Examples of org.apache.qpid.server.security.auth.manager.AuthenticationManager

• org.apache.qpid.server.security.auth.manager.AuthenticationManager
  Implementations of the AuthenticationManager are responsible for determining the authenticity of a user's credentials.

  If the authentication is successful, the manager is responsible for producing an {@link AuthenticationResult} containing the user's main {@link Principal} and zero ormore other implementation-specific principals.

  The {@link #initialise()} method is responsible for registering SASL mechanisms required bythe manager. The {@link #close()} method must reverse this registration.

    private AuthenticationProviderAdapter<?> createAuthenticationProvider(UUID id, Broker broker, Map<String, Object> attributes)
    {
        for (AuthenticationManagerFactory factory : _factories)
        {
            AuthenticationManager manager = factory.createInstance(broker, attributes);
            if (manager != null)
            {
                AuthenticationProviderAdapter<?> authenticationProvider;
                if (manager instanceof PrincipalDatabaseAuthenticationManager)
                {

        response.setDateHeader ("Expires", 0);

        HttpSession session = request.getSession();
        Random rand = getRandom(session);

        AuthenticationManager authManager = ApplicationRegistry.getInstance().getAuthenticationManager(getSocketAddress(request));
        String[] mechanisms = authManager.getMechanisms().split(" ");
        Map<String, Object> outputObject = new LinkedHashMap<String, Object>();
        final Subject subject = (Subject) session.getAttribute("subject");
        if(subject != null)
        {
            final Principal principal = subject.getPrincipals().iterator().next();

            String mechanism = request.getParameter("mechanism");
            String id = request.getParameter("id");
            String saslResponse = request.getParameter("response");

            AuthenticationManager authManager = ApplicationRegistry.getInstance().getAuthenticationManager(getSocketAddress(request));

            if(mechanism != null)
            {
                if(id == null)
                {
                    SaslServer saslServer = authManager.createSaslServer(mechanism, request.getServerName(), null/*TODO*/);
                    evaluateSaslResponse(response, session, saslResponse, saslServer);
                }
                else
                {
                    response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED);

                    {
                        String[] credentials = (new String(Base64.decodeBase64(tokens[1].getBytes()))).split(":",2);
                        if(credentials.length == 2)
                        {
                            SocketAddress address = getSocketAddress(request);
                            AuthenticationManager authenticationManager =
                                    ApplicationRegistry.getInstance().getAuthenticationManager(address);
                            AuthenticationResult authResult =
                                    authenticationManager.authenticate(credentials[0], credentials[1]);
                            subject = authResult.getSubject();

                        }
                    }
                }

    public void methodReceived(AMQStateManager stateManager, ConnectionSecureOkBody body, int channelId) throws AMQException
    {
        AMQProtocolSession session = stateManager.getProtocolSession();

        AuthenticationManager authMgr = stateManager.getAuthenticationManager();

        SaslServer ss = session.getSaslServer();
        if (ss == null)
        {
            throw new AMQException("No SASL context set up in session");
        }
        MethodRegistry methodRegistry = session.getMethodRegistry();
        AuthenticationResult authResult = authMgr.authenticate(ss, body.getResponse());
        switch (authResult.getStatus())
        {
            case ERROR:
                Exception cause = authResult.getCause();

        AMQProtocolSession session = stateManager.getProtocolSession();

        _logger.info("SASL Mechanism selected: " + body.getMechanism());
        _logger.info("Locale selected: " + body.getLocale());

        AuthenticationManager authMgr = stateManager.getAuthenticationManager();
        SaslServer ss = null;
        try
        {
            ss = authMgr.createSaslServer(String.valueOf(body.getMechanism()), session.getLocalFQDN(), session.getPeerPrincipal());

            if (ss == null)
            {
                throw body.getConnectionException(AMQConstant.RESOURCE_ERROR, "Unable to create SASL Server:" + body.getMechanism());
            }

            session.setSaslServer(ss);

            final AuthenticationResult authResult = authMgr.authenticate(ss, body.getResponse());
            //save clientProperties
            session.setClientProperties(body.getClientProperties());

            MethodRegistry methodRegistry = session.getMethodRegistry();

    @Override
    protected void changeAttributes(Map<String, Object> attributes)
    {
        Map<String, Object> effectiveAttributes = super.generateEffectiveAttributes(attributes);
        AuthenticationManager manager = validateAttributes(effectiveAttributes);
        manager.initialise();
        super.changeAttributes(attributes);
        _authManager = (T)manager;

        // if provider was previously in ERRORED state then set its state to ACTIVE
        _state.compareAndSet(State.ERRORED, State.ACTIVE);

        AuthenticationManagerFactory managerFactory = _factories.get(newType);
        if (managerFactory == null)
        {
            throw new IllegalConfigurationException("Cannot find authentication provider factory for type " + newType);
        }
        AuthenticationManager manager = managerFactory.createInstance(_broker, attributes);
        if (manager == null)
        {
            throw new IllegalConfigurationException("Cannot change authentication provider " + newName + " of type " + newType + " with the given attributes");
        }
        return manager;

        _supportedVirtualHostStoreTypes = new MessageStoreCreator().getStoreTypes();
        _supportedBrokerStoreTypes = new BrokerConfigurationStoreCreator().getStoreTypes();
        _brokerStore = brokerStore;
        if (_brokerOptions.isManagementMode())
        {
            AuthenticationManager authManager = new SimpleAuthenticationManager(BrokerOptions.MANAGEMENT_MODE_USER_NAME, _brokerOptions.getManagementModePassword());
            AuthenticationProvider authenticationProvider = new SimpleAuthenticationProviderAdapter(UUID.randomUUID(), this,
                    authManager, Collections.<String, Object> emptyMap(), Collections.<String> emptySet());
            _managementAuthenticationProvider = authenticationProvider;
        }
    }

public class AuthenticationProviderFactoryTest extends TestCase
{

    public void testCreatePasswordCredentialManagingAuthenticationProvider()
    {
        AuthenticationManager am = mock(PrincipalDatabaseAuthenticationManager.class);
        AuthenticationProvider provider = testForFactory(am, true);
        assertTrue("The created provider should match the factory's AuthenticationManager type",
                provider instanceof PasswordCredentialManagingAuthenticationProvider);
        verify(am).onCreate();
    }