Examples of org.jboss.seam.security.Credentials

• org.jboss.seam.security.Credentials
  Represents the credentials the current user will use to authenticate @author Shane Bryzak

    Contexts.getSessionContext().set("org.jboss.seam.security.identity",
        this);
  }

  public Credentials getCredentials() {
    return new Credentials() {
         public String getUsername()
         {
            return "mockedUser";
         }
    };

        setRolesAndAccessLevels(user);
        return true;
    }

    public boolean authenticate() {
        Credentials credentials = Identity.instance().getCredentials();
        log.debug("attempting authentication of user: " + credentials.getUsername());
        User user = getUserForCredentials(credentials.getUsername(),  credentials.getPassword());
        if (user == null) return false;

        setRolesAndAccessLevels(user);

        // Set last login (storing the previous last login too, so we can create deltas between the two logins)

      if (identity == null)
      {
         throw new ServletException("Identity not found - please ensure that the Identity component is created on startup.");
      }

      Credentials credentials = (Credentials) ctx.get(Credentials.class);

      boolean requireAuth = false;

      String header = request.getHeader("Authorization");
      if (header != null && header.startsWith("Basic "))
      {
         String base64Token = header.substring(6);
         String token = new String(Base64.decode(base64Token));

         String username = "";
         String password = "";
         int delim = token.indexOf(":");

         if (delim != -1)
         {
             username = token.substring(0, delim);
             password = token.substring(delim + 1);
         }

         // Only reauthenticate if username doesn't match Identity.username and user isn't authenticated
         if (!username.equals(credentials.getUsername()) || !identity.isLoggedIn())
         {
            try
            {
               credentials.setPassword(password);
               authenticate( request, username );
            }
            catch (Exception ex)
            {
               log.warn("Error authenticating: " + ex.getMessage());
               requireAuth = true;
            }
         }
      }

      if (!identity.isLoggedIn() && !credentials.isSet())
      {
         requireAuth = true;
      }

      try

      if (identity == null)
      {
         throw new ServletException("Identity not found - please ensure that the Identity component is created on startup.");
      }

      Credentials credentials = (Credentials) ctx.get(Credentials.class);

      boolean requireAuth = false;
      boolean nonceExpired = false;

      String header = request.getHeader("Authorization");
      if (header != null && header.startsWith("Digest "))
      {
         String section212response = header.substring(7);

         String[] headerEntries = section212response.split(",");
         Map<String,String> headerMap = new HashMap<String,String>();
         for (String entry : headerEntries)
         {
            String[] vals = split(entry, "=");
            headerMap.put(vals[0].trim(), vals[1].replace("\"", "").trim());
         }


         DigestRequest digestRequest = new DigestRequest();
         digestRequest.setHttpMethod(request.getMethod());
         digestRequest.setSystemRealm(realm);
         digestRequest.setRealm(headerMap.get("realm"));
         digestRequest.setKey(key);
         digestRequest.setNonce(headerMap.get("nonce"));
         digestRequest.setUri(headerMap.get("uri"));
         digestRequest.setClientDigest(headerMap.get("response"));
         digestRequest.setQop(headerMap.get("qop"));
         digestRequest.setNonceCount(headerMap.get("nc"));
         digestRequest.setClientNonce(headerMap.get("cnonce"));

         try
         {
            digestRequest.validate();
            request.getSession().setAttribute(DigestRequest.DIGEST_REQUEST, digestRequest);
            authenticate( request, headerMap.get("username") );
         }
         catch (DigestValidationException ex)
         {
            log.warn(String.format("Digest validation failed, header [%s]: %s",
                     section212response, ex.getMessage()));
            requireAuth = true;

            if (ex.isNonceExpired()) nonceExpired = true;
         }
         catch (Exception ex)
         {
            log.warn("Error authenticating: " + ex.getMessage());
            requireAuth = true;
         }
      }

      if (!identity.isLoggedIn() && !credentials.isSet())
      {
         requireAuth = true;
      }

      try

      if (identity == null)
      {
         throw new ServletException("Identity not found - please ensure that the Identity component is created on startup.");
      }

      Credentials credentials = identity.getCredentials();

      boolean requireAuth = false;

      String header = request.getHeader("Authorization");
      if (header != null && header.startsWith("Basic "))
      {
         String base64Token = header.substring(6);
         String token = new String(Base64.decode(base64Token));

         String username = "";
         String password = "";
         int delim = token.indexOf(":");

         if (delim != -1)
         {
             username = token.substring(0, delim);
             password = token.substring(delim + 1);
         }

         // Only reauthenticate if username doesn't match Identity.username and user isn't authenticated
         if (!username.equals(credentials.getUsername()) || !identity.isLoggedIn())
         {
            try
            {
               credentials.setPassword(password);
               authenticate( request, username );
            }
            catch (Exception ex)
            {
               log.warn("Error authenticating: " + ex.getMessage());
               requireAuth = true;
            }
         }
      }

      if (!identity.isLoggedIn() && !credentials.isSet())
      {
         requireAuth = true;
      }

      try

      if (identity == null)
      {
         throw new ServletException("Identity not found - please ensure that the Identity component is created on startup.");
      }

      Credentials credentials = identity.getCredentials();

      boolean requireAuth = false;
      boolean nonceExpired = false;

      String header = request.getHeader("Authorization");
      if (header != null && header.startsWith("Digest "))
      {
         String section212response = header.substring(7);

         String[] headerEntries = section212response.split(",");
         Map<String,String> headerMap = new HashMap<String,String>();
         for (String entry : headerEntries)
         {
            String[] vals = split(entry, "=");
            headerMap.put(vals[0].trim(), vals[1].replace("\"", "").trim());
         }

         DigestRequest digestRequest = new DigestRequest();
         digestRequest.setHttpMethod(request.getMethod());
         digestRequest.setSystemRealm(realm);
         digestRequest.setRealm(headerMap.get("realm"));
         digestRequest.setKey(key);
         digestRequest.setNonce(headerMap.get("nonce"));
         digestRequest.setUri(headerMap.get("uri"));
         digestRequest.setClientDigest(headerMap.get("response"));
         digestRequest.setQop(headerMap.get("qop"));
         digestRequest.setNonceCount(headerMap.get("nc"));
         digestRequest.setClientNonce(headerMap.get("cnonce"));

         try
         {
            digestRequest.validate();
            request.getSession().setAttribute(DigestRequest.DIGEST_REQUEST, digestRequest);
            authenticate( request, headerMap.get("username") );
         }
         catch (DigestValidationException ex)
         {
            log.warn(String.format("Digest validation failed, header [%s]: %s",
                     section212response, ex.getMessage()));
            requireAuth = true;

            if (ex.isNonceExpired()) nonceExpired = true;
         }
         catch (Exception ex)
         {
            log.warn("Error authenticating: " + ex.getMessage());
            requireAuth = true;
         }
      }

      if (!identity.isLoggedIn() && !credentials.isSet())
      {
         requireAuth = true;
      }

      try

    Contexts.getSessionContext().set("org.jboss.seam.security.identity",
        this);
  }

  public Credentials getCredentials() {
    return new Credentials() {
         public String getUsername()
         {
            return "mockedUser";
         }
    };

      if (identity == null)
      {
         throw new ServletException("Identity not found - please ensure that the Identity component is created on startup.");
      }

      Credentials credentials = (Credentials) ctx.get(Credentials.class);

      boolean requireAuth = false;

      String header = request.getHeader("Authorization");
      if (header != null && header.startsWith("Basic "))
      {
         String base64Token = header.substring(6);
         String token = new String(Base64.decode(base64Token));

         String username = "";
         String password = "";
         int delim = token.indexOf(":");

         if (delim != -1)
         {
             username = token.substring(0, delim);
             password = token.substring(delim + 1);
         }

         // Only reauthenticate if username doesn't match Identity.username and user isn't authenticated
         if (!username.equals(credentials.getUsername()) || !identity.isLoggedIn())
         {
            try
            {
               credentials.setPassword(password);
               authenticate( request, username );
            }
            catch (Exception ex)
            {
               log.warn("Error authenticating: " + ex.getMessage());
               requireAuth = true;
            }
         }
      }

      if (!identity.isLoggedIn() && !credentials.isSet())
      {
         requireAuth = true;
      }

      try

      if (identity == null)
      {
         throw new ServletException("Identity not found - please ensure that the Identity component is created on startup.");
      }

      Credentials credentials = (Credentials) ctx.get(Credentials.class);

      boolean requireAuth = false;
      boolean nonceExpired = false;

      String header = request.getHeader("Authorization");
      if (header != null && header.startsWith("Digest "))
      {
         String section212response = header.substring(7);

         String[] headerEntries = section212response.split(",");
         Map<String,String> headerMap = new HashMap<String,String>();
         for (String entry : headerEntries)
         {
            String[] vals = split(entry, "=");
            headerMap.put(vals[0].trim(), vals[1].replace("\"", "").trim());
         }


         DigestRequest digestRequest = new DigestRequest();
         digestRequest.setHttpMethod(request.getMethod());
         digestRequest.setSystemRealm(realm);
         digestRequest.setRealm(headerMap.get("realm"));
         digestRequest.setKey(key);
         digestRequest.setNonce(headerMap.get("nonce"));
         digestRequest.setUri(headerMap.get("uri"));
         digestRequest.setClientDigest(headerMap.get("response"));
         digestRequest.setQop(headerMap.get("qop"));
         digestRequest.setNonceCount(headerMap.get("nc"));
         digestRequest.setClientNonce(headerMap.get("cnonce"));

         try
         {
            digestRequest.validate();
            request.getSession().setAttribute(DigestRequest.DIGEST_REQUEST, digestRequest);
            authenticate( request, headerMap.get("username") );
         }
         catch (DigestValidationException ex)
         {
            log.warn(String.format("Digest validation failed, header [%s]: %s",
                     section212response, ex.getMessage()));
            requireAuth = true;

            if (ex.isNonceExpired()) nonceExpired = true;
         }
         catch (Exception ex)
         {
            log.warn("Error authenticating: " + ex.getMessage());
            requireAuth = true;
         }
      }

      if (!identity.isLoggedIn() && !credentials.isSet())
      {
         requireAuth = true;
      }

      try

      {
         Object attribute = session.getAttribute("org.jboss.seam.security.identity");
         if (attribute instanceof Identity)
         {
             Identity identity = (Identity) attribute;
             Credentials credentials = identity.getCredentials();
             String username = credentials != null ? credentials.getUsername() : null;
             if (username != null)
             {
                 MDC.put("username", username);
             }
         }