本文整理汇总了Java中javax.security.sasl.AuthorizeCallback.setAuthorizedID方法的典型用法代码示例。如果您正苦于以下问题:Java AuthorizeCallback.setAuthorizedID方法的具体用法?Java AuthorizeCallback.setAuthorizedID怎么用?Java AuthorizeCallback.setAuthorizedID使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.security.sasl.AuthorizeCallback的用法示例。
在下文中一共展示了AuthorizeCallback.setAuthorizedID方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
String authorizationID = ac.getAuthorizationID();
LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
+ "; authorizationID=" + authorizationID + ".");
ac.setAuthorized(true);
// canonicalize authorization id according to system properties:
// zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
// zookeeper.kerberos.removeHostFromPrincipal(={true,false})
KerberosName kerberosName = new KerberosName(authenticationID);
try {
StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
if (shouldAppendHost(kerberosName)) {
userNameBuilder.append("/").append(kerberosName.getHostName());
}
if (shouldAppendRealm(kerberosName)) {
userNameBuilder.append("@").append(kerberosName.getRealm());
}
LOG.info("Setting authorizedID: " + userNameBuilder);
ac.setAuthorizedID(userNameBuilder.toString());
} catch (IOException e) {
LOG.error("Failed to set name based on Kerberos authentication rules.");
}
}
示例2: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
String authorizationID = ac.getAuthorizationID();
LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
+ "; authorizationID=" + authorizationID + ".");
ac.setAuthorized(true);
// canonicalize authorization id according to system properties:
// zookeeper.kerberos.removeRealmFromPrincipal(={true,false})
// zookeeper.kerberos.removeHostFromPrincipal(={true,false})
KerberosName kerberosName = new KerberosName(authenticationID);
try {
StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
if (shouldAppendHost(kerberosName)) {
userNameBuilder.append("/").append(kerberosName.getHostName());
}
if (shouldAppendRealm(kerberosName)) {
userNameBuilder.append("@").append(kerberosName.getRealm());
}
LOG.info("Setting authorizedID: " + userNameBuilder);
ac.setAuthorizedID(userNameBuilder.toString());
} catch (IOException e) {
LOG.error("Failed to set name based on Kerberos authentication rules.", e);
}
}
开发者ID:didichuxing2,项目名称:https-github.com-apache-zookeeper,代码行数:27,代码来源:SaslServerCallbackHandler.java
示例3: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
String authorizationID = ac.getAuthorizationID();
LOG.info("Successfully authenticated client: authenticationID={}; authorizationID={}.", authenticationID,
authorizationID);
ac.setAuthorized(true);
KerberosName kerberosName = KerberosName.parse(authenticationID);
try {
String userName = kerberosShortNamer.shortName(kerberosName);
LOG.info("Setting authorizedID: {}", userName);
ac.setAuthorizedID(userName);
} catch (IOException e) {
LOG.error("Failed to set name for '{}' based on Kerberos authentication rules.", kerberosName, e);
}
}
示例4: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
NameCallback nameCallback = (NameCallback) callback;
nameCallback.setName(nameCallback.getDefaultName());
} else if (callback instanceof PasswordCallback) {
PasswordCallback passwordCallback = (PasswordCallback) callback;
passwordCallback.setPassword(TestJaasConfig.PASSWORD.toCharArray());
} else if (callback instanceof RealmCallback) {
RealmCallback realmCallback = (RealmCallback) callback;
realmCallback.setText(realmCallback.getDefaultText());
} else if (callback instanceof AuthorizeCallback) {
AuthorizeCallback authCallback = (AuthorizeCallback) callback;
if (TestJaasConfig.USERNAME.equals(authCallback.getAuthenticationID())) {
authCallback.setAuthorized(true);
authCallback.setAuthorizedID(authCallback.getAuthenticationID());
}
}
}
}
示例5: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
String authorizationID = ac.getAuthorizationID();
LOG.info("Successfully authenticated client: authenticationID={}; authorizationID={}.", authenticationID,
authorizationID);
ac.setAuthorized(true);
KerberosName kerberosName = KerberosName.parse(authenticationID);
try {
String userName = kerberosShortNamer.shortName(kerberosName);
LOG.info("Setting authorizedID: {}", userName);
ac.setAuthorizedID(userName);
} catch (IOException e) {
LOG.error("Failed to set name based on Kerberos authentication rules.");
}
}
示例6: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
String authorizationID = ac.getAuthorizationID();
LOG.info("Successfully authenticated client: authenticationID=" + authenticationID
+ "; authorizationID=" + authorizationID + ".");
ac.setAuthorized(true);
KerberosName kerberosName = new KerberosName(authenticationID);
try {
StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
userNameBuilder.append("/").append(kerberosName.getHostName());
userNameBuilder.append("@").append(kerberosName.getRealm());
LOG.info("Setting authorizedID: " + userNameBuilder);
ac.setAuthorizedID(userNameBuilder.toString());
} catch (IOException e) {
LOG.severe("Failed to set name based on Kerberos authentication rules.");
}
}
示例7: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
String authorizationID = ac.getAuthorizationID();
LOG.severe("Successfully authenticated client: authenticationID=" + authenticationID
+ "; authorizationID=" + authorizationID + ".");
ac.setAuthorized(true);
KerberosName kerberosName = new KerberosName(authenticationID);
try {
StringBuilder userNameBuilder = new StringBuilder(kerberosName.getShortName());
userNameBuilder.append("/").append(kerberosName.getHostName());
userNameBuilder.append("@").append(kerberosName.getRealm());
LOG.severe("Setting authorizedID: " + userNameBuilder);
ac.setAuthorizedID(userNameBuilder.toString());
} catch (IOException e) {
LOG.severe("Failed to set name based on Kerberos authentication rules.");
}
}
示例8: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
LOG.info("Successfully authenticated client: authenticationID=" + authenticationID + " authorizationID= " + ac.getAuthorizationID());
// if authorizationId is not set, set it to authenticationId.
if (ac.getAuthorizationID() == null) {
ac.setAuthorizedID(authenticationID);
}
// When authNid and authZid are not equal , authNId is attempting to impersonate authZid, We
// add the authNid as the real user in reqContext's subject which will be used during authorization.
if (!ac.getAuthenticationID().equals(ac.getAuthorizationID())) {
ReqContext.context().setRealPrincipal(new SaslTransportPlugin.User(ac.getAuthenticationID()));
}
ac.setAuthorized(true);
}
示例9: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
LOG.info("Successfully authenticated client: authenticationID = " + authenticationID + " authorizationID = " + ac.getAuthorizationID());
// if authorizationId is not set, set it to authenticationId.
if (ac.getAuthorizationID() == null) {
ac.setAuthorizedID(authenticationID);
}
// When authNid and authZid are not equal , authNId is attempting to impersonate authZid, We
// add the authNid as the real user in reqContext's subject which will be used during authorization.
if (!authenticationID.equals(ac.getAuthorizationID())) {
LOG.info("Impersonation attempt authenticationID = " + ac.getAuthenticationID() + " authorizationID = " + ac.getAuthorizationID());
ReqContext.context().setRealPrincipal(new SaslTransportPlugin.User(ac.getAuthenticationID()));
}
ac.setAuthorized(true);
}
示例10: test01
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
/**
* Test for <code>AuthorizeCallback(String authnID, String authzID)</code>
* and get/set methods
*/
public void test01() {
AuthorizeCallback auth = new AuthorizeCallback(null, null);
assertNull(auth.getAuthenticationID());
assertNull(auth.getAuthorizationID());
assertNull(auth.getAuthorizedID());
assertFalse(auth.isAuthorized());
auth.setAuthorized(true);
assertTrue(auth.isAuthorized());
assertNull(auth.getAuthorizedID());
auth.setAuthorized(false);
assertNull(auth.getAuthorizedID());
assertFalse(auth.isAuthorized());
auth.setAuthorizedID("ZZZ");
auth.setAuthorized(true);
assertEquals(auth.getAuthorizedID(), "ZZZ");
assertNull(auth.getAuthorizationID());
assertTrue(auth.isAuthorized());
}
示例11: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
@Override
public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
NameCallback nc = (NameCallback) callback;
if (!isKerberos && subject != null && !subject.getPublicCredentials(String.class).isEmpty()) {
nc.setName(subject.getPublicCredentials(String.class).iterator().next());
} else
nc.setName(nc.getDefaultName());
} else if (callback instanceof PasswordCallback) {
if (!isKerberos && subject != null && !subject.getPrivateCredentials(String.class).isEmpty()) {
char[] password = subject.getPrivateCredentials(String.class).iterator().next().toCharArray();
((PasswordCallback) callback).setPassword(password);
} else {
String errorMessage = "Could not login: the client is being asked for a password, but the Kafka" +
" client code does not currently support obtaining a password from the user.";
if (isKerberos) {
errorMessage += " Make sure -Djava.security.auth.login.config property passed to JVM and" +
" the client is configured to use a ticket cache (using" +
" the JAAS configuration setting 'useTicketCache=true)'. Make sure you are using" +
" FQDN of the Kafka broker you are trying to connect to.";
}
throw new UnsupportedCallbackException(callback, errorMessage);
}
} else if (callback instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) callback;
rc.setText(rc.getDefaultText());
} else if (callback instanceof AuthorizeCallback) {
AuthorizeCallback ac = (AuthorizeCallback) callback;
String authId = ac.getAuthenticationID();
String authzId = ac.getAuthorizationID();
ac.setAuthorized(authId.equals(authzId));
if (ac.isAuthorized())
ac.setAuthorizedID(authzId);
} else {
throw new UnsupportedCallbackException(callback, "Unrecognized SASL ClientCallback");
}
}
}
示例12: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
String authorizationID = ac.getAuthorizationID();
boolean authzFlag = false;
// 1. Matches authenticationID and authorizationID
authzFlag = authenticationID.equals(authorizationID);
// 2. Verify whether the connecting host is present in authorized hosts.
// If not exists, then connecting peer is not authorized to join the
// ensemble and will reject it.
if (authzFlag) {
String[] components = authorizationID.split("[/@]");
if (components.length == 3) {
authzFlag = authzHosts.contains(components[1]);
}
if (!authzFlag) {
LOG.error("SASL authorization completed, {} is not authorized to connect",
components[1]);
}
}
// Sets authorization flag
ac.setAuthorized(authzFlag);
if (ac.isAuthorized()) {
ac.setAuthorizedID(authorizationID);
LOG.info("Successfully authenticated learner: authenticationID={}; authorizationID={}.",
authenticationID, authorizationID);
}
LOG.debug("SASL authorization completed, authorized flag set to {}", ac.isAuthorized());
}
示例13: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
@Override
public void handle(Callback[] callbacks) throws UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
NameCallback nc = (NameCallback) callback;
if (!isKerberos && subject != null && !subject.getPublicCredentials(String.class).isEmpty()) {
nc.setName(subject.getPublicCredentials(String.class).iterator().next());
} else
nc.setName(nc.getDefaultName());
} else if (callback instanceof PasswordCallback) {
if (!isKerberos && subject != null && !subject.getPrivateCredentials(String.class).isEmpty()) {
char [] password = subject.getPrivateCredentials(String.class).iterator().next().toCharArray();
((PasswordCallback) callback).setPassword(password);
} else {
String errorMessage = "Could not login: the client is being asked for a password, but the Kafka" +
" client code does not currently support obtaining a password from the user.";
if (isKerberos) {
errorMessage += " Make sure -Djava.security.auth.login.config property passed to JVM and" +
" the client is configured to use a ticket cache (using" +
" the JAAS configuration setting 'useTicketCache=true)'. Make sure you are using" +
" FQDN of the Kafka broker you are trying to connect to.";
}
throw new UnsupportedCallbackException(callback, errorMessage);
}
} else if (callback instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) callback;
rc.setText(rc.getDefaultText());
} else if (callback instanceof AuthorizeCallback) {
AuthorizeCallback ac = (AuthorizeCallback) callback;
String authId = ac.getAuthenticationID();
String authzId = ac.getAuthorizationID();
ac.setAuthorized(authId.equals(authzId));
if (ac.isAuthorized())
ac.setAuthorizedID(authzId);
} else {
throw new UnsupportedCallbackException(callback, "Unrecognized SASL ClientCallback");
}
}
}
示例14: handle
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
@Override
public void handle(Callback[] callbacks) throws
UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof NameCallback) {
NameCallback nc = (NameCallback) callback;
nc.setName(nc.getDefaultName());
} else {
if (callback instanceof PasswordCallback) {
PasswordCallback pc = (PasswordCallback) callback;
if (password != null) {
pc.setPassword(this.password.toCharArray());
}
} else {
if (callback instanceof RealmCallback) {
RealmCallback rc = (RealmCallback) callback;
rc.setText(rc.getDefaultText());
} else {
if (callback instanceof AuthorizeCallback) {
AuthorizeCallback ac = (AuthorizeCallback) callback;
String authid = ac.getAuthenticationID();
String authzid = ac.getAuthorizationID();
if (authid.equals(authzid)) {
ac.setAuthorized(true);
} else {
ac.setAuthorized(false);
}
if (ac.isAuthorized()) {
ac.setAuthorizedID(authzid);
}
} else {
throw new UnsupportedCallbackException(callback, "Unrecognized SASL ClientCallback");
}
}
}
}
}
}
示例15: handleAuthorizeCallback
import javax.security.sasl.AuthorizeCallback; //导入方法依赖的package包/类
private void handleAuthorizeCallback(AuthorizeCallback ac) {
String authenticationID = ac.getAuthenticationID();
LOG.debug("Successfully authenticated client: authenticationID="
+ authenticationID);
ac.setAuthorizedID(authenticationID);
ac.setAuthorized(true);
}