org.jboss.security.SecurityContextAssociation Java Examples
The following examples show how to use
org.jboss.security.SecurityContextAssociation.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SubjectActions.java From lams with GNU General Public License v2.0 | 6 votes |
|
public void push(Principal principal, Object credential, Subject subject,
String securityDomain)
{
//SecurityAssociation.pushSubjectContext(subject, principal, credential);
SecurityContext sc = SecurityContextAssociation.getSecurityContext();
if(sc == null)
{
try
{
sc = SecurityContextFactory.createSecurityContext(principal, credential,
subject, securityDomain);
}
catch (Exception e)
{
throw new RuntimeException(e);
}
}
else
{
sc.getUtil().createSubjectInfo(principal, credential, subject);
}
SecurityContextAssociation.setSecurityContext(sc);
}
Example #2
| Source File: PicketBoxSecurityIntegration.java From lams with GNU General Public License v2.0 | 6 votes |
|
/**
* {@inheritDoc}
*/
public void setSecurityContext(org.jboss.jca.core.spi.security.SecurityContext context)
{
if (context == null)
{
SecurityContextAssociation.setSecurityContext(null);
}
else if (context instanceof PicketBoxSecurityContext)
{
PicketBoxSecurityContext psc = (PicketBoxSecurityContext)context;
SecurityContextAssociation.setSecurityContext(psc.getDelegator());
}
else
{
throw new IllegalArgumentException("Invalid SecurityContext: " + context);
}
}
Example #3
| Source File: PicketBoxSecurityIntegration.java From ironjacamar with Eclipse Public License 1.0 | 6 votes |
|
/**
* {@inheritDoc}
*/
public void setSecurityContext(org.ironjacamar.core.spi.security.SecurityContext context)
{
if (context == null)
{
SecurityContextAssociation.setSecurityContext(null);
}
else if (context instanceof PicketBoxSecurityContext)
{
PicketBoxSecurityContext psc = (PicketBoxSecurityContext)context;
SecurityContextAssociation.setSecurityContext(psc.getDelegator());
}
else
{
throw new IllegalArgumentException("Invalid SecurityContext: " + context);
}
}
Example #4
| Source File: SubjectActions.java From lams with GNU General Public License v2.0 | 6 votes |
|
public void push(Principal principal, Object credential, Subject subject,
String securityDomain)
{
//SecurityAssociation.pushSubjectContext(subject, principal, credential);
SecurityContext sc = SecurityContextAssociation.getSecurityContext();
if(sc == null)
{
try
{
sc = SecurityContextFactory.createSecurityContext(principal, credential,
subject, securityDomain);
}
catch (Exception e)
{
throw new RuntimeException(e);
}
}
else
{
sc.getUtil().createSubjectInfo(principal, credential, subject);
}
SecurityContextAssociation.setSecurityContext(sc);
}
Example #5
| Source File: JaasSecurityManagerBase.java From lams with GNU General Public License v2.0 | 6 votes |
|
/** Get the currently authenticated Subject. This is a thread local
property shared across all JaasSecurityManager instances.
@return The Subject authenticated in the current thread if one
exists, null otherwise.
*/
public Subject getActiveSubject()
{
/* This does not use SubjectActions.getActiveSubject since the caller
must have the correct permissions to access the
SecurityAssociation.getSubject method.
*/
//return SecurityAssociation.getSubject();
Subject subj = null;
SecurityContext sc = SecurityContextAssociation.getSecurityContext();
if(sc != null)
{
subj = sc.getUtil().getSubject();
}
return subj;
}
Example #6
| Source File: SecurityActions.java From lams with GNU General Public License v2.0 | 5 votes |
|
static void setSecurityContext(final SecurityContext sc)
{
AccessController.doPrivileged(new PrivilegedAction<Object>()
{
public Object run()
{
SecurityContextAssociation.setSecurityContext(sc);
return null;
}
});
}
Example #7
| Source File: SubjectActions.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void push(final Principal principal, final Object credential,
final Subject subject, final String securityDomain)
{
AccessController.doPrivileged(
new PrivilegedAction<Object>()
{
public Object run()
{
//SecurityAssociation.pushSubjectContext(subject, principal, credential);
SecurityContext sc = SecurityContextAssociation.getSecurityContext();
if(sc == null)
{
try
{
sc = SecurityContextFactory.createSecurityContext(principal, credential,
subject, securityDomain);
}
catch (Exception e)
{
throw new RuntimeException(e);
}
}
SecurityContextAssociation.setSecurityContext(sc);
return null;
}
}
);
}
Example #8
| Source File: SubjectActions.java From lams with GNU General Public License v2.0 | 5 votes |
|
static SecurityContext getSecurityContext()
{
return AccessController.doPrivileged(new PrivilegedAction<SecurityContext>(){
public SecurityContext run()
{
return SecurityContextAssociation.getSecurityContext();
}});
}
Example #9
| Source File: SubjectActions.java From lams with GNU General Public License v2.0 | 5 votes |
|
static void setSecurityContext(final SecurityContext sc)
{
AccessController.doPrivileged(new PrivilegedAction<SecurityContext>(){
public SecurityContext run()
{
SecurityContextAssociation.setSecurityContext(sc);
return null;
}});
}
Example #10
| Source File: SecurityActions.java From lams with GNU General Public License v2.0 | 5 votes |
|
static void setSecurityContext(final SecurityContext sc)
{
AccessController.doPrivileged(new PrivilegedAction<Object>()
{
public Object run()
{
SecurityContextAssociation.setSecurityContext(sc);
return null;
}
});
}
Example #11
| Source File: SecurityActions.java From lams with GNU General Public License v2.0 | 5 votes |
|
static SecurityContext getSecurityContext() throws PrivilegedActionException
{
return AccessController.doPrivileged(new PrivilegedExceptionAction<SecurityContext>()
{
public SecurityContext run() throws Exception
{
return SecurityContextAssociation.getSecurityContext();
}
});
}
Example #12
| Source File: SubjectActions.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void pop()
{
AccessController.doPrivileged(
new PrivilegedAction<Object>()
{
public Object run()
{
//SecurityAssociation.popSubjectContext();
SecurityContextAssociation.clearSecurityContext();
return null;
}
}
);
}
Example #13
| Source File: JWTAuthMechanism.java From thorntail with Apache License 2.0 | 5 votes |
|
/**
* Extract the Authorization header and validate the bearer token if it exists. If it does, and is validated, this
* builds the org.jboss.security.SecurityContext authenticated Subject that drives the container APIs as well as
* the authorization layers.
*
* @param exchange - the http request exchange object
* @param securityContext - the current security context that
* @return one of AUTHENTICATED, NOT_AUTHENTICATED or NOT_ATTEMPTED depending on the header and authentication outcome.
*/
@SuppressWarnings("deprecation")
@Override
public AuthenticationMechanismOutcome authenticate(HttpServerExchange exchange, SecurityContext securityContext) {
String jwtToken = new UndertowBearerTokenExtractor(authContextInfo, exchange).getBearerToken();
if (jwtToken != null) {
try {
identityManager = securityContext.getIdentityManager();
JWTCredential credential = new JWTCredential(jwtToken, authContextInfo);
// Install the JWT principal as the caller
Account account = identityManager.verify(credential.getName(), credential);
if (account != null) {
JsonWebToken jwtPrincipal = (JsonWebToken) account.getPrincipal();
preparePrincipalProducer(jwtPrincipal);
securityContext.authenticationComplete(account, "MP-JWT", false);
// Workaround authenticated JWTPrincipal not being installed as user principal
// https://issues.jboss.org/browse/WFLY-9212
org.jboss.security.SecurityContext jbSC = SecurityContextAssociation.getSecurityContext();
Subject subject = jbSC.getUtil().getSubject();
jbSC.getUtil().createSubjectInfo(jwtPrincipal, jwtToken, subject);
RoleGroup roles = extract(subject);
jbSC.getUtil().setRoles(roles);
UndertowLogger.SECURITY_LOGGER.debugf("Authenticated caller(%s) for path(%s) with roles: %s",
credential.getName(), exchange.getRequestPath(), account.getRoles());
return AuthenticationMechanismOutcome.AUTHENTICATED;
} else {
UndertowLogger.SECURITY_LOGGER.info("Failed to authenticate JWT bearer token");
return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
}
} catch (Exception e) {
UndertowLogger.SECURITY_LOGGER.infof(e, "Failed to validate JWT bearer token");
return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
}
}
// No suitable header has been found in this request,
return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
Example #14
| Source File: ElytronDefinition.java From wildfly-core with GNU Lesser General Public License v2.1 | 5 votes |
|
@Override
public Boolean get() {
if (WildFlySecurityManager.isChecking()) {
return doPrivileged((PrivilegedAction<Boolean>) () -> SecurityContextAssociation.getSecurityContext() != null);
} else {
return SecurityContextAssociation.getSecurityContext() != null;
}
}
Example #15
| Source File: PicketBoxSecurityIntegration.java From ironjacamar with Eclipse Public License 1.0 | 5 votes |
|
/**
* {@inheritDoc}
*/
public org.ironjacamar.core.spi.security.SecurityContext getSecurityContext()
{
org.jboss.security.SecurityContext sc = SecurityContextAssociation.getSecurityContext();
if (sc == null)
return null;
return new PicketBoxSecurityContext(sc);
}
Example #16
| Source File: SecurityInfoHelper.java From keycloak with Apache License 2.0 | 5 votes |
|
public static void propagateSessionInfo(KeycloakAccount account) {
Subject subject = new Subject();
Set<Principal> principals = subject.getPrincipals();
principals.add(account.getPrincipal());
Group[] roleSets = getRoleSets(account.getRoles());
for (int g = 0; g < roleSets.length; g++) {
Group group = roleSets[g];
String name = group.getName();
Group subjectGroup = createGroup(name, principals);
if (subjectGroup instanceof NestableGroup) {
/* A NestableGroup only allows Groups to be added to it so we
need to add a SimpleGroup to subjectRoles to contain the roles
*/
SimpleGroup tmp = new SimpleGroup("Roles");
subjectGroup.addMember(tmp);
subjectGroup = tmp;
}
// Copy the group members to the Subject group
Enumeration<? extends Principal> members = group.members();
while (members.hasMoreElements()) {
Principal role = (Principal) members.nextElement();
subjectGroup.addMember(role);
}
}
// add the CallerPrincipal group if none has been added in getRoleSets
Group callerGroup = new SimpleGroup(SecurityConstants.CALLER_PRINCIPAL_GROUP);
callerGroup.addMember(account.getPrincipal());
principals.add(callerGroup);
org.jboss.security.SecurityContext sc = SecurityContextAssociation.getSecurityContext();
Principal userPrincipal = getPrincipal(subject);
sc.getUtil().createSubjectInfo(userPrincipal, account, subject);
}
Example #17
| Source File: SecurityInfoHelper.java From keycloak with Apache License 2.0 | 5 votes |
|
public static void propagateSessionInfo(KeycloakAccount account) {
Subject subject = new Subject();
Set<Principal> principals = subject.getPrincipals();
principals.add(account.getPrincipal());
Group[] roleSets = getRoleSets(account.getRoles());
for (int g = 0; g < roleSets.length; g++) {
Group group = roleSets[g];
String name = group.getName();
Group subjectGroup = createGroup(name, principals);
if (subjectGroup instanceof NestableGroup) {
/* A NestableGroup only allows Groups to be added to it so we
need to add a SimpleGroup to subjectRoles to contain the roles
*/
SimpleGroup tmp = new SimpleGroup("Roles");
subjectGroup.addMember(tmp);
subjectGroup = tmp;
}
// Copy the group members to the Subject group
Enumeration<? extends Principal> members = group.members();
while (members.hasMoreElements()) {
Principal role = (Principal) members.nextElement();
subjectGroup.addMember(role);
}
}
// add the CallerPrincipal group if none has been added in getRoleSets
Group callerGroup = new SimpleGroup(SecurityConstants.CALLER_PRINCIPAL_GROUP);
callerGroup.addMember(account.getPrincipal());
principals.add(callerGroup);
org.jboss.security.SecurityContext sc = SecurityContextAssociation.getSecurityContext();
Principal userPrincipal = getPrincipal(subject);
sc.getUtil().createSubjectInfo(userPrincipal, account, subject);
}
Example #18
| Source File: SecurityClient.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* Set the vm wide association of security context
* (Default : false)s
* @param vmwideAssociation
*/
public void setVmwideAssociation(boolean vmwideAssociation)
{
this.vmwideAssociation = vmwideAssociation;
if(vmwideAssociation)
SecurityContextAssociation.setClient();
}
Example #19
| Source File: WebsocketSecurityConfigurator.java From datawave with Apache License 2.0 | 5 votes |
|
@Override
public void modifyHandshake(ServerEndpointConfig sec, HandshakeRequest request, HandshakeResponse response) {
super.modifyHandshake(sec, request, response);
sec.getUserProperties().put(WebsocketSecurityInterceptor.SESSION_PRINCIPAL, request.getUserPrincipal());
sec.getUserProperties().put(WebsocketSecurityInterceptor.SESSION_SUBJECT, SecurityContextAssociation.getSubject());
sec.getUserProperties().put(WebsocketSecurityInterceptor.SESSION_CREDENTIAL, SecurityContextAssociation.getPrincipal());
Map<String,List<String>> headers = request.getHeaders();
if (headers != null) {
List<String> loginHeader = headers.get(REQUEST_LOGIN_TIME_HEADER);
if (loginHeader != null && !loginHeader.isEmpty()) {
sec.getUserProperties().put(REQUEST_LOGIN_TIME_HEADER, loginHeader.get(0));
}
}
}
Example #20
| Source File: PicketBoxSecurityIntegration.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* {@inheritDoc}
*/
public org.jboss.jca.core.spi.security.SecurityContext getSecurityContext()
{
org.jboss.security.SecurityContext sc = SecurityContextAssociation.getSecurityContext();
if (sc == null)
return null;
return new PicketBoxSecurityContext(sc);
}
Example #21
| Source File: SecurityActions.java From lams with GNU General Public License v2.0 | 5 votes |
|
static SecurityContext getSecurityContext()
{
return AccessController.doPrivileged(new PrivilegedAction<SecurityContext>()
{
public SecurityContext run()
{
return SecurityContextAssociation.getSecurityContext();
}
});
}
Example #22
| Source File: RunAsLoginModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* Push the run as role using the SecurityAssociation.pushRunAsIdentity method
* @see SecurityContextAssociation#pushRunAsIdentity(org.jboss.security.RunAs)
*/
public boolean login()
{
RunAsIdentity runAsRole = new RunAsIdentity(roleName, principalName);
SecurityContextAssociation.pushRunAsIdentity(runAsRole);
pushedRole = true;
return true;
}
Example #23
| Source File: RunAsLoginModule.java From lams with GNU General Public License v2.0 | 5 votes |
|
/**
* Pop the run as role using the SecurityAssociation.popRunAsIdentity method
* @see SecurityContextAssociation#popRunAsIdentity()
*/
public boolean abort()
{
if( pushedRole == false )
return false;
SecurityContextAssociation.popRunAsIdentity();
return true;
}
Example #24
| Source File: SecurityActions.java From lams with GNU General Public License v2.0 | 5 votes |
|
static SecurityContext getCurrentSecurityContext()
{
return AccessController.doPrivileged( new PrivilegedAction<SecurityContext>()
{
public SecurityContext run()
{
return SecurityContextAssociation.getSecurityContext();
}
});
}
Example #25
| Source File: SubjectActions.java From lams with GNU General Public License v2.0 | 5 votes |
|
public Object run()
{
//Set it on the current security context also
SecurityContext sc = SecurityContextAssociation.getSecurityContext();
if(sc != null)
{
sc.getData().put(key, value);
}
return SecurityContextAssociation.setContextInfo(key, value);
}
Example #26
| Source File: SubjectActions.java From lams with GNU General Public License v2.0 | 5 votes |
|
public Object run()
{
//Set it on the current security context also
SecurityContext sc = SecurityContextAssociation.getSecurityContext();
if(sc != null)
{
sc.getData().put(key, value);
}
return SecurityContextAssociation.setContextInfo(key, value);
}
Example #27
| Source File: SubjectActions.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void push(final Principal principal, final Object credential,
final Subject subject, final String securityDomain)
{
AccessController.doPrivileged(
new PrivilegedAction<Object>()
{
public Object run()
{
SecurityContext sc = SecurityContextAssociation.getSecurityContext();
if(sc == null)
{
try
{
sc = SecurityContextFactory.createSecurityContext(principal, credential,
subject, securityDomain);
}
catch (Exception e)
{
throw new RuntimeException(e);
}
}
SecurityContextAssociation.setSecurityContext(sc);
return null;
}
}
);
}
Example #28
| Source File: SubjectActions.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void pop()
{
AccessController.doPrivileged(
new PrivilegedAction<Object>()
{
public Object run()
{
//SecurityAssociation.popSubjectContext();
SecurityContextAssociation.clearSecurityContext();
return null;
}
}
);
}
Example #29
| Source File: GetPrincipalInfoAction.java From lams with GNU General Public License v2.0 | 4 votes |
|
public Principal run()
{
return SecurityContextAssociation.getPrincipal();
}
Example #30
| Source File: GetPrincipalInfoAction.java From lams with GNU General Public License v2.0 | 4 votes |
|
public RunAs peek()
{
return SecurityContextAssociation.peekRunAsIdentity();
}
