Java Code Examples for javax.security.auth.Subject#setReadOnly()
The following examples show how to use
javax.security.auth.Subject#setReadOnly() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SubjectCreator.java From qpid-broker-j with Apache License 2.0 | 6 votes |
|
public SubjectAuthenticationResult createResultWithGroups(final AuthenticationResult authenticationResult)
{
if(authenticationResult.getStatus() == AuthenticationStatus.SUCCESS)
{
final Subject authenticationSubject = new Subject();
authenticationSubject.getPrincipals().addAll(authenticationResult.getPrincipals());
final Set<Principal> groupPrincipals = getGroupPrincipals(authenticationResult.getMainPrincipal());
authenticationSubject.getPrincipals().addAll(groupPrincipals);
authenticationSubject.setReadOnly();
return new SubjectAuthenticationResult(authenticationResult, authenticationSubject);
}
else
{
return new SubjectAuthenticationResult(authenticationResult);
}
}
Example 2
| Source File: CacheFactoryTest.java From qpid-broker-j with Apache License 2.0 | 6 votes |
|
@Test
public void getCache()
{
String cacheName = "test";
final Cache<Object, Object> cache = new NullCache<>();
final CacheProvider virtualHost = mock(CacheProvider.class, withSettings().extraInterfaces(VirtualHost.class));
when(virtualHost.getNamedCache(cacheName)).thenReturn(cache);
final Subject subject = new Subject();
subject.getPrincipals().add(new VirtualHostPrincipal((VirtualHost<?>) virtualHost));
subject.setReadOnly();
Cache<String, String> actualCache = Subject.doAs(subject,
(PrivilegedAction<Cache<String, String>>) () -> CacheFactory.getCache(cacheName,
null));
assertSame(actualCache, cache);
verify(virtualHost).getNamedCache(cacheName);
}
Example 3
| Source File: UsernameFunctionProcessorTest.java From knox with Apache License 2.0 | 6 votes |
|
@Test
public void testResolve() throws Exception {
final UsernameFunctionProcessor processor = new UsernameFunctionProcessor();
assertThat( processor.resolve( null, null ), nullValue() );
assertThat( processor.resolve( null, Collections.singletonList("test-input")), contains( "test-input" ) );
Subject subject = new Subject();
subject.getPrincipals().add( new PrimaryPrincipal( "test-username" ) );
subject.setReadOnly();
Subject.doAs( subject, new PrivilegedExceptionAction<Object>() {
@Override
public Object run() throws Exception {
assertThat( processor.resolve( null, null ), contains( "test-username" ) );
assertThat( processor.resolve( null, Collections.singletonList("test-ignored")), contains( "test-username" ) );
return null;
}
} );
}
Example 4
| Source File: SimpleUsernameTokenInterceptor.java From cxf with Apache License 2.0 | 6 votes |
|
protected Subject createSubject(String name,
String password,
boolean isDigest,
String nonce,
String created) throws SecurityException {
Subject subject = new Subject();
// delegate to the external security system if possible
// authenticate the user somehow
subject.getPrincipals().add(new SimplePrincipal(name));
// add roles this user is in
String roleName = "Alice".equals(name) ? "developers" : "pms";
subject.getPrincipals().add(new SimpleGroup(roleName, name));
subject.setReadOnly();
return subject;
}
Example 5
| Source File: SimpleSubjectCreatingInterceptor.java From steady with Apache License 2.0 | 5 votes |
|
@Override
protected Subject createSubject(String name,
String password,
boolean isDigest,
String nonce,
String created) throws SecurityException {
Subject subject = new Subject();
// delegate to the external security system if possible
subject.getPrincipals().add(new SimplePrincipal(name));
subject.getPrincipals().add(new SimpleGroup("developers", name));
subject.setReadOnly();
return subject;
}
Example 6
| Source File: SimpleSubjectCreatingInterceptor.java From steady with Apache License 2.0 | 5 votes |
|
@Override
protected Subject createSubject(String name,
String password,
boolean isDigest,
String nonce,
String created) throws SecurityException {
Subject subject = new Subject();
// delegate to the external security system if possible
subject.getPrincipals().add(new SimplePrincipal(name));
subject.getPrincipals().add(new SimpleGroup("developers", name));
subject.setReadOnly();
return subject;
}
Example 7
| Source File: SimpleSubjectCreatingInterceptor.java From steady with Apache License 2.0 | 5 votes |
|
@Override
protected Subject createSubject(String name,
String password,
boolean isDigest,
String nonce,
String created) throws SecurityException {
Subject subject = new Subject();
// delegate to the external security system if possible
subject.getPrincipals().add(new SimplePrincipal(name));
subject.getPrincipals().add(new SimpleGroup("developers", name));
subject.setReadOnly();
return subject;
}
Example 8
| Source File: SimpleSubjectCreatingInterceptor.java From steady with Apache License 2.0 | 5 votes |
|
@Override
protected Subject createSubject(String name,
String password,
boolean isDigest,
String nonce,
String created) throws SecurityException {
Subject subject = new Subject();
// delegate to the external security system if possible
subject.getPrincipals().add(new SimplePrincipal(name));
subject.getPrincipals().add(new SimpleGroup("developers", name));
subject.setReadOnly();
return subject;
}
Example 9
| Source File: HttpManagementUtil.java From qpid-broker-j with Apache License 2.0 | 5 votes |
|
public static Subject createServletConnectionSubject(final HttpServletRequest request, Subject original)
{
Subject subject = new Subject(false,
original.getPrincipals(),
original.getPublicCredentials(),
original.getPrivateCredentials());
subject.getPrincipals().add(new ServletConnectionPrincipal(request));
subject.setReadOnly();
return subject;
}
Example 10
| Source File: SubjectCreator.java From qpid-broker-j with Apache License 2.0 | 5 votes |
|
public Subject createSubjectWithGroups(Principal userPrincipal)
{
Subject authenticationSubject = new Subject();
authenticationSubject.getPrincipals().add(userPrincipal);
authenticationSubject.getPrincipals().addAll(getGroupPrincipals(userPrincipal));
authenticationSubject.setReadOnly();
return authenticationSubject;
}
Example 11
| Source File: MongoLoginService.java From EDDI with Apache License 2.0 | 5 votes |
|
private UserIdentity createUserIdentity(String username, Credential credential) {
Principal userPrincipal = new AbstractLoginService.UserPrincipal(username, credential);
Subject subject = new Subject();
subject.getPrincipals().add(userPrincipal);
subject.getPrivateCredentials().add(credential);
subject.setReadOnly();
return identityService.newUserIdentity(subject, userPrincipal, new String[]{"user"});
}
Example 12
| Source File: CustomUsernameTokenInterceptor.java From cxf with Apache License 2.0 | 5 votes |
|
protected Subject createSubject(String name,
String password,
boolean isDigest,
String nonce,
String created) throws SecurityException {
Subject subject = new Subject();
// delegate to the external security system if possible
// authenticate the user somehow
subject.getPrincipals().add(new SimplePrincipal(name));
// add roles this user is in
String roleName = "Alice".equals(name) ? "developers" : "pms";
try {
String expectedPassword = "Alice".equals(name) ? "ecilA"
: UsernameTokenUtil.doPasswordDigest(XMLUtils.decode(nonce), created, "invalid-password");
if (!password.equals(expectedPassword)) {
throw new SecurityException("Wrong Password");
}
} catch (org.apache.wss4j.common.ext.WSSecurityException ex) {
throw new SecurityException("Wrong Password");
}
subject.getPrincipals().add(new SimpleGroup(roleName, name));
subject.setReadOnly();
return subject;
}
Example 13
| Source File: SimpleSubjectCreatingInterceptor.java From cxf with Apache License 2.0 | 5 votes |
|
@Override
protected Subject createSubject(String name,
String password,
boolean isDigest,
String nonce,
String created) throws SecurityException {
Subject subject = new Subject();
// delegate to the external security system if possible
String roleName = "Alice".equals(name) ? "developers" : "pms";
subject.getPrincipals().add(new SimplePrincipal(name));
subject.getPrincipals().add(new SimpleGroup(roleName, name));
subject.setReadOnly();
return subject;
}
Example 14
| Source File: SimpleSubjectCreatingInterceptor.java From cxf with Apache License 2.0 | 5 votes |
|
@Override
protected Subject createSubject(String name,
String password,
boolean isDigest,
String nonce,
String created) throws SecurityException {
Subject subject = new Subject();
// delegate to the external security system if possible
subject.getPrincipals().add(new SimplePrincipal(name));
subject.getPrincipals().add(new SimpleGroup("developers", name));
subject.setReadOnly();
return subject;
}
Example 15
| Source File: BrokerImplTest.java From qpid-broker-j with Apache License 2.0 | 4 votes |
|
@Test
public void testPurgeUser() throws Exception
{
final String testUsername = "testUser";
final String testPassword = "testPassword";
// setup broker
Map<String, Object> brokerAttributes = new HashMap<>();
brokerAttributes.put("name", "Broker");
brokerAttributes.put(Broker.MODEL_VERSION, BrokerModel.MODEL_VERSION);
brokerAttributes.put(Broker.DURABLE, true);
_brokerImpl = new BrokerImpl(brokerAttributes, _systemConfig);
_brokerImpl.open();
// setup auth provider with testuser
final Map<String, Object> authProviderAttributes = new HashMap<>();
authProviderAttributes.put(ConfiguredObject.NAME, "testAuthProvider");
authProviderAttributes.put(ConfiguredObject.TYPE, "Simple");
SimpleAuthenticationManager authenticationProvider = new SimpleAuthenticationManager(authProviderAttributes, _brokerImpl);
authenticationProvider.create();
authenticationProvider.addUser(testUsername, testPassword);
// setup preference owned by testuser
final Map<String, Object> preferenceAttributes = new HashMap<>();
UUID preferenceId = UUID.randomUUID();
preferenceAttributes.put(Preference.ID_ATTRIBUTE, preferenceId);
preferenceAttributes.put(Preference.NAME_ATTRIBUTE, "testPref");
preferenceAttributes.put(Preference.TYPE_ATTRIBUTE, "X-testPrefType");
preferenceAttributes.put(Preference.VALUE_ATTRIBUTE, Collections.EMPTY_MAP);
Subject testUserSubject = new Subject();
testUserSubject.getPrincipals()
.add(new AuthenticatedPrincipal(new UsernamePrincipal(testUsername, authenticationProvider)));
testUserSubject.setReadOnly();
final Collection<Preference> preferences =
Collections.singleton(PreferenceFactory.fromAttributes(_brokerImpl, preferenceAttributes));
Subject.doAs(testUserSubject, new PrivilegedAction<Void>()
{
@Override
public Void run()
{
try
{
_brokerImpl.getUserPreferences().updateOrAppend(preferences).get(10, TimeUnit.SECONDS);
}
catch (InterruptedException | ExecutionException | TimeoutException e)
{
e.printStackTrace();
fail("Failed to put preference:");
}
return null;
}
});
// test pre-conditions
Collection<Preference> preferencesBeforePurge = getPreferencesAs(testUserSubject);
assertEquals("Unexpected number of preferences before userPurge",
(long) 1,
(long) preferencesBeforePurge.size());
assertEquals("Unexpected preference before userPurge",
preferenceId,
preferencesBeforePurge.iterator().next().getId());
assertTrue("User was not valid before userPurge",
authenticationProvider.getUsers().containsKey(testUsername));
_brokerImpl.purgeUser(authenticationProvider, testUsername);
// test post-conditions
Collection<Preference> preferencesAfterPurge = getPreferencesAs(testUserSubject);
assertEquals("Preferences were not deleted during userPurge",
Collections.EMPTY_SET,
preferencesAfterPurge);
assertEquals("User was not deleted from authentication Provider",
Collections.EMPTY_MAP,
authenticationProvider.getUsers());
verify(_preferenceStore).replace(Collections.singleton(preferenceId), Collections.EMPTY_SET);
}
