use of org.apache.geode.internal.security.shiro.ShiroPrincipal in project geode by apache.
the class IntegratedSecurityService method getSubject.
/**
* It first looks the shiro subject in AccessControlContext since JMX will use multiple threads to
* process operations from the same client, then it looks into Shiro's thead context.
*
* @return the shiro subject, null if security is not enabled
*/
public Subject getSubject() {
if (!isIntegratedSecurity()) {
return null;
}
Subject currentUser = null;
// First try get the principal out of AccessControlContext instead of Shiro's Thread context
// since threads can be shared between JMX clients.
javax.security.auth.Subject jmxSubject = javax.security.auth.Subject.getSubject(AccessController.getContext());
if (jmxSubject != null) {
Set<ShiroPrincipal> principals = jmxSubject.getPrincipals(ShiroPrincipal.class);
if (principals.size() > 0) {
ShiroPrincipal principal = principals.iterator().next();
currentUser = principal.getSubject();
ThreadContext.bind(currentUser);
return currentUser;
}
}
// in other cases like rest call, client operations, we get it from the current thread
currentUser = SecurityUtils.getSubject();
if (currentUser == null || currentUser.getPrincipal() == null) {
throw new GemFireSecurityException("Error: Anonymous User");
}
return currentUser;
}
Aggregations