This is an automated email from the ASF dual-hosted git repository. radcortez pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomee.git
commit a88d557937881238778ab81a6e79e62617cc2158 Author: Roberto Cortez <[email protected]> AuthorDate: Wed Dec 26 17:12:49 2018 +0000 TOMEE-2365 - Propagate CallbackHandler to perform authentication. --- .../security/http/TomEEHttpMessageContext.java | 40 ++++++++++++++++------ .../provider/TomEESecurityAuthConfigProvider.java | 2 +- .../provider/TomEESecurityServerAuthConfig.java | 17 +++++++-- .../provider/TomEESecurityServerAuthContext.java | 5 +-- .../provider/TomEESecurityServerAuthModule.java | 7 ++-- 5 files changed, 52 insertions(+), 19 deletions(-) diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java index dfb7627..878a550 100644 --- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java +++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java @@ -19,8 +19,12 @@ package org.apache.tomee.security.http; import org.apache.catalina.authenticator.jaspic.MessageInfoImpl; import javax.security.auth.Subject; +import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.UnsupportedCallbackException; import javax.security.auth.message.MessageInfo; +import javax.security.auth.message.callback.CallerPrincipalCallback; +import javax.security.auth.message.callback.GroupPrincipalCallback; import javax.security.enterprise.AuthenticationStatus; import javax.security.enterprise.CallerPrincipal; import javax.security.enterprise.authentication.mechanism.http.AuthenticationParameters; @@ -38,22 +42,28 @@ import static javax.security.enterprise.identitystore.CredentialValidationResult import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED; public class TomEEHttpMessageContext implements HttpMessageContext { + private final CallbackHandler handler; private final MessageInfo messageInfo; private final Subject clientSubject; private final Subject serviceSubject; - private TomEEHttpMessageContext(final MessageInfo messageInfo, - final Subject clientSubject, - final Subject serviceSubject) { + private TomEEHttpMessageContext( + final CallbackHandler handler, + final MessageInfo messageInfo, + final Subject clientSubject, + final Subject serviceSubject) { + this.handler = handler; this.messageInfo = messageInfo; this.clientSubject = clientSubject; this.serviceSubject = serviceSubject; } - public static TomEEHttpMessageContext httpMessageContext(final MessageInfo messageInfo, - final Subject clientSubject, - final Subject serviceSubject) { - return new TomEEHttpMessageContext(messageInfo, clientSubject, serviceSubject); + public static TomEEHttpMessageContext httpMessageContext( + final CallbackHandler handler, + final MessageInfo messageInfo, + final Subject clientSubject, + final Subject serviceSubject) { + return new TomEEHttpMessageContext(handler, messageInfo, clientSubject, serviceSubject); } @Override @@ -88,17 +98,17 @@ public class TomEEHttpMessageContext implements HttpMessageContext { @Override public CallbackHandler getHandler() { - return null; + return handler; } @Override public MessageInfo getMessageInfo() { - return null; + return messageInfo; } @Override public Subject getClientSubject() { - return null; + return clientSubject; } @Override @@ -159,7 +169,15 @@ public class TomEEHttpMessageContext implements HttpMessageContext { @Override public AuthenticationStatus notifyContainerAboutLogin(final Principal principal, final Set<String> groups) { - // Needs more stuff in here. + + try { + handler.handle(new Callback[] { + new CallerPrincipalCallback(clientSubject, principal), + new GroupPrincipalCallback(clientSubject, groups.toArray(new String[groups.size()])) + }); + } catch (IOException | UnsupportedCallbackException e) { + e.printStackTrace(); + } return SUCCESS; } diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityAuthConfigProvider.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityAuthConfigProvider.java index 6654089..c799598 100644 --- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityAuthConfigProvider.java +++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityAuthConfigProvider.java @@ -34,7 +34,7 @@ public class TomEESecurityAuthConfigProvider implements AuthConfigProvider { public ServerAuthConfig getServerAuthConfig(final String layer, final String appContext, final CallbackHandler handler) throws AuthException, SecurityException { - return new TomEESecurityServerAuthConfig(); + return new TomEESecurityServerAuthConfig(layer, appContext, handler); } @Override diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthConfig.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthConfig.java index bee97ce..5686b68 100644 --- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthConfig.java +++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthConfig.java @@ -17,6 +17,7 @@ package org.apache.tomee.security.provider; import javax.security.auth.Subject; +import javax.security.auth.callback.CallbackHandler; import javax.security.auth.message.AuthException; import javax.security.auth.message.MessageInfo; import javax.security.auth.message.config.ServerAuthConfig; @@ -24,16 +25,26 @@ import javax.security.auth.message.config.ServerAuthContext; import java.util.Map; public class TomEESecurityServerAuthConfig implements ServerAuthConfig { + private String layer; + private String appContext; + private CallbackHandler handler; + + public TomEESecurityServerAuthConfig(final String layer, final String appContext, final CallbackHandler handler) { + this.layer = layer; + this.appContext = appContext; + this.handler = handler; + } + @Override public ServerAuthContext getAuthContext(final String authContextID, final Subject serviceSubject, final Map properties) throws AuthException { - return new TomEESecurityServerAuthContext(); + return new TomEESecurityServerAuthContext(handler); } @Override public String getAppContext() { - return null; + return appContext; } @Override @@ -43,7 +54,7 @@ public class TomEESecurityServerAuthConfig implements ServerAuthConfig { @Override public String getMessageLayer() { - return null; + return layer; } @Override diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthContext.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthContext.java index 6161a9b..1f853cc 100644 --- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthContext.java +++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthContext.java @@ -17,6 +17,7 @@ package org.apache.tomee.security.provider; import javax.security.auth.Subject; +import javax.security.auth.callback.CallbackHandler; import javax.security.auth.message.AuthException; import javax.security.auth.message.AuthStatus; import javax.security.auth.message.MessageInfo; @@ -25,9 +26,9 @@ import javax.security.auth.message.config.ServerAuthContext; public class TomEESecurityServerAuthContext implements ServerAuthContext { private TomEESecurityServerAuthModule serverAuthModule; - public TomEESecurityServerAuthContext() throws AuthException { + public TomEESecurityServerAuthContext(final CallbackHandler handler) throws AuthException { this.serverAuthModule = new TomEESecurityServerAuthModule(); - this.serverAuthModule.initialize(null, null, null, null); + this.serverAuthModule.initialize(null, null, handler, null); } @Override diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthModule.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthModule.java index 720a405..e884f0e 100644 --- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthModule.java +++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/TomEESecurityServerAuthModule.java @@ -36,6 +36,8 @@ import java.util.Map; import static org.apache.tomee.security.http.TomEEHttpMessageContext.httpMessageContext; public class TomEESecurityServerAuthModule implements ServerAuthModule { + private CallbackHandler handler; + @Override public Class[] getSupportedMessageTypes() { return new Class[0]; @@ -45,7 +47,7 @@ public class TomEESecurityServerAuthModule implements ServerAuthModule { public void initialize(final MessagePolicy requestPolicy, final MessagePolicy responsePolicy, final CallbackHandler handler, final Map options) throws AuthException { - + this.handler = handler; } @Override @@ -63,7 +65,8 @@ public class TomEESecurityServerAuthModule implements ServerAuthModule { final Subject serviceSubject) throws AuthException { - final HttpMessageContext httpMessageContext = httpMessageContext(messageInfo, clientSubject, serviceSubject); + final HttpMessageContext httpMessageContext = + httpMessageContext(handler, messageInfo, clientSubject, serviceSubject); final HttpServletRequest request = httpMessageContext.getRequest(); final String servletName = request.getHttpServletMapping().getServletName();
