use of java.security.Principal in project elasticsearch by elastic.
the class HdfsBlobStoreContainerTests method createContext.
@SuppressForbidden(reason = "lesser of two evils (the other being a bunch of JNI/classloader nightmares)")
private FileContext createContext(URI uri) {
// mirrors HdfsRepository.java behaviour
Configuration cfg = new Configuration(true);
cfg.setClassLoader(HdfsRepository.class.getClassLoader());
cfg.reloadConfiguration();
Constructor<?> ctor;
Subject subject;
try {
Class<?> clazz = Class.forName("org.apache.hadoop.security.User");
ctor = clazz.getConstructor(String.class);
ctor.setAccessible(true);
} catch (ClassNotFoundException | NoSuchMethodException e) {
throw new RuntimeException(e);
}
try {
Principal principal = (Principal) ctor.newInstance(System.getProperty("user.name"));
subject = new Subject(false, Collections.singleton(principal), Collections.emptySet(), Collections.emptySet());
} catch (InstantiationException | IllegalAccessException | InvocationTargetException e) {
throw new RuntimeException(e);
}
// disable file system cache
cfg.setBoolean("fs.hdfs.impl.disable.cache", true);
// set file system to TestingFs to avoid a bunch of security
// checks, similar to what is done in HdfsTests.java
cfg.set("fs.AbstractFileSystem." + uri.getScheme() + ".impl", TestingFs.class.getName());
// create the FileContext with our user
return Subject.doAs(subject, (PrivilegedAction<FileContext>) () -> {
try {
TestingFs fs = (TestingFs) AbstractFileSystem.get(uri, cfg);
return FileContext.getFileContext(fs, cfg);
} catch (UnsupportedFileSystemException e) {
throw new RuntimeException(e);
}
});
}
use of java.security.Principal in project jetty.project by eclipse.
the class JaspiAuthenticator method validateRequest.
public Authentication validateRequest(JaspiMessageInfo messageInfo) throws ServerAuthException {
try {
String authContextId = _authConfig.getAuthContextID(messageInfo);
ServerAuthContext authContext = _authConfig.getAuthContext(authContextId, _serviceSubject, _authProperties);
Subject clientSubject = new Subject();
AuthStatus authStatus = authContext.validateRequest(messageInfo, clientSubject, _serviceSubject);
if (authStatus == AuthStatus.SEND_CONTINUE)
return Authentication.SEND_CONTINUE;
if (authStatus == AuthStatus.SEND_FAILURE)
return Authentication.SEND_FAILURE;
if (authStatus == AuthStatus.SUCCESS) {
Set<UserIdentity> ids = clientSubject.getPrivateCredentials(UserIdentity.class);
UserIdentity userIdentity;
if (ids.size() > 0) {
userIdentity = ids.iterator().next();
} else {
CallerPrincipalCallback principalCallback = _callbackHandler.getThreadCallerPrincipalCallback();
if (principalCallback == null) {
return Authentication.UNAUTHENTICATED;
}
Principal principal = principalCallback.getPrincipal();
if (principal == null) {
String principalName = principalCallback.getName();
Set<Principal> principals = principalCallback.getSubject().getPrincipals();
for (Principal p : principals) {
if (p.getName().equals(principalName)) {
principal = p;
break;
}
}
if (principal == null) {
return Authentication.UNAUTHENTICATED;
}
}
GroupPrincipalCallback groupPrincipalCallback = _callbackHandler.getThreadGroupPrincipalCallback();
String[] groups = groupPrincipalCallback == null ? null : groupPrincipalCallback.getGroups();
userIdentity = _identityService.newUserIdentity(clientSubject, principal, groups);
}
HttpSession session = ((HttpServletRequest) messageInfo.getRequestMessage()).getSession(false);
Authentication cached = (session == null ? null : (SessionAuthentication) session.getAttribute(SessionAuthentication.__J_AUTHENTICATED));
if (cached != null)
return cached;
return new UserAuthentication(getAuthMethod(), userIdentity);
}
if (authStatus == AuthStatus.SEND_SUCCESS) {
// we are processing a message in a secureResponse dialog.
return Authentication.SEND_SUCCESS;
}
if (authStatus == AuthStatus.FAILURE) {
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return Authentication.SEND_FAILURE;
}
// should not happen
throw new IllegalStateException("No AuthStatus returned");
} catch (IOException | AuthException e) {
throw new ServerAuthException(e);
}
}
use of java.security.Principal in project jetty.project by eclipse.
the class StrictRoleCheckPolicy method checkRole.
public boolean checkRole(String roleName, Principal runAsRole, Group roles) {
//them. If so, then only check if the user has that role.
if (runAsRole != null) {
return (roleName.equals(runAsRole.getName()));
} else {
if (roles == null)
return false;
Enumeration<? extends Principal> rolesEnum = roles.members();
boolean found = false;
while (rolesEnum.hasMoreElements() && !found) {
Principal p = (Principal) rolesEnum.nextElement();
found = roleName.equals(p.getName());
}
return found;
}
}
use of java.security.Principal in project qi4j-sdk by Qi4j.
the class DomainEventSourceResourceSample method generateTestData.
private static void generateTestData(UnitOfWorkFactory unitOfWorkFactory) throws UnitOfWorkCompletionException {
// Set principal for the UoW
Principal administratorPrincipal = new Principal() {
public String getName() {
return "administrator";
}
};
// Perform UoW with usecase defined
for (int i = 0; i < 43; i++) {
UnitOfWork uow = unitOfWorkFactory.newUnitOfWork(UsecaseBuilder.newUsecase("Change description " + (i + 1)));
uow.setMetaInfo(administratorPrincipal);
TestEntity entity = uow.newEntity(TestEntity.class);
entity.changedDescription("New description");
uow.complete();
}
}
use of java.security.Principal in project sonarqube by SonarSource.
the class PresentTag method condition.
/**
* Evaluate the condition that is being tested by this particular tag, and
* return <code>true</code> if the nested body content of this tag should
* be evaluated, or <code>false</code> if it should be skipped. This
* method must be implemented by concrete subclasses.
*
* @param desired Desired outcome for a true result
* @throws JspException if a JSP exception occurs
*/
protected boolean condition(boolean desired) throws JspException {
// Evaluate the presence of the specified value
boolean present = false;
HttpServletRequest request = (HttpServletRequest) pageContext.getRequest();
if (cookie != null) {
present = this.isCookiePresent(request);
} else if (header != null) {
String value = request.getHeader(header);
present = (value != null);
} else if (name != null) {
present = this.isBeanPresent();
} else if (parameter != null) {
String value = request.getParameter(parameter);
present = (value != null);
} else if (role != null) {
StringTokenizer st = new StringTokenizer(role, ROLE_DELIMITER, false);
while (!present && st.hasMoreTokens()) {
present = request.isUserInRole(st.nextToken());
}
} else if (user != null) {
Principal principal = request.getUserPrincipal();
present = (principal != null) && user.equals(principal.getName());
} else {
JspException e = new JspException(messages.getMessage("logic.selector"));
TagUtils.getInstance().saveException(pageContext, e);
throw e;
}
return (present == desired);
}
Aggregations