Search in sources :

Example 16 with SecurityContext

use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.

the class CubaRemoteInvocationExecutor method invoke.

@Override
public Object invoke(RemoteInvocation invocation, Object targetObject) throws NoSuchMethodException, IllegalAccessException, InvocationTargetException {
    if (invocation instanceof CubaRemoteInvocation) {
        CubaRemoteInvocation cubaInvocation = (CubaRemoteInvocation) invocation;
        UUID sessionId = cubaInvocation.getSessionId();
        if (sessionId != null) {
            UserSession session = userSessions.getAndRefresh(sessionId);
            if (session == null) {
                ServerConfig serverConfig = configuration.getConfig(ServerConfig.class);
                String sessionProviderUrl = serverConfig.getUserSessionProviderUrl();
                if (StringUtils.isNotBlank(sessionProviderUrl)) {
                    log.debug("User session {} not found, trying to get it from {}", sessionId, sessionProviderUrl);
                    try {
                        HttpServiceProxy proxyFactory = new HttpServiceProxy(getServerSelector(sessionProviderUrl));
                        proxyFactory.setServiceUrl("cuba_TrustedClientService");
                        proxyFactory.setServiceInterface(TrustedClientService.class);
                        proxyFactory.afterPropertiesSet();
                        TrustedClientService trustedClientService = (TrustedClientService) proxyFactory.getObject();
                        if (trustedClientService != null) {
                            UserSession userSession = trustedClientService.findSession(serverConfig.getTrustedClientPassword(), sessionId);
                            if (userSession != null) {
                                userSessions.add(userSession);
                            } else {
                                log.debug("User session {} not found on {}", sessionId, sessionProviderUrl);
                            }
                        }
                    } catch (Exception e) {
                        log.error("Error getting user session from {}", sessionProviderUrl, e);
                    }
                }
            }
            AppContext.setSecurityContext(new SecurityContext(sessionId));
        }
        if (cubaInvocation.getLocale() != null) {
            Locale requestLocale = Locale.forLanguageTag(cubaInvocation.getLocale());
            if (!globalConfig.getAvailableLocales().containsValue(requestLocale)) {
                requestLocale = null;
            }
            UserInvocationContext.setRequestScopeInfo(sessionId, requestLocale, cubaInvocation.getTimeZone(), cubaInvocation.getAddress(), cubaInvocation.getClientInfo());
        }
    }
    Object result;
    try {
        result = invocation.invoke(targetObject);
    } finally {
        AppContext.setSecurityContext(null);
        UserInvocationContext.clearRequestScopeInfo();
    }
    return result;
}
Also used : Locale(java.util.Locale) ServerConfig(com.haulmont.cuba.core.app.ServerConfig) TrustedClientService(com.haulmont.cuba.security.app.TrustedClientService) UserSession(com.haulmont.cuba.security.global.UserSession) SecurityContext(com.haulmont.cuba.core.sys.SecurityContext) UUID(java.util.UUID) InvocationTargetException(java.lang.reflect.InvocationTargetException)

Example 17 with SecurityContext

use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.

the class Authentication method withSystemUser.

/**
 * Execute code on behalf of the user with login set in {@code cuba.jmxUserLogin} app property.
 *
 * @param operation code to execute
 * @return result of the execution
 */
public <T> T withSystemUser(AuthenticatedOperation<T> operation) {
    SecurityContext previousSecurityContext = getSecurityContext();
    setSecurityContext(null);
    try {
        begin(null);
        return operation.call();
    } finally {
        setSecurityContext(previousSecurityContext);
    }
}
Also used : SecurityContext(com.haulmont.cuba.core.sys.SecurityContext) AppContext.getSecurityContext(com.haulmont.cuba.core.sys.AppContext.getSecurityContext) AppContext.setSecurityContext(com.haulmont.cuba.core.sys.AppContext.setSecurityContext)

Example 18 with SecurityContext

use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.

the class AuthenticationManagerBean method authenticate.

@Override
@Nonnull
public AuthenticationDetails authenticate(Credentials credentials) throws LoginException {
    checkNotNullArgument(credentials, "credentials should not be null");
    SecurityContext previousSecurityContext = AppContext.getSecurityContext();
    AppContext.setSecurityContext(new SecurityContext(serverSession));
    try (Transaction tx = persistence.createTransaction()) {
        AuthenticationDetails authenticationDetails = authenticateInternal(credentials);
        tx.commit();
        userSessionManager.clearPermissionsOnUser(authenticationDetails.getSession());
        return authenticationDetails;
    } finally {
        AppContext.setSecurityContext(previousSecurityContext);
    }
}
Also used : Transaction(com.haulmont.cuba.core.Transaction) SecurityContext(com.haulmont.cuba.core.sys.SecurityContext) AppContext.withSecurityContext(com.haulmont.cuba.core.sys.AppContext.withSecurityContext) Nonnull(javax.annotation.Nonnull)

Example 19 with SecurityContext

use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.

the class AuthenticationManagerBean method substituteUser.

@Nonnull
@Override
public UserSession substituteUser(User substitutedUser) {
    UserSession currentSession = userSessionSource.getUserSession();
    try (Transaction tx = persistence.createTransaction()) {
        EntityManager em = persistence.getEntityManager();
        User user;
        if (currentSession.getUser().equals(substitutedUser)) {
            user = em.find(User.class, substitutedUser.getId());
            if (user == null) {
                throw new NoResultException("User not found");
            }
        } else {
            user = loadSubstitutedUser(substitutedUser, currentSession, em);
        }
        UserSession session = userSessionManager.createSession(currentSession, user);
        withSecurityContext(new SecurityContext(serverSession), () -> publishUserSubstitutedEvent(currentSession, session));
        tx.commit();
        userSessions.remove(currentSession);
        userSessionManager.clearPermissionsOnUser(session);
        userSessions.add(session);
        return session;
    }
}
Also used : EntityManager(com.haulmont.cuba.core.EntityManager) User(com.haulmont.cuba.security.entity.User) Transaction(com.haulmont.cuba.core.Transaction) SecurityContext(com.haulmont.cuba.core.sys.SecurityContext) AppContext.withSecurityContext(com.haulmont.cuba.core.sys.AppContext.withSecurityContext) NoResultException(javax.persistence.NoResultException) Nonnull(javax.annotation.Nonnull)

Example 20 with SecurityContext

use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.

the class FileDownloadController method download.

@RequestMapping(value = "/download", method = RequestMethod.GET)
public void download(HttpServletRequest request, HttpServletResponse response) throws IOException {
    UserSession userSession = getSession(request, response);
    if (userSession == null)
        return;
    AppContext.setSecurityContext(new SecurityContext(userSession));
    try {
        File file = null;
        FileDescriptor fd = null;
        if (request.getParameter("p") != null)
            file = getFile(request, response);
        else
            fd = getFileDescriptor(request, response);
        if (fd == null && file == null)
            return;
        response.setHeader("Cache-Control", "no-cache");
        response.setHeader("Pragma", "no-cache");
        response.setIntHeader("Expires", -1);
        response.setHeader("Content-Type", FileTypesHelper.DEFAULT_MIME_TYPE);
        InputStream is = null;
        ServletOutputStream os = null;
        try {
            is = fd != null ? fileStorage.openStream(fd) : FileUtils.openInputStream(file);
            os = response.getOutputStream();
            IOUtils.copy(is, os);
            os.flush();
        } catch (FileStorageException e) {
            log.error("Unable to download file", e);
            response.sendError(e.getType().getHttpStatus());
        } catch (Exception ex) {
            log.error("Unable to download file", ex);
            response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
        } finally {
            IOUtils.closeQuietly(is);
            IOUtils.closeQuietly(os);
        }
    } finally {
        AppContext.setSecurityContext(null);
    }
}
Also used : ServletOutputStream(javax.servlet.ServletOutputStream) InputStream(java.io.InputStream) UserSession(com.haulmont.cuba.security.global.UserSession) SecurityContext(com.haulmont.cuba.core.sys.SecurityContext) FileStorageException(com.haulmont.cuba.core.global.FileStorageException) File(java.io.File) FileDescriptor(com.haulmont.cuba.core.entity.FileDescriptor) FileStorageException(com.haulmont.cuba.core.global.FileStorageException) IOException(java.io.IOException) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

SecurityContext (com.haulmont.cuba.core.sys.SecurityContext)43 UserSession (com.haulmont.cuba.security.global.UserSession)29 LoginException (com.haulmont.cuba.security.global.LoginException)13 UUID (java.util.UUID)10 NoUserSessionException (com.haulmont.cuba.security.global.NoUserSessionException)8 IOException (java.io.IOException)8 FileStorageException (com.haulmont.cuba.core.global.FileStorageException)6 AppContext.withSecurityContext (com.haulmont.cuba.core.sys.AppContext.withSecurityContext)6 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)6 FileDescriptor (com.haulmont.cuba.core.entity.FileDescriptor)5 Locale (java.util.Locale)5 Transaction (com.haulmont.cuba.core.Transaction)3 AppContext.getSecurityContext (com.haulmont.cuba.core.sys.AppContext.getSecurityContext)3 AppContext.setSecurityContext (com.haulmont.cuba.core.sys.AppContext.setSecurityContext)3 TrustedClientCredentials (com.haulmont.cuba.security.auth.TrustedClientCredentials)3 InvocationTargetException (java.lang.reflect.InvocationTargetException)3 Nonnull (javax.annotation.Nonnull)3 LogFileNotFoundException (com.haulmont.cuba.core.sys.logging.LogFileNotFoundException)2 LoginPasswordCredentials (com.haulmont.cuba.security.auth.LoginPasswordCredentials)2 SystemUserCredentials (com.haulmont.cuba.security.auth.SystemUserCredentials)2