use of jakarta.ws.rs.core.SecurityContext in project jaxrs-api by eclipse-ee4j.
the class RequestFilter method getSecurityContext.
public void getSecurityContext() {
SecurityContext secCtx = requestContext.getSecurityContext();
Principal principal = secCtx.getUserPrincipal();
if (assertTrue(principal == null, "principal is not null"))
return;
abortWithEntity("NULL");
}
use of jakarta.ws.rs.core.SecurityContext in project jaxrs-api by eclipse-ee4j.
the class ResponseFilter method setSecurityContext.
public void setSecurityContext() {
SecurityContext ctx = new SecurityContextImpl();
try {
requestContext.setSecurityContext(ctx);
setEntity(NOEXCEPTION);
} catch (IllegalStateException e) {
setEntity(ISEXCEPTION);
}
}
use of jakarta.ws.rs.core.SecurityContext in project jaxrs-api by eclipse-ee4j.
the class RequestFilter method filter.
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
SecurityContext security = requestContext.getSecurityContext();
String msg = "security.getUserPrincipal() is null";
if (security.getUserPrincipal() != null)
msg = security.getUserPrincipal().getName();
Response response = Response.ok(msg).build();
requestContext.abortWith(response);
}
use of jakarta.ws.rs.core.SecurityContext in project minijax by minijax.
the class MinijaxApplication method checkSecurity.
private void checkSecurity(final MinijaxRequestContext context) {
final Annotation a = context.getResourceMethod().getSecurityAnnotation();
if (a == null) {
return;
}
final Class<?> c = a.annotationType();
if (c == PermitAll.class) {
return;
}
if (c == DenyAll.class) {
throw new ForbiddenException();
}
if (c == RolesAllowed.class) {
final SecurityContext security = context.getSecurityContext();
if (security == null || security.getUserPrincipal() == null) {
throw new NotAuthorizedException(Response.status(Status.UNAUTHORIZED).build());
}
boolean found = false;
for (final String role : ((RolesAllowed) a).value()) {
if (security.isUserInRole(role)) {
found = true;
break;
}
}
if (!found) {
throw new ForbiddenException();
}
}
}
use of jakarta.ws.rs.core.SecurityContext in project resteasy by resteasy.
the class EJBConstraintChecker method checkInternal.
private boolean checkInternal(Method method) {
// From now on we can use this class since it's there. I (Stef Epardaud) don't think we need to
// remove the reference here and use reflection.
RolesAllowed rolesAllowed = method.getAnnotation(RolesAllowed.class);
if (rolesAllowed == null) {
return true;
}
SecurityContext context = ResteasyContext.getContextData(SecurityContext.class);
for (String role : rolesAllowed.value()) {
if (context.isUserInRole(role)) {
return true;
}
}
return false;
}
Aggregations