Search in sources :

Example 21 with SecurityContext

use of com.sun.enterprise.security.SecurityContext in project Payara by payara.

the class BaseContainerCallbackHandler method processCallerPrincipal.

private void processCallerPrincipal(CallerPrincipalCallback cpCallback) {
    final Subject fs = cpCallback.getSubject();
    Principal principal = cpCallback.getPrincipal();
    // PAYARA-755 If the SAM has set a custom principal then we check that the original WebPrincipal has the same custom principal within it
    if (principal != null && !(principal instanceof WebPrincipal)) {
        Principal additional = SecurityContext.getCurrent().getAdditionalPrincipal();
        if ((additional != null) && (additional instanceof WebPrincipal) && ((WebPrincipal) additional).getCustomPrincipal() == principal) {
            principal = additional;
        }
    }
    if (principal instanceof WebPrincipal) {
        WebPrincipal wp = (WebPrincipal) principal;
        /**
         * Check if the WebPrincipal satisfies the criteria for reuse. If
         * it does, the CBH will have already copied its contents into the
         * Subject, and established the caller principal.
         */
        if (reuseWebPrincipal(fs, wp)) {
            return;
        }
        /**
         * Otherwise the webPrincipal must be distinguished as the
         * callerPrincipal, but the contents of its internal SecurityContext
         * will not be copied.
         * For the special case where the WebPrincipal represents
         * the defaultCallerPrincipal, the argument principal is set to
         * null to cause the handler to assign its representation of the
         * unauthenticated caller in the Subject.
         */
        Principal dp = SecurityContext.getDefaultCallerPrincipal();
        SecurityContext sc = wp.getSecurityContext();
        Principal cp = sc != null ? sc.getCallerPrincipal() : null;
        if (wp.getName() == null || wp.equals(dp) || cp == null || cp.equals(dp)) {
            principal = null;
        }
    }
    String realmName = null;
    if (handlerContext != null) {
        realmName = handlerContext.getRealmName();
    }
    boolean isCertRealm = CertificateRealm.AUTH_TYPE.equals(realmName);
    if (principal == null) {
        if (cpCallback.getName() != null) {
            if (isCertRealm) {
                principal = new X500Principal(cpCallback.getName());
            } else {
                principal = new PrincipalImpl(cpCallback.getName());
            }
        } else {
            // 196 unauthenticated caller principal
            principal = SecurityContext.getDefaultCallerPrincipal();
        }
    }
    if (isCertRealm) {
        if (principal instanceof X500Principal) {
            LoginContextDriver.jmacLogin(fs, (X500Principal) principal);
        }
    } else {
        if (!principal.equals(SecurityContext.getDefaultCallerPrincipal())) {
            LoginContextDriver.jmacLogin(fs, principal.getName(), realmName);
        }
    }
    final Principal fprin = principal;
    final DistinguishedPrincipalCredential fdpc = new DistinguishedPrincipalCredential(principal);
    AppservAccessController.doPrivileged(new PrivilegedAction() {

        public java.lang.Object run() {
            fs.getPrincipals().add(fprin);
            Iterator iter = fs.getPublicCredentials().iterator();
            while (iter.hasNext()) {
                Object obj = iter.next();
                if (obj instanceof DistinguishedPrincipalCredential) {
                    iter.remove();
                }
            }
            fs.getPublicCredentials().add(fdpc);
            return fs;
        }
    });
}
Also used : DistinguishedPrincipalCredential(com.sun.enterprise.security.auth.login.DistinguishedPrincipalCredential) Subject(javax.security.auth.Subject) PrivilegedAction(java.security.PrivilegedAction) SecurityContext(com.sun.enterprise.security.SecurityContext) Iterator(java.util.Iterator) X500Principal(javax.security.auth.x500.X500Principal) WebPrincipal(com.sun.enterprise.security.web.integration.WebPrincipal) WebPrincipal(com.sun.enterprise.security.web.integration.WebPrincipal) Principal(java.security.Principal) X500Principal(javax.security.auth.x500.X500Principal) PrincipalImpl(org.glassfish.security.common.PrincipalImpl)

Example 22 with SecurityContext

use of com.sun.enterprise.security.SecurityContext in project Payara by payara.

the class BaseContainerCallbackHandler method reuseWebPrincipal.

/**
 * This method will distinguish the initiator principal (of the
 * SecurityContext obtained from the WebPrincipal) as the caller principal,
 * and copy all the other principals into the subject....
 *
 * It is assumed that the input WebPrincipal is coming from a SAM, and
 * that it was created either by the SAM (as described below) or by
 * calls to the LoginContextDriver made by an Authenticator.
 *
 * A WebPrincipal constructed by the RealmAdapter will include a DPC;
 * other constructions may not; this method interprets the absence of a
 * DPC as evidence that the resulting WebPrincipal was not constructed
 * by the RealmAdapter as described below. Note that presence of a DPC
 * does not necessarily mean that the resulting WebPrincipal was
 * constructed by the RealmAdapter... since some authenticators also
 * add the credential).
 *
 * A. handling of CPCB by CBH:
 *
 *  1. handling of CPC by CBH modifies subject
 *      a. constructs principalImpl if called by name
 *      b. uses LoginContextDriver to add group principals for name
 *      c. puts principal in principal set, and DPC in public credentials
 *
 * B. construction of WebPrincipal by RealmAdapter (occurs after SAM
 * uses CBH to set other than an unauthenticated result in the subject:
 *
 *  a. SecurityContext construction done with subject (returned by SAM).
 *     Construction sets initiator/caller principal within SC from
 *     DPC set by CBH in public credentials of subject
 *
 *  b WebPrincipal is constructed with initiator principal and SecurityContext
 *
 * @param fs receiving Subject
 * @param wp WebPrincipal
 *
 * @return true when Security Context has been obtained from webPrincipal,
 * and CB is finished. returns false when more CB processing is required.
 */
private boolean reuseWebPrincipal(final Subject fs, final WebPrincipal wp) {
    SecurityContext sc = wp.getSecurityContext();
    final Subject wps = sc != null ? sc.getSubject() : null;
    final Principal callerPrincipal = sc != null ? sc.getCallerPrincipal() : null;
    final Principal defaultPrincipal = SecurityContext.getDefaultCallerPrincipal();
    return ((Boolean) AppservAccessController.doPrivileged(new PrivilegedAction() {

        /**
         * this method uses 4 (numbered) criteria to determine if the
         * argument WebPrincipal can be reused
         */
        public Boolean run() {
            /*
                 * 1. WebPrincipal must contain a SecurityContext and SC must
                 * have a non-null, non-default callerPrincipal and a Subject
                 */
            if (callerPrincipal == null || callerPrincipal.equals(defaultPrincipal) || wps == null) {
                return Boolean.FALSE;
            }
            boolean hasObject = false;
            Set<DistinguishedPrincipalCredential> distinguishedCreds = wps.getPublicCredentials(DistinguishedPrincipalCredential.class);
            if (distinguishedCreds.size() == 1) {
                for (DistinguishedPrincipalCredential cred : distinguishedCreds) {
                    if (cred.getPrincipal().equals(callerPrincipal)) {
                        hasObject = true;
                    }
                }
            }
            /**
             * 2. Subject within SecurityContext must contain a single
             * DPC that identifies the Caller Principal
             */
            if (!hasObject) {
                return Boolean.FALSE;
            }
            hasObject = wps.getPrincipals().contains(callerPrincipal);
            /**
             * 3. Subject within SecurityContext must contain the caller
             * principal
             */
            if (!hasObject) {
                return Boolean.FALSE;
            }
            /**
             * 4. The webPrincipal must have a non null name that equals
             * the name of the callerPrincipal.
             */
            if (wp.getName() == null || !wp.getName().equals(callerPrincipal.getName())) {
                return Boolean.FALSE;
            }
            /*
                 * remove any existing DistinguishedPrincipalCredentials from
                 * receiving Subject
                 *
                 */
            Iterator iter = fs.getPublicCredentials().iterator();
            while (iter.hasNext()) {
                Object obj = iter.next();
                if (obj instanceof DistinguishedPrincipalCredential) {
                    iter.remove();
                }
            }
            for (Principal p : wps.getPrincipals()) {
                fs.getPrincipals().add(p);
            }
            /**
             * Copy public credentials from Subject within SecurityContext
             * to receiving Subject
             */
            for (Object publicCred : wps.getPublicCredentials()) {
                fs.getPublicCredentials().add(publicCred);
            }
            /**
             * Copy private credentials from Subject within SecurityContext
             * to receiving Subject
             */
            for (Object privateCred : wps.getPrivateCredentials()) {
                fs.getPrivateCredentials().add(privateCred);
            }
            return Boolean.TRUE;
        }
    })).booleanValue();
}
Also used : PrivilegedAction(java.security.PrivilegedAction) SecurityContext(com.sun.enterprise.security.SecurityContext) Iterator(java.util.Iterator) DistinguishedPrincipalCredential(com.sun.enterprise.security.auth.login.DistinguishedPrincipalCredential) Subject(javax.security.auth.Subject) WebPrincipal(com.sun.enterprise.security.web.integration.WebPrincipal) Principal(java.security.Principal) X500Principal(javax.security.auth.x500.X500Principal)

Example 23 with SecurityContext

use of com.sun.enterprise.security.SecurityContext in project Payara by payara.

the class PipeHelper method authorize.

public void authorize(Packet request) throws Exception {
    // SecurityContext constructor should set initiator to
    // unathenticated if Subject is null or empty
    Subject s = (Subject) request.invocationProperties.get(PipeConstants.CLIENT_SUBJECT);
    if (s == null || (s.getPrincipals().isEmpty() && s.getPublicCredentials().isEmpty())) {
        SecurityContext.setUnauthenticatedContext();
    } else {
        SecurityContext sC = new SecurityContext(s);
        SecurityContext.setCurrent(sC);
    }
    if (isEjbEndpoint) {
        if (invManager == null) {
            throw new RuntimeException(localStrings.getLocalString("enterprise.webservice.noEjbInvocationManager", "Cannot validate request : invocation manager null for EJB WebService"));
        }
        ComponentInvocation inv = (ComponentInvocation) invManager.getCurrentInvocation();
        // consumed
        if (ejbDelegate != null) {
            ejbDelegate.setSOAPMessage(request.getMessage(), inv);
        }
        Exception ie;
        Method m = null;
        if (seiModel != null) {
            JavaMethod jm = request.getMessage().getMethod(seiModel);
            m = (jm != null) ? jm.getMethod() : null;
        } else {
            // WebServiceProvider
            WebServiceEndpoint endpoint = (WebServiceEndpoint) map.get(PipeConstants.SERVICE_ENDPOINT);
            EjbDescriptor ejbDescriptor = endpoint.getEjbComponentImpl();
            if (ejbDescriptor != null) {
                final String ejbImplClassName = ejbDescriptor.getEjbImplClassName();
                if (ejbImplClassName != null) {
                    try {
                        m = (Method) AppservAccessController.doPrivileged(new PrivilegedExceptionAction() {

                            @Override
                            public Object run() throws Exception {
                                ClassLoader loader = Thread.currentThread().getContextClassLoader();
                                Class clazz = Class.forName(ejbImplClassName, true, loader);
                                return clazz.getMethod("invoke", new Class[] { Object.class });
                            }
                        });
                    } catch (PrivilegedActionException pae) {
                        throw new RuntimeException(pae.getException());
                    }
                }
            }
        }
        if (m != null) {
            if (ejbDelegate != null) {
                try {
                    if (!ejbDelegate.authorize(inv, m)) {
                        throw new Exception(localStrings.getLocalString("enterprise.webservice.methodNotAuth", "Client not authorized for invocation of {0}", new Object[] { m }));
                    }
                } catch (UnmarshalException e) {
                    String errorMsg = localStrings.getLocalString("enterprise.webservice.errorUnMarshalMethod", "Error unmarshalling method for ejb {0}", new Object[] { ejbName() });
                    ie = new UnmarshalException(errorMsg);
                    ie.initCause(e);
                    throw ie;
                } catch (Exception e) {
                    ie = new Exception(localStrings.getLocalString("enterprise.webservice.methodNotAuth", "Client not authorized for invocation of {0}", new Object[] { m }));
                    ie.initCause(e);
                    throw ie;
                }
            }
        }
    }
}
Also used : ComponentInvocation(org.glassfish.api.invocation.ComponentInvocation) PrivilegedActionException(java.security.PrivilegedActionException) JavaMethod(com.sun.xml.ws.api.model.JavaMethod) Method(java.lang.reflect.Method) PrivilegedExceptionAction(java.security.PrivilegedExceptionAction) Subject(javax.security.auth.Subject) PrivilegedActionException(java.security.PrivilegedActionException) UnmarshalException(javax.xml.bind.UnmarshalException) AuthException(javax.security.auth.message.AuthException) WebServiceException(javax.xml.ws.WebServiceException) EjbDescriptor(com.sun.enterprise.deployment.EjbDescriptor) WebServiceEndpoint(com.sun.enterprise.deployment.WebServiceEndpoint) UnmarshalException(javax.xml.bind.UnmarshalException) ClientSecurityContext(com.sun.enterprise.security.common.ClientSecurityContext) SecurityContext(com.sun.enterprise.security.SecurityContext) JavaMethod(com.sun.xml.ws.api.model.JavaMethod)

Example 24 with SecurityContext

use of com.sun.enterprise.security.SecurityContext in project Payara by payara.

the class EJBSecurityManager method doAsPrivileged.

/*
     * This method is used by SecurityUtil runMethod to run the action as the subject encapsulated in the current
     * SecurityContext.
     */
@Override
public Object doAsPrivileged(PrivilegedExceptionAction pea) throws Throwable {
    SecurityContext sc = SecurityContext.getCurrent();
    Set principalSet = sc.getPrincipalSet();
    AccessControlContext acc = (AccessControlContext) accessControlContextCache.get(principalSet);
    if (acc == null) {
        final ProtectionDomain[] pdArray = new ProtectionDomain[1];
        pdArray[0] = getCachedProtectionDomain(principalSet, false);
        try {
            if (principalSet != null) {
                final Subject s = sc.getSubject();
                acc = (AccessControlContext) AccessController.doPrivileged(new PrivilegedExceptionAction() {

                    @Override
                    public Object run() throws Exception {
                        return new AccessControlContext(new AccessControlContext(pdArray), new SubjectDomainCombiner(s));
                    }
                });
            } else {
                acc = new AccessControlContext(pdArray);
            }
            // cacheProtectionDomain and protectionDomainCache
            if (principalSet != null) {
                accessControlContextCache.put(new HashSet(principalSet), acc);
            }
            _logger.fine("JACC: new AccessControlContext added to cache");
        } catch (Exception e) {
            _logger.log(Level.SEVERE, "java_security.security_context_exception", e);
            acc = null;
            throw e;
        }
    }
    Object rvalue = null;
    String oldContextId = setPolicyContext(this.contextId);
    if (_logger.isLoggable(Level.FINE)) {
        _logger.fine("JACC: doAsPrivileged contextId(" + this.contextId + ")");
    }
    try {
        rvalue = AccessController.doPrivileged(pea, acc);
    } finally {
        resetPolicyContext(oldContextId, this.contextId);
    }
    return rvalue;
}
Also used : Subject(javax.security.auth.Subject) URISyntaxException(java.net.URISyntaxException) InvocationException(org.glassfish.api.invocation.InvocationException) MalformedURLException(java.net.MalformedURLException) SubjectDomainCombiner(javax.security.auth.SubjectDomainCombiner) SecurityContext(com.sun.enterprise.security.SecurityContext)

Example 25 with SecurityContext

use of com.sun.enterprise.security.SecurityContext in project Payara by payara.

the class EJBSecurityManager method isCallerInRole.

/**
 * This method returns a boolean value indicating whether or not the caller is in the specified role.
 *
 * @param role role name in the form of java.lang.String
 * @return A boolean true/false depending on whether or not the caller has the specified role.
 */
@Override
public boolean isCallerInRole(String role) {
    /*
         * In case of Run As - Should check isCallerInRole with respect to the old security context.
         */
    boolean isCallerInRole = false;
    if (_logger.isLoggable(FINE)) {
        _logger.entering("EJBSecurityManager", "isCallerInRole", role);
    }
    EJBRoleRefPermission ejbRoleRefPermission = new EJBRoleRefPermission(ejbName, role);
    SecurityContext securityContext;
    if (runAs != null) {
        securityContext = (SecurityContext) invocationManager.getCurrentInvocation().getOldSecurityContext();
    } else {
        securityContext = SecurityContext.getCurrent();
    }
    Set<Principal> principalSet = securityContext != null ? securityContext.getPrincipalSet() : null;
    ProtectionDomain prdm = getCachedProtectionDomain(principalSet, true);
    String oldContextId = null;
    try {
        // set the policy context in the TLS.
        oldContextId = setPolicyContext(this.contextId);
        isCallerInRole = policy.implies(prdm, ejbRoleRefPermission);
    } catch (Throwable t) {
        _logger.log(Level.SEVERE, "jacc_is_caller_in_role_exception", t);
        isCallerInRole = false;
    } finally {
        try {
            resetPolicyContext(oldContextId, contextId);
        } catch (Throwable ex) {
            _logger.log(Level.SEVERE, "jacc_policy_context_exception", ex);
            isCallerInRole = false;
        }
    }
    if (_logger.isLoggable(Level.FINE)) {
        _logger.fine("JACC: isCallerInRole Result: " + isCallerInRole + " EJBRoleRefPermission (Name) = " + ejbRoleRefPermission.getName() + " (Action) = " + ejbRoleRefPermission.getActions() + " (Codesource) = " + prdm.getCodeSource());
    }
    return isCallerInRole;
}
Also used : SecurityContext(com.sun.enterprise.security.SecurityContext)

Aggregations

SecurityContext (com.sun.enterprise.security.SecurityContext)34 Subject (javax.security.auth.Subject)15 Principal (java.security.Principal)11 WebPrincipal (com.sun.enterprise.security.web.integration.WebPrincipal)10 DistinguishedPrincipalCredential (com.sun.enterprise.security.auth.login.DistinguishedPrincipalCredential)6 ClientSecurityContext (com.sun.enterprise.security.common.ClientSecurityContext)6 ComponentInvocation (org.glassfish.api.invocation.ComponentInvocation)6 PrivilegedAction (java.security.PrivilegedAction)5 X500Principal (javax.security.auth.x500.X500Principal)5 Iterator (java.util.Iterator)3 Set (java.util.Set)3 AuthException (javax.security.auth.message.AuthException)3 HttpServletRequest (javax.servlet.http.HttpServletRequest)3 Group (org.glassfish.security.common.Group)3 EjbDescriptor (com.sun.enterprise.deployment.EjbDescriptor)2 WebServiceEndpoint (com.sun.enterprise.deployment.WebServiceEndpoint)2 SecurityContext.getDefaultCallerPrincipal (com.sun.enterprise.security.SecurityContext.getDefaultCallerPrincipal)2 SOAPAuthParam (com.sun.enterprise.security.jauth.jaspic.provider.SOAPAuthParam)2 JavaMethod (com.sun.xml.ws.api.model.JavaMethod)2 Method (java.lang.reflect.Method)2