Examples with IdentityStorePermission javax.security.enterprise.identitystore.IdentityStorePermission used on opensource projects

Example 1 with IdentityStorePermission

use of javax.security.enterprise.identitystore.IdentityStorePermission in project tomee by apache.

the class TomEEDefaultIdentityStore method getCallerGroups.

@Override
public Set<String> getCallerGroups(final CredentialValidationResult validationResult) {
    final SecurityManager securityManager = System.getSecurityManager();
    if (securityManager != null) {
        securityManager.checkPermission(new IdentityStorePermission("getGroups"));
    }
    final User user = getUser(validationResult.getCallerPrincipal().getName());
    return getUserRoles(user);
}

Example 2 with IdentityStorePermission

use of javax.security.enterprise.identitystore.IdentityStorePermission in project tomee by apache.

the class TomEELDAPIdentityStore method getCallerGroups.

@Override
public Set<String> getCallerGroups(final CredentialValidationResult validationResult) {
    final SecurityManager securityManager = System.getSecurityManager();
    if (securityManager != null) {
        securityManager.checkPermission(new IdentityStorePermission("getGroups"));
    }
    LdapContext ldapContext = null;
    try {
        ldapContext = lookup(definition.url(), definition.bindDn(), definition.bindDnPassword());
        String callerDn = validationResult.getCallerDn();
        // if not set as CallerDn, try to find it based on the principal name
        if (StringUtils.isEmpty(callerDn)) {
            callerDn = getCallerDn(ldapContext, validationResult.getCallerPrincipal().getName());
        }
        return getGroupsWithCallerDn(ldapContext, callerDn);
    } finally {
        silentlyCloseLdapContext(ldapContext);
    }
}