@Override public AuthConfigProvider getConfigProvider(String layer, String appContext, RegistrationListener listener) { AuthConfigProvider authConfigProvider = elytronAuthConfigFactory.getConfigProvider(layer, appContext, listener); if (authConfigProvider != null || elytronAuthConfigFactory.matchesRegistration(layer, appContext) || !delegationAllowed.get()) { return authConfigProvider; } return backupAuthConfigFactory.getConfigProvider(layer, appContext, listener); }
/** * <p> * JASPIC 1.1 specification: if there is an {@code AuthConfigProvider} for the {@code HttpServlet} layer and * application context, then @{@code login} must throw a {@code ServletException} which may convey that the * exception was caused by an incompatibility between the {@code login} method and the configured authentication * mechanism. If there is no such provider, then the container must proceed with the regular {@code login} processing. * </p> * * @param username The username * @param password The password * @return <code>true</code> if the login succeeded, false otherwise * @throws SecurityException if login is called when JASPIC is enabled for application context and layer. */ @Override public boolean login(final String username, final String password) { // if there is an AuthConfigProvider for the HttpServlet layer and appContext, this method must throw an exception. String appContext = this.buildAppContext(); AuthConfigProvider provider = AuthConfigFactory.getFactory().getConfigProvider(layer, appContext, null); if (provider != null) { ServletException se = new ServletException("login is not supported by the JASPIC mechanism"); throw new SecurityException(se); } return super.login(username, password); }
/** * <p> * JASPIC 1.1 specification: if there is an {@code AuthConfigProvider} for the {@code HttpServlet} layer and * application context, then @{@code logout} must acquire a {@code ServerAuthContext} and call {@code cleanSubject} * on the acquired context. * </p> * <p> * The specified {@code Subject} should be non-null and should be the {@code Subject} returning from the most recent * call to {@code validateRequest}. In our case, that {@code Subject} is set in the underlying security context, so * we must retrieve it from there before calling {@code cleanSubject}. * </p> * <p> * Once {@code cleanSubject} returns, {@code logout} must perform the regular (non-JASPIC) {@code logout} processing. * </p> */ @Override public void logout() { if (!isAuthenticated()) return; // call cleanSubject() if there is an AuthConfigProvider for the HttpServlet layer and appContext. String appContext = this.buildAppContext(); if (AuthConfigFactory.getFactory().getConfigProvider(layer, appContext, null) != null) { Subject authenticatedSubject = this.getAuthenticatedSubject(); MessageInfo messageInfo = this.buildMessageInfo(); this.manager.cleanSubject(messageInfo, authenticatedSubject, layer, appContext, handler); } // following the return from cleanSubject(), logout must perform the regular logout processing. super.logout(); }
AuthConfigFactory factory = AuthConfigFactory.getFactory(); String appContextID = getAppContextID(context); AuthConfigProvider provider = factory.getConfigProvider("HttpServlet", appContextID, null);
private Optional<AuthConfigProvider> findJaspicProvider() { AuthConfigFactory factory = AuthConfigFactory.getFactory(); Optional<AuthConfigProvider> provider; if (factory == null) { provider = Optional.empty(); } else { provider = Optional.ofNullable( factory.getConfigProvider("HttpServlet", jaspicAppContextID, this)); } jaspicProvider = provider; return provider; }
private Optional<AuthConfigProvider> findJaspicProvider() { AuthConfigFactory factory = AuthConfigFactory.getFactory(); Optional<AuthConfigProvider> provider; if (factory == null) { provider = Optional.empty(); } else { provider = Optional.ofNullable( factory.getConfigProvider("HttpServlet", jaspicAppContextID, this)); } jaspicProvider = provider; return provider; }
@Override public AuthConfigProvider getConfigProvider(String layer, String appContext, RegistrationListener listener) { AuthConfigProvider authConfigProvider = elytronAuthConfigFactory.getConfigProvider(layer, appContext, listener); if (authConfigProvider != null || elytronAuthConfigFactory.matchesRegistration(layer, appContext) || !delegationAllowed.get()) { return authConfigProvider; } return backupAuthConfigFactory.getConfigProvider(layer, appContext, listener); }
@Override public AuthConfigProvider getConfigProvider(String layer, String appContext, RegistrationListener listener) { AuthConfigProvider authConfigProvider = elytronAuthConfigFactory.getConfigProvider(layer, appContext, listener); if (authConfigProvider != null || elytronAuthConfigFactory.matchesRegistration(layer, appContext) || !delegationAllowed.get()) { return authConfigProvider; } return backupAuthConfigFactory.getConfigProvider(layer, appContext, listener); }
/** * <p> * JASPIC 1.1 specification: if there is an {@code AuthConfigProvider} for the {@code HttpServlet} layer and * application context, then @{@code login} must throw a {@code ServletException} which may convey that the * exception was caused by an incompatibility between the {@code login} method and the configured authentication * mechanism. If there is no such provider, then the container must proceed with the regular {@code login} processing. * </p> * * @param username The username * @param password The password * @return <code>true</code> if the login succeeded, false otherwise * @throws SecurityException if login is called when JASPIC is enabled for application context and layer. */ @Override public boolean login(final String username, final String password) { // if there is an AuthConfigProvider for the HttpServlet layer and appContext, this method must throw an exception. String appContext = this.buildAppContext(); AuthConfigProvider provider = AuthConfigFactory.getFactory().getConfigProvider(layer, appContext, null); if (provider != null) { ServletException se = new ServletException("login is not supported by the JASPIC mechanism"); throw new SecurityException(se); } return super.login(username, password); }
/** * <p> * JASPIC 1.1 specification: if there is an {@code AuthConfigProvider} for the {@code HttpServlet} layer and * application context, then @{@code login} must throw a {@code ServletException} which may convey that the * exception was caused by an incompatibility between the {@code login} method and the configured authentication * mechanism. If there is no such provider, then the container must proceed with the regular {@code login} processing. * </p> * * @param username The username * @param password The password * @return <code>true</code> if the login succeeded, false otherwise * @throws SecurityException if login is called when JASPIC is enabled for application context and layer. */ @Override public boolean login(final String username, final String password) { // if there is an AuthConfigProvider for the HttpServlet layer and appContext, this method must throw an exception. String appContext = this.buildAppContext(); AuthConfigProvider provider = AuthConfigFactory.getFactory().getConfigProvider(layer, appContext, null); if (provider != null) { ServletException se = new ServletException("login is not supported by the JASPIC mechanism"); throw new SecurityException(se); } return super.login(username, password); }
/** * Check if there is a provider register for a given layer and appCtxt. */ protected boolean hasExactMatchAuthProvider() { boolean exactMatch = false; // XXX this may need to be optimized AuthConfigProvider p = factory.getConfigProvider(layer, appCtxt, null); if (p != null) { String[] IDs = factory.getRegistrationIDs(p); for (String i : IDs) { RegistrationContext c = factory.getRegistrationContext(i); if (layer.equals(c.getMessageLayer()) && appCtxt.equals(c.getAppContext())) { exactMatch = true; break; } } } return exactMatch; }
/** * Check if there is a provider register for a given layer and appCtxt. */ protected boolean hasExactMatchAuthProvider() { boolean exactMatch = false; // XXX this may need to be optimized AuthConfigProvider p = factory.getConfigProvider(layer, appCtxt, null); if (p != null) { String[] IDs = factory.getRegistrationIDs(p); for (String i : IDs) { RegistrationContext c = factory.getRegistrationContext(i); if (layer.equals(c.getMessageLayer()) && appCtxt.equals(c.getAppContext())) { exactMatch = true; break; } } } return exactMatch; }
AuthConfigProvider provider = factory.getConfigProvider(layer,contextID,null); if(provider == null) throw new IllegalStateException("Provider is null for "+ layer + " for "+ contextID);
if (listenerWrapper.getConfigData()== null) { AuthConfigProvider nextP = factory.getConfigProvider(layer,appCtxt,this.getRegistrationListener()); if (nextP != null) { listenerWrapper.setConfigData(new ConfigData(nextP,getAuthConfig(nextP,isServer)));
@Override public boolean authenticate() { if (isAuthenticated()) { return true; } // If JASPI do JASPI if (enableJaspi) { AuthConfigFactory authConfigFactory = getAuthConfigFactory(); if (authConfigFactory != null) { AuthConfigProvider configProvider = authConfigFactory.getConfigProvider(SERVLET_MESSAGE_LAYER, applicationContext, null); if (configProvider != null) { try { return authenticate(configProvider); } catch (AuthException | SecurityException e) { log.trace("Authentication failed.", e); exchange.setStatusCode(INTERNAL_SERVER_ERROR); return false; } } else { log.tracef("No AuthConfigProvider for layer=%s, appContext=%s", SERVLET_MESSAGE_LAYER, applicationContext); } } else { log.trace("No AuthConfigFactory available."); } } log.trace("JASPIC Unavailable, using HTTP authentication."); return super.authenticate(); }
String appContext = serverName + " " + context.getContextPath(); AuthConfigProvider authConfigProvider = authConfigFactory.getConfigProvider(MESSAGE_LAYER,appContext,listener);
String appContext = serverName + " " + context.getContextPath(); AuthConfigProvider authConfigProvider = authConfigFactory.getConfigProvider(MESSAGE_LAYER,appContext,listener);
String appContext = serverName + " " + context.getContextPath(); AuthConfigProvider authConfigProvider = authConfigFactory.getConfigProvider(MESSAGE_LAYER,appContext,listener);
/** * <p> * JASPIC 1.1 specification: if there is an {@code AuthConfigProvider} for the {@code HttpServlet} layer and * application context, then @{@code logout} must acquire a {@code ServerAuthContext} and call {@code cleanSubject} * on the acquired context. * </p> * <p> * The specified {@code Subject} should be non-null and should be the {@code Subject} returning from the most recent * call to {@code validateRequest}. In our case, that {@code Subject} is set in the underlying security context, so * we must retrieve it from there before calling {@code cleanSubject}. * </p> * <p> * Once {@code cleanSubject} returns, {@code logout} must perform the regular (non-JASPIC) {@code logout} processing. * </p> */ @Override public void logout() { if (!isAuthenticated()) return; // call cleanSubject() if there is an AuthConfigProvider for the HttpServlet layer and appContext. String appContext = this.buildAppContext(); if (AuthConfigFactory.getFactory().getConfigProvider(layer, appContext, null) != null) { Subject authenticatedSubject = this.getAuthenticatedSubject(); MessageInfo messageInfo = this.buildMessageInfo(); this.manager.cleanSubject(messageInfo, authenticatedSubject, layer, appContext, handler); } // following the return from cleanSubject(), logout must perform the regular logout processing. super.logout(); }
/** * <p> * JASPIC 1.1 specification: if there is an {@code AuthConfigProvider} for the {@code HttpServlet} layer and * application context, then @{@code logout} must acquire a {@code ServerAuthContext} and call {@code cleanSubject} * on the acquired context. * </p> * <p> * The specified {@code Subject} should be non-null and should be the {@code Subject} returning from the most recent * call to {@code validateRequest}. In our case, that {@code Subject} is set in the underlying security context, so * we must retrieve it from there before calling {@code cleanSubject}. * </p> * <p> * Once {@code cleanSubject} returns, {@code logout} must perform the regular (non-JASPIC) {@code logout} processing. * </p> */ @Override public void logout() { if (!isAuthenticated()) return; // call cleanSubject() if there is an AuthConfigProvider for the HttpServlet layer and appContext. String appContext = this.buildAppContext(); if (AuthConfigFactory.getFactory().getConfigProvider(layer, appContext, null) != null) { Subject authenticatedSubject = this.getAuthenticatedSubject(); MessageInfo messageInfo = this.buildMessageInfo(); this.manager.cleanSubject(messageInfo, authenticatedSubject, layer, appContext, handler); } // following the return from cleanSubject(), logout must perform the regular logout processing. super.logout(); }