Search in sources :

Example 46 with SecurityContext

use of javax.ws.rs.core.SecurityContext in project jersey by jersey.

the class ContainerAuthFilter method filter.

@Override
public void filter(final ContainerRequestContext ctx) throws IOException {
    String userParam = ctx.getUriInfo().getQueryParameters().getFirst("user");
    final String user = (userParam == null) ? "user" : userParam;
    ctx.setSecurityContext(new SecurityContext() {

        @Override
        public Principal getUserPrincipal() {
            return new Principal() {

                @Override
                public String getName() {
                    return user;
                }
            };
        }

        @Override
        public boolean isUserInRole(String role) {
            return user.equals(role);
        }

        @Override
        public boolean isSecure() {
            return ctx.getUriInfo().getRequestUri().getScheme().equalsIgnoreCase("https");
        }

        @Override
        public String getAuthenticationScheme() {
            return "CUSTOM";
        }
    });
}
Also used : SecurityContext(javax.ws.rs.core.SecurityContext) Principal(java.security.Principal)

Example 47 with SecurityContext

use of javax.ws.rs.core.SecurityContext in project graylog2-server by Graylog2.

the class RestTools method getUserNameFromRequest.

@Nullable
public static String getUserNameFromRequest(ContainerRequestContext requestContext) {
    final SecurityContext securityContext = requestContext.getSecurityContext();
    if (!(securityContext instanceof ShiroSecurityContext)) {
        return null;
    }
    final ShiroSecurityContext shiroSecurityContext = (ShiroSecurityContext) securityContext;
    final Principal userPrincipal = shiroSecurityContext.getUserPrincipal();
    if (!(userPrincipal instanceof ShiroPrincipal)) {
        return null;
    }
    final ShiroPrincipal shiroPrincipal = (ShiroPrincipal) userPrincipal;
    return shiroPrincipal.getName();
}
Also used : SecurityContext(javax.ws.rs.core.SecurityContext) ShiroSecurityContext(org.graylog2.shared.security.ShiroSecurityContext) ShiroPrincipal(org.graylog2.shared.security.ShiroPrincipal) ShiroPrincipal(org.graylog2.shared.security.ShiroPrincipal) Principal(java.security.Principal) ShiroSecurityContext(org.graylog2.shared.security.ShiroSecurityContext) Nullable(javax.annotation.Nullable)

Example 48 with SecurityContext

use of javax.ws.rs.core.SecurityContext in project streamline by hortonworks.

the class SecurityUtil method filter.

public static <T> Collection<T> filter(StreamlineAuthorizer authorizer, SecurityContext securityContext, String entityNamespace, Collection<T> entities, Function<T, Long> idFunction, Permission first, Permission... rest) {
    Principal principal = securityContext.getUserPrincipal();
    EnumSet<Permission> permissions = EnumSet.of(first, rest);
    return entities.stream().filter(e -> doCheckPermissions(authorizer, principal, entityNamespace, idFunction.apply(e), permissions)).collect(Collectors.toList());
}
Also used : PrivilegedActionException(java.security.PrivilegedActionException) WebserviceAuthorizationException(com.hortonworks.streamline.common.exception.service.exception.request.WebserviceAuthorizationException) Logger(org.slf4j.Logger) Collection(java.util.Collection) LoggerFactory(org.slf4j.LoggerFactory) SecurityContext(javax.ws.rs.core.SecurityContext) Storable(com.hortonworks.registries.storage.Storable) PrivilegedExceptionAction(java.security.PrivilegedExceptionAction) Function(java.util.function.Function) Collectors(java.util.stream.Collectors) Subject(javax.security.auth.Subject) SupplierException(com.hortonworks.streamline.common.function.SupplierException) Principal(java.security.Principal) AccessController(java.security.AccessController) StreamlineSecurityContext(com.hortonworks.streamline.streams.security.authentication.StreamlineSecurityContext) EnumSet(java.util.EnumSet) Principal(java.security.Principal)

Example 49 with SecurityContext

use of javax.ws.rs.core.SecurityContext in project streamline by hortonworks.

the class StreamlineKerberosRequestFilter method filter.

@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
    Principal principal = httpRequest.getUserPrincipal();
    String scheme = requestContext.getUriInfo().getRequestUri().getScheme();
    LOG.debug("Method: {}, AuthType: {}, RemoteUser: {}, UserPrincipal: {}, Scheme: {}", httpRequest.getMethod(), httpRequest.getAuthType(), httpRequest.getRemoteUser(), principal, scheme);
    if (principal == null || !httpRequest.getAuthType().equalsIgnoreCase(KERBEROS_AUTH)) {
        throw new WebserviceAuthorizationException("Not authorized");
    }
    SecurityContext securityContext = new StreamlineSecurityContext(principal, scheme, KERBEROS_AUTH);
    LOG.debug("SecurityContext {}", securityContext);
    requestContext.setSecurityContext(securityContext);
}
Also used : WebserviceAuthorizationException(com.hortonworks.streamline.common.exception.service.exception.request.WebserviceAuthorizationException) SecurityContext(javax.ws.rs.core.SecurityContext) Principal(java.security.Principal)

Example 50 with SecurityContext

use of javax.ws.rs.core.SecurityContext in project streamline by hortonworks.

the class NamespaceCatalogResourceTest method testExcludeStreamingEngineViaSetServicesToClusterInNamespace.

@Test
public void testExcludeStreamingEngineViaSetServicesToClusterInNamespace() throws Exception {
    Long testNamespaceId = 1L;
    Namespace testNamespace = createTestNamespace(testNamespaceId, TEST_STREAMING_ENGINE, TEST_TIME_SERIES_DB);
    Collection<NamespaceServiceClusterMap> existingMappings = createTestMappingsForExisting(testNamespaceId);
    setupExpectationForSimulatingTopologyIsRunning(testNamespaceId, testNamespace, existingMappings);
    List<NamespaceServiceClusterMap> mappingsToApply = existingMappings.stream().filter(m -> !m.getServiceName().equals(TEST_STREAMING_ENGINE)).collect(toList());
    try {
        namespaceCatalogResource.setServicesToClusterInNamespace(testNamespaceId, mappingsToApply, securityContext);
        Assert.fail("Should throw BadRequestException");
    } catch (BadRequestException e) {
    // passed
    }
    new Verifications() {

        {
            // request fails before removing existing mappings
            environmentService.removeServiceClusterMapping(testNamespaceId, anyString, anyLong);
            times = 0;
        }
    };
}
Also used : Topology(com.hortonworks.streamline.streams.catalog.Topology) NamespaceServiceClusterMap(com.hortonworks.streamline.streams.cluster.catalog.NamespaceServiceClusterMap) Expectations(mockit.Expectations) BadRequestException(com.hortonworks.streamline.common.exception.service.exception.request.BadRequestException) RunWith(org.junit.runner.RunWith) SecurityContext(javax.ws.rs.core.SecurityContext) ArrayList(java.util.ArrayList) EnvironmentService(com.hortonworks.streamline.streams.cluster.service.EnvironmentService) TopologyNotAliveException(com.hortonworks.streamline.streams.exception.TopologyNotAliveException) Lists(com.google.common.collect.Lists) JMockit(mockit.integration.junit4.JMockit) StreamlineAuthorizer(com.hortonworks.streamline.streams.security.StreamlineAuthorizer) Namespace(com.hortonworks.streamline.streams.cluster.catalog.Namespace) Tested(mockit.Tested) TopologyActionsService(com.hortonworks.streamline.streams.actions.topology.service.TopologyActionsService) Collection(java.util.Collection) Test(org.junit.Test) IOException(java.io.IOException) NoopAuthorizer(com.hortonworks.streamline.streams.security.impl.NoopAuthorizer) List(java.util.List) Collectors.toList(java.util.stream.Collectors.toList) StreamCatalogService(com.hortonworks.streamline.streams.catalog.service.StreamCatalogService) Injectable(mockit.Injectable) Assert(org.junit.Assert) Verifications(mockit.Verifications) BadRequestException(com.hortonworks.streamline.common.exception.service.exception.request.BadRequestException) Verifications(mockit.Verifications) NamespaceServiceClusterMap(com.hortonworks.streamline.streams.cluster.catalog.NamespaceServiceClusterMap) Namespace(com.hortonworks.streamline.streams.cluster.catalog.Namespace) Test(org.junit.Test)

Aggregations

SecurityContext (javax.ws.rs.core.SecurityContext)77 Response (javax.ws.rs.core.Response)30 Context (javax.ws.rs.core.Context)18 Test (org.junit.Test)18 List (java.util.List)17 Principal (java.security.Principal)16 LoggerFactory (org.slf4j.LoggerFactory)16 Logger (org.slf4j.Logger)12 ArrayList (java.util.ArrayList)11 Collectors (java.util.stream.Collectors)11 Path (javax.ws.rs.Path)11 IOException (java.io.IOException)10 POST (javax.ws.rs.POST)8 LocalPasswordHandler (com.emc.storageos.systemservices.impl.util.LocalPasswordHandler)6 GET (javax.ws.rs.GET)6 PathParam (javax.ws.rs.PathParam)6 Produces (javax.ws.rs.Produces)6 MediaType (javax.ws.rs.core.MediaType)6 Status (javax.ws.rs.core.Response.Status)6 UriInfo (javax.ws.rs.core.UriInfo)6