Skip to content
This repository has been archived by the owner on Jan 7, 2021. It is now read-only.

Commit

Permalink
[Issue wildfly-security-incubator#4] Adding a new example to use Unde…
Browse files Browse the repository at this point in the history
…rtow stand-alone with the Elytron JASPIC implementation.
  • Loading branch information
darranl committed Jul 19, 2018
1 parent 0e7e92c commit 2205075
Show file tree
Hide file tree
Showing 6 changed files with 528 additions and 0 deletions.
6 changes: 6 additions & 0 deletions undertow-standalone-jaspic/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
/target/
.project
.classpath
.settings


105 changes: 105 additions & 0 deletions undertow-standalone-jaspic/pom.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
<?xml version="1.0" encoding="UTF-8"?>
<!-- ~ JBoss, Home of Professional Open Source. ~ Copyright 2018 Red Hat,
Inc., and individual contributors ~ as indicated by the @author tags. ~ ~
Licensed under the Apache License, Version 2.0 (the "License"); ~ you may
not use this file except in compliance with the License. ~ You may obtain
a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~
~ Unless required by applicable law or agreed to in writing, software ~ distributed
under the License is distributed on an "AS IS" BASIS, ~ WITHOUT WARRANTIES
OR CONDITIONS OF ANY KIND, either express or implied. ~ See the License for
the specific language governing permissions and ~ limitations under the License. -->

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>

<groupId>org.wildfly.security.examples</groupId>
<artifactId>undertow-standalone-jaspic</artifactId>
<version>1.0.0.Alpha1-SNAPSHOT</version>
<packaging>jar</packaging>

<name>undertow-standalone</name>
<url>http://maven.apache.org</url>

<properties>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

<version.io.undertow>2.0.10.Final</version.io.undertow>
<version.org.wildfly.security.wildfly-elytron>1.4.0.Final</version.org.wildfly.security.wildfly-elytron>
<version.org.wildfly.security.elytron-web>1.2.0.Final</version.org.wildfly.security.elytron-web>
<version.jboss.spec.javaee.7.0>1.0.3.Final</version.jboss.spec.javaee.7.0>
</properties>

<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<version>1.6.0</version>
<executions>
<execution>
<goals>
<goal>java</goal>
</goals>
</execution>
</executions>
<configuration>
<executable>java</executable>
<arguments>
<argument>-agentlib:jdwp=transport=dt_socket,address=8787,server=y,suspend=n</argument>
<argument>-classpath</argument>
<classpath />
<argument>org.wildfly.security.examples.HelloWorld</argument>
</arguments>
</configuration>
</plugin>
</plugins>
</build>

<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.jboss.spec</groupId>
<artifactId>jboss-javaee-7.0</artifactId>
<version>${version.jboss.spec.javaee.7.0}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>

<dependencies>
<dependency>
<groupId>org.jboss.spec.javax.servlet</groupId>
<artifactId>jboss-servlet-api_3.1_spec</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>io.undertow</groupId>
<artifactId>undertow-core</artifactId>
<version>${version.io.undertow}</version>
</dependency>
<dependency>
<groupId>io.undertow</groupId>
<artifactId>undertow-servlet</artifactId>
<version>${version.io.undertow}</version>
</dependency>
<dependency>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron</artifactId>
<version>${version.org.wildfly.security.wildfly-elytron}</version>
</dependency>
<dependency>
<groupId>org.wildfly.security.elytron-web</groupId>
<artifactId>undertow-server</artifactId>
<version>${version.org.wildfly.security.elytron-web}</version>
</dependency>
<dependency>
<groupId>org.wildfly.security.elytron-web</groupId>
<artifactId>undertow-server-servlet</artifactId>
<version>${version.org.wildfly.security.elytron-web}</version>
</dependency>
</dependencies>
</project>
Original file line number Diff line number Diff line change
@@ -0,0 +1,168 @@
/*
* JBoss, Home of Professional Open Source.
* Copyright 2017 Red Hat, Inc., and individual contributors
* as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wildfly.security.examples;

import static org.wildfly.security.password.interfaces.ClearPassword.ALGORITHM_CLEAR;

import java.security.Provider;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;

import javax.security.auth.message.config.AuthConfigFactory;

import org.wildfly.elytron.web.undertow.server.servlet.AuthenticationManager;
import org.wildfly.security.WildFlyElytronProvider;
import org.wildfly.security.auth.jaspi.ElytronAuthConfigFactory;
import org.wildfly.security.auth.jaspi.JaspicConfigurationBuilder;
import org.wildfly.security.auth.permission.LoginPermission;
import org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm;
import org.wildfly.security.auth.realm.SimpleRealmEntry;
import org.wildfly.security.auth.server.HttpAuthenticationFactory;
import org.wildfly.security.auth.server.MechanismConfiguration;
import org.wildfly.security.auth.server.MechanismConfigurationSelector;
import org.wildfly.security.auth.server.MechanismRealmConfiguration;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.authz.RoleMapper;
import org.wildfly.security.authz.Roles;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.examples.jaspi.SimpleServerAuthModule;
import org.wildfly.security.examples.servlet.SecuredServlet;
import org.wildfly.security.http.HttpServerAuthenticationMechanismFactory;
import org.wildfly.security.http.util.FilterServerMechanismFactory;
import org.wildfly.security.http.util.SecurityProviderServerMechanismFactory;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.spec.ClearPasswordSpec;
import org.wildfly.security.permission.PermissionVerifier;

import io.undertow.Handlers;
import io.undertow.Undertow;
import io.undertow.server.handlers.PathHandler;
import io.undertow.servlet.Servlets;
import io.undertow.servlet.api.AuthMethodConfig;
import io.undertow.servlet.api.DeploymentInfo;
import io.undertow.servlet.api.DeploymentManager;
import io.undertow.servlet.api.LoginConfig;
import io.undertow.servlet.api.SecurityConstraint;
import io.undertow.servlet.api.SecurityInfo;
import io.undertow.servlet.api.WebResourceCollection;

/**
*
*
* @author <a href="mailto:[email protected]">Darran Lofthouse</a>
*/
public class HelloWorld {

private static final WildFlyElytronProvider elytronProvider = new WildFlyElytronProvider();

private static final String HOST = "localhost";
private static final int PORT = 28080;
private static final String PATH = "/helloworld";
private static final String SERVLET = "/secured";

public static void main(String[] args) throws Exception {
SecurityDomain securityDomain = createSecurityDomain();
configureJaspic(securityDomain);

LoginConfig loginConfig = new LoginConfig("Elytron Authentication");
loginConfig.addFirstAuthMethod(new AuthMethodConfig("BASIC", Collections.emptyMap()));

DeploymentInfo deploymentInfo = Servlets.deployment()
.setClassLoader(SecuredServlet.class.getClassLoader())
.setContextPath(PATH)
.setDeploymentName("helloworld.war")
.setLoginConfig(loginConfig)
.addSecurityConstraint(new SecurityConstraint()
.addWebResourceCollection(new WebResourceCollection()
.addUrlPattern("/secured/*"))
.addRoleAllowed("Test")
.setEmptyRoleSemantic(SecurityInfo.EmptyRoleSemantic.DENY))
.addServlets(Servlets.servlet(SecuredServlet.class)
.addMapping(SERVLET));

AuthenticationManager authManager = AuthenticationManager.builder()
.setHttpAuthenticationFactory(createHttpAuthenticationFactory(securityDomain))
.setOverrideDeploymentConfig(true)
.build();
authManager.configure(deploymentInfo);

DeploymentManager deployManager = Servlets.defaultContainer().addDeployment(deploymentInfo);
deployManager.deploy();

PathHandler path = Handlers.path(Handlers.redirect(PATH))
.addPrefixPath(PATH, deployManager.start());

Undertow server = Undertow.builder()
.addHttpListener(PORT, HOST)
.setHandler(path)
.build();
server.start();

System.out.println();
System.out.println(String.format("Ready for requests to http://%s:%d%s%s", HOST, PORT, PATH, SERVLET));
System.out.println();
System.out.println(String.format("e.g. 'curl http://%s:%d%s%s' \n", HOST, PORT, PATH, SERVLET));
}

private static String configureJaspic(final SecurityDomain securityDomain) {
AuthConfigFactory authConfigFactory = new ElytronAuthConfigFactory();
AuthConfigFactory.setFactory(authConfigFactory);

return JaspicConfigurationBuilder.builder(null, null)
.setDescription("Default Catch All Configuration")
.addAuthModuleFactory(SimpleServerAuthModule::new)
.setSecurityDomain(securityDomain)
.register(authConfigFactory);
}

private static SecurityDomain createSecurityDomain() throws Exception {
PasswordFactory passwordFactory = PasswordFactory.getInstance(ALGORITHM_CLEAR, elytronProvider);

Map<String, SimpleRealmEntry> identityMap = new HashMap<>();
identityMap.put("elytron", new SimpleRealmEntry(Collections.singletonList(new PasswordCredential(passwordFactory.generatePassword(new ClearPasswordSpec("Coleoptera".toCharArray()))))));

SimpleMapBackedSecurityRealm simpleRealm = new SimpleMapBackedSecurityRealm(() -> new Provider[] { elytronProvider });
simpleRealm.setIdentityMap(identityMap);


SecurityDomain.Builder builder = SecurityDomain.builder()
.setDefaultRealmName("TestRealm")
.setRoleMapper(RoleMapper.constant(Roles.fromSet(Collections.singleton("Test"))));

builder.addRealm("TestRealm", simpleRealm).build();
builder.setPermissionMapper((principal, roles) -> PermissionVerifier.from(new LoginPermission()));

return builder.build();
}

private static HttpAuthenticationFactory createHttpAuthenticationFactory(final SecurityDomain securityDomain) {
HttpServerAuthenticationMechanismFactory providerFactory = new SecurityProviderServerMechanismFactory(() -> new Provider[] {elytronProvider});
HttpServerAuthenticationMechanismFactory httpServerMechanismFactory = new FilterServerMechanismFactory(providerFactory, true, "BASIC");

return HttpAuthenticationFactory.builder()
.setSecurityDomain(securityDomain)
.setMechanismConfigurationSelector(MechanismConfigurationSelector.constantSelector(
MechanismConfiguration.builder()
.addMechanismRealm(MechanismRealmConfiguration.builder().setRealmName("Elytron Realm").build())
.build()))
.setFactory(httpServerMechanismFactory)
.build();
}

}
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
/*
* Copyright 2018 Red Hat, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package org.wildfly.security.examples.jaspi;

import java.security.Principal;

public class SimplePrincipal implements Principal {

private final String name;

public SimplePrincipal(final String name) {
this.name = name;
}

@Override
public String getName() {
return name;
}

@Override
public boolean equals(Object obj) {
// TODO Auto-generated method stub
return super.equals(obj);
}

@Override
public int hashCode() {
// TODO Auto-generated method stub
return super.hashCode();
}

@Override
public String toString() {
return getName();
}


}
Loading

0 comments on commit 2205075

Please sign in to comment.