use of io.undertow.servlet.handlers.ServletChain in project undertow by undertow-io.
the class HttpServletRequestImpl method isUserInRole.
@Override
public boolean isUserInRole(final String role) {
if (role == null) {
return false;
}
//according to the servlet spec this aways returns false
if (role.equals("*")) {
return false;
}
SecurityContext sc = exchange.getSecurityContext();
Account account = sc.getAuthenticatedAccount();
if (account == null) {
return false;
}
ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
if (role.equals("**")) {
Set<String> roles = servletRequestContext.getDeployment().getDeploymentInfo().getSecurityRoles();
if (!roles.contains("**")) {
return true;
}
}
final ServletChain servlet = servletRequestContext.getCurrentServlet();
final Deployment deployment = servletContext.getDeployment();
final AuthorizationManager authorizationManager = deployment.getDeploymentInfo().getAuthorizationManager();
return authorizationManager.isUserInRole(role, account, servlet.getManagedServlet().getServletInfo(), this, deployment);
}
use of io.undertow.servlet.handlers.ServletChain in project wildfly by wildfly.
the class SecurityContextAssociationHandler method handleRequest.
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
SecurityContext sc = exchange.getAttachment(UndertowSecurityAttachments.SECURITY_CONTEXT_ATTACHMENT);
RunAsIdentityMetaData identity = null;
RunAs old = null;
try {
final ServletChain servlet = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getCurrentServlet();
identity = runAsIdentityMetaDataMap.get(servlet.getManagedServlet().getServletInfo().getName());
RunAsIdentity runAsIdentity = null;
if (identity != null) {
UndertowLogger.ROOT_LOGGER.tracef("%s, runAs: %s", servlet.getManagedServlet().getServletInfo().getName(), identity);
runAsIdentity = new RunAsIdentity(identity.getRoleName(), identity.getPrincipalName(), identity.getRunAsRoles());
}
old = SecurityActions.setRunAsIdentity(runAsIdentity, sc);
// Perform the request
next.handleRequest(exchange);
} finally {
if (identity != null) {
SecurityActions.setRunAsIdentity(old, sc);
}
}
}
Aggregations