Examples with PrivilegedAction java.security.PrivilegedAction used on opensource projects

Search in sources :

Example 11 with PrivilegedAction

use of java.security.PrivilegedAction in project wildfly by wildfly.

the class LogoutSessionListener method sessionDestroyed.

@Override
public void sessionDestroyed(HttpSessionEvent se) {
    //we need to get the current account
    //there are two options here, we can look for the account in the current request
    //or we can look for the account that has been saved in the session
    //for maximum compatibility we do both
    ServletRequestContext src = ServletRequestContext.current();
    Account requestAccount = null;
    if (src != null) {
        requestAccount = src.getExchange().getSecurityContext().getAuthenticatedAccount();
        if (requestAccount != null) {
            clearAccount(requestAccount);
        }
    }
    if (se.getSession() instanceof HttpSessionImpl) {
        final HttpSessionImpl impl = (HttpSessionImpl) se.getSession();
        Session session;
        if (WildFlySecurityManager.isChecking()) {
            session = WildFlySecurityManager.doChecked(new PrivilegedAction<Session>() {

                @Override
                public Session run() {
                    return impl.getSession();
                }
            });
        } else {
            session = impl.getSession();
        }
        if (session != null) {
            AuthenticatedSessionManager.AuthenticatedSession authenticatedSession = (AuthenticatedSessionManager.AuthenticatedSession) session.getAttribute(CachedAuthenticatedSessionHandler.class.getName() + ".AuthenticatedSession");
            if (authenticatedSession != null) {
                Account sessionAccount = authenticatedSession.getAccount();
                if (sessionAccount != null && !sessionAccount.equals(requestAccount)) {
                    clearAccount(sessionAccount);
                }
            }
        }
    }
}
Also used : Account(io.undertow.security.idm.Account) CachedAuthenticatedSessionHandler(io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler) HttpSessionImpl(io.undertow.servlet.spec.HttpSessionImpl) PrivilegedAction(java.security.PrivilegedAction) ServletRequestContext(io.undertow.servlet.handlers.ServletRequestContext) AuthenticatedSessionManager(io.undertow.security.api.AuthenticatedSessionManager) Session(io.undertow.server.session.Session)

Example 12 with PrivilegedAction

use of java.security.PrivilegedAction in project wildfly by wildfly.

the class KeyAffinityServiceFactoryBuilder method build.

@Override
public ServiceBuilder<KeyAffinityServiceFactory> build(ServiceTarget target) {
    int bufferSize = this.bufferSize;
    Function<ExecutorService, KeyAffinityServiceFactory> mapper = executor -> new KeyAffinityServiceFactory() {

        @Override
        public <K> KeyAffinityService<K> createService(Cache<K, ?> cache, KeyGenerator<K> generator) {
            CacheMode mode = cache.getCacheConfiguration().clustering().cacheMode();
            return mode.isDistributed() || mode.isReplicated() ? new KeyAffinityServiceImpl<>(executor, cache, generator, bufferSize, Collections.singleton(cache.getCacheManager().getAddress()), false) : new SimpleKeyAffinityService<>(generator);
        }
    };
    Supplier<ExecutorService> supplier = () -> {
        ThreadGroup threadGroup = new ThreadGroup("KeyAffinityService ThreadGroup");
        String namePattern = "KeyAffinityService Thread Pool -- %t";
        PrivilegedAction<ThreadFactory> action = () -> new JBossThreadFactory(threadGroup, Boolean.FALSE, null, namePattern, null, null);
        return Executors.newCachedThreadPool(doPrivileged(action));
    };
    Service<KeyAffinityServiceFactory> service = new SuppliedValueService<>(mapper, supplier, ExecutorService::shutdown);
    return new AsynchronousServiceBuilder<>(this.getServiceName(), service).startSynchronously().build(target).setInitialMode(ServiceController.Mode.ON_DEMAND);
}
Also used : Service(org.jboss.msc.service.Service) AccessController.doPrivileged(java.security.AccessController.doPrivileged) Cache(org.infinispan.Cache) Function(java.util.function.Function) Supplier(java.util.function.Supplier) KeyGenerator(org.infinispan.affinity.KeyGenerator) SuppliedValueService(org.wildfly.clustering.service.SuppliedValueService) KeyAffinityService(org.infinispan.affinity.KeyAffinityService) KeyAffinityServiceFactory(org.wildfly.clustering.infinispan.spi.affinity.KeyAffinityServiceFactory) ServiceTarget(org.jboss.msc.service.ServiceTarget) ThreadFactory(java.util.concurrent.ThreadFactory) ExecutorService(java.util.concurrent.ExecutorService) Address(org.infinispan.remoting.transport.Address) JBossThreadFactory(org.jboss.threads.JBossThreadFactory) PathAddress(org.jboss.as.controller.PathAddress) ServiceBuilder(org.jboss.msc.service.ServiceBuilder) AsynchronousServiceBuilder(org.wildfly.clustering.service.AsynchronousServiceBuilder) PrivilegedAction(java.security.PrivilegedAction) Executors(java.util.concurrent.Executors) KeyAffinityServiceImpl(org.infinispan.affinity.impl.KeyAffinityServiceImpl) ServiceController(org.jboss.msc.service.ServiceController) CacheMode(org.infinispan.configuration.cache.CacheMode) ServiceName(org.jboss.msc.service.ServiceName) Collections(java.util.Collections) Builder(org.wildfly.clustering.service.Builder) JBossThreadFactory(org.jboss.threads.JBossThreadFactory) CacheMode(org.infinispan.configuration.cache.CacheMode) KeyAffinityServiceFactory(org.wildfly.clustering.infinispan.spi.affinity.KeyAffinityServiceFactory) PrivilegedAction(java.security.PrivilegedAction) ExecutorService(java.util.concurrent.ExecutorService) KeyGenerator(org.infinispan.affinity.KeyGenerator) Cache(org.infinispan.Cache) SuppliedValueService(org.wildfly.clustering.service.SuppliedValueService)

Example 13 with PrivilegedAction

use of java.security.PrivilegedAction in project poi by apache.

the class ZipSecureFile method addThreshold.

public static ThresholdInputStream addThreshold(final InputStream zipIS) throws IOException {
    ThresholdInputStream newInner;
    if (zipIS instanceof InflaterInputStream) {
        newInner = AccessController.doPrivileged(new // NOSONAR
        PrivilegedAction<ThresholdInputStream>() {

            @Override
            @SuppressForbidden("TODO: Fix this to not use reflection (it will break in Java 9)! " + "Better would be to wrap *before* instead of trying to insert wrapper afterwards.")
            public ThresholdInputStream run() {
                try {
                    Field f = FilterInputStream.class.getDeclaredField("in");
                    f.setAccessible(true);
                    InputStream oldInner = (InputStream) f.get(zipIS);
                    ThresholdInputStream newInner2 = new ThresholdInputStream(oldInner, null);
                    f.set(zipIS, newInner2);
                    return newInner2;
                } catch (Exception ex) {
                    LOG.log(POILogger.WARN, "SecurityManager doesn't allow manipulation via reflection for zipbomb detection - continue with original input stream", ex);
                }
                return null;
            }
        });
    } else {
        // the inner stream is a ZipFileInputStream, i.e. the data wasn't compressed
        newInner = null;
    }
    return new ThresholdInputStream(zipIS, newInner);
}
Also used : Field(java.lang.reflect.Field) PrivilegedAction(java.security.PrivilegedAction) InflaterInputStream(java.util.zip.InflaterInputStream) ZipInputStream(java.util.zip.ZipInputStream) PushbackInputStream(java.io.PushbackInputStream) InflaterInputStream(java.util.zip.InflaterInputStream) FilterInputStream(java.io.FilterInputStream) InputStream(java.io.InputStream) ZipException(java.util.zip.ZipException) IOException(java.io.IOException)

Example 14 with PrivilegedAction

use of java.security.PrivilegedAction in project lucene-solr by apache.

the class SolrZooKeeper method closeCnxn.

public void closeCnxn() {
    final Thread t = new Thread() {

        @Override
        public void run() {
            try {
                AccessController.doPrivileged((PrivilegedAction<Void>) this::closeZookeeperChannel);
            } finally {
                spawnedThreads.remove(this);
            }
        }

        @SuppressForbidden(reason = "Hack for Zookeper needs access to private methods.")
        private Void closeZookeeperChannel() {
            final ClientCnxn cnxn = getConnection();
            synchronized (cnxn) {
                try {
                    final Field sendThreadFld = cnxn.getClass().getDeclaredField("sendThread");
                    sendThreadFld.setAccessible(true);
                    Object sendThread = sendThreadFld.get(cnxn);
                    if (sendThread != null) {
                        Method method = sendThread.getClass().getDeclaredMethod("testableCloseSocket");
                        method.setAccessible(true);
                        try {
                            method.invoke(sendThread);
                        } catch (InvocationTargetException e) {
                        // is fine
                        }
                    }
                } catch (Exception e) {
                    throw new RuntimeException("Closing Zookeeper send channel failed.", e);
                }
            }
            // Void
            return null;
        }
    };
    spawnedThreads.add(t);
    t.start();
}
Also used : Field(java.lang.reflect.Field) PrivilegedAction(java.security.PrivilegedAction) Method(java.lang.reflect.Method) ClientCnxn(org.apache.zookeeper.ClientCnxn) InvocationTargetException(java.lang.reflect.InvocationTargetException) IOException(java.io.IOException) InvocationTargetException(java.lang.reflect.InvocationTargetException)

Example 15 with PrivilegedAction

use of java.security.PrivilegedAction in project sling by apache.

the class ProtectedFunctionMapper method getMapForFunction.

/**
     * Creates an instance for this class, and stores the Method for the given
     * EL function prefix and name. This method is used for the case when there
     * is only one function in the EL expression.
     * 
     * @param fnQName
     *            The EL function qualified name (including prefix)
     * @param c
     *            The class containing the Java method
     * @param methodName
     *            The name of the Java method
     * @param args
     *            The arguments of the Java method
     * @throws RuntimeException
     *             if no method with the given signature could be found.
     */
public static ProtectedFunctionMapper getMapForFunction(String fnQName, final Class c, final String methodName, final Class[] args) {
    java.lang.reflect.Method method;
    ProtectedFunctionMapper funcMapper;
    if (SecurityUtil.isPackageProtectionEnabled()) {
        funcMapper = (ProtectedFunctionMapper) AccessController.doPrivileged(new PrivilegedAction() {

            public Object run() {
                return new ProtectedFunctionMapper();
            }
        });
        try {
            method = (java.lang.reflect.Method) AccessController.doPrivileged(new PrivilegedExceptionAction() {

                public Object run() throws Exception {
                    return c.getDeclaredMethod(methodName, args);
                }
            });
        } catch (PrivilegedActionException ex) {
            throw new RuntimeException("Invalid function mapping - no such method: " + ex.getException().getMessage());
        }
    } else {
        funcMapper = new ProtectedFunctionMapper();
        try {
            method = c.getDeclaredMethod(methodName, args);
        } catch (NoSuchMethodException e) {
            throw new RuntimeException("Invalid function mapping - no such method: " + e.getMessage());
        }
    }
    funcMapper.theMethod = method;
    return funcMapper;
}
Also used : PrivilegedAction(java.security.PrivilegedAction) PrivilegedActionException(java.security.PrivilegedActionException) PrivilegedExceptionAction(java.security.PrivilegedExceptionAction) Method(java.lang.reflect.Method) PrivilegedActionException(java.security.PrivilegedActionException)

Aggregations

PrivilegedAction (java.security.PrivilegedAction)359 IOException (java.io.IOException)85 Subject (javax.security.auth.Subject)61 AccessControlContext (java.security.AccessControlContext)31 File (java.io.File)29 HashMap (java.util.HashMap)29 UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)29 Method (java.lang.reflect.Method)24 ArrayList (java.util.ArrayList)23 ClientResponse (com.sun.jersey.api.client.ClientResponse)21 InputStream (java.io.InputStream)21 URL (java.net.URL)21 FileNotFoundException (java.io.FileNotFoundException)18 UnsupportedEncodingException (java.io.UnsupportedEncodingException)18 Iterator (java.util.Iterator)18 MalformedURLException (java.net.MalformedURLException)17 List (java.util.List)17 UnknownHostException (java.net.UnknownHostException)16 Principal (java.security.Principal)15 PrivilegedActionException (java.security.PrivilegedActionException)15
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial