List of usage examples for javax.security.auth.login Configuration Configuration
protected Configuration()
From source file:org.adeptnet.auth.kerberos.Krb5.java
private Configuration getJaasKrb5TicketCfg(final String principal) { return new Configuration() { @Override//from www . java 2 s . c o m public AppConfigurationEntry[] getAppConfigurationEntry(String name) { Map<String, String> options = new HashMap<>(); options.put("principal", principal); options.put("realm", config.getRealm()); options.put("keyTab", config.getKeytab().getAbsolutePath()); options.put("doNotPrompt", "true"); options.put("useKeyTab", "true"); options.put("storeKey", "true"); options.put("isInitiator", "false"); return new AppConfigurationEntry[] { new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options) }; } }; }
From source file:com.vmware.identity.openidconnect.client.GSSTestUtils.java
static LoginContext getLoginCtx(final PrincipalId validAdUser, final char[] userPass, javax.security.auth.Subject jaasSubject) throws LoginException { return new LoginContext("SampleLoginContext", jaasSubject, new CallbackHandler() { @Override/*w w w .j a v a 2 s. c om*/ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { String userName = String.format("%s@%s", validAdUser.getName(), validAdUser.getDomain()); for (Callback callback : callbacks) { if (callback instanceof NameCallback) { ((NameCallback) callback).setName(userName); } else if (callback instanceof PasswordCallback) { ((PasswordCallback) callback).setPassword(userPass); } } } }, new Configuration() { @Override public AppConfigurationEntry[] getAppConfigurationEntry(String name) { Map<String, String> config = new HashMap<String, String>(); config.put("useTicketCache", "false"); return new AppConfigurationEntry[] { new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, config) }; } }); }
From source file:io.reappt.adapters.kafka.KafkaAdapter.java
public KafkaAdapter() throws NoSuchAlgorithmException, KeyManagementException { parseVcapServices(System.getenv("VCAP_SERVICES")); // Kafka or message hub insists that this property is set, even though we ignore it System.setProperty("java.security.auth.login.config", "make_kafka_happy"); // Install our own Configuration implementation final Map<String, String> options = new HashMap<>(); options.put("serviceName", "kafka"); options.put("username", user); options.put("password", password); Configuration.setConfiguration(new Configuration() { @Override//from w w w . j a v a 2s . c o m public AppConfigurationEntry[] getAppConfigurationEntry(String name) { return new AppConfigurationEntry[] { new AppConfigurationEntry("com.ibm.messagehub.login.MessageHubLoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options) }; } }); this.session = createSession(this.reapptUrl, this.reapptUser, this.reapptPassword); serverTopicPartition = KAFKA_DIFFUSION_TOPIC + "-" + reapptUrl.hashCode(); this.producer = new OutboundKafkaAdapter(session, bootstrap, serverTopicPartition); this.consumer = new InboundKafkaAdapter(session, bootstrap); }
From source file:org.jboss.test.kerberos.gss.GSSTestServer.java
/** * Authenticates this server in Kerberos KDC. * //from w w w . j a v a 2 s . c o m * @throws LoginException * @throws PrivilegedActionException */ private void start() throws LoginException, PrivilegedActionException { System.out.println("Starting GSSTestServer - login"); // Use our custom configuration to avoid reliance on external config Configuration.setConfiguration(new Configuration() { @Override public AppConfigurationEntry[] getAppConfigurationEntry(String name) { final Map<String, Object> options = new HashMap<String, Object>(); options.put("refreshKrb5Config", "true"); options.put("storeKey", "true"); return new AppConfigurationEntry[] { new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options) }; } }); // 1. Authenticate to Kerberos. final LoginContext lc = new LoginContext("foo", new UsernamePasswordHandler(PRINCIPAL, PASSWORD != null ? PASSWORD.toCharArray() : null)); lc.login(); System.out.println("Authentication succeed"); // 2. Perform the work as authenticated Subject. final String finishMsg = Subject.doAs(lc.getSubject(), new ServerAction()); System.out.println("Server stopped with result: " + (finishMsg == null ? "OK" : finishMsg)); lc.logout(); }
From source file:org.marketcetera.saclient.MockStrategyAgent.java
/** * Sets up the JAAS Configuration such that both Client's test Mock server * and remote-receiver's can work.//from w ww .j a v a 2 s .co m */ private static void setupConfiguration() { Configuration.setConfiguration(new Configuration() { public AppConfigurationEntry[] getAppConfigurationEntry(String inName) { if ("remoting-amq-domain".equals(inName)) { //the login module for the receiver module. return new AppConfigurationEntry[] { new AppConfigurationEntry(ClientLoginModule.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, Collections.unmodifiableMap(new HashMap<String, String>())) }; } else if ("test-amq-domain".equals(inName)) { //the login module for mock server return new AppConfigurationEntry[] { new AppConfigurationEntry(MockLoginModule.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, Collections.unmodifiableMap(new HashMap<String, String>())) }; } return null; } }); }
From source file:com.vmware.o11n.plugin.powershell.remote.impl.winrm.KerberosTokenGenerator.java
private void login(final NTUser userName, final String password) throws LoginException { this.subject = new Subject(); LoginContext login;//from w w w . jav a 2 s. c o m login = new LoginContext("", subject, new CallbackHandler() { @Override public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (Callback callback : callbacks) { if (callback instanceof NameCallback) { //We may need some more complete mapping between AD user domain and Kerberos realms String kerbUserSPN = userName.getUserName(); if (StringUtils.isNotBlank(userName.getDomain())) { kerbUserSPN += "@" + userName.getDomain().toUpperCase(); } log.debug("Kerberos login name: " + kerbUserSPN); ((NameCallback) callback).setName(kerbUserSPN); } else if (callback instanceof PasswordCallback) { ((PasswordCallback) callback).setPassword(password.toCharArray()); } } } }, new Configuration() { @Override public AppConfigurationEntry[] getAppConfigurationEntry(String name) { Map<String, String> config = new HashMap<String, String>(); config.put("useTicketCache", "false"); return new AppConfigurationEntry[] { new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, config) }; } }); login.login(); }
From source file:org.apache.lens.server.auth.SpnegoAuthenticationFilter.java
private static Configuration getJaasKrb5TicketConfig(final String principal, final File keytab) { return new Configuration() { @Override/*from ww w. j a v a 2s . c o m*/ public AppConfigurationEntry[] getAppConfigurationEntry(String name) { Map<String, String> options = new HashMap<>(); options.put("principal", principal); options.put("keyTab", keytab.getAbsolutePath()); options.put("doNotPrompt", "true"); options.put("useKeyTab", "true"); options.put("storeKey", "true"); options.put("isInitiator", "false"); return new AppConfigurationEntry[] { new AppConfigurationEntry(KERBEROS_LOGIN_MODULE_NAME, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options), }; } }; }
From source file:org.eclipse.gyrex.boot.internal.app.ServerApplication.java
private void startConsole() throws BundleException { // enable SSH console // TODO: might want to use ConfigAdmin? final EnvironmentInfo environmentInfo = BootActivator.getEnvironmentInfo(); if (null == environmentInfo.getProperty("osgi.console.ssh")) { // set default ssh port environmentInfo.setProperty("osgi.console.ssh", String.valueOf(Platform.getInstancePort(3122))); }// ww w . j av a 2 s . co m if (null == environmentInfo.getProperty("ssh.custom.publickeys.auth")) { // enable custom ssh authentication environmentInfo.setProperty("ssh.custom.publickeys.auth", "true"); } if (startBundle(BSN_EQUINOX_CONSOLE_SSH, false)) { try { final Object authenticator = BootActivator.getInstance().getBundle().loadClass( "org.eclipse.gyrex.boot.internal.ssh.InstanceLocationAuthorizedKeysFileAuthenticator") .newInstance(); BootActivator.getInstance().getServiceHelper().registerService( "org.apache.sshd.server.PublickeyAuthenticator", authenticator, "Eclipse Gyrex", "Equionx SSH Console authorized_keys support for Gyrex.", null, Integer.MAX_VALUE); } catch (final ClassNotFoundException e) { // ignore } catch (final LinkageError e) { // ignore } catch (final Exception e) { // error (but do not fail) LOG.warn("Unable to register authorized_keys file support for Equinox SSH Console. ", e); } // allow any combination of username/password in development mode if (Platform.inDevelopmentMode()) { final AppConfigurationEntry[] allowAny = new AppConfigurationEntry[] { new AppConfigurationEntry("org.eclipse.gyrex.boot.console.jaas.AllowAnyUserLoginModule", LoginModuleControlFlag.SUFFICIENT, new HashMap<String, Object>()) }; final Configuration configuration = Configuration.getConfiguration(); Configuration.setConfiguration(new Configuration() { @Override public AppConfigurationEntry[] getAppConfigurationEntry(final String name) { final AppConfigurationEntry[] entry = configuration.getAppConfigurationEntry(name); if (((entry == null) || (entry.length == 0)) && "equinox_console".equals(name)) return allowAny; return entry; } }); } } }
From source file:org.wso2.carbon.mediator.kerberos.KerberosMediator.java
/** * Set JASS configuration with the principal and keyTab. *//* ww w .j a v a2 s . c om*/ private void setJASSConfiguration(boolean useKeyTab, MessageContext msgCtx) { Map<String, Object> optionSet = new HashMap<>(); if (StringUtils.isNotEmpty(getLoginConfig())) { String loginConfigPath = CONFIG_PATH + getLoginConfig(); File file = new File(loginConfigPath); if (file.exists()) { System.setProperty(KerberosConstants.JAAS_CONFIG_PROPERTY, file.getAbsolutePath()); AppConfigurationEntry entries[] = Configuration.getConfiguration() .getAppConfigurationEntry(getLoginContextName()); if (entries != null && entries.length != 0) { Map<String, ?> options = entries[0].getOptions(); for (String s : options.keySet()) { optionSet.put(s, options.get(s)); } } else { handleException("Could not find specified service account.", msgCtx); } } else { handleException("Could not find the login configuration.", msgCtx); } } else if (StringUtils.isNotEmpty(getLoginContextName())) { String loginConfigPath = DEFAULT_LOGIN_CONFIG_PATH; File file = new File(loginConfigPath); if (file.exists()) { System.setProperty(KerberosConstants.JAAS_CONFIG_PROPERTY, file.getAbsolutePath()); AppConfigurationEntry entries[] = Configuration.getConfiguration() .getAppConfigurationEntry(getLoginContextName()); if (entries != null && entries.length != 0) { Map<String, ?> options = entries[0].getOptions(); for (String s : options.keySet()) { optionSet.put(s, options.get(s)); } } else { handleException("Could not find specified service account.", msgCtx); } } else { handleException("Could not find the login configuration.", msgCtx); } } optionSet.put(KerberosConstants.IS_INITIATOR, "true"); optionSet.put(KerberosConstants.PRINCIPAL, clientPrincipalValue); optionSet.put(KerberosConstants.USE_KEYTAB, String.valueOf(useKeyTab)); if (useKeyTab) { File keyTabFile = new File(keytabPath); if (keyTabFile.exists()) { optionSet.put(KerberosConstants.KEYTAB, keyTabFile.getAbsolutePath()); } else { handleException("Could not find the keytab file " + keytabPath + " in the location " + CONFIG_PATH, msgCtx); } } else { optionSet.put(KerberosConstants.KEYTAB, null); } if (log.isDebugEnabled()) { optionSet.put(KerberosConstants.DEBUG, "true"); } final Map<String, Object> finalOptionSet = optionSet; Configuration.setConfiguration(new Configuration() { @Override public AppConfigurationEntry[] getAppConfigurationEntry(String name) { return new AppConfigurationEntry[] { new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, finalOptionSet) }; } }); }