Search in sources :

Example 1 with SecurityContext

use of org.acegisecurity.context.SecurityContext in project hudson-2.x by hudson.

the class CLIRegisterer method discover.

private List<ExtensionComponent<CLICommand>> discover(final Hudson hudson) {
    LOGGER.fine("Listing up @CLIMethod");
    List<ExtensionComponent<CLICommand>> r = new ArrayList<ExtensionComponent<CLICommand>>();
    try {
        for (final Method m : Util.filter(Index.list(CLIMethod.class, hudson.getPluginManager().uberClassLoader), Method.class)) {
            try {
                // command name
                final String name = m.getAnnotation(CLIMethod.class).name();
                final ResourceBundleHolder res = loadMessageBundle(m);
                // make sure we have the resource, to fail early
                res.format("CLI." + name + ".shortDescription");
                r.add(new ExtensionComponent<CLICommand>(new CloneableCLICommand() {

                    @Override
                    public String getName() {
                        return name;
                    }

                    public String getShortDescription() {
                        // format by using the right locale
                        return res.format("CLI." + name + ".shortDescription");
                    }

                    @Override
                    public int main(List<String> args, Locale locale, InputStream stdin, PrintStream stdout, PrintStream stderr) {
                        this.stdout = stdout;
                        this.stderr = stderr;
                        this.locale = locale;
                        this.channel = Channel.current();
                        registerOptionHandlers();
                        CmdLineParser parser = new CmdLineParser(null);
                        try {
                            SecurityContext sc = SecurityContextHolder.getContext();
                            Authentication old = sc.getAuthentication();
                            try {
                                //  build up the call sequence
                                Stack<Method> chains = new Stack<Method>();
                                Method method = m;
                                while (true) {
                                    chains.push(method);
                                    if (Modifier.isStatic(method.getModifiers()))
                                        // the chain is complete.
                                        break;
                                    // the method in question is an instance method, so we need to resolve the instance by using another resolver
                                    Class<?> type = method.getDeclaringClass();
                                    method = findResolver(type);
                                    if (method == null) {
                                        stderr.println("Unable to find the resolver method annotated with @CLIResolver for " + type);
                                        return 1;
                                    }
                                }
                                List<MethodBinder> binders = new ArrayList<MethodBinder>();
                                while (!chains.isEmpty()) binders.add(new MethodBinder(chains.pop(), parser));
                                // authentication
                                CliAuthenticator authenticator = Hudson.getInstance().getSecurityRealm().createCliAuthenticator(this);
                                new ClassParser().parse(authenticator, parser);
                                // fill up all the binders
                                parser.parseArgument(args);
                                Authentication auth = authenticator.authenticate();
                                if (auth == Hudson.ANONYMOUS)
                                    auth = loadStoredAuthentication();
                                // run the CLI with the right credential
                                sc.setAuthentication(auth);
                                hudson.checkPermission(Hudson.READ);
                                // resolve them
                                Object instance = null;
                                for (MethodBinder binder : binders) instance = binder.call(instance);
                                if (instance instanceof Integer)
                                    return (Integer) instance;
                                else
                                    return 0;
                            } catch (InvocationTargetException e) {
                                Throwable t = e.getTargetException();
                                if (t instanceof Exception)
                                    throw (Exception) t;
                                throw e;
                            } finally {
                                // restore
                                sc.setAuthentication(old);
                            }
                        } catch (CmdLineException e) {
                            stderr.println(e.getMessage());
                            printUsage(stderr, parser);
                            return 1;
                        } catch (Exception e) {
                            e.printStackTrace(stderr);
                            return 1;
                        }
                    }

                    protected int run() throws Exception {
                        throw new UnsupportedOperationException();
                    }
                }));
            } catch (ClassNotFoundException e) {
                LOGGER.log(SEVERE, "Failed to process @CLIMethod: " + m, e);
            }
        }
    } catch (IOException e) {
        LOGGER.log(SEVERE, "Failed to discvoer @CLIMethod", e);
    }
    return r;
}
Also used : Locale(java.util.Locale) ExtensionComponent(hudson.ExtensionComponent) CloneableCLICommand(hudson.cli.CloneableCLICommand) ArrayList(java.util.ArrayList) CliAuthenticator(hudson.security.CliAuthenticator) ArrayList(java.util.ArrayList) List(java.util.List) PrintStream(java.io.PrintStream) CmdLineParser(org.kohsuke.args4j.CmdLineParser) InputStream(java.io.InputStream) Method(java.lang.reflect.Method) IOException(java.io.IOException) ResourceBundleHolder(org.jvnet.localizer.ResourceBundleHolder) InvocationTargetException(java.lang.reflect.InvocationTargetException) IOException(java.io.IOException) InvocationTargetException(java.lang.reflect.InvocationTargetException) CmdLineException(org.kohsuke.args4j.CmdLineException) Stack(java.util.Stack) CLICommand(hudson.cli.CLICommand) CloneableCLICommand(hudson.cli.CloneableCLICommand) Authentication(org.acegisecurity.Authentication) SecurityContext(org.acegisecurity.context.SecurityContext) CmdLineException(org.kohsuke.args4j.CmdLineException) ClassParser(org.kohsuke.args4j.ClassParser)

Example 2 with SecurityContext

use of org.acegisecurity.context.SecurityContext in project hudson-2.x by hudson.

the class SecurityServiceImpl method runAs.

public void runAs(final Authentication auth, final Runnable task) {
    checkNotNull(auth);
    checkNotNull(task);
    final SecurityContext ctx = SecurityContextHolder.getContext();
    final Authentication current = ctx.getAuthentication();
    ctx.setAuthentication(auth);
    try {
        task.run();
    } finally {
        ctx.setAuthentication(current);
    }
}
Also used : Authentication(org.acegisecurity.Authentication) SecurityContext(org.acegisecurity.context.SecurityContext)

Example 3 with SecurityContext

use of org.acegisecurity.context.SecurityContext in project hudson-2.x by hudson.

the class CLICommand method main.

public int main(List<String> args, Locale locale, InputStream stdin, PrintStream stdout, PrintStream stderr) {
    this.stdin = new BufferedInputStream(stdin);
    this.stdout = stdout;
    this.stderr = stderr;
    this.locale = locale;
    this.channel = Channel.current();
    registerOptionHandlers();
    CmdLineParser p = new CmdLineParser(this);
    // add options from the authenticator
    SecurityContext sc = SecurityContextHolder.getContext();
    Authentication old = sc.getAuthentication();
    CliAuthenticator authenticator = Hudson.getInstance().getSecurityRealm().createCliAuthenticator(this);
    new ClassParser().parse(authenticator, p);
    try {
        p.parseArgument(args.toArray(new String[args.size()]));
        Authentication auth = authenticator.authenticate();
        if (auth == Hudson.ANONYMOUS)
            auth = loadStoredAuthentication();
        // run the CLI with the right credential
        sc.setAuthentication(auth);
        if (!(this instanceof LoginCommand || this instanceof HelpCommand))
            Hudson.getInstance().checkPermission(Hudson.READ);
        return run();
    } catch (CmdLineException e) {
        stderr.println(e.getMessage());
        printUsage(stderr, p);
        return -1;
    } catch (AbortException e) {
        // signals an error without stack trace
        stderr.println(e.getMessage());
        return -1;
    } catch (Exception e) {
        e.printStackTrace(stderr);
        return -1;
    } finally {
        // restore
        sc.setAuthentication(old);
    }
}
Also used : CliAuthenticator(hudson.security.CliAuthenticator) CmdLineParser(org.kohsuke.args4j.CmdLineParser) BufferedInputStream(java.io.BufferedInputStream) Authentication(org.acegisecurity.Authentication) SecurityContext(org.acegisecurity.context.SecurityContext) CmdLineException(org.kohsuke.args4j.CmdLineException) AbortException(hudson.AbortException) IOException(java.io.IOException) CmdLineException(org.kohsuke.args4j.CmdLineException) ClassParser(org.kohsuke.args4j.ClassParser) AbortException(hudson.AbortException)

Example 4 with SecurityContext

use of org.acegisecurity.context.SecurityContext in project hudson-2.x by hudson.

the class HttpSessionContextIntegrationFilter2 method doFilter.

public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
    HttpSession session = ((HttpServletRequest) req).getSession(false);
    if (session != null) {
        SecurityContext o = (SecurityContext) session.getAttribute(ACEGI_SECURITY_CONTEXT_KEY);
        if (o != null) {
            Authentication a = o.getAuthentication();
            if (a != null) {
                if (a.getPrincipal() instanceof InvalidatableUserDetails) {
                    InvalidatableUserDetails ud = (InvalidatableUserDetails) a.getPrincipal();
                    if (ud.isInvalid())
                        // don't let Acegi see invalid security context
                        session.setAttribute(ACEGI_SECURITY_CONTEXT_KEY, null);
                }
            }
        }
    }
    super.doFilter(req, res, chain);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpSession(javax.servlet.http.HttpSession) Authentication(org.acegisecurity.Authentication) SecurityContext(org.acegisecurity.context.SecurityContext)

Example 5 with SecurityContext

use of org.acegisecurity.context.SecurityContext in project hudson-2.x by hudson.

the class SecurityServiceImpl method callAs.

public <T> T callAs(final Authentication auth, final Callable<T> task) throws Exception {
    checkNotNull(auth);
    checkNotNull(task);
    final SecurityContext ctx = SecurityContextHolder.getContext();
    final Authentication current = ctx.getAuthentication();
    ctx.setAuthentication(auth);
    try {
        return task.call();
    } finally {
        ctx.setAuthentication(current);
    }
}
Also used : Authentication(org.acegisecurity.Authentication) SecurityContext(org.acegisecurity.context.SecurityContext)

Aggregations

Authentication (org.acegisecurity.Authentication)6 SecurityContext (org.acegisecurity.context.SecurityContext)6 CliAuthenticator (hudson.security.CliAuthenticator)2 IOException (java.io.IOException)2 ClassParser (org.kohsuke.args4j.ClassParser)2 CmdLineException (org.kohsuke.args4j.CmdLineException)2 CmdLineParser (org.kohsuke.args4j.CmdLineParser)2 HashCode (com.google.common.hash.HashCode)1 AbortException (hudson.AbortException)1 ExtensionComponent (hudson.ExtensionComponent)1 CLICommand (hudson.cli.CLICommand)1 CloneableCLICommand (hudson.cli.CloneableCLICommand)1 BufferedInputStream (java.io.BufferedInputStream)1 InputStream (java.io.InputStream)1 PrintStream (java.io.PrintStream)1 InvocationTargetException (java.lang.reflect.InvocationTargetException)1 Method (java.lang.reflect.Method)1 ArrayList (java.util.ArrayList)1 List (java.util.List)1 Locale (java.util.Locale)1