You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by ra...@apache.org on 2019/01/09 17:26:09 UTC
[tomee] 21/48: TOMEE-2365 - Propagate CallbackHandler to perform
authentication.
This is an automated email from the ASF dual-hosted git repository.
radcortez pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit a88d557937881238778ab81a6e79e62617cc2158
Author: Roberto Cortez <ra...@yahoo.com>
AuthorDate: Wed Dec 26 17:12:49 2018 +0000
TOMEE-2365 - Propagate CallbackHandler to perform authentication.
---
.../security/http/TomEEHttpMessageContext.java | 40 ++++++++++++++++------
.../provider/TomEESecurityAuthConfigProvider.java | 2 +-
.../provider/TomEESecurityServerAuthConfig.java | 17 +++++++--
.../provider/TomEESecurityServerAuthContext.java | 5 +--
.../provider/TomEESecurityServerAuthModule.java | 7 ++--
5 files changed, 52 insertions(+), 19 deletions(-)
diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java
index dfb7627..878a550 100644
--- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java
+++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java
@@ -19,8 +19,12 @@ package org.apache.tomee.security.http;
import org.apache.catalina.authenticator.jaspic.MessageInfoImpl;
import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.callback.CallerPrincipalCallback;
+import javax.security.auth.message.callback.GroupPrincipalCallback;
import javax.security.enterprise.AuthenticationStatus;
import javax.security.enterprise.CallerPrincipal;
import javax.security.enterprise.authentication.mechanism.http.AuthenticationParameters;
@@ -38,22 +42,28 @@ import static javax.security.enterprise.identitystore.CredentialValidationResult
import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
public class TomEEHttpMessageContext implements HttpMessageContext {
+ private final CallbackHandler handler;
private final MessageInfo messageInfo;
private final Subject clientSubject;
private final Subject serviceSubject;
- private TomEEHttpMessageContext(final MessageInfo messageInfo,
- final Subject clientSubject,
- final Subject serviceSubject) {
+ private TomEEHttpMessageContext(
+ final CallbackHandler handler,
+ final MessageInfo messageInfo,
+ final Subject clientSubject,
+ final Subject serviceSubject) {
+ this.handler = handler;
this.messageInfo = messageInfo;
this.clientSubject = clientSubject;
this.serviceSubject = serviceSubject;
}
- public static TomEEHttpMessageContext httpMessageContext(final MessageInfo messageInfo,
- final Subject clientSubject,
- final Subject serviceSubject) {
- return new TomEEHttpMessageContext(messageInfo, clientSubject, serviceSubject);
+ public static TomEEHttpMessageContext httpMessageContext(
+ final CallbackHandler handler,
+ final MessageInfo messageInfo,
+ final Subject clientSubject,
+ final Subject serviceSubject) {
+ return new TomEEHttpMessageContext(handler, messageInfo, clientSubject, serviceSubject);
}
@Override
@@ -88,17 +98,17 @@ public class TomEEHttpMessageContext implements HttpMessageContext {
@Override
public CallbackHandler getHandler() {
- return null;
+ return handler;
}
@Override
public MessageInfo getMessageInfo() {
- return null;
+ return messageInfo;
}
@Override
public Subject getClientSubject() {
- return null;
+ return clientSubject;
}
@Override
@@ -159,7 +169,15 @@ public class TomEEHttpMessageContext implements HttpMessageContext {
@Override
public AuthenticationStatus notifyContainerAboutLogin(final Principal principal, final Set<String> groups) {
- // Needs more stuff in here.
+
+ try {
+ handler.handle(new Callback[] {
+ new CallerPrincipalCallback(clientSubject, principal),
+ new GroupPrincipalCallback(clientSubject, groups.toArray(new String[groups.size()]))
+ });
+ } catch (IOException | UnsupportedCallbackException e) {
+ e.printStackTrace();
+ }
return SUCCESS;
}
diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityAuthConfigProvider.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityAuthConfigProvider.java
index 6654089..c799598 100644
--- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityAuthConfigProvider.java
+++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityAuthConfigProvider.java
@@ -34,7 +34,7 @@ public class TomEESecurityAuthConfigProvider implements AuthConfigProvider {
public ServerAuthConfig getServerAuthConfig(final String layer, final String appContext,
final CallbackHandler handler)
throws AuthException, SecurityException {
- return new TomEESecurityServerAuthConfig();
+ return new TomEESecurityServerAuthConfig(layer, appContext, handler);
}
@Override
diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthConfig.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthConfig.java
index bee97ce..5686b68 100644
--- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthConfig.java
+++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthConfig.java
@@ -17,6 +17,7 @@
package org.apache.tomee.security.provider;
import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.config.ServerAuthConfig;
@@ -24,16 +25,26 @@ import javax.security.auth.message.config.ServerAuthContext;
import java.util.Map;
public class TomEESecurityServerAuthConfig implements ServerAuthConfig {
+ private String layer;
+ private String appContext;
+ private CallbackHandler handler;
+
+ public TomEESecurityServerAuthConfig(final String layer, final String appContext, final CallbackHandler handler) {
+ this.layer = layer;
+ this.appContext = appContext;
+ this.handler = handler;
+ }
+
@Override
public ServerAuthContext getAuthContext(final String authContextID, final Subject serviceSubject,
final Map properties)
throws AuthException {
- return new TomEESecurityServerAuthContext();
+ return new TomEESecurityServerAuthContext(handler);
}
@Override
public String getAppContext() {
- return null;
+ return appContext;
}
@Override
@@ -43,7 +54,7 @@ public class TomEESecurityServerAuthConfig implements ServerAuthConfig {
@Override
public String getMessageLayer() {
- return null;
+ return layer;
}
@Override
diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthContext.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthContext.java
index 6161a9b..1f853cc 100644
--- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthContext.java
+++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthContext.java
@@ -17,6 +17,7 @@
package org.apache.tomee.security.provider;
import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.MessageInfo;
@@ -25,9 +26,9 @@ import javax.security.auth.message.config.ServerAuthContext;
public class TomEESecurityServerAuthContext implements ServerAuthContext {
private TomEESecurityServerAuthModule serverAuthModule;
- public TomEESecurityServerAuthContext() throws AuthException {
+ public TomEESecurityServerAuthContext(final CallbackHandler handler) throws AuthException {
this.serverAuthModule = new TomEESecurityServerAuthModule();
- this.serverAuthModule.initialize(null, null, null, null);
+ this.serverAuthModule.initialize(null, null, handler, null);
}
@Override
diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthModule.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthModule.java
index 720a405..e884f0e 100644
--- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthModule.java
+++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthModule.java
@@ -36,6 +36,8 @@ import java.util.Map;
import static org.apache.tomee.security.http.TomEEHttpMessageContext.httpMessageContext;
public class TomEESecurityServerAuthModule implements ServerAuthModule {
+ private CallbackHandler handler;
+
@Override
public Class[] getSupportedMessageTypes() {
return new Class[0];
@@ -45,7 +47,7 @@ public class TomEESecurityServerAuthModule implements ServerAuthModule {
public void initialize(final MessagePolicy requestPolicy, final MessagePolicy responsePolicy,
final CallbackHandler handler,
final Map options) throws AuthException {
-
+ this.handler = handler;
}
@Override
@@ -63,7 +65,8 @@ public class TomEESecurityServerAuthModule implements ServerAuthModule {
final Subject serviceSubject)
throws AuthException {
- final HttpMessageContext httpMessageContext = httpMessageContext(messageInfo, clientSubject, serviceSubject);
+ final HttpMessageContext httpMessageContext =
+ httpMessageContext(handler, messageInfo, clientSubject, serviceSubject);
final HttpServletRequest request = httpMessageContext.getRequest();
final String servletName = request.getHttpServletMapping().getServletName();