public boolean authenticateUser(Map context, String username, String password) throws XWSSecurityRuntimeException { WorkContext workContext = (WorkContext) context.get(MetroConstants.WORK_CONTEXT); if (workContext == null) { // programming error throw new AssertionError("Work context not set"); } UsernamePasswordToken token = new UsernamePasswordToken(username, password); try { SecuritySubject subject = authenticationService.authenticate(token); workContext.setSubject(subject); return true; } catch (AuthenticationException e) { throw new XWSSecurityRuntimeException(e); } }
token = getXmlTransformer().transform(stream, loader); SecuritySubject subject = authService.authenticate(token); req.getSession().setAttribute(FABRIC3_SUBJECT, subject); } catch (TransformationException e) {
public void authenticate(HttpServletRequest request, WorkContext context) throws AuthenticationException, NoCredentialsException { if (context.getSubject() != null) { // subject was previously authenticated return; } if (authenticationService == null) { throw new AuthenticationException("Authentication service not installed"); } String header = request.getHeader("Authorization"); if ((header == null) || !header.startsWith("Basic ")) { throw new NoCredentialsException(); } String base64Token = header.substring(6); try { String decoded = new String(Base64.decode(base64Token), "UTF-8"); String username = ""; String password = ""; int delimeter = decoded.indexOf(":"); if (delimeter != -1) { username = decoded.substring(0, delimeter); password = decoded.substring(delimeter + 1); } UsernamePasswordToken token = new UsernamePasswordToken(username, password); SecuritySubject subject = authenticationService.authenticate(token); context.setSubject(subject); // authorized } catch (UnsupportedEncodingException e) { throw new AssertionError(e); } }
public UserIdentity login(String username, Object credentials, ServletRequest request) { UsernamePasswordToken token = new UsernamePasswordToken(username, credentials.toString()); try { SecuritySubject subject = authenticationService.authenticate(token); Subject jaasSubject = subject.getJaasSubject(); Set<Role> roles = subject.getRoles(); String[] roleNames = new String[roles.size()]; int i = 0; for (Role role : roles) { roleNames[i] = role.getName(); i++; } UserPrincipal principal = new UserPrincipal(username); return new DefaultUserIdentity(jaasSubject, principal, roleNames); } catch (AuthenticationException e) { // invalid token return null; } }
public UserIdentity login(String username, Object credentials) { UsernamePasswordToken token = new UsernamePasswordToken(username, credentials.toString()); try { SecuritySubject subject = authenticationService.authenticate(token); Subject jaasSubject = subject.getJaasSubject(); Set<Role> roles = subject.getRoles(); String[] roleNames = new String[roles.size()]; int i = 0; for (Role role : roles) { roleNames[i] = role.getName(); i++; } UserPrincipal principal = new UserPrincipal(username); return new DefaultUserIdentity(jaasSubject, principal, roleNames); } catch (AuthenticationException e) { // invalid token return null; } }
public Message invoke(Message msg) { UsernamePasswordToken token = new UsernamePasswordToken(username, password); try { SecuritySubject subject = authenticationService.authenticate(token); msg.getWorkContext().setSubject(subject); } catch (AuthenticationException e) { throw new ServiceUnavailableException("Error authenticating", e); } return next.invoke(msg); }
public SecuritySubject authenticate(AuthenticationToken<?, ?> token) throws AuthenticationException { if (delegate != null) { // if a security extension is installed, delegate to it return delegate.authenticate(token); } if (realm != null) { if (token instanceof UsernamePasswordToken) { UsernamePasswordToken usernamePassword = (UsernamePasswordToken) token; String username = usernamePassword.getPrincipal(); String password = usernamePassword.getCredentials(); Principal principal = realm.authenticate(username, password); if (principal instanceof GenericPrincipal) { GenericPrincipal generic = (GenericPrincipal) principal; Set<Role> roles = new HashSet<Role>(); for (String name : generic.getRoles()) { roles.add(new Role(name)); } return new BasicSecuritySubject(generic.getName(), generic.getPassword(), roles); } else { return new BasicSecuritySubject(username, password, Collections.<Role>emptySet()); } } } throw new AuthenticationException("Unable to authenticate because a Tomcat Realm or Fabric3 Security extension has not been configured"); } }