Skip to content

Commit

Permalink
[WFLY-4582] Use Elytron callbacks instead of the jboss-sasl callbacks
Browse files Browse the repository at this point in the history
  • Loading branch information
@fjuma @kabir
fjuma authored and kabir committed Nov 9, 2016
1 parent 5a085d9 commit dd1a9ba
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 10 deletions.
25 changes: 16 additions & 9 deletions security/subsystem/src/main/java/org/jboss/as/security/RealmDirectLoginModule.java
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
import static java.nio.charset.StandardCharsets.UTF_8; import static java.nio.charset.StandardCharsets.UTF_8;
import static org.jboss.as.domain.management.RealmConfigurationConstants.DIGEST_PLAIN_TEXT; import static org.jboss.as.domain.management.RealmConfigurationConstants.DIGEST_PLAIN_TEXT;
import static org.jboss.as.domain.management.RealmConfigurationConstants.VERIFY_PASSWORD_CALLBACK_SUPPORTED; import static org.jboss.as.domain.management.RealmConfigurationConstants.VERIFY_PASSWORD_CALLBACK_SUPPORTED;
import static org.wildfly.security.password.interfaces.DigestPassword.ALGORITHM_DIGEST_MD5;


import java.io.IOException; import java.io.IOException;
import java.security.AccessController; import java.security.AccessController;
Expand Down Expand Up @@ -55,12 +56,16 @@
import org.jboss.as.server.CurrentServiceContainer; import org.jboss.as.server.CurrentServiceContainer;
import org.jboss.msc.service.ServiceContainer; import org.jboss.msc.service.ServiceContainer;
import org.jboss.msc.service.ServiceController; import org.jboss.msc.service.ServiceController;
import org.jboss.sasl.callback.DigestHashCallback;
import org.jboss.sasl.callback.VerifyPasswordCallback;
import org.jboss.sasl.util.UsernamePasswordHashUtil;
import org.jboss.security.SimpleGroup; import org.jboss.security.SimpleGroup;
import org.jboss.security.auth.callback.ObjectCallback; import org.jboss.security.auth.callback.ObjectCallback;
import org.jboss.security.auth.spi.UsernamePasswordLoginModule; import org.jboss.security.auth.spi.UsernamePasswordLoginModule;
import org.wildfly.security.auth.callback.CredentialCallback;
import org.wildfly.security.auth.callback.EvidenceVerifyCallback;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.evidence.PasswordGuessEvidence;
import org.wildfly.security.password.interfaces.DigestPassword;
import org.wildfly.security.sasl.util.UsernamePasswordHashUtil;
import org.wildfly.security.util.ByteIterator;


/** /**
* A login module implementation to interface directly with the security realm. * A login module implementation to interface directly with the security realm.
Expand Down Expand Up @@ -172,9 +177,11 @@ protected String getUsersPassword() throws LoginException {
String password = null; String password = null;
switch (validationMode) { switch (validationMode) {
case DIGEST: case DIGEST:
DigestHashCallback dhc = new DigestHashCallback("Digest"); CredentialCallback cc = new CredentialCallback(PasswordCredential.class, ALGORITHM_DIGEST_MD5);
handle(new Callback[]{rcb, ncb, dhc}); handle(new Callback[]{rcb, ncb, cc});
password = dhc.getHexHash(); PasswordCredential passwordCredential = (PasswordCredential) cc.getCredential();
DigestPassword digestPassword = passwordCredential.getPassword(DigestPassword.class);
password = ByteIterator.ofBytes(digestPassword.getDigest()).hexEncode().drainToString();


break; break;
case PASSWORD: case PASSWORD:
Expand Down Expand Up @@ -223,11 +230,11 @@ protected boolean validatePassword(String inputPassword, String expectedPassword
case VALIDATION: case VALIDATION:
RealmCallback rcb = new RealmCallback("Realm", securityRealm.getName()); RealmCallback rcb = new RealmCallback("Realm", securityRealm.getName());
NameCallback ncb = new NameCallback("User Name", getUsername()); NameCallback ncb = new NameCallback("User Name", getUsername());
VerifyPasswordCallback vpc = new VerifyPasswordCallback(inputPassword); EvidenceVerifyCallback evc = new EvidenceVerifyCallback(new PasswordGuessEvidence(inputPassword.toCharArray()));


try { try {
handle(new Callback[]{rcb, ncb, vpc}); handle(new Callback[]{rcb, ncb, evc});
return vpc.isVerified(); return evc.isVerified();
} catch (LoginException e) { } catch (LoginException e) {
return false; return false;
} }
Expand Down
2 changes: 1 addition & 1 deletion security/subsystem/src/main/java/org/jboss/as/security/RealmUsersRolesLoginModule.java
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -29,8 +29,8 @@
import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException; import javax.security.auth.login.LoginException;


import org.jboss.sasl.util.UsernamePasswordHashUtil;
import org.jboss.security.auth.spi.UsersRolesLoginModule; import org.jboss.security.auth.spi.UsersRolesLoginModule;
import org.wildfly.security.sasl.util.UsernamePasswordHashUtil;


/** /**
* @author Jason T. Greene * @author Jason T. Greene
Expand Down

0 comments on commit dd1a9ba

Please sign in to comment.