Example 1 with IllegalStateException
use of javax.resource.spi.IllegalStateException in project wildfly by wildfly.
the class ServerSecurityInterceptor method aroundInvoke.
@AroundInvoke
public Object aroundInvoke(final InvocationContext invocationContext) throws Exception {
Principal desiredUser = null;
UserPrincipal connectionUser = null;
Map<String, Object> contextData = invocationContext.getContextData();
if (contextData.containsKey(DELEGATED_USER_KEY)) {
desiredUser = new SimplePrincipal((String) contextData.get(DELEGATED_USER_KEY));
Collection<Principal> principals = ConnectionSecurityContext.getConnectionPrincipals();
if (principals != null) {
for (Principal current : principals) {
if (current instanceof UserPrincipal) {
connectionUser = (UserPrincipal) current;
break;
}
}
} else {
throw new IllegalStateException("Delegation user requested but no user on connection found.");
}
}
ContextStateCache stateCache = null;
try {
if (desiredUser != null && connectionUser != null && (desiredUser.getName().equals(connectionUser.getName()) == false)) {
try {
// The final part of this check is to verify that the change does actually indicate a change in user.
// We have been requested to switch user and have successfully identified the user from the connection
// so now we attempt the switch.
stateCache = ConnectionSecurityContext.pushIdentity(desiredUser, new CurrentUserCredential(connectionUser.getName()));
} catch (Exception e) {
LOGGER.error("Failed to switch security context for user", e);
// Don't propagate the exception stacktrace back to the client for security reasons
throw new EJBAccessException("Unable to attempt switching of user.");
}
}
return invocationContext.proceed();
} finally {
// switch back to original security context
if (stateCache != null) {
ConnectionSecurityContext.popIdentity(stateCache);
}
}
}
Also used :
IllegalStateException(javax.resource.spi.IllegalStateException)
ContextStateCache(org.jboss.as.security.api.ContextStateCache)
CurrentUserCredential(org.jboss.as.test.integration.ejb.container.interceptor.security.CurrentUserCredential)
UserPrincipal(org.jboss.as.core.security.api.UserPrincipal)
Principal(java.security.Principal)
SimplePrincipal(org.jboss.security.SimplePrincipal)
UserPrincipal(org.jboss.as.core.security.api.UserPrincipal)
SimplePrincipal(org.jboss.security.SimplePrincipal)
EJBAccessException(javax.ejb.EJBAccessException)
IllegalStateException(javax.resource.spi.IllegalStateException)
EJBAccessException(javax.ejb.EJBAccessException)
AroundInvoke(javax.interceptor.AroundInvoke)
Example 2 with IllegalStateException
use of javax.resource.spi.IllegalStateException in project wildfly by wildfly.
the class ServerSecurityInterceptor method aroundInvoke.
@AroundInvoke
public Object aroundInvoke(final InvocationContext invocationContext) throws Exception {
Principal desiredUser = null;
RealmUser connectionUser = null;
Map<String, Object> contextData = invocationContext.getContextData();
if (contextData.containsKey(DELEGATED_USER_KEY)) {
desiredUser = new SimplePrincipal((String) contextData.get(DELEGATED_USER_KEY));
Connection con = RemotingContext.getConnection();
if (con != null) {
SecurityIdentity localIdentity = con.getLocalIdentity();
if (localIdentity != null) {
connectionUser = new RealmUser(localIdentity.getPrincipal().getName());
}
} else {
throw new IllegalStateException("Delegation user requested but no user on connection found.");
}
}
SecurityContext cachedSecurityContext = null;
boolean contextSet = false;
try {
if (desiredUser != null && connectionUser != null && (desiredUser.getName().equals(connectionUser.getName()) == false)) {
try {
// The final part of this check is to verify that the change does actually indicate a change in user.
// We have been requested to switch user and have successfully identified the user from the connection
// so now we attempt the switch.
cachedSecurityContext = SecurityContextAssociation.getSecurityContext();
final SecurityContext nextContext = SecurityContextFactory.createSecurityContext(desiredUser, new CurrentUserCredential(connectionUser.getName()), new Subject(), "fooSecurityDomain");
SecurityContextAssociation.setSecurityContext(nextContext);
// keep track that we switched the security context
contextSet = true;
RemotingContext.clear();
} catch (Exception e) {
LOGGER.error("Failed to switch security context for user", e);
// Don't propagate the exception stacktrace back to the client for security reasons
throw new EJBAccessException("Unable to attempt switching of user.");
}
}
return invocationContext.proceed();
} finally {
// switch back to original security context
if (contextSet) {
SecurityContextAssociation.setSecurityContext(cachedSecurityContext);
}
}
}
Also used :
IllegalStateException(javax.resource.spi.IllegalStateException)
RealmUser(org.jboss.as.core.security.RealmUser)
Connection(org.jboss.remoting3.Connection)
Subject(javax.security.auth.Subject)
EJBAccessException(javax.ejb.EJBAccessException)
IllegalStateException(javax.resource.spi.IllegalStateException)
EJBAccessException(javax.ejb.EJBAccessException)
SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity)
SecurityContext(org.jboss.security.SecurityContext)
Principal(java.security.Principal)
SimplePrincipal(org.jboss.security.SimplePrincipal)
SimplePrincipal(org.jboss.security.SimplePrincipal)
AroundInvoke(javax.interceptor.AroundInvoke)
Example 3 with IllegalStateException
use of javax.resource.spi.IllegalStateException in project activemq-artemis by apache.
the class ActiveMQRAManagedConnection method cleanup.
/**
* Cleanup
*
* @throws ResourceException Thrown if an error occurs
*/
@Override
public void cleanup() throws ResourceException {
if (logger.isTraceEnabled()) {
ActiveMQRALogger.LOGGER.trace("cleanup()");
}
if (isDestroyed.get()) {
throw new IllegalStateException("ManagedConnection already destroyed");
}
destroyHandles();
inManagedTx = false;
inManagedTx = false;
// I'm recreating the lock object when we return to the pool
// because it looks too nasty to expect the connection handle
// to unlock properly in certain race conditions
// where the dissociation of the managed connection is "random".
lock = new ReentrantLock();
}
Also used :
ReentrantLock(java.util.concurrent.locks.ReentrantLock)
IllegalStateException(javax.resource.spi.IllegalStateException)
Example 4 with IllegalStateException
use of javax.resource.spi.IllegalStateException in project wildfly-camel by wildfly-extras.
the class RouteBuilderF method configure.
@Override
public void configure() throws Exception {
final CountDownLatch startLatch = new CountDownLatch(1);
// verify that a component can be added manually
getContext().addComponent("quartz2", new QuartzComponent() {
@Override
public void onCamelContextStarted(CamelContext context, boolean alreadyStarted) throws Exception {
super.onCamelContextStarted(context, alreadyStarted);
startLatch.countDown();
}
});
from("quartz2://mytimer?trigger.repeatCount=3&trigger.repeatInterval=100").process(new Processor() {
@Override
public void process(Exchange exchange) throws Exception {
if (startLatch.getCount() > 0)
throw new IllegalStateException("onCamelContextStarted not called");
}
}).to(MOCK_RESULT_URI);
}
Also used :
CamelContext(org.apache.camel.CamelContext)
Exchange(org.apache.camel.Exchange)
IllegalStateException(javax.resource.spi.IllegalStateException)
Processor(org.apache.camel.Processor)
CountDownLatch(java.util.concurrent.CountDownLatch)
IllegalStateException(javax.resource.spi.IllegalStateException)
QuartzComponent(org.apache.camel.component.quartz2.QuartzComponent)
Example 5 with IllegalStateException
use of javax.resource.spi.IllegalStateException in project wildfly by wildfly.
the class MessagingClientTestCase method doMessagingClient.
private void doMessagingClient(ClientSessionFactory sf) throws Exception {
// Check if the queue exists
if (!queueExists(queueName, sf)) {
throw new IllegalStateException();
}
ClientSession session = null;
try {
session = sf.createSession("guest", "guest", false, true, true, false, 1);
ClientProducer producer = session.createProducer(queueName);
ClientMessage message = session.createMessage(false);
final String propName = "myprop";
message.putStringProperty(propName, "Hello sent at " + new Date());
producer.send(message);
ClientConsumer messageConsumer = session.createConsumer(queueName);
session.start();
ClientMessage messageReceived = messageConsumer.receive(1000);
assertNotNull("a message MUST have been received", messageReceived);
} finally {
if (session != null) {
session.close();
}
}
}
Also used :
IllegalStateException(javax.resource.spi.IllegalStateException)
ClientSession(org.apache.activemq.artemis.api.core.client.ClientSession)
ClientMessage(org.apache.activemq.artemis.api.core.client.ClientMessage)
SimpleString(org.apache.activemq.artemis.api.core.SimpleString)
ClientConsumer(org.apache.activemq.artemis.api.core.client.ClientConsumer)
ClientProducer(org.apache.activemq.artemis.api.core.client.ClientProducer)
Date(java.util.Date)
Aggregations
IllegalStateException (javax.resource.spi.IllegalStateException)6
Principal (java.security.Principal)2
EJBAccessException (javax.ejb.EJBAccessException)2
AroundInvoke (javax.interceptor.AroundInvoke)2
SimplePrincipal (org.jboss.security.SimplePrincipal)2
ConnectorAllocator (com.sun.enterprise.resource.allocator.ConnectorAllocator)1
LocalTxConnectorAllocator (com.sun.enterprise.resource.allocator.LocalTxConnectorAllocator)1
NoTxConnectorAllocator (com.sun.enterprise.resource.allocator.NoTxConnectorAllocator)1
ResourceAllocator (com.sun.enterprise.resource.allocator.ResourceAllocator)1
Date (java.util.Date)1
CountDownLatch (java.util.concurrent.CountDownLatch)1
ReentrantLock (java.util.concurrent.locks.ReentrantLock)1
Subject (javax.security.auth.Subject)1
SimpleString (org.apache.activemq.artemis.api.core.SimpleString)1
ClientConsumer (org.apache.activemq.artemis.api.core.client.ClientConsumer)1
ClientMessage (org.apache.activemq.artemis.api.core.client.ClientMessage)1
ClientProducer (org.apache.activemq.artemis.api.core.client.ClientProducer)1
ClientSession (org.apache.activemq.artemis.api.core.client.ClientSession)1
CamelContext (org.apache.camel.CamelContext)1
Exchange (org.apache.camel.Exchange)1
