karaf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cschnei...@apache.org
Subject [4/4] karaf git commit: Extract common code
Date Wed, 02 Aug 2017 08:14:21 GMT
Extract common code


Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/ae75feed
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/ae75feed
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/ae75feed

Branch: refs/heads/master
Commit: ae75feed11bab347bf7d4e6eb6d48a879189d1cf
Parents: f75ade9
Author: Christian Schneider <chris@die-schneider.net>
Authored: Tue Aug 1 14:32:47 2017 +0200
Committer: Christian Schneider <chris@die-schneider.net>
Committed: Wed Aug 2 10:14:10 2017 +0200

----------------------------------------------------------------------
 .../karaf/shell/ssh/KarafJaasAuthenticator.java | 100 +++++++------------
 1 file changed, 38 insertions(+), 62 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/karaf/blob/ae75feed/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java
----------------------------------------------------------------------
diff --git a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java
b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java
index 94b715c..e1420f4 100644
--- a/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java
+++ b/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java
@@ -23,6 +23,7 @@ import java.security.PublicKey;
 
 import javax.security.auth.Subject;
 import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
@@ -45,48 +46,46 @@ public class KarafJaasAuthenticator implements PasswordAuthenticator,
PublickeyA
 
     private String realm;
 
-    public KarafJaasAuthenticator() {
-    }
-
     public KarafJaasAuthenticator(String realm) {
         this.realm = realm;
     }
 
-    public String getRealm() {
-        return realm;
+    public boolean authenticate(final String username, final String password, final ServerSession
session) {
+        CallbackHandler callbackHandler = callbacks -> {
+            for (Callback callback : callbacks) {
+                if (callback instanceof NameCallback) {
+                    ((NameCallback) callback).setName(username);
+                } else if (callback instanceof PasswordCallback) {
+                    ((PasswordCallback) callback).setPassword(password.toCharArray());
+                } else {
+                    throw new UnsupportedCallbackException(callback);
+                }
+            }
+        };
+        return doLogin(session, callbackHandler);
     }
 
-    public void setRealm(String realm) {
-        this.realm = realm;
+    public boolean authenticate(final String username, final PublicKey key, final ServerSession
session) {
+        CallbackHandler callbackHandler = callbacks -> {
+            for (Callback callback : callbacks) {
+                if (callback instanceof NameCallback) {
+                    ((NameCallback) callback).setName(username);
+                } else if (callback instanceof PublickeyCallback) {
+                    ((PublickeyCallback) callback).setPublicKey(key);
+                } else {
+                    throw new UnsupportedCallbackException(callback);
+                }
+            }
+        };
+        return doLogin(session, callbackHandler);
     }
 
-    public boolean authenticate(final String username, final String password, final ServerSession
session) {
+    private boolean doLogin(final ServerSession session, CallbackHandler callbackHandler)
{
         try {
             Subject subject = new Subject();
-            LoginContext loginContext = new LoginContext(realm, subject, callbacks ->
{
-                for (Callback callback : callbacks) {
-                    if (callback instanceof NameCallback) {
-                        ((NameCallback) callback).setName(username);
-                    } else if (callback instanceof PasswordCallback) {
-                        ((PasswordCallback) callback).setPassword(password.toCharArray());
-                    } else {
-                        throw new UnsupportedCallbackException(callback);
-                    }
-                }
-            });
+            LoginContext loginContext = new LoginContext(realm, subject, callbackHandler);
             loginContext.login();
-
-            int roleCount = 0;
-            for (Principal principal : subject.getPrincipals()) {
-                if (principal instanceof RolePrincipal) {
-                    roleCount++;
-                }
-            }
-
-            if (roleCount == 0) {
-                throw new FailedLoginException("User doesn't have role defined");
-            }
-
+            assertRolePresent(subject);
             session.setAttribute(SUBJECT_ATTRIBUTE_KEY, subject);
             return true;
         } catch (Exception e) {
@@ -95,38 +94,15 @@ public class KarafJaasAuthenticator implements PasswordAuthenticator,
PublickeyA
         }
     }
 
-    public boolean authenticate(final String username, final PublicKey key, final ServerSession
session) {
-        try {
-            Subject subject = new Subject();
-            LoginContext loginContext = new LoginContext(realm, subject, callbacks ->
{
-                for (Callback callback : callbacks) {
-                    if (callback instanceof NameCallback) {
-                        ((NameCallback) callback).setName(username);
-                    } else if (callback instanceof PublickeyCallback) {
-                        ((PublickeyCallback) callback).setPublicKey(key);
-                    } else {
-                        throw new UnsupportedCallbackException(callback);
-                    }
-                }
-            });
-            loginContext.login();
-
-            int roleCount = 0;
-            for (Principal principal : subject.getPrincipals()) {
-                if (principal instanceof RolePrincipal) {
-                    roleCount++;
-                }
-            }
-
-            if (roleCount == 0) {
-                throw new FailedLoginException("User doesn't have role defined");
+    private void assertRolePresent(Subject subject) throws FailedLoginException {
+        int roleCount = 0;
+        for (Principal principal : subject.getPrincipals()) {
+            if (principal instanceof RolePrincipal) {
+                roleCount++;
             }
-
-            session.setAttribute(SUBJECT_ATTRIBUTE_KEY, subject);
-            return true;
-        } catch (Exception e) {
-            LOGGER.debug("User authentication failed with " + e.getMessage(), e);
-            return false;
+        }
+        if (roleCount == 0) {
+            throw new FailedLoginException("User doesn't have role defined");
         }
     }
 


Mime
View raw message