/** * Creates a default callback handler via the system property "authconfigprovider.client.callbackhandler", as seemingly * required by the API (API uses wording "may" create default handler). TODO: Isn't * "authconfigprovider.client.callbackhandler" JBoss specific? * * @return * @throws AuthException */ private CallbackHandler createDefaultCallbackHandler() throws AuthException { String callBackClassName = System.getProperty(CALLBACK_HANDLER_PROPERTY_NAME); if (callBackClassName == null) { throw new AuthException("No default handler set via system property: " + CALLBACK_HANDLER_PROPERTY_NAME); } try { return (CallbackHandler) Thread.currentThread().getContextClassLoader().loadClass(callBackClassName).newInstance(); } catch (Exception e) { throw new AuthException(e.getMessage()); } }
@Override public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException { HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage(); try { response.getWriter().write("cleanSubject invoked\n"); } catch (IOException e) { throw (AuthException) new AuthException().initCause(e); } } }
@Override public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException { HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage(); try { response.getWriter().write("secureResponse invoked\n"); } catch (IOException e) { throw (AuthException) new AuthException().initCause(e); } return SEND_SUCCESS; }
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage(); try { response.sendError(SC_NOT_FOUND); return SEND_FAILURE; } catch (IOException e) { throw (AuthException) new AuthException().initCause(e); } }
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage(); try { response.getWriter().write("validateRequest invoked\n"); boolean isMandatory = Boolean.valueOf((String) messageInfo.getMap().get("javax.security.auth.message.MessagePolicy.isMandatory")); response.getWriter().write("isMandatory: " + isMandatory + "\n"); handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } return SUCCESS; }
@Override public final AuthException unrecognisedAuthContextId(final String authContextId) { final AuthException result = new AuthException(String.format(getLoggingLocale(), unrecognisedAuthContextId$str(), authContextId)); final StackTraceElement[] st = result.getStackTrace(); result.setStackTrace(Arrays.copyOfRange(st, 1, st.length)); return result; } private static final String invalidMessageType = "ELY01171: Invalid message type '%s', expected '%s'.";
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { try { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage(); if ("include".equals(request.getParameter("dispatch"))) { request.getRequestDispatcher("/includedServlet") .include(request, response); // "Do nothing", required protocol when returning SUCCESS handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) }); // When using includes, the response stays open and the main // resource can also write to the response return SUCCESS; } else { request.getRequestDispatcher("/forwardedServlet") .forward(request, response); // MUST NOT invoke the resource, so CAN NOT return SUCCESS here. return SEND_CONTINUE; } } catch (IOException | ServletException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } }
throw (AuthException) new AuthException().initCause(e);
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage(); if ("cdi".equals(request.getParameter("tech"))) { callCDIBean(request, response, "validateRequest"); } else if ("ejb".equals(request.getParameter("tech"))) { callEJBBean(response, "validateRequest"); } try { handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }); return SUCCESS; } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } }
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); Callback[] callbacks; if (request.getParameter("doLogin") != null) { callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }; } else { // The JASPIC protocol for "do nothing" callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) }; } try { handler.handle(callbacks); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } return SUCCESS; }
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); Callback[] callbacks; if (request.getParameter("doLogin") != null) { callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }; } else { // The JASPIC protocol for "do nothing" callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) }; } try { handler.handle(callbacks); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } return SUCCESS; }
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); Callback[] callbacks; if (request.getParameter("doLogin") != null) { // For the test perform a login by directly "returning" the details of the authenticated user. // Normally credentials would be checked and the details fetched from some repository callbacks = new Callback[] { // The name of the authenticated user new CallerPrincipalCallback(clientSubject, "test"), // the roles of the authenticated user new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }; } else { // The JASPIC protocol for "do nothing" callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) }; } try { // Communicate the details of the authenticated user to the container. In many // cases the handler will just store the details and the container will actually handle // the login after we return from this method. handler.handle(callbacks); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } return SUCCESS; }
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); Callback[] callbacks; if (request.getAttribute("doLogin") != null) { // notice "getAttribute" here, this is set by the Servlet // For the test perform a login by directly "returning" the details of the authenticated user. // Normally credentials would be checked and the details fetched from some repository callbacks = new Callback[] { // The name of the authenticated user new CallerPrincipalCallback(clientSubject, "test"), // the roles of the authenticated user new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }; } else { // The JASPIC protocol for "do nothing" callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) }; } try { // Communicate the details of the authenticated user to the container. In many // cases the handler will just store the details and the container will actually handle // the login after we return from this method. handler.handle(callbacks); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } return SUCCESS; }
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); Callback[] callbacks; if (request.getParameter("doLogin") != null) { // For the test perform a login by directly "returning" the details of the authenticated user. // Normally credentials would be checked and the details fetched from some repository callbacks = new Callback[] { // The name of the authenticated user new CallerPrincipalCallback(clientSubject, "test"), // the roles of the authenticated user new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }; } else { // The JASPIC protocol for "do nothing" callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) }; } try { // Communicate the details of the authenticated user to the container. In many // cases the handler will just store the details and the container will actually handle // the login after we return from this method. handler.handle(callbacks); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } return SUCCESS; }
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage(); Callback[] callbacks; if (request.getParameter("doLogin") != null) { // For the test perform a login by directly "returning" the details of the authenticated user. // Normally credentials would be checked and the details fetched from some repository callbacks = new Callback[] { // The name of the authenticated user new CallerPrincipalCallback(clientSubject, "test"), // the roles of the authenticated user new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }; } else { // The JASPIC protocol for "do nothing" callbacks = new Callback[] { new CallerPrincipalCallback(clientSubject, (Principal) null) }; } try { // Communicate the details of the authenticated user to the container. In many // cases the handler will just store the details and the container will actually handle // the login after we return from this method. handler.handle(callbacks); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } return SUCCESS; }
throw (AuthException) new AuthException().initCause(e);
throw new AuthException("Could not validateRequest using mechanisms [" + mechanisms + ".");
@Override public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException { try { handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, "test"), new GroupPrincipalCallback(clientSubject, new String[] { "architect" }) }); } catch (IOException | UnsupportedCallbackException e) { throw (AuthException) new AuthException().initCause(e); } // Wrap the request - the resource to be invoked should get to see this messageInfo.setRequestMessage(new TestHttpServletRequestWrapper( (HttpServletRequest) messageInfo.getRequestMessage()) ); // Wrap the response - the resource to be invoked should get to see this messageInfo.setResponseMessage(new TestHttpServletResponseWrapper( (HttpServletResponse) messageInfo.getResponseMessage()) ); return SUCCESS; }
protected CallbackHandler getClientCallbackHandler(CallbackHandler cbh) throws AuthException { if (cbh == null) { AuthException ae = new AuthException("AuthConfigProvider does not support null Client Callbackhandler"); ae.initCause(new UnsupportedOperationException()); throw ae; } return cbh; }
protected AuthParam getAuthParam(MessageInfo info) throws AuthException{ if (GFServerConfigProvider.HTTPSERVLET.equals(layer)) { return new HttpServletAuthParam(info); } else if (GFServerConfigProvider.SOAP.equals(layer)) { if (wsdelegate != null) { return wsdelegate.newSOAPAuthParam(info); } } throw new AuthException("unsupported AuthParam type"); }