Example 66 with Subject
use of org.apache.shiro.subject.Subject in project bamboobsc by billchen198318.
the class ApiWebServiceImpl method getScorecard1.
/**
* SOAP 請使用 SoapUI 來測試
* ==================================================================================
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:web="http://webservice.bsc.greenstep.netsteadfast.com/">
<soapenv:Header/>
<soapenv:Body>
<web:getScorecard1>
<visionOid>1089abb5-3faf-445d-88ff-cd7690ac6743</visionOid>
<startDate></startDate>
<endDate></endDate>
<startYearDate>2015</startYearDate>
<endYearDate>2016</endYearDate>
<frequency>6</frequency>
<dataFor>all</dataFor>
<measureDataOrganizationOid></measureDataOrganizationOid>
<measureDataEmployeeOid></measureDataEmployeeOid>
<contentFlag></contentFlag>
</web:getScorecard1>
</soapenv:Body>
</soapenv:Envelope>
* ==================================================================================
*
*
* REST 範例:
* curl -i -X GET "http://127.0.0.1:8080/gsbsc-web/services/jaxrs/scorecard1?visionOid=1089abb5-3faf-445d-88ff-cd7690ac6743&startDate=&endDate=&startYearDate=2015&endYearDate=2016&frequency=6&dataFor=all&measureDataOrganizationOid=&measureDataEmployeeOid=&contentFlag="
*
*/
@WebMethod
@GET
@Path("/scorecard1/")
@Override
public BscApiServiceResponse getScorecard1(@WebParam(name = "visionOid") @QueryParam("visionOid") String visionOid, @WebParam(name = "startDate") @QueryParam("startDate") String startDate, @WebParam(name = "endDate") @QueryParam("endDate") String endDate, @WebParam(name = "startYearDate") @QueryParam("startYearDate") String startYearDate, @WebParam(name = "endYearDate") @QueryParam("endYearDate") String endYearDate, @WebParam(name = "frequency") @QueryParam("frequency") String frequency, @WebParam(name = "dataFor") @QueryParam("dataFor") String dataFor, @WebParam(name = "measureDataOrganizationOid") @QueryParam("measureDataOrganizationOid") String measureDataOrganizationOid, @WebParam(name = "measureDataEmployeeOid") @QueryParam("measureDataEmployeeOid") String measureDataEmployeeOid, @WebParam(name = "contentFlag") @QueryParam("contentFlag") String contentFlag) throws Exception {
HttpServletRequest request = null;
if (this.getWebServiceContext() != null && this.getWebServiceContext().getMessageContext() != null) {
request = (HttpServletRequest) this.getWebServiceContext().getMessageContext().get(MessageContext.SERVLET_REQUEST);
}
Subject subject = null;
BscApiServiceResponse responseObj = new BscApiServiceResponse();
responseObj.setSuccess(YesNo.NO);
try {
subject = WsAuthenticateUtils.login();
this.processForScorecard(responseObj, request, visionOid, startDate, endDate, startYearDate, endYearDate, frequency, dataFor, measureDataOrganizationOid, measureDataEmployeeOid, contentFlag);
} catch (Exception e) {
responseObj.setMessage(e.getMessage());
} finally {
if (!YesNo.YES.equals(responseObj.getSuccess())) {
responseObj.setMessage(SysMessageUtil.get(GreenStepSysMsgConstants.SEARCH_NO_DATA));
}
WsAuthenticateUtils.logout(subject);
}
subject = null;
return responseObj;
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
BscApiServiceResponse(com.netsteadfast.greenstep.bsc.vo.BscApiServiceResponse)
Subject(org.apache.shiro.subject.Subject)
ServiceException(com.netsteadfast.greenstep.base.exception.ServiceException)
WebMethod(javax.jws.WebMethod)
Path(javax.ws.rs.Path)
GET(javax.ws.rs.GET)
Example 67 with Subject
use of org.apache.shiro.subject.Subject in project ddf by codice.
the class AbstractDownloadsStatusEventPublisherTest method addSecurity.
private void addSecurity() {
org.apache.shiro.mgt.SecurityManager secManager = new DefaultSecurityManager();
PrincipalCollection principals = new SimplePrincipalCollection(USER_ID, "testrealm");
Subject subject = new Subject.Builder(secManager).principals(principals).session(new SimpleSession()).authenticated(true).buildSubject();
ThreadContext.bind(secManager);
ThreadContext.bind(subject);
}
Also used :
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection)
DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager)
SimpleSession(org.apache.shiro.session.mgt.SimpleSession)
Subject(org.apache.shiro.subject.Subject)
Example 68 with Subject
use of org.apache.shiro.subject.Subject in project ddf by codice.
the class SoapEndpoint method helloWorldOp.
public HelloWorldResponse helloWorldOp(HelloWorld helloWorld) {
String name = null;
try {
Subject subject = SecurityUtils.getSubject();
name = SubjectUtils.getName(subject);
} catch (Exception e) {
LOGGER.debug("Unable to retrieve user from request.", e);
}
HelloWorldResponse helloWorldResponse = new HelloWorldResponse();
helloWorldResponse.setResult("Hello " + name);
return helloWorldResponse;
}
Also used :
Subject(org.apache.shiro.subject.Subject)
HelloWorldResponse(sdk.ddf.soap.hello.HelloWorldResponse)
Example 69 with Subject
use of org.apache.shiro.subject.Subject in project ddf by codice.
the class ServiceManagerProxy method invoke.
@Override
public Object invoke(Object proxy, Method method, Object[] args) throws Throwable {
//wait until the security manager is available otherwise the getSystemSubject command will fail
with().pollInterval(1, SECONDS).await().atMost(30, SECONDS).until(() -> serviceManager.getServiceReference(SecurityManager.class) != null);
Subject subject = SECURITY.runAsAdmin(SECURITY::getSystemSubject);
return subject.execute(() -> method.invoke(serviceManager, args));
}
Also used :
Subject(org.apache.shiro.subject.Subject)
Example 70 with Subject
use of org.apache.shiro.subject.Subject in project ddf by codice.
the class TestLogoutServlet method testLocalLogout.
@Test
public void testLocalLogout() {
LocalLogoutServlet localLogoutServlet = new MockLocalLogoutServlet();
HttpServletRequest request = mock(HttpServletRequest.class);
HttpServletResponse response = mock(HttpServletResponse.class);
Subject subject = mock(Subject.class);
when(subject.hasRole(anyString())).thenReturn(false);
ThreadContext.bind(subject);
System.setProperty("security.audit.roles", "none");
HttpSession httpSession = mock(HttpSession.class);
when(request.getSession()).thenReturn(httpSession);
when(request.getSession().getId()).thenReturn("id");
when(request.getRequestURL()).thenReturn(new StringBuffer("http://foo.bar"));
//Used for detecting basic auth
when(request.getHeaders(anyString())).thenReturn(new Enumeration() {
@Override
public boolean hasMoreElements() {
return true;
}
@Override
public Object nextElement() {
return "Basic";
}
});
//used for detecting pki
when(request.getAttribute("javax.servlet.request.X509Certificate")).thenReturn(new X509Certificate[] { mock(X509Certificate.class) });
SecurityTokenHolder securityTokenHolder = mock(SecurityTokenHolder.class);
when(httpSession.getAttribute(SecurityConstants.SAML_ASSERTION)).thenReturn(securityTokenHolder);
try {
localLogoutServlet.doGet(request, response);
} catch (ServletException | IOException e) {
fail(e.getMessage());
}
verify(httpSession).invalidate();
}
Also used :
Enumeration(java.util.Enumeration)
HttpSession(javax.servlet.http.HttpSession)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
IOException(java.io.IOException)
Subject(org.apache.shiro.subject.Subject)
X509Certificate(java.security.cert.X509Certificate)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ServletException(javax.servlet.ServletException)
SecurityTokenHolder(ddf.security.common.SecurityTokenHolder)
Test(org.junit.Test)
Aggregations
Subject (org.apache.shiro.subject.Subject)78
UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)11
Test (org.junit.Test)9
IOException (java.io.IOException)8
Map (java.util.Map)8
Path (javax.ws.rs.Path)8
StopProcessingException (ddf.catalog.plugin.StopProcessingException)7
ArrayList (java.util.ArrayList)7
HashMap (java.util.HashMap)7
HttpServletRequest (javax.servlet.http.HttpServletRequest)7
AccountVO (com.netsteadfast.greenstep.vo.AccountVO)5
Attribute (ddf.catalog.data.Attribute)5
KeyValueCollectionPermission (ddf.security.permission.KeyValueCollectionPermission)5
GET (javax.ws.rs.GET)5
AuthenticationException (org.apache.shiro.authc.AuthenticationException)5
ServiceException (com.netsteadfast.greenstep.base.exception.ServiceException)4
Metacard (ddf.catalog.data.Metacard)4
ApiOperation (io.swagger.annotations.ApiOperation)4
POST (javax.ws.rs.POST)4
PersistenceException (org.codice.ddf.persistence.PersistenceException)4
