use of com.sun.enterprise.security.SecurityContext in project Payara by payara.
the class BaseContainerCallbackHandler method processCallerPrincipal.
private void processCallerPrincipal(CallerPrincipalCallback cpCallback) {
final Subject fs = cpCallback.getSubject();
Principal principal = cpCallback.getPrincipal();
// PAYARA-755 If the SAM has set a custom principal then we check that the original WebPrincipal has the same custom principal within it
if (principal != null && !(principal instanceof WebPrincipal)) {
Principal additional = SecurityContext.getCurrent().getAdditionalPrincipal();
if ((additional != null) && (additional instanceof WebPrincipal) && ((WebPrincipal) additional).getCustomPrincipal() == principal) {
principal = additional;
}
}
if (principal instanceof WebPrincipal) {
WebPrincipal wp = (WebPrincipal) principal;
/**
* Check if the WebPrincipal satisfies the criteria for reuse. If
* it does, the CBH will have already copied its contents into the
* Subject, and established the caller principal.
*/
if (reuseWebPrincipal(fs, wp)) {
return;
}
/**
* Otherwise the webPrincipal must be distinguished as the
* callerPrincipal, but the contents of its internal SecurityContext
* will not be copied.
* For the special case where the WebPrincipal represents
* the defaultCallerPrincipal, the argument principal is set to
* null to cause the handler to assign its representation of the
* unauthenticated caller in the Subject.
*/
Principal dp = SecurityContext.getDefaultCallerPrincipal();
SecurityContext sc = wp.getSecurityContext();
Principal cp = sc != null ? sc.getCallerPrincipal() : null;
if (wp.getName() == null || wp.equals(dp) || cp == null || cp.equals(dp)) {
principal = null;
}
}
String realmName = null;
if (handlerContext != null) {
realmName = handlerContext.getRealmName();
}
boolean isCertRealm = CertificateRealm.AUTH_TYPE.equals(realmName);
if (principal == null) {
if (cpCallback.getName() != null) {
if (isCertRealm) {
principal = new X500Principal(cpCallback.getName());
} else {
principal = new PrincipalImpl(cpCallback.getName());
}
} else {
// 196 unauthenticated caller principal
principal = SecurityContext.getDefaultCallerPrincipal();
}
}
if (isCertRealm) {
if (principal instanceof X500Principal) {
LoginContextDriver.jmacLogin(fs, (X500Principal) principal);
}
} else {
if (!principal.equals(SecurityContext.getDefaultCallerPrincipal())) {
LoginContextDriver.jmacLogin(fs, principal.getName(), realmName);
}
}
final Principal fprin = principal;
final DistinguishedPrincipalCredential fdpc = new DistinguishedPrincipalCredential(principal);
AppservAccessController.doPrivileged(new PrivilegedAction() {
public java.lang.Object run() {
fs.getPrincipals().add(fprin);
Iterator iter = fs.getPublicCredentials().iterator();
while (iter.hasNext()) {
Object obj = iter.next();
if (obj instanceof DistinguishedPrincipalCredential) {
iter.remove();
}
}
fs.getPublicCredentials().add(fdpc);
return fs;
}
});
}
use of com.sun.enterprise.security.SecurityContext in project Payara by payara.
the class BaseContainerCallbackHandler method reuseWebPrincipal.
/**
* This method will distinguish the initiator principal (of the
* SecurityContext obtained from the WebPrincipal) as the caller principal,
* and copy all the other principals into the subject....
*
* It is assumed that the input WebPrincipal is coming from a SAM, and
* that it was created either by the SAM (as described below) or by
* calls to the LoginContextDriver made by an Authenticator.
*
* A WebPrincipal constructed by the RealmAdapter will include a DPC;
* other constructions may not; this method interprets the absence of a
* DPC as evidence that the resulting WebPrincipal was not constructed
* by the RealmAdapter as described below. Note that presence of a DPC
* does not necessarily mean that the resulting WebPrincipal was
* constructed by the RealmAdapter... since some authenticators also
* add the credential).
*
* A. handling of CPCB by CBH:
*
* 1. handling of CPC by CBH modifies subject
* a. constructs principalImpl if called by name
* b. uses LoginContextDriver to add group principals for name
* c. puts principal in principal set, and DPC in public credentials
*
* B. construction of WebPrincipal by RealmAdapter (occurs after SAM
* uses CBH to set other than an unauthenticated result in the subject:
*
* a. SecurityContext construction done with subject (returned by SAM).
* Construction sets initiator/caller principal within SC from
* DPC set by CBH in public credentials of subject
*
* b WebPrincipal is constructed with initiator principal and SecurityContext
*
* @param fs receiving Subject
* @param wp WebPrincipal
*
* @return true when Security Context has been obtained from webPrincipal,
* and CB is finished. returns false when more CB processing is required.
*/
private boolean reuseWebPrincipal(final Subject fs, final WebPrincipal wp) {
SecurityContext sc = wp.getSecurityContext();
final Subject wps = sc != null ? sc.getSubject() : null;
final Principal callerPrincipal = sc != null ? sc.getCallerPrincipal() : null;
final Principal defaultPrincipal = SecurityContext.getDefaultCallerPrincipal();
return ((Boolean) AppservAccessController.doPrivileged(new PrivilegedAction() {
/**
* this method uses 4 (numbered) criteria to determine if the
* argument WebPrincipal can be reused
*/
public Boolean run() {
/*
* 1. WebPrincipal must contain a SecurityContext and SC must
* have a non-null, non-default callerPrincipal and a Subject
*/
if (callerPrincipal == null || callerPrincipal.equals(defaultPrincipal) || wps == null) {
return Boolean.FALSE;
}
boolean hasObject = false;
Set<DistinguishedPrincipalCredential> distinguishedCreds = wps.getPublicCredentials(DistinguishedPrincipalCredential.class);
if (distinguishedCreds.size() == 1) {
for (DistinguishedPrincipalCredential cred : distinguishedCreds) {
if (cred.getPrincipal().equals(callerPrincipal)) {
hasObject = true;
}
}
}
/**
* 2. Subject within SecurityContext must contain a single
* DPC that identifies the Caller Principal
*/
if (!hasObject) {
return Boolean.FALSE;
}
hasObject = wps.getPrincipals().contains(callerPrincipal);
/**
* 3. Subject within SecurityContext must contain the caller
* principal
*/
if (!hasObject) {
return Boolean.FALSE;
}
/**
* 4. The webPrincipal must have a non null name that equals
* the name of the callerPrincipal.
*/
if (wp.getName() == null || !wp.getName().equals(callerPrincipal.getName())) {
return Boolean.FALSE;
}
/*
* remove any existing DistinguishedPrincipalCredentials from
* receiving Subject
*
*/
Iterator iter = fs.getPublicCredentials().iterator();
while (iter.hasNext()) {
Object obj = iter.next();
if (obj instanceof DistinguishedPrincipalCredential) {
iter.remove();
}
}
for (Principal p : wps.getPrincipals()) {
fs.getPrincipals().add(p);
}
/**
* Copy public credentials from Subject within SecurityContext
* to receiving Subject
*/
for (Object publicCred : wps.getPublicCredentials()) {
fs.getPublicCredentials().add(publicCred);
}
/**
* Copy private credentials from Subject within SecurityContext
* to receiving Subject
*/
for (Object privateCred : wps.getPrivateCredentials()) {
fs.getPrivateCredentials().add(privateCred);
}
return Boolean.TRUE;
}
})).booleanValue();
}
use of com.sun.enterprise.security.SecurityContext in project Payara by payara.
the class PipeHelper method authorize.
public void authorize(Packet request) throws Exception {
// SecurityContext constructor should set initiator to
// unathenticated if Subject is null or empty
Subject s = (Subject) request.invocationProperties.get(PipeConstants.CLIENT_SUBJECT);
if (s == null || (s.getPrincipals().isEmpty() && s.getPublicCredentials().isEmpty())) {
SecurityContext.setUnauthenticatedContext();
} else {
SecurityContext sC = new SecurityContext(s);
SecurityContext.setCurrent(sC);
}
if (isEjbEndpoint) {
if (invManager == null) {
throw new RuntimeException(localStrings.getLocalString("enterprise.webservice.noEjbInvocationManager", "Cannot validate request : invocation manager null for EJB WebService"));
}
ComponentInvocation inv = (ComponentInvocation) invManager.getCurrentInvocation();
// consumed
if (ejbDelegate != null) {
ejbDelegate.setSOAPMessage(request.getMessage(), inv);
}
Exception ie;
Method m = null;
if (seiModel != null) {
JavaMethod jm = request.getMessage().getMethod(seiModel);
m = (jm != null) ? jm.getMethod() : null;
} else {
// WebServiceProvider
WebServiceEndpoint endpoint = (WebServiceEndpoint) map.get(PipeConstants.SERVICE_ENDPOINT);
EjbDescriptor ejbDescriptor = endpoint.getEjbComponentImpl();
if (ejbDescriptor != null) {
final String ejbImplClassName = ejbDescriptor.getEjbImplClassName();
if (ejbImplClassName != null) {
try {
m = (Method) AppservAccessController.doPrivileged(new PrivilegedExceptionAction() {
@Override
public Object run() throws Exception {
ClassLoader loader = Thread.currentThread().getContextClassLoader();
Class clazz = Class.forName(ejbImplClassName, true, loader);
return clazz.getMethod("invoke", new Class[] { Object.class });
}
});
} catch (PrivilegedActionException pae) {
throw new RuntimeException(pae.getException());
}
}
}
}
if (m != null) {
if (ejbDelegate != null) {
try {
if (!ejbDelegate.authorize(inv, m)) {
throw new Exception(localStrings.getLocalString("enterprise.webservice.methodNotAuth", "Client not authorized for invocation of {0}", new Object[] { m }));
}
} catch (UnmarshalException e) {
String errorMsg = localStrings.getLocalString("enterprise.webservice.errorUnMarshalMethod", "Error unmarshalling method for ejb {0}", new Object[] { ejbName() });
ie = new UnmarshalException(errorMsg);
ie.initCause(e);
throw ie;
} catch (Exception e) {
ie = new Exception(localStrings.getLocalString("enterprise.webservice.methodNotAuth", "Client not authorized for invocation of {0}", new Object[] { m }));
ie.initCause(e);
throw ie;
}
}
}
}
}
use of com.sun.enterprise.security.SecurityContext in project Payara by payara.
the class EJBSecurityManager method doAsPrivileged.
/*
* This method is used by SecurityUtil runMethod to run the action as the subject encapsulated in the current
* SecurityContext.
*/
@Override
public Object doAsPrivileged(PrivilegedExceptionAction pea) throws Throwable {
SecurityContext sc = SecurityContext.getCurrent();
Set principalSet = sc.getPrincipalSet();
AccessControlContext acc = (AccessControlContext) accessControlContextCache.get(principalSet);
if (acc == null) {
final ProtectionDomain[] pdArray = new ProtectionDomain[1];
pdArray[0] = getCachedProtectionDomain(principalSet, false);
try {
if (principalSet != null) {
final Subject s = sc.getSubject();
acc = (AccessControlContext) AccessController.doPrivileged(new PrivilegedExceptionAction() {
@Override
public Object run() throws Exception {
return new AccessControlContext(new AccessControlContext(pdArray), new SubjectDomainCombiner(s));
}
});
} else {
acc = new AccessControlContext(pdArray);
}
// cacheProtectionDomain and protectionDomainCache
if (principalSet != null) {
accessControlContextCache.put(new HashSet(principalSet), acc);
}
_logger.fine("JACC: new AccessControlContext added to cache");
} catch (Exception e) {
_logger.log(Level.SEVERE, "java_security.security_context_exception", e);
acc = null;
throw e;
}
}
Object rvalue = null;
String oldContextId = setPolicyContext(this.contextId);
if (_logger.isLoggable(Level.FINE)) {
_logger.fine("JACC: doAsPrivileged contextId(" + this.contextId + ")");
}
try {
rvalue = AccessController.doPrivileged(pea, acc);
} finally {
resetPolicyContext(oldContextId, this.contextId);
}
return rvalue;
}
use of com.sun.enterprise.security.SecurityContext in project Payara by payara.
the class EJBSecurityManager method isCallerInRole.
/**
* This method returns a boolean value indicating whether or not the caller is in the specified role.
*
* @param role role name in the form of java.lang.String
* @return A boolean true/false depending on whether or not the caller has the specified role.
*/
@Override
public boolean isCallerInRole(String role) {
/*
* In case of Run As - Should check isCallerInRole with respect to the old security context.
*/
boolean isCallerInRole = false;
if (_logger.isLoggable(FINE)) {
_logger.entering("EJBSecurityManager", "isCallerInRole", role);
}
EJBRoleRefPermission ejbRoleRefPermission = new EJBRoleRefPermission(ejbName, role);
SecurityContext securityContext;
if (runAs != null) {
securityContext = (SecurityContext) invocationManager.getCurrentInvocation().getOldSecurityContext();
} else {
securityContext = SecurityContext.getCurrent();
}
Set<Principal> principalSet = securityContext != null ? securityContext.getPrincipalSet() : null;
ProtectionDomain prdm = getCachedProtectionDomain(principalSet, true);
String oldContextId = null;
try {
// set the policy context in the TLS.
oldContextId = setPolicyContext(this.contextId);
isCallerInRole = policy.implies(prdm, ejbRoleRefPermission);
} catch (Throwable t) {
_logger.log(Level.SEVERE, "jacc_is_caller_in_role_exception", t);
isCallerInRole = false;
} finally {
try {
resetPolicyContext(oldContextId, contextId);
} catch (Throwable ex) {
_logger.log(Level.SEVERE, "jacc_policy_context_exception", ex);
isCallerInRole = false;
}
}
if (_logger.isLoggable(Level.FINE)) {
_logger.fine("JACC: isCallerInRole Result: " + isCallerInRole + " EJBRoleRefPermission (Name) = " + ejbRoleRefPermission.getName() + " (Action) = " + ejbRoleRefPermission.getActions() + " (Codesource) = " + prdm.getCodeSource());
}
return isCallerInRole;
}
Aggregations