List of usage examples for javax.security.auth.message.callback CallerPrincipalCallback getPrincipal
public Principal getPrincipal()
From source file:org.josso.jb5.agent.JOSSOJASPIAuthenticator.java
@Override protected boolean authenticate(Request request, Response response, LoginConfig config) throws IOException { boolean result = false; String authMethod = config.getAuthMethod(); // Have we already authenticated someone? Principal principal = request.getUserPrincipal(); if (principal != null) { log.trace("Already authenticated '" + principal.getName() + "'"); //return true; }/*from w w w . j av a2 s. c o m*/ Realm realm = this.context.getRealm(); // Is this request URI subject to a security constraint? SecurityConstraint[] constraints = realm.findSecurityConstraints(request, this.context); if (!jossoCookieExists(request) && principal == null && constraints != null && constraints.length > 0) { boolean authRequired = true; for (int i = 0; i < constraints.length && authRequired; i++) { if (!constraints[i].getAuthConstraint()) { authRequired = false; } else if (!constraints[i].getAllRoles()) { String[] roles = constraints[i].findAuthRoles(); if (roles == null || roles.length == 0) { authRequired = false; } } } if (authRequired) { forwardToLoginPage(request, response, config); return false; } } GenericMessageInfo messageInfo = new GenericMessageInfo(); messageInfo.setRequestMessage(request); messageInfo.setResponseMessage(response); // Put bits of information needed by tomcat server auth modules messageInfo.getMap().put("CACHE", cache); JASPICallbackHandler cbh = new JASPICallbackHandler(); Subject subject = new Subject(); ServerAuthenticationManager sam = getServerAuthenticationManager(); if (sam != null) { result = sam.isValid(messageInfo, subject, messageLayer, cbh); } // The Authentication process has been a success. We need to register // the principal, username, password with the container if (result) { PasswordValidationCallback pvc = cbh.getPasswordValidationCallback(); CallerPrincipalCallback cpcb = cbh.getCallerPrincipalCallback(); if (pvc != null && cpcb != null) { this.register(request, response, cpcb.getPrincipal(), authMethod, pvc.getUsername(), new String(pvc.getPassword())); JBossSecurityAssociationActions.setPrincipalInfo(cpcb.getPrincipal(), new String(pvc.getPassword()), subject); } } return result; }