本文整理汇总了Java中javax.security.sasl.AuthorizeCallback.getAuthenticationID方法的典型用法代码示例。如果您正苦于以下问题:Java AuthorizeCallback.getAuthenticationID方法的具体用法?Java AuthorizeCallback.getAuthenticationID怎么用?Java AuthorizeCallback.getAuthenticationID使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.security.sasl.AuthorizeCallback的用法示例。
在下文中一共展示了AuthorizeCallback.getAuthenticationID方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
String authorizationID = ac.getAuthorizationID();
LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
+ "; authorizationID=" + authorizationID + ".");
ac.setAuthorized(true);
// canonicalize authorization id according to system properties:
// zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
// zookeeper.kerberos.removeHostFromPrincipal(={true,false})
KerberosName kerberosName = new KerberosName(authenticationID);
try {
StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
if (shouldAppendHost(kerberosName)) {
userNameBuilder.append("/").append(kerberosName.getHostName());
}
if (shouldAppendRealm(kerberosName)) {
userNameBuilder.append("@").append(kerberosName.getRealm());
}
LOG.info("Setting authorizedID: " + userNameBuilder);
ac.setAuthorizedID(userNameBuilder.toString());
} catch (IOException e) {
LOG.error("Failed to set name based on Kerberos authentication rules.");
}
}
示例2: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
String authorizationID = ac.getAuthorizationID();
LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
+ "; authorizationID=" + authorizationID + ".");
ac.setAuthorized(true);
// canonicalize authorization id according to system properties:
// zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
// zookeeper.kerberos.removeHostFromPrincipal(={true,false})
KerberosName kerberosName = new KerberosName(authenticationID);
try {
StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
if (shouldAppendHost(kerberosName)) {
userNameBuilder.append("/").append(kerberosName.getHostName());
}
if (shouldAppendRealm(kerberosName)) {
userNameBuilder.append("@").append(kerberosName.getRealm());
}
LOG.info("Setting authorizedID: " + userNameBuilder);
ac.setAuthorizedID(userNameBuilder.toString());
} catch (IOException e) {
LOG.error("Failed to set name based on Kerberos authentication rules.", e);
}
}
开发者ID:didichuxing2,项目名称:https-github.com-apache-zookeeper,代码行数:27,代码来源:SaslServerCallbackHandler.java
示例3: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
String authorizationID = ac.getAuthorizationID();
LOG.info("Successfully authenticated client: authenticationID={}; authorizationID={}.", authenticationID,
authorizationID);
ac.setAuthorized(true);
KerberosName kerberosName = KerberosName.parse(authenticationID);
try {
String userName = kerberosShortNamer.shortName(kerberosName);
LOG.info("Setting authorizedID: {}", userName);
ac.setAuthorizedID(userName);
} catch (IOException e) {
LOG.error("Failed to set name for '{}' based on Kerberos authentication rules.", kerberosName, e);
}
}
示例4: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
String authorizationID = ac.getAuthorizationID();
LOG.info("Successfully authenticated client: authenticationID={}; authorizationID={}.", authenticationID,
authorizationID);
ac.setAuthorized(true);
KerberosName kerberosName = KerberosName.parse(authenticationID);
try {
String userName = kerberosShortNamer.shortName(kerberosName);
LOG.info("Setting authorizedID: {}", userName);
ac.setAuthorizedID(userName);
} catch (IOException e) {
LOG.error("Failed to set name based on Kerberos authentication rules.");
}
}
示例5: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
String authorizationID = ac.getAuthorizationID();
LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
+ "; authorizationID=" + authorizationID + ".");
ac.setAuthorized(true);
KerberosName kerberosName = new KerberosName(authenticationID);
try {
StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
userNameBuilder.append("/").append(kerberosName.getHostName());
userNameBuilder.append("@").append(kerberosName.getRealm());
LOG.info("Setting authorizedID: " + userNameBuilder);
ac.setAuthorizedID(userNameBuilder.toString());
} catch (IOException e) {
LOG.severe("Failed to set name based on Kerberos authentication rules.");
}
}
示例6: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
String authorizationID = ac.getAuthorizationID();
LOG.severe("Successfully authenticated client: authenticationID=" + authenticationID
+ "; authorizationID=" + authorizationID + ".");
ac.setAuthorized(true);
KerberosName kerberosName = new KerberosName(authenticationID);
try {
StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
userNameBuilder.append("/").append(kerberosName.getHostName());
userNameBuilder.append("@").append(kerberosName.getRealm());
LOG.severe("Setting authorizedID: " + userNameBuilder);
ac.setAuthorizedID(userNameBuilder.toString());
} catch (IOException e) {
LOG.severe("Failed to set name based on Kerberos authentication rules.");
}
}
示例7: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
LOG.info("Successfully authenticated client: authenticationID=" + authenticationID + " authorizationID= " + ac.getAuthorizationID());
// if authorizationId is not set, set it to authenticationId.
if (ac.getAuthorizationID() == null) {
ac.setAuthorizedID(authenticationID);
}
// When authNid and authZid are not equal , authNId is attempting to impersonate authZid, We
// add the authNid as the real user in reqContext's subject which will be used during authorization.
if (!ac.getAuthenticationID().equals(ac.getAuthorizationID())) {
ReqContext.context().setRealPrincipal(new SaslTransportPlugin.User(ac.getAuthenticationID()));
}
ac.setAuthorized(true);
}
示例8: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
LOG.info("Successfully authenticated client: authenticationID = " + authenticationID + " authorizationID = " + ac.getAuthorizationID());
// if authorizationId is not set, set it to authenticationId.
if (ac.getAuthorizationID() == null) {
ac.setAuthorizedID(authenticationID);
}
// When authNid and authZid are not equal , authNId is attempting to impersonate authZid, We
// add the authNid as the real user in reqContext's subject which will be used during authorization.
if (!authenticationID.equals(ac.getAuthorizationID())) {
LOG.info("Impersonation attempt authenticationID = " + ac.getAuthenticationID() + " authorizationID = " + ac.getAuthorizationID());
ReqContext.context().setRealPrincipal(new SaslTransportPlugin.User(ac.getAuthenticationID()));
}
ac.setAuthorized(true);
}
示例9: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof AuthorizeCallback) {
AuthorizeCallback authorizeCallback = (AuthorizeCallback) callback;
String authenticationId = authorizeCallback.getAuthenticationID();
String authorizationId = authorizeCallback.getAuthorizationID();
authorizeCallback.setAuthorized(authenticationId.equals(authorizationId));
} else if (callback instanceof NameCallback) {
((NameCallback) callback).setName("glowroot");
} else if (callback instanceof PasswordCallback) {
((PasswordCallback) callback).setPassword(password);
} else if (callback instanceof RealmCallback) {
((RealmCallback) callback).setText("glowroot");
}
}
}
示例10: assertDeserialized
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
public void assertDeserialized(Serializable oref, Serializable otest) {
AuthorizeCallback ref = (AuthorizeCallback) oref;
AuthorizeCallback test = (AuthorizeCallback) otest;
String idC = ref.getAuthenticationID();
String idZ = ref.getAuthorizationID();
String id = ref.getAuthorizedID();
boolean is = ref.isAuthorized();
if (idC == null) {
assertNull(test.getAuthenticationID());
} else {
assertEquals(test.getAuthenticationID(), idC);
}
if (idZ == null) {
assertNull(test.getAuthorizationID());
} else {
assertEquals(test.getAuthorizationID(), idZ);
}
if (id == null) {
assertNull(test.getAuthorizedID());
} else {
assertEquals(test.getAuthorizedID(), id);
}
assertEquals(test.isAuthorized(), is);
}
示例11: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
@SuppressWarnings("unused")
protected void handleAuthorizeCallback(AuthorizeCallback authCallback) {
String authenId = authCallback.getAuthenticationID();
if (log.isLoggable(Level.FINEST)) {
log.log(Level.FINEST, "AuthorizeCallback: authenId: {0}", authenId);
}
String authorId = authCallback.getAuthorizationID();
if (log.isLoggable(Level.FINEST)) {
log.log(Level.FINEST, "AuthorizeCallback: authorId: {0}", authorId);
}
if (AbstractSasl.isAuthzIDIgnored() || authenId.equals(authorId)) {
authCallback.setAuthorized(true);
}
}
示例12: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
protected void handleAuthorizeCallback(AuthorizeCallback authCallback) {
String authenId = authCallback.getAuthenticationID();
if (log.isLoggable(Level.FINEST)) {
log.log(Level.FINEST, "AuthorizeCallback: authenId: {0}", authenId);
}
String authorId = authCallback.getAuthorizationID();
if (log.isLoggable(Level.FINEST)) {
log.log(Level.FINEST, "AuthorizeCallback: authorId: {0}", authorId);
}
if (AbstractSasl.isAuthzIDIgnored() || authenId.equals(authorId)) {
authCallback.setAuthorized(true);
}
}
示例13: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
@Override
public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
NameCallback nc = (NameCallback) callback;
if (!isKerberos && subject != null && !subject.getPublicCredentials(String.class).isEmpty()) {
nc.setName(subject.getPublicCredentials(String.class).iterator().next());
} else
nc.setName(nc.getDefaultName());
} else if (callback instanceof PasswordCallback) {
if (!isKerberos && subject != null && !subject.getPrivateCredentials(String.class).isEmpty()) {
char[] password = subject.getPrivateCredentials(String.class).iterator().next().toCharArray();
((PasswordCallback) callback).setPassword(password);
} else {
String errorMessage = "Could not login: the client is being asked for a password, but the Kafka" +
" client code does not currently support obtaining a password from the user.";
if (isKerberos) {
errorMessage += " Make sure -Djava.security.auth.login.config property passed to JVM and" +
" the client is configured to use a ticket cache (using" +
" the JAAS configuration setting 'useTicketCache=true)'. Make sure you are using" +
" FQDN of the Kafka broker you are trying to connect to.";
}
throw new UnsupportedCallbackException(callback, errorMessage);
}
} else if (callback instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) callback;
rc.setText(rc.getDefaultText());
} else if (callback instanceof AuthorizeCallback) {
AuthorizeCallback ac = (AuthorizeCallback) callback;
String authId = ac.getAuthenticationID();
String authzId = ac.getAuthorizationID();
ac.setAuthorized(authId.equals(authzId));
if (ac.isAuthorized())
ac.setAuthorizedID(authzId);
} else {
throw new UnsupportedCallbackException(callback, "Unrecognized SASL ClientCallback");
}
}
}
示例14: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
String authorizationID = ac.getAuthorizationID();
boolean authzFlag = false;
// 1. Matches authenticationID and authorizationID
authzFlag = authenticationID.equals(authorizationID);
// 2. Verify whether the connecting host is present in authorized hosts.
// If not exists, then connecting peer is not authorized to join the
// ensemble and will reject it.
if (authzFlag) {
String[] components = authorizationID.split("[/@]");
if (components.length == 3) {
authzFlag = authzHosts.contains(components[1]);
}
if (!authzFlag) {
LOG.error("SASL authorization completed, {} is not authorized to connect",
components[1]);
}
}
// Sets authorization flag
ac.setAuthorized(authzFlag);
if (ac.isAuthorized()) {
ac.setAuthorizedID(authorizationID);
LOG.info("Successfully authenticated learner: authenticationID={}; authorizationID={}.",
authenticationID, authorizationID);
}
LOG.debug("SASL authorization completed, authorized flag set to {}", ac.isAuthorized());
}
示例15: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
@Override
public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
NameCallback nc = (NameCallback) callback;
if (!isKerberos && subject != null && !subject.getPublicCredentials(String.class).isEmpty()) {
nc.setName(subject.getPublicCredentials(String.class).iterator().next());
} else
nc.setName(nc.getDefaultName());
} else if (callback instanceof PasswordCallback) {
if (!isKerberos && subject != null && !subject.getPrivateCredentials(String.class).isEmpty()) {
char [] password = subject.getPrivateCredentials(String.class).iterator().next().toCharArray();
((PasswordCallback) callback).setPassword(password);
} else {
String errorMessage = "Could not login: the client is being asked for a password, but the Kafka" +
" client code does not currently support obtaining a password from the user.";
if (isKerberos) {
errorMessage += " Make sure -Djava.security.auth.login.config property passed to JVM and" +
" the client is configured to use a ticket cache (using" +
" the JAAS configuration setting 'useTicketCache=true)'. Make sure you are using" +
" FQDN of the Kafka broker you are trying to connect to.";
}
throw new UnsupportedCallbackException(callback, errorMessage);
}
} else if (callback instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) callback;
rc.setText(rc.getDefaultText());
} else if (callback instanceof AuthorizeCallback) {
AuthorizeCallback ac = (AuthorizeCallback) callback;
String authId = ac.getAuthenticationID();
String authzId = ac.getAuthorizationID();
ac.setAuthorized(authId.equals(authzId));
if (ac.isAuthorized())
ac.setAuthorizedID(authzId);
} else {
throw new UnsupportedCallbackException(callback, "Unrecognized SASL ClientCallback");
}
}
}