Examples with SecurityContext com.haulmont.cuba.core.sys.SecurityContext used on opensource projects

Example 11 with SecurityContext

use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.

the class FreeMarkerView method buildTemplateModel.

@Override
protected SimpleHash buildTemplateModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) {
    PortalConfig config = AppBeans.get(Configuration.class).getConfig(PortalConfig.class);
    SimpleHash context = super.buildTemplateModel(model, request, response);
    SecurityContext securityContext = AppContext.getSecurityContext();
    if (securityContext != null)
        context.put("userSession", securityContext.getSession());
    context.put("messages", messages);
    context.put("message", new MessageMethod());
    context.put("theme", config.getTheme());
    return context;
}

Example 12 with SecurityContext

use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.

the class DynamicAttributesCacheStrategy method init.

@Override
public void init() {
    clientCacheManager.getExecutorService().scheduleWithFixedDelay(() -> {
        if (needToValidateCache) {
            UserSession userSession = cacheUserSessionProvider.getUserSession();
            if (userSession == null) {
                // cache user session unavailable
                return;
            }
            try {
                AppContext.setSecurityContext(new SecurityContext(userSession));
                loadObject();
            } catch (NoUserSessionException e) {
                log.warn("Cache user session expired", e);
            } catch (Exception e) {
                log.error("Unable to update dynamic attributes cache", e);
            }
        }
    }, 0, 10, TimeUnit.SECONDS);
}

Example 13 with SecurityContext

use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.

the class ConfigStorageCommon method getConfigValue.

/**
 * Method returns a result of config method invocation
 * @param classFQN fully qualified configuration interface name
 * @param methodName config getter method name
 * @param userLogin parameter is used for authentication if there is no security context bound to the current thread
 *                  and configuration method source is DATABASE
 * @param userPassword see userLogin parameter description
 * @return configuration method invocation result
 */
public String getConfigValue(String classFQN, String methodName, String userLogin, String userPassword) {
    Class<?> aClass;
    try {
        aClass = Class.forName(classFQN);
    } catch (ClassNotFoundException e) {
        return String.format("Class %s not found.\nPlease ensure that you entered a fully qualified class name and " + "that you class is in a proper application module (core, web or portal).", classFQN);
    }
    if (Config.class.isAssignableFrom(aClass)) {
        Config config = configuration.getConfig((Class<? extends Config>) aClass);
        Method method;
        boolean logoutRequired = false;
        try {
            method = aClass.getMethod(methodName);
            // DATABASE, then login attempt with 'userLogin' and 'userPassword' will be made
            if (AppContext.getSecurityContext() == null) {
                SourceType sourceType;
                Source methodSourceAnnotation = method.getAnnotation(Source.class);
                if (methodSourceAnnotation != null) {
                    sourceType = methodSourceAnnotation.type();
                } else {
                    Source classSourceAnnotation = aClass.getAnnotation(Source.class);
                    sourceType = classSourceAnnotation.type();
                }
                if (sourceType != null && sourceType == SourceType.DATABASE) {
                    if (Strings.isNullOrEmpty(userLogin)) {
                        return "No security context bound to the current thread. Please specify the user name.";
                    } else {
                        try {
                            Map<String, Locale> availableLocales = configuration.getConfig(GlobalConfig.class).getAvailableLocales();
                            Locale defaultLocale = availableLocales.values().iterator().next();
                            TrustedClientCredentials credentials = new TrustedClientCredentials(userLogin, userPassword, defaultLocale);
                            UserSession session = authenticationService.login(credentials).getSession();
                            AppContext.setSecurityContext(new SecurityContext(session));
                            logoutRequired = true;
                        } catch (LoginException e) {
                            log.error(ExceptionUtils.getStackTrace(e));
                            return "Login error: " + e.getMessage();
                        }
                    }
                }
            }
            Object result = method.invoke(config);
            return result == null ? null : result.toString();
        } catch (NoSuchMethodException e) {
            return String.format("Method %s() not found in class %s", methodName, classFQN);
        } catch (InvocationTargetException | IllegalAccessException e) {
            return ExceptionUtils.getStackTrace(e);
        } finally {
            if (logoutRequired) {
                try {
                    authenticationService.logout();
                } finally {
                    AppContext.setSecurityContext(null);
                }
            }
        }
    } else {
        return String.format("Class %s is not an implementation of Config interface", classFQN);
    }
}

Example 14 with SecurityContext

use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.

the class CubaRemoteInvocationFactory method createRemoteInvocation.

@Override
public RemoteInvocation createRemoteInvocation(MethodInvocation methodInvocation) {
    SecurityContext securityContext = AppContext.getSecurityContext();
    CubaRemoteInvocation remoteInvocation = new CubaRemoteInvocation(methodInvocation, securityContext == null ? null : securityContext.getSessionId());
    if (securityContext != null) {
        UserSession session = securityContext.getSession();
        if (session instanceof ClientBasedSession && ((ClientBasedSession) session).hasRequestScopedInfo()) {
            remoteInvocation.setLocale(session.getLocale() != null ? session.getLocale().toLanguageTag() : null);
            remoteInvocation.setTimeZone(session.getTimeZone());
            remoteInvocation.setAddress(session.getAddress());
            remoteInvocation.setClientInfo(session.getClientInfo());
        }
    }
    return remoteInvocation;
}

Example 15 with SecurityContext

use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.

the class StickySessionServerSelector method getSessionUrlsHolder.

@Nullable
protected SessionUrlsHolder getSessionUrlsHolder() {
    SecurityContext securityContext = AppContext.getSecurityContext();
    if (securityContext == null)
        return null;
    UserSession session = securityContext.getSession();
    if (session == null || session instanceof ClientBasedSession && ((ClientBasedSession) session).hasRequestScopedInfo())
        return anonymousSessionUrlsHolder;
    return new UserSessionUrlsHolder(session);
}