Package org.gatein.wci.security

Examples of org.gatein.wci.security.Credentials


      if (propertyMap.containsKey(WSHandlerConstants.USER) && propertyMap.get(WSHandlerConstants.USER).equals(GTN_CURRENT_USER))
      {
         CredentialsAccessor credentialsAccessor = WebServiceSecurityFactory.getInstance().getCredentialsAccessor();
         if (credentialsAccessor != null && credentialsAccessor.getCredentials() != null)
         {
            Credentials credentials = credentialsAccessor.getCredentials();
            propertyMap.put(WSHandlerConstants.USER, credentials.getUsername());
           
            String actionProperty = (String)propertyMap.get(WSHandlerConstants.ACTION);
            //Note: the action property can contain a space separated list of multiple actions
            if (actionProperty != null && actionProperty.contains(GTN_USERNAME_TOKEN_IF_AUTHENTICATED))
            {
               if (credentials.getPassword() != null)
               {
                  actionProperty = actionProperty.replace(GTN_USERNAME_TOKEN_IF_AUTHENTICATED, WSHandlerConstants.USERNAME_TOKEN);
               }
               else
               {
View Full Code Here


            {
               CredentialsAccessor credentialsAccessor = WebServiceSecurityFactory.getInstance().getCredentialsAccessor();

               if (credentialsAccessor != null && credentialsAccessor.getCredentials() != null)
               {
                  Credentials credentials = credentialsAccessor.getCredentials();
                  if (credentials.getUsername() == wspasswordCallBack.getIdentifier())
                  {
                     wspasswordCallBack.setPassword(credentials.getPassword());
                  }
                  else
                  {
                     log.warn("The username in the callback does not match the currently authenticated user. Password not added to callback.");
                  }
View Full Code Here

   @Override
   public Credentials getCredentials(final HttpServletRequest req, final HttpServletResponse resp)
   {
      AuthenticationRegistry credRegistry = (AuthenticationRegistry)PortalContainer.getCurrentInstance(servletContext).
            getComponentInstanceOfType(AuthenticationRegistry.class);
      Credentials credentials = credRegistry.getCredentials(req);
     
      // Try to find AuthenticatedCredentials in HTTP session
      if (credentials == null)
      {
         credentials = (Credentials)req.getSession().getAttribute(PortalLoginModule.AUTHENTICATED_CREDENTIALS);
View Full Code Here

         initialURI = req.getContextPath();
      }

      // Now user is successfuly authenticated, so that we can remove credentials from temporary AuthenticationRegistry
      // and add them to ConversationState
      Credentials credentials = removeCredentialsFromRegistry(req);
      setCredentialsToConversationState(credentials);

      //
      resp.sendRedirect(resp.encodeRedirectURL(initialURI));
   }
View Full Code Here

   {
      if (ExoContainer.getProfiles().contains("cluster"))
      {
         HttpServletRequest httpRequest = (HttpServletRequest)request;

         Credentials credentials  = (Credentials)httpRequest.getSession().getAttribute(PortalLoginModule.AUTHENTICATED_CREDENTIALS);
        
         // Make programatic login if authenticated credentials are present in session - they were set in another cluster node
         if (credentials != null && httpRequest.getRemoteUser() == null)
         {
            WebAuthentication pwl = new WebAuthentication();
            pwl.login(credentials.getUsername(), credentials.getPassword());

         }

         chain.doFilter(request, response);
View Full Code Here

   @Override
   protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
   {
      resp.setContentType("text/html; charset=UTF-8");

      Credentials credentials = getWCIController().getCredentials(req, resp);

      //
      if (credentials == null)
      {
         //
View Full Code Here

            boolean isRemember = "true".equals(req.getParameter(InitiateLoginServlet.COOKIE_NAME));
            if (isRemember)
            {
               //Create token
               AbstractTokenService tokenService = AbstractTokenService.getInstance(CookieTokenService.class);
               Credentials credentials = getCredentials(req);
               String cookieToken = tokenService.createToken(credentials);

               log.debug("Found a remember me request parameter, created a persistent token " + cookieToken + " for it and set it up " +
                  "in the next response");
               Cookie cookie = new Cookie(InitiateLoginServlet.COOKIE_NAME, cookieToken);
View Full Code Here

   {
      String sessionId = getSessionId(request);

      Map<String, Object> attributesOfClient = getAttributesOfClient(sessionId);

      Credentials credentials = (Credentials)attributesOfClient.remove(Credentials.CREDENTIALS);

      // Clear map if no more attributes are here.
      if (attributesOfClient.size() == 0)
      {
         removeClient(sessionId);
View Full Code Here

      Map<String, TokenEntry> tokens = getTokens();
      TokenEntry entry = tokens.get(tokenId);
      if(entry != null)
      {
         GateInToken gateInToken = entry.getToken();
         Credentials payload = gateInToken.getPayload();
        
         //Return a cloned GateInToken
         return new GateInToken(gateInToken.getExpirationTimeMillis(), new Credentials(payload.getUsername(), codec
               .decode(payload.getPassword())));

      }
      return null;
   }
View Full Code Here

   @SuppressWarnings("unchecked")
   public boolean login() throws LoginException
   {
      if (getContextMethod != null)
      {
         Credentials authCredentials = null;

         try
         {
            HttpServletRequest request = getCurrentHttpServletRequest();

            // This can be the case with CLI login
            if (request == null)
            {
               log.debug("Unable to find HTTPServletRequest.");
               return false;
            }

            authCredentials = (Credentials)request.getSession().getAttribute(AUTHENTICATED_CREDENTIALS);

            // If authenticated credentials were presented in HTTP session, it means that we were already logged on different cluster node
            // with this HTTP session. We don't need to validate password again in this case (We don't have password anyway)
            if (authCredentials != null)
            {
               Authenticator authenticator = (Authenticator)getContainer().getComponentInstanceOfType(Authenticator.class);
               if (authenticator == null)
               {
                  throw new LoginException("No Authenticator component found, check your configuration");
               }

               String username = authCredentials.getUsername();
               Identity identity = authenticator.createIdentity(username);

               sharedState.put("exo.security.identity", identity);
               sharedState.put("javax.security.auth.login.name", username);
View Full Code Here

TOP

Related Classes of org.gatein.wci.security.Credentials

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.