/** * Constructor with signature and implementation that's required by API. * * @param properties * @param factory */ public TestAuthConfigProvider(Map<String, String> properties, AuthConfigFactory factory) { this.providerProperties = properties; // API requires self registration if factory is provided. Not clear // where the "layer" (2nd parameter) // and especially "appContext" (3rd parameter) values have to come from // at this place. if (factory != null) { factory.registerConfigProvider(this, null, null, "Auto registration"); } }
@Override public RegistrationContext getRegistrationContext(String registrationID) { RegistrationContext registrationContext = elytronAuthConfigFactory.getRegistrationContext(registrationID); if (registrationContext == null) { registrationContext = backupAuthConfigFactory.getRegistrationContext(registrationID); } return registrationContext; }
/** * Register the assembled configuration against the system wide {@link AuthConfigFactory}. * * @return The registration ID returned by the factory on registration. * @throws IllegalStateException if the configuration has already been registered. */ public String register() { return register(AuthConfigFactory.getFactory()); }
/** * <p> * JASPIC 1.1 specification: if there is an {@code AuthConfigProvider} for the {@code HttpServlet} layer and * application context, then @{@code login} must throw a {@code ServletException} which may convey that the * exception was caused by an incompatibility between the {@code login} method and the configured authentication * mechanism. If there is no such provider, then the container must proceed with the regular {@code login} processing. * </p> * * @param username The username * @param password The password * @return <code>true</code> if the login succeeded, false otherwise * @throws SecurityException if login is called when JASPIC is enabled for application context and layer. */ @Override public boolean login(final String username, final String password) { // if there is an AuthConfigProvider for the HttpServlet layer and appContext, this method must throw an exception. String appContext = this.buildAppContext(); AuthConfigProvider provider = AuthConfigFactory.getFactory().getConfigProvider(layer, appContext, null); if (provider != null) { ServletException se = new ServletException("login is not supported by the JASPIC mechanism"); throw new SecurityException(se); } return super.login(username, password); }
/** * Registers the given SAM using the standard JASPIC {@link AuthConfigFactory} but using a small set of wrappers that just * pass the calls through to the SAM. * * @param serverAuthModule */ public static void registerSAM(ServletContext context, ServerAuthModule serverAuthModule) { AuthConfigFactory.getFactory().registerConfigProvider(new TestAuthConfigProvider(serverAuthModule), "HttpServlet", getAppContextID(context), "Test authentication config provider"); }
@Override public AuthConfigProvider getConfigProvider(String layer, String appContext, RegistrationListener listener) { AuthConfigProvider authConfigProvider = elytronAuthConfigFactory.getConfigProvider(layer, appContext, listener); if (authConfigProvider != null || elytronAuthConfigFactory.matchesRegistration(layer, appContext) || !delegationAllowed.get()) { return authConfigProvider; } return backupAuthConfigFactory.getConfigProvider(layer, appContext, listener); }
protected AuthConfig getAuthConfig(AuthConfigProvider p, boolean isServer) throws AuthException { AuthConfig c = null; if (p != null) { if (isServer) { c = p.getServerAuthConfig(layer, appCtxt, cbh); } else { c = p.getClientAuthConfig(layer, appCtxt, cbh); } } return c; }
current.notify(layer, appContext);
RegistrationContextImpl(RegistrationContext ctx) { this.messageLayer = ctx.getMessageLayer(); this.appContext = ctx.getAppContext(); this.description = ctx.getDescription(); this.isPersistent = ctx.isPersistent(); }
@Override public boolean removeRegistration(String registrationID) { return elytronAuthConfigFactory.removeRegistration(registrationID) || backupAuthConfigFactory.removeRegistration(registrationID); }
@Override public String[] getRegistrationIDs(AuthConfigProvider provider) { String[] elytronRegistrationIds = elytronAuthConfigFactory.getRegistrationIDs(provider); String[] backupRegistrationIds = backupAuthConfigFactory.getRegistrationIDs(provider); return combine(elytronRegistrationIds, backupRegistrationIds); }
@Override public String[] detachListener(RegistrationListener listener, String layer, String appContext) { String[] elytronRegistrationIds = elytronAuthConfigFactory.detachListener(listener, layer, appContext); String[] backupRegistrationIds = backupAuthConfigFactory.detachListener(listener, layer, appContext); return combine(elytronRegistrationIds, backupRegistrationIds); }
@Override public void refresh() { elytronAuthConfigFactory.refresh(); backupAuthConfigFactory.refresh(); }
AuthConfigFactory.setFactory(new AuthConfigFactoryImpl());
@Override public void refresh() { ServerAuthConfig serverAuthConfig = this.serverAuthConfig; if (serverAuthConfig != null) { serverAuthConfig.refresh(); } } }
/** * <p> * JASPIC 1.1 specification: if there is an {@code AuthConfigProvider} for the {@code HttpServlet} layer and * application context, then @{@code logout} must acquire a {@code ServerAuthContext} and call {@code cleanSubject} * on the acquired context. * </p> * <p> * The specified {@code Subject} should be non-null and should be the {@code Subject} returning from the most recent * call to {@code validateRequest}. In our case, that {@code Subject} is set in the underlying security context, so * we must retrieve it from there before calling {@code cleanSubject}. * </p> * <p> * Once {@code cleanSubject} returns, {@code logout} must perform the regular (non-JASPIC) {@code logout} processing. * </p> */ @Override public void logout() { if (!isAuthenticated()) return; // call cleanSubject() if there is an AuthConfigProvider for the HttpServlet layer and appContext. String appContext = this.buildAppContext(); if (AuthConfigFactory.getFactory().getConfigProvider(layer, appContext, null) != null) { Subject authenticatedSubject = this.getAuthenticatedSubject(); MessageInfo messageInfo = this.buildMessageInfo(); this.manager.cleanSubject(messageInfo, authenticatedSubject, layer, appContext, handler); } // following the return from cleanSubject(), logout must perform the regular logout processing. super.logout(); }
/** * Register the assembled configuration against the supplied {@link AuthConfigFactory}. * * @param authConfigFactory the {@link AuthConfigFactory} to register the configuration against. * @return The registration ID returned by the factory on registration. * @throws IllegalStateException if the configuration has already been registered. */ public String register(AuthConfigFactory authConfigFactory) { assertNotRegistered(); registered = true; return authConfigFactory.registerConfigProvider( new ElytronAuthConfigProvider(messageLayer, applicationContext, serverAuthModules), messageLayer, applicationContext, description); }
protected AuthConfig getAuthConfig(AuthConfigProvider p, boolean isServer) throws AuthException { AuthConfig c = null; if (p != null) { if (isServer) { c = p.getServerAuthConfig(layer, appCtxt, cbh); } else { c = p.getClientAuthConfig(layer, appCtxt, cbh); } } return c; }
String registerConfigProvider(AuthConfigProvider provider, String layer, String appContext, String description, boolean persistent) { Registration registration = null; List<RegistrationListener> existingListeners; synchronized(layerContextRegistration) { LayerContextKey key = new LayerContextKey(layer, appContext); registration = layerContextRegistration.get(key); if (registration == null) { registration = new Registration(layer, appContext); layerContextRegistration.put(key, registration); existingListeners = Collections.emptyList(); } else { existingListeners = registration.clearListeners(); } registration.setDescription(description); registration.setPersistent(persistent); registration.setAuthConfigProvider(provider, provider == null); } // Handle notify outside the synchronized block in case they want to re-register. for (RegistrationListener current : existingListeners) { current.notify(layer, appContext); } return registration.getRegistrationId(); }
public SimpleAuthConfigProvider(Map<String,String> properties, AuthConfigFactory factory) { this.properties = properties; if (factory != null) { factory.registerConfigProvider(this, null, null, "Automatic registration"); } }