本文整理汇总了Java中javax.security.auth.message.MessageInfo.getResponseMessage方法的典型用法代码示例。如果您正苦于以下问题:Java MessageInfo.getResponseMessage方法的具体用法?Java MessageInfo.getResponseMessage怎么用?Java MessageInfo.getResponseMessage使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.security.auth.message.MessageInfo的用法示例。
在下文中一共展示了MessageInfo.getResponseMessage方法的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: validateRequest
import javax.security.auth.message.MessageInfo; //导入方法依赖的package包/类
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
AuthServices.addCORSHeaders(response);
LOGGER.log(Level.FINE, "validateRequest @" + request.getMethod() + " " + request.getRequestURI());
if (isOptionsRequest(request)) {
return AuthStatus.SUCCESS;
}
CustomSAM module = getModule(messageInfo);
if (module != null) {
return module.validateRequest(messageInfo, clientSubject, serviceSubject);
}
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return AuthStatus.FAILURE;
}
示例2: secureResponse
import javax.security.auth.message.MessageInfo; //导入方法依赖的package包/类
@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
AuthServices.addCORSHeaders(response);
LOGGER.log(Level.FINE, "secureResponse @" + request.getMethod() + " " + request.getRequestURI());
if (isOptionsRequest(request)) {
return AuthStatus.SEND_SUCCESS;
}
CustomSAM module = getModule(messageInfo);
if (module != null) {
return module.secureResponse(messageInfo, serviceSubject);
}
return AuthStatus.SEND_FAILURE;
}
示例3: validateRequest
import javax.security.auth.message.MessageInfo; //导入方法依赖的package包/类
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
LOGGER.log(Level.FINE, "Validating request @" + request.getMethod() + " " + request.getRequestURI());
String authorization = request.getHeader("Authorization");
String[] splitAuthorization = authorization.split(" ");
String jwt = splitAuthorization[1];
JWTokenUserGroupMapping jwTokenUserGroupMapping = JWTokenFactory.validateAuthToken(key, jwt);
if (jwTokenUserGroupMapping != null) {
UserGroupMapping userGroupMapping = jwTokenUserGroupMapping.getUserGroupMapping();
CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(clientSubject, userGroupMapping.getLogin());
GroupPrincipalCallback groupPrincipalCallback = new GroupPrincipalCallback(clientSubject, new String[]{userGroupMapping.getGroupName()});
Callback[] callbacks = new Callback[]{callerPrincipalCallback, groupPrincipalCallback};
try {
callbackHandler.handle(callbacks);
} catch (IOException | UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
}
JWTokenFactory.refreshTokenIfNeeded(key, response, jwTokenUserGroupMapping);
return AuthStatus.SUCCESS;
}
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return AuthStatus.FAILURE;
}
示例4: secureResponse
import javax.security.auth.message.MessageInfo; //导入方法依赖的package包/类
public void secureResponse(SoapMessage message)
{
SOAPMessage request = message.getExchange().getInMessage().get(SOAPMessage.class);
SOAPMessage response = message.getContent(SOAPMessage.class);
MessageInfo messageInfo = new GenericMessageInfo(request, response);
AuthStatus authStatus = null;
try
{
authStatus = sctx.secureResponse(messageInfo, null);
}
catch (AuthException e)
{
if (isSOAP12(message))
{
SoapFault soap12Fault = new SoapFault(e.getMessage(), Soap12.getInstance().getReceiver());
throw soap12Fault;
}
else
{
throw new SoapFault(e.getMessage(), new QName("", "jaspi AuthException"));
}
}
if (messageInfo.getResponseMessage() != null && !message.getExchange().isOneWay())
{
if (AuthStatus.SEND_CONTINUE == authStatus)
{
message.put(Message.RESPONSE_CODE, Integer.valueOf(303));
}
if (AuthStatus.SEND_FAILURE == authStatus)
{
message.put(Message.RESPONSE_CODE, Integer.valueOf(500));
}
}
}
示例5: validateRequest
import javax.security.auth.message.MessageInfo; //导入方法依赖的package包/类
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject)
throws AuthException {
_logger.debug("Enter validateRequest");
if (!requiresAuthentication(messageInfo)) {
_logger.debug("Returning success, auth policy not mandatory");
return AuthStatus.SUCCESS;
}
HttpServletRequest req = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse resp = (HttpServletResponse) messageInfo.getResponseMessage();
try {
UserAccount account = (UserAccount) req.getSession().getAttribute(USER_ACCOUNT_SESSION_KEY);
if (account != null) {
_logger.debug("Returning success, user already logged in");
addPrincipalsToSubject(clientSubject, account);
return AuthStatus.SUCCESS;
}
if (!req.getRequestURI().endsWith(LOGIN_PAGE)) {
redirectToLoginPage(req, resp);
return AuthStatus.SEND_CONTINUE;
}
if ("GET".equals(req.getMethod())) {
forwardToLoginPage(req, resp, "GET request");
return AuthStatus.SEND_CONTINUE;
}
String userName = req.getParameter("j_username");
String password = req.getParameter("j_password");
String otp = req.getParameter("j_otp");
if (userName == null || password == null || otp == null) {
_logger.debug("Returning failure, missing request parameter(s)");
forwardToFailedLoginPage(req, resp, null);
return AuthStatus.SEND_CONTINUE;
}
UserAccount userAccount = _accountMap.get(userName);
if (userAccount != null
&& userAccount.getHashedPassword().equals(
PasswordEncoder.encodePasswordForUser(userName, userAccount.getSalt(), password))
&& YubicoClient.isValidOTPFormat(otp)) {
_logger.debug("Verifying Yubikey for {}...", userName);
VerificationResponse response = _yubicoClient.verify(otp);
if (response.isOk()) {
if (response.getPublicId().equals(userAccount.getPublicYubiId())) {
addPrincipalsToSubject(clientSubject, userAccount);
req.getSession().setAttribute(USER_ACCOUNT_SESSION_KEY, userAccount);
String originalUri = (String) req.getSession().getAttribute(ORIGINAL_URI_SESSION_KEY);
if (originalUri != null) {
_logger.debug("Login successful for {}, redirecting to {}", userName, originalUri);
resp.sendRedirect(originalUri);
return AuthStatus.SEND_CONTINUE;
} else {
_logger.debug("Login successful for {}, returning success", userName);
return AuthStatus.SUCCESS;
}
} else {
_logger.warn("Login attempt for {} with wrong Yubikey {}!", userName, response.getPublicId());
}
} else {
_logger.info("Failed to verify Yubikey for {}, response not OK", userName);
}
}
forwardToFailedLoginPage(req, resp, "authentication failed");
return AuthStatus.SEND_CONTINUE;
} catch (Exception e) {
_logger.error("Authentication failed with exception", e);
throw new AuthException(e.getMessage());
}
}
示例6: validateRequest
import javax.security.auth.message.MessageInfo; //导入方法依赖的package包/类
/**
* <p>
* Checks for the presence of the cookie, if it is present it will use that
* as the subject if not it will redirect to a login screen.
* </p>
* {@inheritDoc}
*/
@Override
public AuthStatus validateRequest(final MessageInfo messageInfo,
final Subject client,
final Subject serviceSubject)
throws AuthException {
final HttpServletRequest req = (HttpServletRequest) messageInfo.getRequestMessage();
final HttpServletResponse resp = (HttpServletResponse) messageInfo.getResponseMessage();
try {
final String localRequestUri = req.getRequestURI().substring(req.getContextPath().length());
if (LOGIN_ENDPOINT.equals(localRequestUri)) {
return handleLoginEndpoint(req, resp);
}
if (LOGOUT_ENDPOINT.equals(localRequestUri)) {
return handleLogoutEndpoint(req, resp);
}
// Allow if authentication is not required.
if (!mandatory) {
return AuthStatus.SUCCESS;
}
// require SSL if mandatory
if (!req.isSecure()) {
resp.sendError(HttpURLConnection.HTTP_FORBIDDEN, "SSL Required");
return AuthStatus.SEND_FAILURE;
}
final String subject = getSubject(req);
// Check if there is no subject then redirect to login endpoint
if (subject == null) {
return handleRedirectToLoginEndpoint(req, resp);
}
handler.handle(new Callback[] {
new CallerPrincipalCallback(client, subject),
new GroupPrincipalCallback(client, GROUPS)
});
return AuthStatus.SUCCESS;
} catch (final IOException
| ServletException
| UnsupportedCallbackException e) {
LOG.throwing(TestServerAuthModule.class.getName(), "validateRequest", e);
throw new AuthException(e.getMessage());
}
}