public SecuritySubject authenticate(AuthenticationToken<?, ?> token) throws AuthenticationException { if (disabled) { monitor.error("Attempt to authenticate when authentication is disabled"); throw new AuthenticationException("Authentication is disabled"); } ClassLoader old = Thread.currentThread().getContextClassLoader(); try { // set the TCCL as the Sun JNDI LDAP provider implementation requires it Thread.currentThread().setContextClassLoader(getClass().getClassLoader()); Authentication authentication; if (token instanceof UsernamePasswordToken) { UsernamePasswordToken userToken = (UsernamePasswordToken) token; authentication = new UsernamePasswordAuthenticationToken(userToken.getPrincipal(), userToken.getCredentials()); } else { // TODO support other tokens throw new UnsupportedOperationException("Support for token type not yet implemented"); } authentication = authenticate(authentication); return new SpringSecuritySubject(authentication); } finally { Thread.currentThread().setContextClassLoader(old); } } }
public SecuritySubject authenticate(AuthenticationToken<?, ?> token) throws AuthenticationException { if (token == null) { throw new IllegalArgumentException("Null token"); } if (!(token instanceof UsernamePasswordToken)) { throw new UnsupportedOperationException("Token type not supported: " + token.getClass().getName()); } UsernamePasswordToken userToken = (UsernamePasswordToken) token; try { String principal = userToken.getPrincipal(); if (principal == null) { throw new AuthenticationException("Principal was null"); } BasicSecuritySubject subject = store.find(principal); if (subject == null) { throw new InvalidAuthenticationException("Invalid authentication information"); } if (!userToken.getCredentials().equals(subject.getPassword())) { throw new InvalidAuthenticationException("Invalid authentication information"); } return subject; } catch (SecurityStoreException e) { throw new AuthenticationException(e); } }
public void authenticate(HttpServletRequest request, WorkContext context) throws AuthenticationException, NoCredentialsException { if (context.getSubject() != null) { // subject was previously authenticated return; } if (authenticationService == null) { throw new AuthenticationException("Authentication service not installed"); } String header = request.getHeader("Authorization"); if ((header == null) || !header.startsWith("Basic ")) { throw new NoCredentialsException(); } String base64Token = header.substring(6); try { String decoded = new String(Base64.decode(base64Token), "UTF-8"); String username = ""; String password = ""; int delimeter = decoded.indexOf(":"); if (delimeter != -1) { username = decoded.substring(0, delimeter); password = decoded.substring(delimeter + 1); } UsernamePasswordToken token = new UsernamePasswordToken(username, password); SecuritySubject subject = authenticationService.authenticate(token); context.setSubject(subject); // authorized } catch (UnsupportedEncodingException e) { throw new AssertionError(e); } }
public SecuritySubject authenticate(AuthenticationToken<?, ?> token) throws AuthenticationException { if (delegate != null) { // if a security extension is installed, delegate to it return delegate.authenticate(token); } if (realm != null) { if (token instanceof UsernamePasswordToken) { UsernamePasswordToken usernamePassword = (UsernamePasswordToken) token; String username = usernamePassword.getPrincipal(); String password = usernamePassword.getCredentials(); Principal principal = realm.authenticate(username, password); if (principal instanceof GenericPrincipal) { GenericPrincipal generic = (GenericPrincipal) principal; Set<Role> roles = new HashSet<Role>(); for (String name : generic.getRoles()) { roles.add(new Role(name)); } return new BasicSecuritySubject(generic.getName(), generic.getPassword(), roles); } else { return new BasicSecuritySubject(username, password, Collections.<Role>emptySet()); } } } throw new AuthenticationException("Unable to authenticate because a Tomcat Realm or Fabric3 Security extension has not been configured"); } }