You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by cs...@apache.org on 2017/08/02 08:14:21 UTC
[4/4] karaf git commit: Extract common code
Extract common code
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/ae75feed
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/ae75feed
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/ae75feed
Branch: refs/heads/master
Commit: ae75feed11bab347bf7d4e6eb6d48a879189d1cf
Parents: f75ade9
Author: Christian Schneider <ch...@die-schneider.net>
Authored: Tue Aug 1 14:32:47 2017 +0200
Committer: Christian Schneider <ch...@die-schneider.net>
Committed: Wed Aug 2 10:14:10 2017 +0200
----------------------------------------------------------------------
.../karaf/shell/ssh/KarafJaasAuthenticator.java | 100 +++++++------------
1 file changed, 38 insertions(+), 62 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/karaf/blob/ae75feed/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java
----------------------------------------------------------------------
diff --git a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java
index 94b715c..e1420f4 100644
--- a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java
+++ b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java
@@ -23,6 +23,7 @@ import java.security.PublicKey;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
@@ -45,48 +46,46 @@ public class KarafJaasAuthenticator implements PasswordAuthenticator, PublickeyA
private String realm;
- public KarafJaasAuthenticator() {
- }
-
public KarafJaasAuthenticator(String realm) {
this.realm = realm;
}
- public String getRealm() {
- return realm;
+ public boolean authenticate(final String username, final String password, final ServerSession session) {
+ CallbackHandler callbackHandler = callbacks -> {
+ for (Callback callback : callbacks) {
+ if (callback instanceof NameCallback) {
+ ((NameCallback) callback).setName(username);
+ } else if (callback instanceof PasswordCallback) {
+ ((PasswordCallback) callback).setPassword(password.toCharArray());
+ } else {
+ throw new UnsupportedCallbackException(callback);
+ }
+ }
+ };
+ return doLogin(session, callbackHandler);
}
- public void setRealm(String realm) {
- this.realm = realm;
+ public boolean authenticate(final String username, final PublicKey key, final ServerSession session) {
+ CallbackHandler callbackHandler = callbacks -> {
+ for (Callback callback : callbacks) {
+ if (callback instanceof NameCallback) {
+ ((NameCallback) callback).setName(username);
+ } else if (callback instanceof PublickeyCallback) {
+ ((PublickeyCallback) callback).setPublicKey(key);
+ } else {
+ throw new UnsupportedCallbackException(callback);
+ }
+ }
+ };
+ return doLogin(session, callbackHandler);
}
- public boolean authenticate(final String username, final String password, final ServerSession session) {
+ private boolean doLogin(final ServerSession session, CallbackHandler callbackHandler) {
try {
Subject subject = new Subject();
- LoginContext loginContext = new LoginContext(realm, subject, callbacks -> {
- for (Callback callback : callbacks) {
- if (callback instanceof NameCallback) {
- ((NameCallback) callback).setName(username);
- } else if (callback instanceof PasswordCallback) {
- ((PasswordCallback) callback).setPassword(password.toCharArray());
- } else {
- throw new UnsupportedCallbackException(callback);
- }
- }
- });
+ LoginContext loginContext = new LoginContext(realm, subject, callbackHandler);
loginContext.login();
-
- int roleCount = 0;
- for (Principal principal : subject.getPrincipals()) {
- if (principal instanceof RolePrincipal) {
- roleCount++;
- }
- }
-
- if (roleCount == 0) {
- throw new FailedLoginException("User doesn't have role defined");
- }
-
+ assertRolePresent(subject);
session.setAttribute(SUBJECT_ATTRIBUTE_KEY, subject);
return true;
} catch (Exception e) {
@@ -95,38 +94,15 @@ public class KarafJaasAuthenticator implements PasswordAuthenticator, PublickeyA
}
}
- public boolean authenticate(final String username, final PublicKey key, final ServerSession session) {
- try {
- Subject subject = new Subject();
- LoginContext loginContext = new LoginContext(realm, subject, callbacks -> {
- for (Callback callback : callbacks) {
- if (callback instanceof NameCallback) {
- ((NameCallback) callback).setName(username);
- } else if (callback instanceof PublickeyCallback) {
- ((PublickeyCallback) callback).setPublicKey(key);
- } else {
- throw new UnsupportedCallbackException(callback);
- }
- }
- });
- loginContext.login();
-
- int roleCount = 0;
- for (Principal principal : subject.getPrincipals()) {
- if (principal instanceof RolePrincipal) {
- roleCount++;
- }
- }
-
- if (roleCount == 0) {
- throw new FailedLoginException("User doesn't have role defined");
+ private void assertRolePresent(Subject subject) throws FailedLoginException {
+ int roleCount = 0;
+ for (Principal principal : subject.getPrincipals()) {
+ if (principal instanceof RolePrincipal) {
+ roleCount++;
}
-
- session.setAttribute(SUBJECT_ATTRIBUTE_KEY, subject);
- return true;
- } catch (Exception e) {
- LOGGER.debug("User authentication failed with " + e.getMessage(), e);
- return false;
+ }
+ if (roleCount == 0) {
+ throw new FailedLoginException("User doesn't have role defined");
}
}