本文整理汇总了Java中javax.security.sasl.AuthorizeCallback.isAuthorized方法的典型用法代码示例。如果您正苦于以下问题:Java AuthorizeCallback.isAuthorized方法的具体用法?Java AuthorizeCallback.isAuthorized怎么用?Java AuthorizeCallback.isAuthorized使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.security.sasl.AuthorizeCallback的用法示例。
在下文中一共展示了AuthorizeCallback.isAuthorized方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: assertDeserialized
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
public void assertDeserialized(Serializable oref, Serializable otest) {
AuthorizeCallback ref = (AuthorizeCallback) oref;
AuthorizeCallback test = (AuthorizeCallback) otest;
String idC = ref.getAuthenticationID();
String idZ = ref.getAuthorizationID();
String id = ref.getAuthorizedID();
boolean is = ref.isAuthorized();
if (idC == null) {
assertNull(test.getAuthenticationID());
} else {
assertEquals(test.getAuthenticationID(), idC);
}
if (idZ == null) {
assertNull(test.getAuthorizationID());
} else {
assertEquals(test.getAuthorizationID(), idZ);
}
if (id == null) {
assertNull(test.getAuthorizedID());
} else {
assertEquals(test.getAuthorizedID(), id);
}
assertEquals(test.isAuthorized(), is);
}
示例2: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
@Override
public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
NameCallback nc = (NameCallback) callback;
if (!isKerberos && subject != null && !subject.getPublicCredentials(String.class).isEmpty()) {
nc.setName(subject.getPublicCredentials(String.class).iterator().next());
} else
nc.setName(nc.getDefaultName());
} else if (callback instanceof PasswordCallback) {
if (!isKerberos && subject != null && !subject.getPrivateCredentials(String.class).isEmpty()) {
char[] password = subject.getPrivateCredentials(String.class).iterator().next().toCharArray();
((PasswordCallback) callback).setPassword(password);
} else {
String errorMessage = "Could not login: the client is being asked for a password, but the Kafka" +
" client code does not currently support obtaining a password from the user.";
if (isKerberos) {
errorMessage += " Make sure -Djava.security.auth.login.config property passed to JVM and" +
" the client is configured to use a ticket cache (using" +
" the JAAS configuration setting 'useTicketCache=true)'. Make sure you are using" +
" FQDN of the Kafka broker you are trying to connect to.";
}
throw new UnsupportedCallbackException(callback, errorMessage);
}
} else if (callback instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) callback;
rc.setText(rc.getDefaultText());
} else if (callback instanceof AuthorizeCallback) {
AuthorizeCallback ac = (AuthorizeCallback) callback;
String authId = ac.getAuthenticationID();
String authzId = ac.getAuthorizationID();
ac.setAuthorized(authId.equals(authzId));
if (ac.isAuthorized())
ac.setAuthorizedID(authzId);
} else {
throw new UnsupportedCallbackException(callback, "Unrecognized SASL ClientCallback");
}
}
}
示例3: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
String authorizationID = ac.getAuthorizationID();
boolean authzFlag = false;
// 1. Matches authenticationID and authorizationID
authzFlag = authenticationID.equals(authorizationID);
// 2. Verify whether the connecting host is present in authorized hosts.
// If not exists, then connecting peer is not authorized to join the
// ensemble and will reject it.
if (authzFlag) {
String[] components = authorizationID.split("[/@]");
if (components.length == 3) {
authzFlag = authzHosts.contains(components[1]);
}
if (!authzFlag) {
LOG.error("SASL authorization completed, {} is not authorized to connect",
components[1]);
}
}
// Sets authorization flag
ac.setAuthorized(authzFlag);
if (ac.isAuthorized()) {
ac.setAuthorizedID(authorizationID);
LOG.info("Successfully authenticated learner: authenticationID={}; authorizationID={}.",
authenticationID, authorizationID);
}
LOG.debug("SASL authorization completed, authorized flag set to {}", ac.isAuthorized());
}
示例4: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
@Override
public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
NameCallback nc = (NameCallback) callback;
if (!isKerberos && subject != null && !subject.getPublicCredentials(String.class).isEmpty()) {
nc.setName(subject.getPublicCredentials(String.class).iterator().next());
} else
nc.setName(nc.getDefaultName());
} else if (callback instanceof PasswordCallback) {
if (!isKerberos && subject != null && !subject.getPrivateCredentials(String.class).isEmpty()) {
char [] password = subject.getPrivateCredentials(String.class).iterator().next().toCharArray();
((PasswordCallback) callback).setPassword(password);
} else {
String errorMessage = "Could not login: the client is being asked for a password, but the Kafka" +
" client code does not currently support obtaining a password from the user.";
if (isKerberos) {
errorMessage += " Make sure -Djava.security.auth.login.config property passed to JVM and" +
" the client is configured to use a ticket cache (using" +
" the JAAS configuration setting 'useTicketCache=true)'. Make sure you are using" +
" FQDN of the Kafka broker you are trying to connect to.";
}
throw new UnsupportedCallbackException(callback, errorMessage);
}
} else if (callback instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) callback;
rc.setText(rc.getDefaultText());
} else if (callback instanceof AuthorizeCallback) {
AuthorizeCallback ac = (AuthorizeCallback) callback;
String authId = ac.getAuthenticationID();
String authzId = ac.getAuthorizationID();
ac.setAuthorized(authId.equals(authzId));
if (ac.isAuthorized())
ac.setAuthorizedID(authzId);
} else {
throw new UnsupportedCallbackException(callback, "Unrecognized SASL ClientCallback");
}
}
}
示例5: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
@Override
public void handle(Callback[] callbacks) throws
UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
NameCallback nc = (NameCallback) callback;
nc.setName(nc.getDefaultName());
} else {
if (callback instanceof PasswordCallback) {
PasswordCallback pc = (PasswordCallback) callback;
if (password != null) {
pc.setPassword(this.password.toCharArray());
}
} else {
if (callback instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) callback;
rc.setText(rc.getDefaultText());
} else {
if (callback instanceof AuthorizeCallback) {
AuthorizeCallback ac = (AuthorizeCallback) callback;
String authid = ac.getAuthenticationID();
String authzid = ac.getAuthorizationID();
if (authid.equals(authzid)) {
ac.setAuthorized(true);
} else {
ac.setAuthorized(false);
}
if (ac.isAuthorized()) {
ac.setAuthorizedID(authzid);
}
} else {
throw new UnsupportedCallbackException(callback, "Unrecognized SASL ClientCallback");
}
}
}
}
}
}
示例6: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
/**
* This method is invoked by SASL for authentication challenges
*
* @param callbacks
* a collection of challenge callbacks
*/
@Override
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (Callback c : callbacks) {
if (c instanceof NameCallback) {
LOG.debug("name callback");
NameCallback nc = (NameCallback) c;
nc.setName(_username);
} else if (c instanceof PasswordCallback) {
LOG.debug("password callback");
PasswordCallback pc = (PasswordCallback) c;
if (_password != null) {
pc.setPassword(_password.toCharArray());
}
} else if (c instanceof AuthorizeCallback) {
LOG.debug("authorization callback");
AuthorizeCallback ac = (AuthorizeCallback) c;
String authid = ac.getAuthenticationID();
String authzid = ac.getAuthorizationID();
if (authid.equals(authzid)) {
ac.setAuthorized(true);
} else {
ac.setAuthorized(false);
}
if (ac.isAuthorized()) {
ac.setAuthorizedID(authzid);
}
} else if (c instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) c;
((RealmCallback) c).setText(rc.getDefaultText());
} else {
throw new UnsupportedCallbackException(c);
}
}
}
示例7: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
/**
* This method is invoked by SASL for authentication challenges
*
* @param callbacks
* a collection of challenge callbacks
*/
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (Callback c : callbacks) {
if (c instanceof NameCallback) {
LOG.debug("name callback");
NameCallback nc = (NameCallback) c;
nc.setName(_username);
} else if (c instanceof PasswordCallback) {
LOG.debug("password callback");
PasswordCallback pc = (PasswordCallback) c;
if (_password != null) {
pc.setPassword(_password.toCharArray());
}
} else if (c instanceof AuthorizeCallback) {
LOG.debug("authorization callback");
AuthorizeCallback ac = (AuthorizeCallback) c;
String authid = ac.getAuthenticationID();
String authzid = ac.getAuthorizationID();
if (authid.equals(authzid)) {
ac.setAuthorized(true);
} else {
ac.setAuthorized(false);
}
if (ac.isAuthorized()) {
ac.setAuthorizedID(authzid);
}
} else if (c instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) c;
((RealmCallback) c).setText(rc.getDefaultText());
} else {
throw new UnsupportedCallbackException(c);
}
}
}
示例8: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
/**
* This method is invoked by SASL for authentication challenges
*
* @param callbacks a collection of challenge callbacks
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback c : callbacks) {
if (c instanceof NameCallback) {
LOG.debug("name callback");
} else if (c instanceof PasswordCallback) {
LOG.debug("password callback");
LOG.warn("Could not login: the client is being asked for a password, but the "
+ " client code does not currently support obtaining a password from the user."
+ " Make sure that the client is configured to use a ticket cache (using"
+ " the JAAS configuration setting 'useTicketCache=true)' and restart the client. If"
+ " you still get this message after that, the TGT in the ticket cache has expired and must"
+ " be manually refreshed. To do so, first determine if you are using a password or a"
+ " keytab. If the former, run kinit in a Unix shell in the environment of the user who" + " is running this client using the command"
+ " 'kinit <princ>' (where <princ> is the name of the client's Kerberos principal)." + " If the latter, do"
+ " 'kinit -k -t <keytab> <princ>' (where <princ> is the name of the Kerberos principal, and"
+ " <keytab> is the location of the keytab file). After manually refreshing your cache,"
+ " restart this client. If you continue to see this message after manually refreshing"
+ " your cache, ensure that your KDC host's clock is in sync with this host's clock.");
} else if (c instanceof AuthorizeCallback) {
LOG.debug("authorization callback");
AuthorizeCallback ac = (AuthorizeCallback) c;
String authid = ac.getAuthenticationID();
String authzid = ac.getAuthorizationID();
if (authid.equals(authzid)) {
ac.setAuthorized(true);
} else {
ac.setAuthorized(false);
}
if (ac.isAuthorized()) {
ac.setAuthorizedID(authzid);
}
} else {
throw new UnsupportedCallbackException(c);
}
}
}
示例9: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
/**
* This method is invoked by SASL for authentication challenges
*
* @param callbacks a collection of challenge callbacks
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback c : callbacks) {
if (c instanceof NameCallback) {
LOG.debug("name callback");
NameCallback nc = (NameCallback) c;
nc.setName(_username);
} else if (c instanceof PasswordCallback) {
LOG.debug("password callback");
PasswordCallback pc = (PasswordCallback) c;
if (_password != null) {
pc.setPassword(_password.toCharArray());
}
} else if (c instanceof AuthorizeCallback) {
LOG.debug("authorization callback");
AuthorizeCallback ac = (AuthorizeCallback) c;
String authid = ac.getAuthenticationID();
String authzid = ac.getAuthorizationID();
if (authid.equals(authzid)) {
ac.setAuthorized(true);
} else {
ac.setAuthorized(false);
}
if (ac.isAuthorized()) {
ac.setAuthorizedID(authzid);
}
} else if (c instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) c;
((RealmCallback) c).setText(rc.getDefaultText());
} else {
throw new UnsupportedCallbackException(c);
}
}
}
示例10: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
/**
* This method is invoked by SASL for authentication challenges
* @param callbacks a collection of challenge callbacks
*/
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback c : callbacks) {
if (c instanceof NameCallback) {
LOG.debug("name callback");
NameCallback nc = (NameCallback) c;
nc.setName(_username);
} else if (c instanceof PasswordCallback) {
LOG.debug("password callback");
PasswordCallback pc = (PasswordCallback)c;
if (_password != null) {
pc.setPassword(_password.toCharArray());
}
} else if (c instanceof AuthorizeCallback) {
LOG.debug("authorization callback");
AuthorizeCallback ac = (AuthorizeCallback) c;
String authid = ac.getAuthenticationID();
String authzid = ac.getAuthorizationID();
if (authid.equals(authzid)) {
ac.setAuthorized(true);
} else {
ac.setAuthorized(false);
}
if (ac.isAuthorized()) {
ac.setAuthorizedID(authzid);
}
} else if (c instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) c;
((RealmCallback) c).setText(rc.getDefaultText());
} else {
throw new UnsupportedCallbackException(c);
}
}
}
示例11: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
@Override
public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
for (Callback callback : callbacks) {
LOG.info("callback {} received", callback.toString());
if (callback instanceof NameCallback) {
NameCallback nc = (NameCallback) callback;
nc.setName(nc.getDefaultName());
} else {
if (callback instanceof PasswordCallback) {
// Call `setPassword` once we support obtaining a password from the user and update message below
throw new UnsupportedCallbackException(callback, "Could not login: the client is being asked for a password, but the Kafka"
+ " client code does not currently support obtaining a password from the user."
+ " Make sure -Djava.security.auth.login.config property passed to JVM and"
+ " the client is configured to use a ticket cache (using"
+ " the JAAS configuration setting 'useTicketCache=true)'. Make sure you are using"
+ " FQDN of the Kafka broker you are trying to connect to.");
} else {
if (callback instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) callback;
rc.setText(rc.getDefaultText());
} else {
if (callback instanceof AuthorizeCallback) {
AuthorizeCallback ac = (AuthorizeCallback) callback;
String authId = ac.getAuthenticationID();
String authzId = ac.getAuthorizationID();
ac.setAuthorized(authId.equals(authzId));
if (ac.isAuthorized()) {
ac.setAuthorizedID(authzId);
}
} else {
throw new UnsupportedCallbackException(callback, "Unrecognized SASL ClientCallback");
}
}
}
}
}
}
示例12: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
@Override
public void handle(Callback[] callbacks) throws
UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
NameCallback nc = (NameCallback) callback;
nc.setName(nc.getDefaultName());
} else {
if (callback instanceof PasswordCallback) {
LOG.warn("Could not login: the client is being asked for a password");
} else {
if (callback instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) callback;
rc.setText(rc.getDefaultText());
} else {
if (callback instanceof AuthorizeCallback) {
AuthorizeCallback ac = (AuthorizeCallback) callback;
String authid = ac.getAuthenticationID();
String authzid = ac.getAuthorizationID();
if (authid.equals(authzid)) {
ac.setAuthorized(true);
} else {
ac.setAuthorized(false);
}
if (ac.isAuthorized()) {
ac.setAuthorizedID(authzid);
}
} else {
throw new UnsupportedCallbackException(callback, "Unrecognized SASL ClientCallback");
}
}
}
}
}
}
示例13: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
public void handle(Callback[] callbacks) throws
UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
NameCallback nc = (NameCallback) callback;
nc.setName(nc.getDefaultName());
}
else {
if (callback instanceof PasswordCallback) {
PasswordCallback pc = (PasswordCallback)callback;
if (password != null) {
pc.setPassword(this.password.toCharArray());
} else {
LOG.warn("Could not login: the client is being asked for a password, but the Zookeeper" +
" client code does not currently support obtaining a password from the user." +
" Make sure that the client is configured to use a ticket cache (using" +
" the JAAS configuration setting 'useTicketCache=true)' and restart the client. If" +
" you still get this message after that, the TGT in the ticket cache has expired and must" +
" be manually refreshed. To do so, first determine if you are using a password or a" +
" keytab. If the former, run kinit in a Unix shell in the environment of the user who" +
" is running this Zookeeper client using the command" +
" 'kinit <princ>' (where <princ> is the name of the client's Kerberos principal)." +
" If the latter, do" +
" 'kinit -k -t <keytab> <princ>' (where <princ> is the name of the Kerberos principal, and" +
" <keytab> is the location of the keytab file). After manually refreshing your cache," +
" restart this client. If you continue to see this message after manually refreshing" +
" your cache, ensure that your KDC host's clock is in sync with this host's clock.");
}
}
else {
if (callback instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) callback;
rc.setText(rc.getDefaultText());
}
else {
if (callback instanceof AuthorizeCallback) {
AuthorizeCallback ac = (AuthorizeCallback) callback;
String authid = ac.getAuthenticationID();
String authzid = ac.getAuthorizationID();
if (authid.equals(authzid)) {
ac.setAuthorized(true);
} else {
ac.setAuthorized(false);
}
if (ac.isAuthorized()) {
ac.setAuthorizedID(authzid);
}
}
else {
throw new UnsupportedCallbackException(callback,"Unrecognized SASL ClientCallback");
}
}
}
}
}
}
示例14: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
NameCallback nc = (NameCallback) callback;
nc.setName(nc.getDefaultName());
}
else {
if (callback instanceof PasswordCallback) {
PasswordCallback pc = (PasswordCallback)callback;
if (password != null) {
pc.setPassword(this.password.toCharArray());
} else {
LOG.warn("Could not login: the {} is being asked for a password, but the ZooKeeper {}" +
" code does not currently support obtaining a password from the user." +
" Make sure that the {} is configured to use a ticket cache (using" +
" the JAAS configuration setting 'useTicketCache=true)' and restart the {}. If" +
" you still get this message after that, the TGT in the ticket cache has expired and must" +
" be manually refreshed. To do so, first determine if you are using a password or a" +
" keytab. If the former, run kinit in a Unix shell in the environment of the user who" +
" is running this Zookeeper {} using the command" +
" 'kinit <princ>' (where <princ> is the name of the {}'s Kerberos principal)." +
" If the latter, do" +
" 'kinit -k -t <keytab> <princ>' (where <princ> is the name of the Kerberos principal, and" +
" <keytab> is the location of the keytab file). After manually refreshing your cache," +
" restart this {}. If you continue to see this message after manually refreshing" +
" your cache, ensure that your KDC host's clock is in sync with this host's clock.",
new Object[]{entity, entity, entity, entity, entity, entity, entity});
}
}
else {
if (callback instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) callback;
rc.setText(rc.getDefaultText());
}
else {
if (callback instanceof AuthorizeCallback) {
AuthorizeCallback ac = (AuthorizeCallback) callback;
String authid = ac.getAuthenticationID();
String authzid = ac.getAuthorizationID();
if (authid.equals(authzid)) {
ac.setAuthorized(true);
} else {
ac.setAuthorized(false);
}
if (ac.isAuthorized()) {
ac.setAuthorizedID(authzid);
}
}
else {
throw new UnsupportedCallbackException(callback, "Unrecognized SASL " + entity + "Callback");
}
}
}
}
}
}
示例15: evaluateResponse
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
/**
* Evaluates the response data and generates a challenge.
*
* If a response is received from the client during the authentication
* process, this method is called to prepare an appropriate next
* challenge to submit to the client. The challenge is null if the
* authentication has succeeded and no more challenge data is to be sent
* to the client. It is non-null if the authentication must be continued
* by sending a challenge to the client, or if the authentication has
* succeeded but challenge data needs to be processed by the client.
* <tt>isComplete()</tt> should be called
* after each call to <tt>evaluateResponse()</tt>,to determine if any further
* response is needed from the client.
*
* @param response The non-null (but possibly empty) response sent
* by the client.
*
* @return The possibly null challenge to send to the client.
* It is null if the authentication has succeeded and there is
* no more challenge data to be sent to the client.
* @exception SaslException If an error occurred while processing
* the response or generating a challenge.
*/
@Override
public byte[] evaluateResponse(byte[] response)
throws SaslException {
if (completed) {
throw new IllegalStateException("PLAIN authentication already completed");
}
if (aborted) {
throw new IllegalStateException("PLAIN authentication previously aborted due to error");
}
try {
if(response.length != 0) {
String data = new String(response, StandardCharsets.UTF_8);
StringTokenizer tokens = new StringTokenizer(data, "\0");
if (tokens.countTokens() > 2) {
username = tokens.nextToken();
principal = tokens.nextToken();
} else {
username = tokens.nextToken();
principal = username;
}
password = tokens.nextToken();
NameCallback ncb = new NameCallback("PLAIN authentication ID: ",principal);
VerifyPasswordCallback vpcb = new VerifyPasswordCallback(password.toCharArray());
cbh.handle(new Callback[]{ncb,vpcb});
if (vpcb.getVerified()) {
vpcb.clearPassword();
AuthorizeCallback acb = new AuthorizeCallback(principal,username);
cbh.handle(new Callback[]{acb});
if(acb.isAuthorized()) {
username = acb.getAuthorizedID();
completed = true;
} else {
completed = true;
username = null;
throw new SaslException("PLAIN: user not authorized: "+principal);
}
} else {
throw new SaslException("PLAIN: user not authorized: "+principal);
}
} else {
//Client gave no initial response
if( counter++ > 1 ) {
throw new SaslException("PLAIN expects a response");
}
return null;
}
} catch (UnsupportedCallbackException | IOException e) {
aborted = true;
throw new SaslException("PLAIN authentication failed for: "+username, e);
}
return null;
}