Package org.gatein.wci.security

Examples of org.gatein.wci.security.Credentials


     login(credentials, request, response, validityMillis, null);
  }

  public void login(Credentials credentials, HttpServletRequest request, HttpServletResponse response, long validityMillis, String initialURI) throws IOException
  {
     String ticket = TICKET_SERVICE.createTicket(new Credentials(credentials.getUsername(), credentials.getPassword()), validityMillis);

     if (initialURI == null) {
        initialURI = request.getRequestURI();
     }
     String url = "j_security_check?j_username=" + credentials.getUsername() + "&j_password=" + ticket + "&initialURI=" + initialURI;
View Full Code Here


      }
      catch (ServletException se)
      {
         try
         {
            String ticket = GenericAuthentication.TICKET_SERVICE.createTicket(new Credentials(credentials.getUsername(), credentials.getPassword()), TicketService.DEFAULT_VALIDITY);
            String url = "j_security_check?j_username=" + credentials.getUsername() + "&j_password=" + ticket + "&initialURI=" + initialURI;
            url = response.encodeRedirectURL(url);
            response.sendRedirect(url);
            response.flushBuffer();
         }
View Full Code Here

        //
        int status;
        if (req.getRemoteUser() == null) {
            if (username != null && password != null) {
                Credentials credentials = new Credentials(username, password);
                ServletContainer container = ServletContainerFactory.getServletContainer();

                // This will login or send an AuthenticationException
                try {
                    container.login(req, resp, credentials);
View Full Code Here

            String token = LoginServlet.getRememberMeTokenCookie(req);
            if (token != null) {
                ExoContainer container = getContainer();
                CookieTokenService tokenservice = (CookieTokenService) container
                        .getComponentInstanceOfType(CookieTokenService.class);
                Credentials credentials = tokenservice.validateToken(token, false);
                if (credentials != null) {
                    ServletContainer servletContainer = ServletContainerFactory.getServletContainer();
                    try {
                        servletContainer.login(req, resp, credentials);
                    } catch (Exception e) {
View Full Code Here

    public Credentials removeCredentials(HttpServletRequest request) {
        String sessionId = getSessionId(request);

        Map<String, Object> attributesOfClient = getAttributesOfClient(sessionId);

        Credentials credentials = (Credentials) attributesOfClient.remove(Credentials.CREDENTIALS);

        // Clear map if no more attributes are here.
        if (attributesOfClient.size() == 0) {
            removeClient(sessionId);
        }
View Full Code Here

                    String hashedRandomString = hashToken(randomString);
                    long expirationTimeMillis = System.currentTimeMillis() + validityMillis;

                    /* the symmetric encryption happens here */
                    String encryptedPassword = codec.encode(credentials.getPassword());
                    Credentials encodedCredentials = new Credentials(credentials.getUsername(), encryptedPassword);

                    try {
                        tokenContainer.saveToken(context.getSession(), id, hashedRandomString, encodedCredentials, new Date(expirationTimeMillis));
                    } catch (TokenExistsException e) {
                        cookieTokenString = null;
View Full Code Here

                HashedToken hashedToken = getMixin(en, HashedToken.class);
                if (hashedToken != null && hashedToken.getHashedToken() != null) {
                    try {
                        if (saltedHashService.validate(token.getRandomString(), hashedToken.getHashedToken())) {
                            GateInToken encryptedToken = en.getToken();
                            Credentials encryptedCredentials = encryptedToken.getPayload();
                            Credentials decryptedCredentials = new Credentials(encryptedCredentials.getUsername(),

                            codec.decode(encryptedCredentials.getPassword()));
                            if (remove) {
                                en.remove();
                            }
View Full Code Here

   @Override
   protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
   {
      resp.setContentType("text/html; charset=UTF-8");

      Credentials credentials = getWCIController().getCredentials(req, resp);

      //
      if (credentials == null)
      {
         //
         String token = getRememberMeTokenCookie(req);
         if (token != null)
         {
            AbstractTokenService tokenService = AbstractTokenService.getInstance(CookieTokenService.class);
            credentials = tokenService.validateToken(token, false);
            if (credentials == null)
            {
               log.debug("Login initiated with no credentials in session but found token an invalid " + token + " " +
                  "that will be cleared in next response");

               // We clear the cookie in the next response as it was not valid
               Cookie cookie = new Cookie(InitiateLoginServlet.COOKIE_NAME, "");
               cookie.setPath(req.getContextPath());
               cookie.setMaxAge(0);
               resp.addCookie(cookie);

               // This allows the customer to define another login page without
               // changing the portal
               getWCIController().showLoginForm(req, resp);
            }
            else
            {
               // Send authentication request
               log.debug("Login initiated with no credentials in session but found token " + token + " with existing credentials, " +
                  "performing authentication");
               getWCIController().sendAuth(req, resp, credentials.getUsername(), token);
            }
         }
         else
         {
            // This allows the customer to define another login page without
View Full Code Here

        //
        int status;
        if (req.getRemoteUser() == null) {
            if (username != null && password != null) {
                Credentials credentials = new Credentials(username, password);
                ServletContainer container = ServletContainerFactory.getServletContainer();

                // This will login or send an AuthenticationException
                try {
                    container.login(req, resp, credentials);
View Full Code Here

     * @see javax.security.auth.spi.LoginModule#login()
     */
    @SuppressWarnings("unchecked")
    public boolean login() throws LoginException {
        if (getContextMethod != null) {
            Credentials authCredentials = null;

            try {
                HttpServletRequest request = getCurrentHttpServletRequest();

                // This can be the case with CLI login
                if (request == null) {
                    log.debug("Unable to find HTTPServletRequest.");
                    return false;
                }

                authCredentials = (Credentials) request.getSession().getAttribute(AUTHENTICATED_CREDENTIALS);

                // If authenticated credentials were presented in HTTP session, it means that we were already logged on
                // different cluster node
                // with this HTTP session. We don't need to validate password again in this case (We don't have password anyway)
                if (authCredentials != null) {
                    Authenticator authenticator = (Authenticator) getContainer()
                            .getComponentInstanceOfType(Authenticator.class);
                    if (authenticator == null) {
                        throw new LoginException("No Authenticator component found, check your configuration");
                    }

                    String username = authCredentials.getUsername();
                    Identity identity = authenticator.createIdentity(username);

                    sharedState.put("exo.security.identity", identity);
                    sharedState.put("javax.security.auth.login.name", username);

View Full Code Here

TOP

Related Classes of org.gatein.wci.security.Credentials

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.