Examples with LoginSecurityContext org.apache.cxf.security.LoginSecurityContext used on opensource projects

Search in sources :

Example 1 with LoginSecurityContext

use of org.apache.cxf.security.LoginSecurityContext in project testcases by coheigea.

the class XACML3AuthorizingInterceptor method handleMessage.

public void handleMessage(Message message) throws Fault {
    SecurityContext sc = message.get(SecurityContext.class);
    if (sc instanceof LoginSecurityContext) {
        Principal principal = sc.getUserPrincipal();
        LoginSecurityContext loginSecurityContext = (LoginSecurityContext) sc;
        Set<Principal> principalRoles = loginSecurityContext.getUserRoles();
        List<String> roles = new ArrayList<String>();
        if (principalRoles != null) {
            for (Principal p : principalRoles) {
                if (p != principal) {
                    roles.add(p.getName());
                }
            }
        }
        try {
            if (authorize(principal, roles, message)) {
                return;
            }
        } catch (Exception e) {
            LOG.log(Level.FINE, "Unauthorized: " + e.getMessage(), e);
            throw new AccessDeniedException("Unauthorized");
        }
    } else {
        LOG.log(Level.FINE, "The SecurityContext was not an instance of LoginSecurityContext. No authorization " + "is possible as a result");
    }
    throw new AccessDeniedException("Unauthorized");
}
Also used : AccessDeniedException(org.apache.cxf.interceptor.security.AccessDeniedException) SecurityContext(org.apache.cxf.security.SecurityContext) LoginSecurityContext(org.apache.cxf.security.LoginSecurityContext) LoginSecurityContext(org.apache.cxf.security.LoginSecurityContext) ArrayList(java.util.ArrayList) Principal(java.security.Principal) AccessDeniedException(org.apache.cxf.interceptor.security.AccessDeniedException)

Example 2 with LoginSecurityContext

use of org.apache.cxf.security.LoginSecurityContext in project cxf by apache.

the class DeprecatedSecurityContextTest method testPrivateStaticGroup.

@Test
public void testPrivateStaticGroup() {
    Subject s = new Subject();
    Principal p = new SimplePrincipal("Barry");
    s.getPrincipals().add(p);
    // create a friend group and add Barry to this group
    GroupWrapper test = new GroupWrapper("friend", "Barry");
    s.getPrincipals().add(test.getGroup());
    LoginSecurityContext context = new DefaultSecurityContext(p, s);
    assertTrue(context.isUserInRole("Barry"));
}
Also used : GroupWrapper(org.apache.cxf.interceptor.security.test.GroupWrapper) LoginSecurityContext(org.apache.cxf.security.LoginSecurityContext) Subject(javax.security.auth.Subject) SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal) Principal(java.security.Principal) SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal) Test(org.junit.Test)

Example 3 with LoginSecurityContext

use of org.apache.cxf.security.LoginSecurityContext in project cxf by apache.

the class DefaultSecurityContextTest method testMultipleRoles.

@Test
public void testMultipleRoles() {
    Subject s = new Subject();
    Principal p = new SimplePrincipal("Barry");
    s.getPrincipals().add(p);
    Set<Principal> roles = new HashSet<>();
    roles.add(new SimpleGroup("friend", p));
    roles.add(new SimpleGroup("admin", p));
    s.getPrincipals().addAll(roles);
    LoginSecurityContext context = new DefaultSecurityContext(p, s);
    assertTrue(context.isUserInRole("friend"));
    assertTrue(context.isUserInRole("admin"));
    assertFalse(context.isUserInRole("bar"));
    Set<Principal> roles2 = context.getUserRoles();
    assertEquals(roles2, roles);
}
Also used : LoginSecurityContext(org.apache.cxf.security.LoginSecurityContext) SimpleGroup(org.apache.cxf.common.security.SimpleGroup) Subject(javax.security.auth.Subject) SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal) GroupPrincipal(org.apache.cxf.common.security.GroupPrincipal) Principal(java.security.Principal) SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 4 with LoginSecurityContext

use of org.apache.cxf.security.LoginSecurityContext in project cxf by apache.

the class DefaultSecurityContextTest method testUserInImplicitRoles.

@Test
public void testUserInImplicitRoles() {
    Subject s = new Subject();
    Principal p = new SimplePrincipal("Barry");
    s.getPrincipals().add(p);
    Principal role = new SimplePrincipal("friend");
    s.getPrincipals().add(role);
    LoginSecurityContext context = new DefaultSecurityContext(p, s);
    assertTrue(context.isUserInRole("friend"));
    assertFalse(context.isUserInRole("family"));
    assertFalse(context.isUserInRole("Barry"));
}
Also used : LoginSecurityContext(org.apache.cxf.security.LoginSecurityContext) Subject(javax.security.auth.Subject) SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal) GroupPrincipal(org.apache.cxf.common.security.GroupPrincipal) Principal(java.security.Principal) SimplePrincipal(org.apache.cxf.common.security.SimplePrincipal) Test(org.junit.Test)

Example 5 with LoginSecurityContext

use of org.apache.cxf.security.LoginSecurityContext in project cxf by apache.

the class OAuthUtils method createSubject.

public static UserSubject createSubject(SecurityContext securityContext) {
    List<String> roleNames = Collections.emptyList();
    if (securityContext instanceof LoginSecurityContext) {
        roleNames = ((LoginSecurityContext) securityContext).getUserRoles().stream().map(Principal::getName).collect(toList());
    }
    UserSubject subject = new UserSubject(securityContext.getUserPrincipal().getName(), roleNames);
    Message m = JAXRSUtils.getCurrentMessage();
    if (m != null && m.get(AuthenticationMethod.class) != null) {
        subject.setAuthenticationMethod(m.get(AuthenticationMethod.class));
    }
    return subject;
}
Also used : UserSubject(org.apache.cxf.rs.security.oauth2.common.UserSubject) Message(org.apache.cxf.message.Message) LoginSecurityContext(org.apache.cxf.security.LoginSecurityContext) AuthenticationMethod(org.apache.cxf.rs.security.oauth2.common.AuthenticationMethod) X500Principal(javax.security.auth.x500.X500Principal) Principal(java.security.Principal)

Aggregations

LoginSecurityContext (org.apache.cxf.security.LoginSecurityContext)11 Principal (java.security.Principal)10 Subject (javax.security.auth.Subject)6 SecurityContext (org.apache.cxf.security.SecurityContext)5 HashSet (java.util.HashSet)4 SimplePrincipal (org.apache.cxf.common.security.SimplePrincipal)4 Test (org.junit.Test)4 ArrayList (java.util.ArrayList)2 GroupPrincipal (org.apache.cxf.common.security.GroupPrincipal)2 AccessDeniedException (org.apache.cxf.interceptor.security.AccessDeniedException)2 Message (org.apache.cxf.message.Message)2 IOException (java.io.IOException)1 Method (java.lang.reflect.Method)1 URI (java.net.URI)1 HashMap (java.util.HashMap)1 LinkedList (java.util.LinkedList)1 X500Principal (javax.security.auth.x500.X500Principal)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 QName (javax.xml.namespace.QName)1 OAuthMessage (net.oauth.OAuthMessage)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial