Example 1 with RequiresAuthentication
use of org.apache.shiro.authz.annotation.RequiresAuthentication in project graylog2-server by Graylog2.
the class SessionsResource method terminateSession.
@DELETE
@ApiOperation(value = "Terminate an existing session", notes = "Destroys the session with the given ID: the equivalent of logging out.")
@Path("/{sessionId}")
@RequiresAuthentication
@AuditEvent(type = AuditEventTypes.SESSION_DELETE)
public void terminateSession(@ApiParam(name = "sessionId", required = true) @PathParam("sessionId") String sessionId) {
final Subject subject = getSubject();
securityManager.logout(subject);
}
Also used :
Subject(org.apache.shiro.subject.Subject)
Path(javax.ws.rs.Path)
DELETE(javax.ws.rs.DELETE)
RequiresAuthentication(org.apache.shiro.authz.annotation.RequiresAuthentication)
ApiOperation(io.swagger.annotations.ApiOperation)
NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent)
AuditEvent(org.graylog2.audit.jersey.AuditEvent)
Example 2 with RequiresAuthentication
use of org.apache.shiro.authz.annotation.RequiresAuthentication in project graylog2-server by Graylog2.
the class ClusterLoadBalancerStatusResource method override.
@PUT
@Timed
@RequiresAuthentication
@RequiresPermissions(RestPermissions.LBSTATUS_CHANGE)
@ApiOperation(value = "Override load balancer status of this graylog-server node. Next lifecycle " + "change will override it again to its default. Set to ALIVE, DEAD, or THROTTLED.")
@Path("/override/{status}")
@NoAuditEvent("this is a proxy resource, the audit event will be emitted on the target node")
public void override(@ApiParam(name = "nodeId", value = "The id of the node whose LB status will be changed", required = true) @PathParam("nodeId") String nodeId, @ApiParam(name = "status") @PathParam("status") String status) throws IOException, NodeNotFoundException {
final Node targetNode = nodeService.byNodeId(nodeId);
RemoteLoadBalancerStatusResource remoteLoadBalancerStatusResource = remoteInterfaceProvider.get(targetNode, this.authenticationToken, RemoteLoadBalancerStatusResource.class);
final Response response = remoteLoadBalancerStatusResource.override(status).execute();
if (!response.isSuccessful()) {
LOG.warn("Unable to override load balancer status on node {}: {}", nodeId, response.message());
throw new WebApplicationException(response.message(), BAD_GATEWAY);
}
}
Also used :
Response(retrofit2.Response)
WebApplicationException(javax.ws.rs.WebApplicationException)
RemoteLoadBalancerStatusResource(org.graylog2.shared.rest.resources.system.RemoteLoadBalancerStatusResource)
Node(org.graylog2.cluster.Node)
Path(javax.ws.rs.Path)
RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions)
RequiresAuthentication(org.apache.shiro.authz.annotation.RequiresAuthentication)
Timed(com.codahale.metrics.annotation.Timed)
ApiOperation(io.swagger.annotations.ApiOperation)
PUT(javax.ws.rs.PUT)
NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent)
Aggregations
ApiOperation (io.swagger.annotations.ApiOperation)2
Path (javax.ws.rs.Path)2
RequiresAuthentication (org.apache.shiro.authz.annotation.RequiresAuthentication)2
NoAuditEvent (org.graylog2.audit.jersey.NoAuditEvent)2
Timed (com.codahale.metrics.annotation.Timed)1
DELETE (javax.ws.rs.DELETE)1
PUT (javax.ws.rs.PUT)1
WebApplicationException (javax.ws.rs.WebApplicationException)1
RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)1
Subject (org.apache.shiro.subject.Subject)1
AuditEvent (org.graylog2.audit.jersey.AuditEvent)1
Node (org.graylog2.cluster.Node)1
RemoteLoadBalancerStatusResource (org.graylog2.shared.rest.resources.system.RemoteLoadBalancerStatusResource)1
Response (retrofit2.Response)1
