Package org.gatein.wci.security

Examples of org.gatein.wci.security.Credentials


      if (propertyMap.containsKey(WSHandlerConstants.USER) && propertyMap.get(WSHandlerConstants.USER).equals(GTN_CURRENT_USER))
      {
         CredentialsAccessor credentialsAccessor = WebServiceSecurityFactory.getInstance().getCredentialsAccessor();
         if (credentialsAccessor != null && credentialsAccessor.getCredentials() != null)
         {
            Credentials credentials = credentialsAccessor.getCredentials();
            propertyMap.put(WSHandlerConstants.USER, credentials.getUsername());

            String actionProperty = (String)propertyMap.get(WSHandlerConstants.ACTION);
            //Note: the action property can contain a space separated list of multiple actions
            if (actionProperty != null && actionProperty.contains(GTN_USERNAME_TOKEN_IF_AUTHENTICATED))
            {
               if (credentials.getPassword() != null)
               {
                  actionProperty = actionProperty.replace(GTN_USERNAME_TOKEN_IF_AUTHENTICATED, WSHandlerConstants.USERNAME_TOKEN);
               }
               else
               {
View Full Code Here


            {
               CredentialsAccessor credentialsAccessor = WebServiceSecurityFactory.getInstance().getCredentialsAccessor();

               if (credentialsAccessor != null && credentialsAccessor.getCredentials() != null)
               {
                  Credentials credentials = credentialsAccessor.getCredentials();
                  if (credentials.getUsername().equals(wspasswordCallBack.getIdentifier()))
                  {
                     wspasswordCallBack.setPassword(credentials.getPassword());
                  }
                  else
                  {
                     log.warn("The username in the callback does not match the currently authenticated user. Password not added to callback.");
                  }
View Full Code Here

   public void saveSSOCredentials(String username, HttpServletRequest httpRequest)
   {
      //Use empty password....it shouldn't be needed...this is a SSO login. The password has
      //already been presented with the SSO server. It should not be passed around for
      //better security
      Credentials credentials = new Credentials(username, "");

      httpRequest.getSession().setAttribute(Credentials.CREDENTIALS, credentials);

      // This is needed when using default login module stack instead of SSOLoginModule. In this case, GateIn authentication is done thanks to PortalLoginModule.
      httpRequest.getSession().setAttribute(GenericAgent.AUTHENTICATED_CREDENTIALS, credentials);
View Full Code Here

            email = user.getEmail();

            // Create token
            RemindPasswordTokenService tokenService = uiForm.getApplicationComponent(RemindPasswordTokenService.class);
            Credentials credentials = new Credentials(user.getUserName(), "");
            tokenId = tokenService.createToken(credentials);

            String portalName = URLEncoder.encode(Util.getUIPortal().getName(), "UTF-8");

            ResourceBundle res = requestContext.getApplicationResourceBundle();
View Full Code Here

        //
        int status;
        if (req.getRemoteUser() == null) {
            if (username != null && password != null) {
                Credentials credentials = new Credentials(username, password);
                ServletContainer container = ServletContainerFactory.getServletContainer();

                // This will login or send an AuthenticationException
                try {
                    container.login(req, resp, credentials);
View Full Code Here

                    String hashedRandomString = hashToken(randomString);
                    long expirationTimeMillis = System.currentTimeMillis() + validityMillis;

                    /* the symmetric encryption happens here */
                    String encryptedPassword = codec.encode(credentials.getPassword());
                    Credentials encodedCredentials = new Credentials(credentials.getUsername(), encryptedPassword);

                    try {
                        tokenContainer.saveToken(context.getSession(), id, hashedRandomString, encodedCredentials, new Date(expirationTimeMillis));
                    } catch (TokenExistsException e) {
                        cookieTokenString = null;
View Full Code Here

                HashedToken hashedToken = getMixin(en, HashedToken.class);
                if (hashedToken != null && hashedToken.getHashedToken() != null) {
                    try {
                        if (saltedHashService.validate(token.getRandomString(), hashedToken.getHashedToken())) {
                            GateInToken encryptedToken = en.getToken();
                            Credentials encryptedCredentials = encryptedToken.getPayload();
                            Credentials decryptedCredentials = new Credentials(encryptedCredentials.getUsername(),

                            codec.decode(encryptedCredentials.getPassword()));
                            if (remove) {
                                en.remove();
                            }
View Full Code Here

    @Destroy
    public abstract void remove();

    public GateInToken getToken() {
        return new GateInToken(getExpirationTime().getTime(), new Credentials(getUserName(), getPassword()));
    }
View Full Code Here

        //
        int status;
        if (req.getRemoteUser() == null) {
            if (username != null && password != null) {
                Credentials credentials = new Credentials(username, password);
                ServletContainer container = ServletContainerFactory.getServletContainer();

                // This will login or send an AuthenticationException
                try {
                    container.login(req, resp, credentials);
View Full Code Here

                AuthenticationRegistry.class);

        // This should happen during first request of authenticated user. We need to bind credentials to ConversationState
        // and unregister them from authenticationRegistry
        if (hreq.getRemoteUser() != null && authRegistry.getCredentials(hreq) != null) {
            Credentials credentials = authRegistry.removeCredentials(hreq);
            bindCredentialsToConversationState(credentials);
        }

        // Continue with filter chain
        chain.doFilter(request, response);
View Full Code Here

TOP

Related Classes of org.gatein.wci.security.Credentials

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.