = getPrincipal(exchange); if(principal == null) { return NOT_ATTEMPTED; } String session = getSession(exchange); if(session == null) { return NOT_ATTEMPTED; } Account account = identityManager.verify(principal, new PasswordCredential(session.toCharArray())); if(account == null) { securityContext.authenticationFailed(UndertowMessages.MESSAGES.authenticationFailed(principal), mechanismName); return NOT_AUTHENTICATED; } securityContext.authenticationComplete(account, mechanismName, false); return AUTHENTICATED; }
@Override public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) { String principal = getPrincipal(exchange); if(principal == null) { return NOT_ATTEMPTED; } String session = getSession(exchange); if(session == null) { return NOT_ATTEMPTED; } Account account = identityManager.verify(principal, new PasswordCredential(session.toCharArray())); if(account == null) { securityContext.authenticationFailed(UndertowMessages.MESSAGES.authenticationFailed(principal), mechanismName); return NOT_AUTHENTICATED; } securityContext.authenticationComplete(account, mechanismName, false); return AUTHENTICATED; }
private static Account authenticate(String userName, String storedPassword, String clientDigest, String nOnce, String nc, String cnonce, String method, String uri, String qop, String realmName, String md5a2, Deployment deployment, boolean storedPasswordIsA1Hash) { CallbackHandlerPolicyContextHandler.setCallbackHandler(new DigestCallbackHandler(userName, nOnce, nc, cnonce, qop, realmName, md5a2)); String serverDigest = ""; if (storedPasswordIsA1Hash) { // storedPassword is HA1 in this case serverDigest = MessageDigestResponseAlgorithm.calculateResponse(md5Helper.getAlgorithm(), storedPassword, nOnce, nc, cnonce, method, uri, "", qop); } else { serverDigest = MessageDigestResponseAlgorithm.calculateResponse(md5Helper.getAlgorithm(), userName, realmName, storedPassword, nOnce, nc, cnonce, method, uri, "", qop); } if (serverDigest.equals(clientDigest)) { // lest's reauth with stored password (to force successful authentication) to make wildfly to create Account and // Principal for us // this is because wildfly bug: https://issues.jboss.org/browse/WFLY-3659 final IdentityManager identityManager = deployment.getDeploymentInfo().getIdentityManager(); PasswordCredential credential = new PasswordCredential(storedPassword.toCharArray()); Account account = identityManager.verify(userName, credential); return account; } return null; }
private static Account authenticate(String userName, String storedPassword, String clientDigest, String nOnce, String nc, String cnonce, String method, String uri, String qop, String realmName, String md5a2, Deployment deployment, boolean storedPasswordIsA1Hash) { CallbackHandlerPolicyContextHandler.setCallbackHandler(new DigestCallbackHandler(userName, nOnce, nc, cnonce, qop, realmName, md5a2)); String serverDigest = ""; if (storedPasswordIsA1Hash) { // storedPassword is HA1 in this case serverDigest = MessageDigestResponseAlgorithm.calculateResponse(md5Helper.getAlgorithm(), storedPassword, nOnce, nc, cnonce, method, uri, "", qop); } else { serverDigest = MessageDigestResponseAlgorithm.calculateResponse(md5Helper.getAlgorithm(), userName, realmName, storedPassword, nOnce, nc, cnonce, method, uri, "", qop); } if (serverDigest.equals(clientDigest)) { // lest's reauth with stored password (to force successful authentication) to make wildfly to create Account and // Principal for us // this is because wildfly bug: https://issues.jboss.org/browse/WFLY-3659 final IdentityManager identityManager = deployment.getDeploymentInfo().getIdentityManager(); PasswordCredential credential = new PasswordCredential(storedPassword.toCharArray()); Account account = identityManager.verify(userName, credential); return account; } return null; }
final String password = jPassword.getValue(); AuthenticationMechanismOutcome outcome = null; PasswordCredential credential = new PasswordCredential(password.toCharArray()); try { IdentityManager identityManager = getIdentityManager(securityContext);
final String password = jPassword.getValue(); AuthenticationMechanismOutcome outcome = null; PasswordCredential credential = new PasswordCredential(password.toCharArray()); try { IdentityManager identityManager = getIdentityManager(securityContext);