Java Code Examples for org.wildfly.security.auth.server.SecurityIdentity#getRoles()
The following examples show how to use
org.wildfly.security.auth.server.SecurityIdentity#getRoles() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: ElytronToJaasFilter.java From taskana with Apache License 2.0 | 7 votes |
|
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
SecurityIdentity securityIdentity = getSecurityIdentity();
if (securityIdentity != null) {
Roles roles = securityIdentity.getRoles();
Subject subject = obtainSubject(request);
if (subject != null) {
if (subject.getPrincipals().size() == 0) {
subject.getPrincipals().add(securityIdentity.getPrincipal());
}
if (subject.getPrincipals(GroupPrincipal.class).size() == 0) {
roles.forEach(role -> subject.getPrincipals().add(new GroupPrincipal(role)));
}
}
}
chain.doFilter(request, response);
}
Example 2
| Source File: RoleMappersTestCase.java From wildfly-core with GNU Lesser General Public License v2.1 | 6 votes |
|
@Test
public void testMappedRoleMapper() throws Exception {
init("TestDomain1");
ServiceName serviceName = Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY.getCapabilityServiceName("TestDomain1");
Assert.assertNotNull(services.getContainer());
Assert.assertNotNull(services.getContainer().getService(serviceName));
SecurityDomain domain = (SecurityDomain) services.getContainer().getService(serviceName).getValue();
Assert.assertNotNull(domain);
ServerAuthenticationContext context = domain.createNewAuthenticationContext();
context.setAuthenticationName("user1");
Assert.assertTrue(context.exists());
Assert.assertTrue(context.authorize());
context.succeed();
SecurityIdentity identity = context.getAuthorizedIdentity();
Roles roles = identity.getRoles();
Assert.assertTrue(roles.contains("mappedGroup"));
Assert.assertFalse(roles.contains("firstGroup"));
Assert.assertFalse(roles.contains("secondGroup"));
Assert.assertFalse(roles.contains("notInThisGroup"));
Assert.assertEquals("user1", identity.getPrincipal().getName());
}
Example 3
| Source File: RoleMappersTestCase.java From wildfly-core with GNU Lesser General Public License v2.1 | 6 votes |
|
@Test
public void testKeepMappedRoleMapper() throws Exception {
init("TestDomain2");
ServiceName serviceName = Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY.getCapabilityServiceName("TestDomain2");
Assert.assertNotNull(services.getContainer());
Assert.assertNotNull(services.getContainer().getService(serviceName));
SecurityDomain domain = (SecurityDomain) services.getContainer().getService(serviceName).getValue();
Assert.assertNotNull(domain);
ServerAuthenticationContext context = domain.createNewAuthenticationContext();
context.setAuthenticationName("user1");
Assert.assertTrue(context.exists());
Assert.assertTrue(context.authorize());
context.succeed();
SecurityIdentity identity = context.getAuthorizedIdentity();
Roles roles = identity.getRoles();
Assert.assertTrue(roles.contains("mappedGroup"));
Assert.assertTrue(roles.contains("firstGroup"));
Assert.assertFalse(roles.contains("secondGroup"));
Assert.assertFalse(roles.contains("notInThisGroup"));
Assert.assertEquals("user1", identity.getPrincipal().getName());
}
Example 4
| Source File: RoleMappersTestCase.java From wildfly-core with GNU Lesser General Public License v2.1 | 6 votes |
|
@Test
public void testKeepNonMappedRoleMapper() throws Exception {
init("TestDomain3");
ServiceName serviceName = Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY.getCapabilityServiceName("TestDomain3");
Assert.assertNotNull(services.getContainer());
Assert.assertNotNull(services.getContainer().getService(serviceName));
SecurityDomain domain = (SecurityDomain) services.getContainer().getService(serviceName).getValue();
Assert.assertNotNull(domain);
ServerAuthenticationContext context = domain.createNewAuthenticationContext();
context.setAuthenticationName("user1");
Assert.assertTrue(context.exists());
Assert.assertTrue(context.authorize());
context.succeed();
SecurityIdentity identity = context.getAuthorizedIdentity();
Roles roles = identity.getRoles();
Assert.assertTrue(roles.contains("mappedGroup"));
Assert.assertFalse(roles.contains("firstGroup"));
Assert.assertTrue(roles.contains("secondGroup"));
Assert.assertFalse(roles.contains("notInThisGroup"));
Assert.assertEquals("user1", identity.getPrincipal().getName());
}
Example 5
| Source File: RoleMappersTestCase.java From wildfly-core with GNU Lesser General Public License v2.1 | 6 votes |
|
@Test
public void testKeepBothMappedRoleMapper() throws Exception {
init("TestDomain4");
ServiceName serviceName = Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY.getCapabilityServiceName("TestDomain4");
Assert.assertNotNull(services.getContainer());
Assert.assertNotNull(services.getContainer().getService(serviceName));
SecurityDomain domain = (SecurityDomain) services.getContainer().getService(serviceName).getValue();
Assert.assertNotNull(domain);
ServerAuthenticationContext context = domain.createNewAuthenticationContext();
context.setAuthenticationName("user1");
Assert.assertTrue(context.exists());
Assert.assertTrue(context.authorize());
context.succeed();
SecurityIdentity identity = context.getAuthorizedIdentity();
Roles roles = identity.getRoles();
Assert.assertTrue(roles.contains("mappedGroup"));
Assert.assertTrue(roles.contains("firstGroup"));
Assert.assertTrue(roles.contains("secondGroup"));
Assert.assertFalse(roles.contains("notInThisGroup"));
Assert.assertEquals("user1", identity.getPrincipal().getName());
}
Example 6
| Source File: RoleMappersTestCase.java From wildfly-core with GNU Lesser General Public License v2.1 | 6 votes |
|
@Test
public void testRegexRoleMapper() throws Exception {
init("TestDomain5");
ServiceName serviceName = Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY.getCapabilityServiceName("TestDomain5");
Assert.assertNotNull(services.getContainer());
Assert.assertNotNull(services.getContainer().getService(serviceName));
SecurityDomain domain = (SecurityDomain) services.getContainer().getService(serviceName).getValue();
Assert.assertNotNull(domain);
ServerAuthenticationContext context = domain.createNewAuthenticationContext();
context.setAuthenticationName("user2");
Assert.assertTrue(context.exists());
Assert.assertTrue(context.authorize());
context.succeed();
SecurityIdentity identity = context.getAuthorizedIdentity();
Roles roles = identity.getRoles();
Assert.assertTrue(roles.contains("application-user"));
Assert.assertFalse(roles.contains("123-user"));
Assert.assertFalse(roles.contains("joe"));
Assert.assertEquals("user2", identity.getPrincipal().getName());
}
Example 7
| Source File: RoleMappersTestCase.java From wildfly-core with GNU Lesser General Public License v2.1 | 6 votes |
|
@Test
public void testRegexRoleMapper2() throws Exception {
init("TestDomain6");
ServiceName serviceName = Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY.getCapabilityServiceName("TestDomain6");
Assert.assertNotNull(services.getContainer());
Assert.assertNotNull(services.getContainer().getService(serviceName));
SecurityDomain domain = (SecurityDomain) services.getContainer().getService(serviceName).getValue();
Assert.assertNotNull(domain);
ServerAuthenticationContext context = domain.createNewAuthenticationContext();
context.setAuthenticationName("user3");
Assert.assertTrue(context.exists());
Assert.assertTrue(context.authorize());
context.succeed();
SecurityIdentity identity = context.getAuthorizedIdentity();
Roles roles = identity.getRoles();
Assert.assertTrue(roles.contains("admin"));
Assert.assertTrue(roles.contains("user"));
Assert.assertFalse(roles.contains("joe"));
Assert.assertFalse(roles.contains("application-user"));
Assert.assertFalse(roles.contains("123-admin-123"));
Assert.assertFalse(roles.contains("aa-user-aa"));
Assert.assertEquals("user3", identity.getPrincipal().getName());
}
Example 8
| Source File: RoleMappersTestCase.java From wildfly-core with GNU Lesser General Public License v2.1 | 6 votes |
|
@Test
public void testRegexRoleMapper3() throws Exception {
init("TestDomain7");
ServiceName serviceName = Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY.getCapabilityServiceName("TestDomain7");
Assert.assertNotNull(services.getContainer());
Assert.assertNotNull(services.getContainer().getService(serviceName));
SecurityDomain domain = (SecurityDomain) services.getContainer().getService(serviceName).getValue();
Assert.assertNotNull(domain);
ServerAuthenticationContext context = domain.createNewAuthenticationContext();
context.setAuthenticationName("user3");
Assert.assertTrue(context.exists());
Assert.assertTrue(context.authorize());
context.succeed();
SecurityIdentity identity = context.getAuthorizedIdentity();
Roles roles = identity.getRoles();
Assert.assertTrue(roles.contains("admin"));
Assert.assertTrue(roles.contains("user"));
Assert.assertTrue(roles.contains("joe"));
Assert.assertFalse(roles.contains("application-user"));
Assert.assertFalse(roles.contains("123-admin-123"));
Assert.assertFalse(roles.contains("aa-user-aa"));
Assert.assertEquals("user3", identity.getPrincipal().getName());
}
Example 9
| Source File: DomainTestCase.java From wildfly-core with GNU Lesser General Public License v2.1 | 6 votes |
|
@Test
public void testDefaultRealmIdentity() throws Exception {
init();
ServiceName serviceName = Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY.getCapabilityServiceName("MyDomain");
SecurityDomain domain = (SecurityDomain) services.getContainer().getService(serviceName).getValue();
Assert.assertNotNull(domain);
ServerAuthenticationContext context = domain.createNewAuthenticationContext();
context.setAuthenticationName("firstUser"); // from FileRealm
Assert.assertTrue(context.exists());
context.authorize();
context.succeed();
SecurityIdentity identity = context.getAuthorizedIdentity();
Assert.assertEquals("John", identity.getAttributes().get("firstName").get(0));
Assert.assertEquals("Smith", identity.getAttributes().get("lastName").get(0));
Roles roles = identity.getRoles();
Assert.assertTrue(roles.contains("prefixEmployeesuffix"));
Assert.assertTrue(roles.contains("prefixManagersuffix"));
Assert.assertTrue(roles.contains("prefixAdminsuffix"));
Assert.assertEquals("firstUser", identity.getPrincipal().getName());
Assert.assertTrue(identity.implies(new FilePermission("test", "read")));
Assert.assertFalse(identity.implies(new FilePermission("test", "write")));
}
Example 10
| Source File: WildflyWebSecurityConfig.java From taskana with Apache License 2.0 | 5 votes |
|
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
List<GrantedAuthority> authorities = new ArrayList<>();
SecurityIdentity securityIdentity = getSecurityIdentity();
if (securityIdentity != null) {
Roles roles = securityIdentity.getRoles();
roles.forEach(role -> authorities.add(new SimpleGrantedAuthority(role)));
}
return authorities;
}
Example 11
| Source File: RoleMappersTestCase.java From wildfly-core with GNU Lesser General Public License v2.1 | 5 votes |
|
@Test
public void testAddRegexRoleMapperReplaceAll() throws Exception {
init("TestDomain8");
ServiceName serviceName = Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY.getCapabilityServiceName("TestDomain8");
Assert.assertNotNull(services.getContainer());
Assert.assertNotNull(services.getContainer().getService(serviceName));
SecurityDomain domain = (SecurityDomain) services.getContainer().getService(serviceName).getValue();
Assert.assertNotNull(domain);
ServerAuthenticationContext context = domain.createNewAuthenticationContext();
context.setAuthenticationName("user4");
Assert.assertTrue(context.exists());
Assert.assertTrue(context.authorize());
context.succeed();
SecurityIdentity identity = context.getAuthorizedIdentity();
Assert.assertEquals("user4", identity.getPrincipal().getName());
Roles roles = identity.getRoles();
Assert.assertFalse(roles.contains("app-user"));
Assert.assertFalse(roles.contains("app-user-first-time-user"));
Assert.assertFalse(roles.contains("app-admin-first-time-user"));
Assert.assertFalse(roles.contains("app-user-first-time-admin"));
Assert.assertFalse(roles.contains("joe"));
Assert.assertTrue(roles.contains("app-admin"));
Assert.assertTrue(roles.contains("app-admin-first-time-admin"));
context = domain.createNewAuthenticationContext();
context.setAuthenticationName("user7");
Assert.assertTrue(context.exists());
Assert.assertTrue(context.authorize());
context.succeed();
identity = context.getAuthorizedIdentity();
Assert.assertEquals("user7", identity.getPrincipal().getName());
roles = identity.getRoles();
Assert.assertTrue(roles.contains("admin"));
Assert.assertFalse(roles.contains("user"));
}
Example 12
| Source File: RoleMappersTestCase.java From wildfly-core with GNU Lesser General Public License v2.1 | 5 votes |
|
@Test
public void testAddRegexRoleMapperWithRegexBoundaries() throws Exception {
init("TestDomain9");
ServiceName serviceName = Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY.getCapabilityServiceName("TestDomain9");
Assert.assertNotNull(services.getContainer());
Assert.assertNotNull(services.getContainer().getService(serviceName));
SecurityDomain domain = (SecurityDomain) services.getContainer().getService(serviceName).getValue();
Assert.assertNotNull(domain);
ServerAuthenticationContext context = domain.createNewAuthenticationContext();
context.setAuthenticationName("user4");
Assert.assertTrue(context.exists());
Assert.assertTrue(context.authorize());
context.succeed();
SecurityIdentity identity = context.getAuthorizedIdentity();
Assert.assertEquals("user4", identity.getPrincipal().getName());
Roles roles = identity.getRoles();
Assert.assertFalse(roles.contains("app-user"));
Assert.assertFalse(roles.contains("app-user-first-time-user"));
Assert.assertFalse(roles.contains("app-admin-first-time-user"));
Assert.assertFalse(roles.contains("app-user-first-time-admin"));
Assert.assertFalse(roles.contains("joe"));
Assert.assertFalse(roles.contains("app-admin"));
Assert.assertFalse(roles.contains("app-admin-first-time-admin"));
context = domain.createNewAuthenticationContext();
context.setAuthenticationName("user7");
Assert.assertTrue(context.exists());
Assert.assertTrue(context.authorize());
context.succeed();
identity = context.getAuthorizedIdentity();
Assert.assertEquals("user7", identity.getPrincipal().getName());
roles = identity.getRoles();
Assert.assertTrue(roles.contains("admin"));
Assert.assertFalse(roles.contains("user"));
}
Example 13
| Source File: RoleMappersTestCase.java From wildfly-core with GNU Lesser General Public License v2.1 | 5 votes |
|
@Test
public void testAddRegexRoleMapperAggregate() throws Exception {
init("TestDomain10");
ServiceName serviceName = Capabilities.SECURITY_DOMAIN_RUNTIME_CAPABILITY.getCapabilityServiceName("TestDomain10");
Assert.assertNotNull(services.getContainer());
Assert.assertNotNull(services.getContainer().getService(serviceName));
SecurityDomain domain = (SecurityDomain) services.getContainer().getService(serviceName).getValue();
Assert.assertNotNull(domain);
ServerAuthenticationContext context = domain.createNewAuthenticationContext();
context.setAuthenticationName("user5");
Assert.assertTrue(context.exists());
Assert.assertTrue(context.authorize());
context.succeed();
SecurityIdentity identity = context.getAuthorizedIdentity();
Assert.assertEquals("user5", identity.getPrincipal().getName());
Roles roles = identity.getRoles();
Assert.assertTrue(roles.contains("admin"));
Assert.assertTrue(roles.contains("guest"));
Assert.assertFalse(roles.contains("1-user"));
Assert.assertFalse(roles.contains("user"));
context = domain.createNewAuthenticationContext();
context.setAuthenticationName("user6");
Assert.assertTrue(context.exists());
Assert.assertTrue(context.authorize());
context.succeed();
identity = context.getAuthorizedIdentity();
Assert.assertEquals("user6", identity.getPrincipal().getName());
roles = identity.getRoles();
Assert.assertFalse(roles.contains("admin"));
Assert.assertFalse(roles.contains("random"));
}
