use of org.apache.cxf.common.security.SimpleGroup in project cxf by apache.
the class SimpleUsernameTokenInterceptor method createSubject.
protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException {
Subject subject = new Subject();
// delegate to the external security system if possible
// authenticate the user somehow
subject.getPrincipals().add(new SimplePrincipal(name));
// add roles this user is in
String roleName = "Alice".equals(name) ? "developers" : "pms";
subject.getPrincipals().add(new SimpleGroup(roleName, name));
subject.setReadOnly();
return subject;
}
use of org.apache.cxf.common.security.SimpleGroup in project cxf by apache.
the class CustomUTValidator method validate.
public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
Credential cred = super.validate(credential, data);
UsernameToken ut = credential.getUsernametoken();
WSUsernameTokenPrincipalImpl principal = new WSUsernameTokenPrincipalImpl(ut.getName(), ut.isHashed());
principal.setCreatedTime(ut.getCreated());
principal.setNonce(principal.getNonce());
principal.setPassword(ut.getPassword());
principal.setPasswordType(ut.getPasswordType());
Subject subject = new Subject();
subject.getPrincipals().add(principal);
if ("Alice".equals(ut.getName())) {
subject.getPrincipals().add(new SimpleGroup("manager", ut.getName()));
}
subject.getPrincipals().add(new SimpleGroup("worker", ut.getName()));
cred.setSubject(subject);
return cred;
}
use of org.apache.cxf.common.security.SimpleGroup in project cxf by apache.
the class CustomStaxUTValidator method validate.
@SuppressWarnings("unchecked")
@Override
public <T extends UsernameSecurityToken & InboundSecurityToken> T validate(UsernameTokenType usernameTokenType, TokenContext tokenContext) throws WSSecurityException {
UsernameSecurityTokenImpl token = super.</*fake @see above*/
UsernameSecurityTokenImpl>validate(usernameTokenType, tokenContext);
Subject subject = new Subject();
subject.getPrincipals().add(token.getPrincipal());
if ("Alice".equals(token.getUsername())) {
subject.getPrincipals().add(new SimpleGroup("manager", token.getUsername()));
}
subject.getPrincipals().add(new SimpleGroup("worker", token.getUsername()));
token.setSubject(subject);
return (T) token;
}
use of org.apache.cxf.common.security.SimpleGroup in project cxf by apache.
the class SimpleSubjectCreatingInterceptor method createSubject.
@Override
protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException {
Subject subject = new Subject();
// delegate to the external security system if possible
subject.getPrincipals().add(new SimplePrincipal(name));
subject.getPrincipals().add(new SimpleGroup("developers", name));
subject.setReadOnly();
return subject;
}
use of org.apache.cxf.common.security.SimpleGroup in project cxf by apache.
the class DefaultJWTRoleParser method parseRolesFromToken.
/**
* Return the set of User/Principal roles from the token.
* @param principal the Principal associated with the token
* @param subject the JAAS Subject associated with a successful validation of the token
* @param token The JWTToken
* @return the set of User/Principal roles from the token.
*/
public Set<Principal> parseRolesFromToken(Principal principal, Subject subject, JwtToken token) {
if (subject != null && useJaasSubject) {
return super.parseRolesFromSubject(principal, subject);
}
Set<Principal> roles = null;
if (roleClaim != null && token != null && token.getClaims().containsProperty(roleClaim)) {
roles = new HashSet<>();
String role = token.getClaims().getStringProperty(roleClaim).trim();
for (String r : role.split(",")) {
roles.add(new SimpleGroup(r));
}
} else {
roles = Collections.emptySet();
}
return roles;
}
Aggregations