Java Code Examples for javax.security.auth.Subject#setReadOnly()
The following examples show how to use
javax.security.auth.Subject#setReadOnly() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SubjectCreator.java From qpid-broker-j with Apache License 2.0 | 6 votes |
public SubjectAuthenticationResult createResultWithGroups(final AuthenticationResult authenticationResult) { if(authenticationResult.getStatus() == AuthenticationStatus.SUCCESS) { final Subject authenticationSubject = new Subject(); authenticationSubject.getPrincipals().addAll(authenticationResult.getPrincipals()); final Set<Principal> groupPrincipals = getGroupPrincipals(authenticationResult.getMainPrincipal()); authenticationSubject.getPrincipals().addAll(groupPrincipals); authenticationSubject.setReadOnly(); return new SubjectAuthenticationResult(authenticationResult, authenticationSubject); } else { return new SubjectAuthenticationResult(authenticationResult); } }
Example 2
Source File: CacheFactoryTest.java From qpid-broker-j with Apache License 2.0 | 6 votes |
@Test public void getCache() { String cacheName = "test"; final Cache<Object, Object> cache = new NullCache<>(); final CacheProvider virtualHost = mock(CacheProvider.class, withSettings().extraInterfaces(VirtualHost.class)); when(virtualHost.getNamedCache(cacheName)).thenReturn(cache); final Subject subject = new Subject(); subject.getPrincipals().add(new VirtualHostPrincipal((VirtualHost<?>) virtualHost)); subject.setReadOnly(); Cache<String, String> actualCache = Subject.doAs(subject, (PrivilegedAction<Cache<String, String>>) () -> CacheFactory.getCache(cacheName, null)); assertSame(actualCache, cache); verify(virtualHost).getNamedCache(cacheName); }
Example 3
Source File: UsernameFunctionProcessorTest.java From knox with Apache License 2.0 | 6 votes |
@Test public void testResolve() throws Exception { final UsernameFunctionProcessor processor = new UsernameFunctionProcessor(); assertThat( processor.resolve( null, null ), nullValue() ); assertThat( processor.resolve( null, Collections.singletonList("test-input")), contains( "test-input" ) ); Subject subject = new Subject(); subject.getPrincipals().add( new PrimaryPrincipal( "test-username" ) ); subject.setReadOnly(); Subject.doAs( subject, new PrivilegedExceptionAction<Object>() { @Override public Object run() throws Exception { assertThat( processor.resolve( null, null ), contains( "test-username" ) ); assertThat( processor.resolve( null, Collections.singletonList("test-ignored")), contains( "test-username" ) ); return null; } } ); }
Example 4
Source File: SimpleUsernameTokenInterceptor.java From cxf with Apache License 2.0 | 6 votes |
protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException { Subject subject = new Subject(); // delegate to the external security system if possible // authenticate the user somehow subject.getPrincipals().add(new SimplePrincipal(name)); // add roles this user is in String roleName = "Alice".equals(name) ? "developers" : "pms"; subject.getPrincipals().add(new SimpleGroup(roleName, name)); subject.setReadOnly(); return subject; }
Example 5
Source File: SimpleSubjectCreatingInterceptor.java From steady with Apache License 2.0 | 5 votes |
@Override protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException { Subject subject = new Subject(); // delegate to the external security system if possible subject.getPrincipals().add(new SimplePrincipal(name)); subject.getPrincipals().add(new SimpleGroup("developers", name)); subject.setReadOnly(); return subject; }
Example 6
Source File: SimpleSubjectCreatingInterceptor.java From steady with Apache License 2.0 | 5 votes |
@Override protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException { Subject subject = new Subject(); // delegate to the external security system if possible subject.getPrincipals().add(new SimplePrincipal(name)); subject.getPrincipals().add(new SimpleGroup("developers", name)); subject.setReadOnly(); return subject; }
Example 7
Source File: SimpleSubjectCreatingInterceptor.java From steady with Apache License 2.0 | 5 votes |
@Override protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException { Subject subject = new Subject(); // delegate to the external security system if possible subject.getPrincipals().add(new SimplePrincipal(name)); subject.getPrincipals().add(new SimpleGroup("developers", name)); subject.setReadOnly(); return subject; }
Example 8
Source File: SimpleSubjectCreatingInterceptor.java From steady with Apache License 2.0 | 5 votes |
@Override protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException { Subject subject = new Subject(); // delegate to the external security system if possible subject.getPrincipals().add(new SimplePrincipal(name)); subject.getPrincipals().add(new SimpleGroup("developers", name)); subject.setReadOnly(); return subject; }
Example 9
Source File: HttpManagementUtil.java From qpid-broker-j with Apache License 2.0 | 5 votes |
public static Subject createServletConnectionSubject(final HttpServletRequest request, Subject original) { Subject subject = new Subject(false, original.getPrincipals(), original.getPublicCredentials(), original.getPrivateCredentials()); subject.getPrincipals().add(new ServletConnectionPrincipal(request)); subject.setReadOnly(); return subject; }
Example 10
Source File: SubjectCreator.java From qpid-broker-j with Apache License 2.0 | 5 votes |
public Subject createSubjectWithGroups(Principal userPrincipal) { Subject authenticationSubject = new Subject(); authenticationSubject.getPrincipals().add(userPrincipal); authenticationSubject.getPrincipals().addAll(getGroupPrincipals(userPrincipal)); authenticationSubject.setReadOnly(); return authenticationSubject; }
Example 11
Source File: MongoLoginService.java From EDDI with Apache License 2.0 | 5 votes |
private UserIdentity createUserIdentity(String username, Credential credential) { Principal userPrincipal = new AbstractLoginService.UserPrincipal(username, credential); Subject subject = new Subject(); subject.getPrincipals().add(userPrincipal); subject.getPrivateCredentials().add(credential); subject.setReadOnly(); return identityService.newUserIdentity(subject, userPrincipal, new String[]{"user"}); }
Example 12
Source File: CustomUsernameTokenInterceptor.java From cxf with Apache License 2.0 | 5 votes |
protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException { Subject subject = new Subject(); // delegate to the external security system if possible // authenticate the user somehow subject.getPrincipals().add(new SimplePrincipal(name)); // add roles this user is in String roleName = "Alice".equals(name) ? "developers" : "pms"; try { String expectedPassword = "Alice".equals(name) ? "ecilA" : UsernameTokenUtil.doPasswordDigest(XMLUtils.decode(nonce), created, "invalid-password"); if (!password.equals(expectedPassword)) { throw new SecurityException("Wrong Password"); } } catch (org.apache.wss4j.common.ext.WSSecurityException ex) { throw new SecurityException("Wrong Password"); } subject.getPrincipals().add(new SimpleGroup(roleName, name)); subject.setReadOnly(); return subject; }
Example 13
Source File: SimpleSubjectCreatingInterceptor.java From cxf with Apache License 2.0 | 5 votes |
@Override protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException { Subject subject = new Subject(); // delegate to the external security system if possible String roleName = "Alice".equals(name) ? "developers" : "pms"; subject.getPrincipals().add(new SimplePrincipal(name)); subject.getPrincipals().add(new SimpleGroup(roleName, name)); subject.setReadOnly(); return subject; }
Example 14
Source File: SimpleSubjectCreatingInterceptor.java From cxf with Apache License 2.0 | 5 votes |
@Override protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException { Subject subject = new Subject(); // delegate to the external security system if possible subject.getPrincipals().add(new SimplePrincipal(name)); subject.getPrincipals().add(new SimpleGroup("developers", name)); subject.setReadOnly(); return subject; }
Example 15
Source File: BrokerImplTest.java From qpid-broker-j with Apache License 2.0 | 4 votes |
@Test public void testPurgeUser() throws Exception { final String testUsername = "testUser"; final String testPassword = "testPassword"; // setup broker Map<String, Object> brokerAttributes = new HashMap<>(); brokerAttributes.put("name", "Broker"); brokerAttributes.put(Broker.MODEL_VERSION, BrokerModel.MODEL_VERSION); brokerAttributes.put(Broker.DURABLE, true); _brokerImpl = new BrokerImpl(brokerAttributes, _systemConfig); _brokerImpl.open(); // setup auth provider with testuser final Map<String, Object> authProviderAttributes = new HashMap<>(); authProviderAttributes.put(ConfiguredObject.NAME, "testAuthProvider"); authProviderAttributes.put(ConfiguredObject.TYPE, "Simple"); SimpleAuthenticationManager authenticationProvider = new SimpleAuthenticationManager(authProviderAttributes, _brokerImpl); authenticationProvider.create(); authenticationProvider.addUser(testUsername, testPassword); // setup preference owned by testuser final Map<String, Object> preferenceAttributes = new HashMap<>(); UUID preferenceId = UUID.randomUUID(); preferenceAttributes.put(Preference.ID_ATTRIBUTE, preferenceId); preferenceAttributes.put(Preference.NAME_ATTRIBUTE, "testPref"); preferenceAttributes.put(Preference.TYPE_ATTRIBUTE, "X-testPrefType"); preferenceAttributes.put(Preference.VALUE_ATTRIBUTE, Collections.EMPTY_MAP); Subject testUserSubject = new Subject(); testUserSubject.getPrincipals() .add(new AuthenticatedPrincipal(new UsernamePrincipal(testUsername, authenticationProvider))); testUserSubject.setReadOnly(); final Collection<Preference> preferences = Collections.singleton(PreferenceFactory.fromAttributes(_brokerImpl, preferenceAttributes)); Subject.doAs(testUserSubject, new PrivilegedAction<Void>() { @Override public Void run() { try { _brokerImpl.getUserPreferences().updateOrAppend(preferences).get(10, TimeUnit.SECONDS); } catch (InterruptedException | ExecutionException | TimeoutException e) { e.printStackTrace(); fail("Failed to put preference:"); } return null; } }); // test pre-conditions Collection<Preference> preferencesBeforePurge = getPreferencesAs(testUserSubject); assertEquals("Unexpected number of preferences before userPurge", (long) 1, (long) preferencesBeforePurge.size()); assertEquals("Unexpected preference before userPurge", preferenceId, preferencesBeforePurge.iterator().next().getId()); assertTrue("User was not valid before userPurge", authenticationProvider.getUsers().containsKey(testUsername)); _brokerImpl.purgeUser(authenticationProvider, testUsername); // test post-conditions Collection<Preference> preferencesAfterPurge = getPreferencesAs(testUserSubject); assertEquals("Preferences were not deleted during userPurge", Collections.EMPTY_SET, preferencesAfterPurge); assertEquals("User was not deleted from authentication Provider", Collections.EMPTY_MAP, authenticationProvider.getUsers()); verify(_preferenceStore).replace(Collections.singleton(preferenceId), Collections.EMPTY_SET); }