Search in sources :

Example 1 with ShiroPrincipal

use of org.apache.geode.internal.security.shiro.ShiroPrincipal in project geode by apache.

the class IntegratedSecurityService method getSubject.

/**
   * It first looks the shiro subject in AccessControlContext since JMX will use multiple threads to
   * process operations from the same client, then it looks into Shiro's thead context.
   *
   * @return the shiro subject, null if security is not enabled
   */
public Subject getSubject() {
    if (!isIntegratedSecurity()) {
        return null;
    }
    Subject currentUser = null;
    // First try get the principal out of AccessControlContext instead of Shiro's Thread context
    // since threads can be shared between JMX clients.
    javax.security.auth.Subject jmxSubject = javax.security.auth.Subject.getSubject(AccessController.getContext());
    if (jmxSubject != null) {
        Set<ShiroPrincipal> principals = jmxSubject.getPrincipals(ShiroPrincipal.class);
        if (principals.size() > 0) {
            ShiroPrincipal principal = principals.iterator().next();
            currentUser = principal.getSubject();
            ThreadContext.bind(currentUser);
            return currentUser;
        }
    }
    // in other cases like rest call, client operations, we get it from the current thread
    currentUser = SecurityUtils.getSubject();
    if (currentUser == null || currentUser.getPrincipal() == null) {
        throw new GemFireSecurityException("Error: Anonymous User");
    }
    return currentUser;
}
Also used : GemFireSecurityException(org.apache.geode.security.GemFireSecurityException) ShiroPrincipal(org.apache.geode.internal.security.shiro.ShiroPrincipal) Subject(org.apache.shiro.subject.Subject)

Aggregations

ShiroPrincipal (org.apache.geode.internal.security.shiro.ShiroPrincipal)1 GemFireSecurityException (org.apache.geode.security.GemFireSecurityException)1 Subject (org.apache.shiro.subject.Subject)1