Examples of SubjectCreator

org.apache.qpid.server.security.SubjectCreator
Creates a {@link Subject} formed by the {@link Principal}'s returned from:
1. Authenticating using an {@link AuthenticationManager}
2. A {@link GroupPrincipalAccessor}
SubjectCreator is a facade to the {@link AuthenticationManager}, and is intended to be the single place that {@link Subject}'s are created in the broker.

Examples of org.apache.qpid.server.security.SubjectCreator

        response.setDateHeader ("Expires", 0);


        HttpSession session = request.getSession();
        getRandom(session);


        SubjectCreator subjectCreator = getSubjectCreator(request);
        List<String> mechanismsList = subjectCreator.getMechanisms();
        String[] mechanisms = mechanismsList.toArray(new String[mechanismsList.size()]);
        Map<String, Object> outputObject = new LinkedHashMap<String, Object>();


        final Subject subject = getAuthorisedSubject(request);
        if(subject != null)

View Full Code Here

Examples of org.apache.qpid.server.security.SubjectCreator


            String mechanism = request.getParameter("mechanism");
            String id = request.getParameter("id");
            String saslResponse = request.getParameter("response");


            SubjectCreator subjectCreator = getSubjectCreator(request);


            if(mechanism != null)
            {
                if(id == null)
                {
                    if(LOGGER.isDebugEnabled())
                    {
                        LOGGER.debug("Creating SaslServer for mechanism: " + mechanism);
                    }
                    SaslServer saslServer = subjectCreator.createSaslServer(mechanism, request.getServerName(), null/*TODO*/);
                    evaluateSaslResponse(request, response, session, saslResponse, saslServer, subjectCreator);
                }
                else
                {
                    response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED);

View Full Code Here

Examples of org.apache.qpid.server.security.SubjectCreator

    public static Subject tryToAuthenticate(HttpServletRequest request, HttpManagementConfiguration managementConfig)
    {
        Subject subject = null;
        SocketAddress localAddress = getSocketAddress(request);
        final AuthenticationProvider authenticationProvider = managementConfig.getAuthenticationProvider(localAddress);
        SubjectCreator subjectCreator = authenticationProvider.getSubjectCreator(request.isSecure());
        String remoteUser = request.getRemoteUser();


        if (remoteUser != null || authenticationProvider instanceof AnonymousAuthenticationManager)
        {
            subject = authenticateUser(subjectCreator, remoteUser, null);
        }
        else if(authenticationProvider instanceof ExternalAuthenticationManager
                && Collections.list(request.getAttributeNames()).contains("javax.servlet.request.X509Certificate"))
        {
            Principal principal = null;
            X509Certificate[] certificates =
                    (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
            if(certificates != null && certificates.length != 0)
            {
                principal = certificates[0].getSubjectX500Principal();


                if(!Boolean.valueOf(String.valueOf(authenticationProvider.getAttribute(ExternalAuthenticationManager.ATTRIBUTE_USE_FULL_DN))))
                {
                    String username;
                    String dn = ((X500Principal) principal).getName(X500Principal.RFC2253);




                    username = SSLUtil.getIdFromSubjectDN(dn);
                    principal = new  UsernamePrincipal(username);
                }


                subject = subjectCreator.createSubjectWithGroups(new AuthenticatedPrincipal(principal));
            }
        }
        else
        {
            String header = request.getHeader("Authorization");

View Full Code Here

Examples of org.apache.qpid.server.security.SubjectCreator

        _network = network;
        _sender = sender;


        Container container = new Container(_broker.getId().toString());


        SubjectCreator subjectCreator = _broker.getSubjectCreator(getLocalAddress());
        _endpoint = new ConnectionEndpoint(container, asSaslServerProvider(subjectCreator));


        Map<Symbol,Object> serverProperties = new LinkedHashMap<Symbol, Object>();
        serverProperties.put(Symbol.valueOf(ServerPropertyNames.PRODUCT), QpidProperties.getProductName());
        serverProperties.put(Symbol.valueOf(ServerPropertyNames.VERSION), QpidProperties.getReleaseVersion());
        serverProperties.put(Symbol.valueOf(ServerPropertyNames.QPID_BUILD), QpidProperties.getBuildVersion());
        serverProperties.put(Symbol.valueOf(ServerPropertyNames.QPID_INSTANCE_NAME), _broker.getName());


        _endpoint.setProperties(serverProperties);


        _endpoint.setRemoteAddress(getRemoteAddress());
        _connection = new Connection_1_0(_broker, _endpoint, _connectionId, _port, _transport, subjectCreator);
        _endpoint.setConnectionEventListener(_connection);
        _endpoint.setFrameOutputHandler(this);
        _endpoint.setSaslFrameOutput(this);


        _endpoint.setOnSaslComplete(new Runnable()
        {
            public void run()
            {
                if (_endpoint.isAuthenticated())
                {
                    _sender.send(PROTOCOL_HEADER.duplicate());
                    _sender.flush();
                }
                else
                {
                    _network.close();
                }
            }
        });
        _frameWriter =  new FrameWriter(_endpoint.getDescribedTypeRegistry());
        _frameHandler = new SASLFrameHandler(_endpoint);


        _sender.send(HEADER.duplicate());
        _sender.flush();


        _endpoint.initiateSASL(subjectCreator.getMechanisms().split(" "));




    }

View Full Code Here

Examples of org.apache.qpid.server.security.SubjectCreator

    public static Subject tryToAuthenticate(HttpServletRequest request, HttpManagementConfiguration managementConfig)
    {
        Subject subject = null;
        SocketAddress localAddress = getSocketAddress(request);
        final AuthenticationProvider authenticationProvider = managementConfig.getAuthenticationProvider(localAddress);
        SubjectCreator subjectCreator = authenticationProvider.getSubjectCreator();
        String remoteUser = request.getRemoteUser();


        if (remoteUser != null || subjectCreator.isAnonymousAuthenticationAllowed())
        {
            subject = authenticateUser(subjectCreator, remoteUser, null);
        }
        else if(subjectCreator.isExternalAuthenticationAllowed()
                && Collections.list(request.getAttributeNames()).contains("javax.servlet.request.X509Certificate"))
        {
            Principal principal = null;
            X509Certificate[] certificates =
                    (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
            if(certificates != null && certificates.length != 0)
            {
                principal = certificates[0].getSubjectX500Principal();


                if(!Boolean.valueOf(String.valueOf(authenticationProvider.getAttribute(ExternalAuthenticationManagerFactory.ATTRIBUTE_USE_FULL_DN))))
                {
                    String username;
                    String dn = ((X500Principal) principal).getName(X500Principal.RFC2253);




                    username = SSLUtil.getIdFromSubjectDN(dn);
                    principal = new  UsernamePrincipal(username);
                }


                subject = subjectCreator.createSubjectWithGroups(new AuthenticatedPrincipal(principal));
            }
        }
        else
        {
            String header = request.getHeader("Authorization");

View Full Code Here

Examples of org.apache.qpid.server.security.SubjectCreator

        response.setDateHeader ("Expires", 0);


        HttpSession session = request.getSession();
        getRandom(session);


        SubjectCreator subjectCreator = getSubjectCreator(request);
        String[] mechanisms = subjectCreator.getMechanisms().split(" ");
        Map<String, Object> outputObject = new LinkedHashMap<String, Object>();


        final Subject subject = getAuthorisedSubject(request);
        if(subject != null)
        {

View Full Code Here

Examples of org.apache.qpid.server.security.SubjectCreator


            String mechanism = request.getParameter("mechanism");
            String id = request.getParameter("id");
            String saslResponse = request.getParameter("response");


            SubjectCreator subjectCreator = getSubjectCreator(request);


            if(mechanism != null)
            {
                if(id == null)
                {
                    if(LOGGER.isDebugEnabled())
                    {
                        LOGGER.debug("Creating SaslServer for mechanism: " + mechanism);
                    }
                    SaslServer saslServer = subjectCreator.createSaslServer(mechanism, request.getServerName(), null/*TODO*/);
                    evaluateSaslResponse(request, response, session, saslResponse, saslServer, subjectCreator);
                }
                else
                {
                    response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED);

View Full Code Here

Examples of org.apache.qpid.server.security.SubjectCreator

    }


    @Override
    public SubjectCreator getSubjectCreator()
    {
        return new SubjectCreator(this, _broker.getGroupProviders());
    }

View Full Code Here

Examples of org.apache.qpid.server.security.SubjectCreator

        if (username == null || password == null)
        {
            throw new SecurityException(SHOULD_BE_NON_NULL);
        }


        SubjectCreator subjectCreator = _broker.getSubjectCreator(_address);
        if (subjectCreator == null)
        {
            throw new SecurityException("Can't get subject creator for " + _address);
        }


        final SubjectAuthenticationResult result = subjectCreator.authenticate(username, password);


        if (AuthenticationStatus.ERROR.equals(result.getStatus()))
        {
            throw new SecurityException("Authentication manager failed", result.getCause());
        }

View Full Code Here

Examples of org.apache.qpid.server.security.SubjectCreator

        response.setDateHeader ("Expires", 0);


        HttpSession session = request.getSession();
        getRandom(session);


        SubjectCreator subjectCreator = ApplicationRegistry.getInstance().getSubjectCreator(getSocketAddress(request));
        String[] mechanisms = subjectCreator.getMechanisms().split(" ");
        Map<String, Object> outputObject = new LinkedHashMap<String, Object>();


        final Subject subject = getAuthorisedSubjectFromSession(session);
        if(subject != null)
        {

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.