use of javax.ws.rs.core.SecurityContext in project jersey by jersey.
the class ContainerAuthFilter method filter.
@Override
public void filter(final ContainerRequestContext ctx) throws IOException {
String userParam = ctx.getUriInfo().getQueryParameters().getFirst("user");
final String user = (userParam == null) ? "user" : userParam;
ctx.setSecurityContext(new SecurityContext() {
@Override
public Principal getUserPrincipal() {
return new Principal() {
@Override
public String getName() {
return user;
}
};
}
@Override
public boolean isUserInRole(String role) {
return user.equals(role);
}
@Override
public boolean isSecure() {
return ctx.getUriInfo().getRequestUri().getScheme().equalsIgnoreCase("https");
}
@Override
public String getAuthenticationScheme() {
return "CUSTOM";
}
});
}
use of javax.ws.rs.core.SecurityContext in project graylog2-server by Graylog2.
the class RestTools method getUserNameFromRequest.
@Nullable
public static String getUserNameFromRequest(ContainerRequestContext requestContext) {
final SecurityContext securityContext = requestContext.getSecurityContext();
if (!(securityContext instanceof ShiroSecurityContext)) {
return null;
}
final ShiroSecurityContext shiroSecurityContext = (ShiroSecurityContext) securityContext;
final Principal userPrincipal = shiroSecurityContext.getUserPrincipal();
if (!(userPrincipal instanceof ShiroPrincipal)) {
return null;
}
final ShiroPrincipal shiroPrincipal = (ShiroPrincipal) userPrincipal;
return shiroPrincipal.getName();
}
use of javax.ws.rs.core.SecurityContext in project streamline by hortonworks.
the class SecurityUtil method filter.
public static <T> Collection<T> filter(StreamlineAuthorizer authorizer, SecurityContext securityContext, String entityNamespace, Collection<T> entities, Function<T, Long> idFunction, Permission first, Permission... rest) {
Principal principal = securityContext.getUserPrincipal();
EnumSet<Permission> permissions = EnumSet.of(first, rest);
return entities.stream().filter(e -> doCheckPermissions(authorizer, principal, entityNamespace, idFunction.apply(e), permissions)).collect(Collectors.toList());
}
use of javax.ws.rs.core.SecurityContext in project streamline by hortonworks.
the class StreamlineKerberosRequestFilter method filter.
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
Principal principal = httpRequest.getUserPrincipal();
String scheme = requestContext.getUriInfo().getRequestUri().getScheme();
LOG.debug("Method: {}, AuthType: {}, RemoteUser: {}, UserPrincipal: {}, Scheme: {}", httpRequest.getMethod(), httpRequest.getAuthType(), httpRequest.getRemoteUser(), principal, scheme);
if (principal == null || !httpRequest.getAuthType().equalsIgnoreCase(KERBEROS_AUTH)) {
throw new WebserviceAuthorizationException("Not authorized");
}
SecurityContext securityContext = new StreamlineSecurityContext(principal, scheme, KERBEROS_AUTH);
LOG.debug("SecurityContext {}", securityContext);
requestContext.setSecurityContext(securityContext);
}
use of javax.ws.rs.core.SecurityContext in project streamline by hortonworks.
the class NamespaceCatalogResourceTest method testExcludeStreamingEngineViaSetServicesToClusterInNamespace.
@Test
public void testExcludeStreamingEngineViaSetServicesToClusterInNamespace() throws Exception {
Long testNamespaceId = 1L;
Namespace testNamespace = createTestNamespace(testNamespaceId, TEST_STREAMING_ENGINE, TEST_TIME_SERIES_DB);
Collection<NamespaceServiceClusterMap> existingMappings = createTestMappingsForExisting(testNamespaceId);
setupExpectationForSimulatingTopologyIsRunning(testNamespaceId, testNamespace, existingMappings);
List<NamespaceServiceClusterMap> mappingsToApply = existingMappings.stream().filter(m -> !m.getServiceName().equals(TEST_STREAMING_ENGINE)).collect(toList());
try {
namespaceCatalogResource.setServicesToClusterInNamespace(testNamespaceId, mappingsToApply, securityContext);
Assert.fail("Should throw BadRequestException");
} catch (BadRequestException e) {
// passed
}
new Verifications() {
{
// request fails before removing existing mappings
environmentService.removeServiceClusterMapping(testNamespaceId, anyString, anyLong);
times = 0;
}
};
}
Aggregations