Search in sources :

Example 76 with SecurityContext

use of javax.ws.rs.core.SecurityContext in project graylog2-server by Graylog2.

the class RestTools method getUserIdFromRequest.

@Nullable
public static String getUserIdFromRequest(ContainerRequestContext requestContext) {
    final SecurityContext securityContext = requestContext.getSecurityContext();
    if (!(securityContext instanceof ShiroSecurityContext)) {
        return null;
    }
    final ShiroSecurityContext shiroSecurityContext = (ShiroSecurityContext) securityContext;
    final Principal userPrincipal = shiroSecurityContext.getUserPrincipal();
    if (!(userPrincipal instanceof ShiroPrincipal)) {
        return null;
    }
    final ShiroPrincipal shiroPrincipal = (ShiroPrincipal) userPrincipal;
    return shiroPrincipal.getName();
}
Also used : SecurityContext(javax.ws.rs.core.SecurityContext) ShiroSecurityContext(org.graylog2.shared.security.ShiroSecurityContext) ShiroPrincipal(org.graylog2.shared.security.ShiroPrincipal) ShiroPrincipal(org.graylog2.shared.security.ShiroPrincipal) Principal(java.security.Principal) ShiroSecurityContext(org.graylog2.shared.security.ShiroSecurityContext) Nullable(javax.annotation.Nullable)

Example 77 with SecurityContext

use of javax.ws.rs.core.SecurityContext in project graylog2-server by Graylog2.

the class ShiroSecurityContextFilter method filter.

@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
    final boolean secure = requestContext.getSecurityContext().isSecure();
    final MultivaluedMap<String, String> headers = requestContext.getHeaders();
    final Request grizzlyRequest = grizzlyRequestProvider.get();
    final String host = RestTools.getRemoteAddrFromRequest(grizzlyRequest, trustedProxies);
    final String authHeader = headers.getFirst(HttpHeaders.AUTHORIZATION);
    final SecurityContext securityContext;
    if (authHeader != null && authHeader.startsWith("Basic")) {
        final String base64UserPass = authHeader.substring(authHeader.indexOf(' ') + 1);
        final String userPass = decodeBase64(base64UserPass);
        final String[] split = userPass.split(":", 2);
        if (split.length != 2) {
            throw new BadRequestException("Invalid credentials in Authorization header");
        }
        securityContext = createSecurityContext(split[0], split[1], secure, SecurityContext.BASIC_AUTH, host, grizzlyRequest.getRemoteAddr(), headers);
    } else {
        securityContext = createSecurityContext(null, null, secure, null, host, grizzlyRequest.getRemoteAddr(), headers);
    }
    requestContext.setSecurityContext(securityContext);
}
Also used : Request(org.glassfish.grizzly.http.server.Request) SecurityContext(javax.ws.rs.core.SecurityContext) BadRequestException(javax.ws.rs.BadRequestException)

Aggregations

SecurityContext (javax.ws.rs.core.SecurityContext)77 Response (javax.ws.rs.core.Response)30 Context (javax.ws.rs.core.Context)18 Test (org.junit.Test)18 List (java.util.List)17 Principal (java.security.Principal)16 LoggerFactory (org.slf4j.LoggerFactory)16 Logger (org.slf4j.Logger)12 ArrayList (java.util.ArrayList)11 Collectors (java.util.stream.Collectors)11 Path (javax.ws.rs.Path)11 IOException (java.io.IOException)10 POST (javax.ws.rs.POST)8 LocalPasswordHandler (com.emc.storageos.systemservices.impl.util.LocalPasswordHandler)6 GET (javax.ws.rs.GET)6 PathParam (javax.ws.rs.PathParam)6 Produces (javax.ws.rs.Produces)6 MediaType (javax.ws.rs.core.MediaType)6 Status (javax.ws.rs.core.Response.Status)6 UriInfo (javax.ws.rs.core.UriInfo)6