Examples of org.jboss.security.AuthenticationManager

org.jboss.security.AuthenticationManager
The AuthenticationManager is responsible for validating credentials associated with principals. @author Scott.Stark@jboss.org @author Anil.Saldhana@jboss.org @version $Revision: 58755 $

   @ManagementOperation(description = "Create the context for the specified security domain",
         params = {@ManagementParameter(name = "securityDomain", description = "The security domain name")})
   public SecurityDomainContext createSecurityDomainContext(String securityDomain) throws Exception
   {   
      log.debug("Creating SDC for domain="+securityDomain);
      AuthenticationManager am = createAuthenticationManager(securityDomain);
      if(cachePolicy == null)
      {
         cachePolicy = createDefaultCachePolicy();
      }
      //Set security cache if the auth manager implementation supports it

View Full Code Here

      if(this.securityManagement == null)
         throw new IllegalStateException("SecurityManagement has not been injected");
      Subject subject = new Subject();
      //Validate the caller
      Principal principal = SecurityActions.getPrincipal();
      AuthenticationManager authenticationManager = securityManagement.getAuthenticationManager(securityDomainName);
      if(authenticationManager == null)
      {
         String defaultSecurityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
         if(log.isTraceEnabled())
         {
            log.trace("AuthenticationManager for " 
                  + securityDomainName + " not found. Using " + defaultSecurityDomain);
         }
         authenticationManager = 
            securityManagement.getAuthenticationManager(defaultSecurityDomain);
      }
      if(authenticationManager.isValid(principal, 
            SecurityActions.getCredential(), subject) == false)
         throw new SecurityException("Unauthenticated caller:" + principal);
      return subject;
   }

View Full Code Here

         // Create instance of securityMgrClass
         Class[] parameterTypes = {String.class, CallbackHandler.class};
         Constructor ctor = securityMgrClass.getConstructor(parameterTypes);
         CallbackHandler handler = (CallbackHandler) callbackHandlerClass.newInstance();
         Object[] args = {securityDomain, handler};
         AuthenticationManager securityMgr = (AuthenticationManager) ctor.newInstance(args);
         log.debug("Created securityMgr="+securityMgr);
         CachePolicy cachePolicy = lookupCachePolicy(securityDomain);
         sdc = new SecurityDomainContext(securityMgr, cachePolicy);
         // See if the security mgr supports an externalized cache policy
         setSecurityDomainCache(securityMgr, cachePolicy);

View Full Code Here

      }
      else
      {
         if (securityManagement == null)
            throw new SecurityException("SecurityManagement has not been set");
         AuthenticationManager authenticationManager = securityManagement.getAuthenticationManager(securityDomain);
         if (authenticationManager == null)
            throw new SecurityException("AuthenticationManager is null for domain=" + securityDomain);
         authenticated = authenticationManager.isValid(principal, passwordChars, subject);
      }


      if (authenticated)
      {
         // Warning! This "taints" thread local. Make sure you pop it off the stack as soon as

View Full Code Here

         ServerAuthContext sa = sc.getAuthContext(null,null, null); 
         if(sa == null)
            throw new ServletException("ServerAuthContext obtained is null");
         String username = request.getParameter("user");
         String pass = request.getParameter("pass");
         AuthenticationManager am = (AuthenticationManager)sa;
         boolean isValid = am.isValid(new SimplePrincipal(username),pass);
         if(isValid == false)
            throw new ServletException("Validation failed for username=" + username);
         else
            log.error("Validation passed for username="+username+". This is good!");
      }catch(Exception e)

View Full Code Here

    private AccountImpl getAccount(final String id) {
        return new AccountImpl(id);
    }


    private Account verifyCredential(final AccountImpl account, final Object credential) {
        final AuthenticationManager authenticationManager = securityDomainContext.getAuthenticationManager();
        final AuthorizationManager authorizationManager = securityDomainContext.getAuthorizationManager();
        final SecurityContext sc = SecurityActions.getSecurityContext();
        Principal incomingPrincipal = account.getOriginalPrincipal();
        Subject subject = new Subject();
        try {
            boolean isValid = authenticationManager.isValid(incomingPrincipal, credential, subject);
            if (isValid) {
                UndertowLogger.ROOT_LOGGER.tracef("User: %s is authenticated", incomingPrincipal);
                if (sc == null) {
                    throw UndertowLogger.ROOT_LOGGER.noSecurityContext();
                }

View Full Code Here

        }


    }


    private void handleSecurityCache(DeploymentInfo deploymentInfo, JBossWebMetaData mergedMetaData) {
        AuthenticationManager manager = securityDomainContextValue.getValue().getAuthenticationManager();
        if(manager instanceof CacheableManager) {
            deploymentInfo.addNotificationReceiver(new CacheInvalidationNotificationReceiver((CacheableManager<?, java.security.Principal>) manager));
            if(mergedMetaData.isFlushOnSessionInvalidation()) {
                CacheInvalidationSessionListener listener = new CacheInvalidationSessionListener((CacheableManager<?, java.security.Principal>) manager);
                deploymentInfo.addListener(Servlets.listener(CacheInvalidationSessionListener.class, new ImmediateInstanceFactory<EventListener>(listener)));

View Full Code Here

    }


    @Override
    public synchronized void stop(final StopContext stopContext) {
        IoUtils.safeClose(this.deploymentInfo.getResourceManager());
        AuthenticationManager authManager = securityDomainContextValue.getValue().getAuthenticationManager();
        if (authManager != null && authManager instanceof JBossCachedAuthenticationManager) {
            ((JBossCachedAuthenticationManager)authManager).releaseModuleEntries(module.getClassLoader());
        }
        this.deploymentInfo.setConfidentialPortManager(null);
        this.deploymentInfo = null;

View Full Code Here

        } else {
            subject.getPrincipals().add(principal);
        }


        if (authenticated == false) {
            AuthenticationManager authenticationManager = context.getAuthenticationManager();
            authenticated = authenticationManager.isValid(principal, credential, subject);
        }
        if (authenticated == true) {
            subjectInfo.setAuthenticatedSubject(subject);
        }

View Full Code Here

        return am;
    }


    /** {@inheritDoc} */
    public AuthenticationManager getAuthenticationManager(String securityDomain) {
        AuthenticationManager am = null;
        try {
            am = authMgrMap.get(securityDomain);
            if (am == null) {
                am = (AuthenticationManager) lookUpJNDI(securityDomain + "/authenticationMgr");
                authMgrMap.put(securityDomain, am);

View Full Code Here

0 1 2 3 4 5 6 7

TOP

Related Classes of org.jboss.security.AuthenticationManager

org.jboss.as.security.plugins.JNDIBasedSecurityManagement

org.jboss.as.security.service.SimpleSecurityManager

org.jboss.as.web.deployment.WarDeploymentProcessor

org.jboss.aspects.security.AuthenticationInterceptorFactory

org.jboss.aspects.security.RoleBasedAuthorizationInterceptorFactory

org.jboss.aspects.security.RunAsSecurityInterceptorFactory

org.jboss.ejb.EjbModule

org.jboss.ejb.plugins.security.PreSecurityInterceptor

org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor

org.jboss.ejb3.security.AuthenticationInterceptorFactory

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.