Example 71 with Subject
use of org.apache.shiro.subject.Subject in project ddf by codice.
the class SubjectCommands method runWithUserName.
private Object runWithUserName() throws InvocationTargetException {
try {
String password = getLine("Password for " + user + ": ", false);
Subject subject = security.getSubject(user, password);
if (subject == null) {
printErrorMessage("Invalid username/password");
return null;
}
return subject.execute(this::executeWithSubject);
} catch (ExecutionException e) {
LOGGER.info("Failed to run command: {}", e.getCause().getMessage(), e.getCause());
throw new InvocationTargetException(e.getCause());
} catch (IOException e) {
LOGGER.info("Failed to run command", e);
printErrorMessage("Failed to read password");
}
return null;
}
Also used :
IOException(java.io.IOException)
ExecutionException(org.apache.shiro.subject.ExecutionException)
Subject(org.apache.shiro.subject.Subject)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
Example 72 with Subject
use of org.apache.shiro.subject.Subject in project ddf by codice.
the class SecurityPlugin method setSubjectOnRequestProperties.
private ddf.security.Subject setSubjectOnRequestProperties(Operation operation) {
try {
Object requestSubject = operation.getProperties().get(SecurityConstants.SECURITY_SUBJECT);
if (!(requestSubject instanceof ddf.security.Subject)) {
Subject subject = SecurityUtils.getSubject();
if (subject instanceof ddf.security.Subject) {
operation.getProperties().put(SecurityConstants.SECURITY_SUBJECT, (ddf.security.Subject) subject);
LOGGER.debug("Copied security subject from SecurityUtils to operation property for legacy and multi-thread support.");
return (ddf.security.Subject) subject;
} else {
LOGGER.debug("Security subject was not of type ddf.security.Subject, cannot add to current operation. It may still be accessible from SecurityUtils for supporting services.");
}
}
} catch (Exception e) {
LOGGER.debug("No security subject found, cannot add to current operation.");
}
return null;
}
Also used :
Subject(org.apache.shiro.subject.Subject)
StopProcessingException(ddf.catalog.plugin.StopProcessingException)
Example 73 with Subject
use of org.apache.shiro.subject.Subject in project ddf by codice.
the class SecurityLoggerInInterceptor method handleMessage.
@Override
public void handleMessage(Message message) throws Fault {
if (!MessageUtils.isRequestor(message)) {
Subject subject = ThreadContext.getSubject();
if (subject != null) {
String username = SubjectUtils.getName(subject);
SecurityLogger.audit("{} is making an inbound request to {}.", username, message.get(Message.REQUEST_URL));
} else {
SecurityLogger.audit("No subject associated with inbound request to {}.", message.get(Message.REQUEST_URL));
}
}
}
Also used :
Subject(org.apache.shiro.subject.Subject)
Example 74 with Subject
use of org.apache.shiro.subject.Subject in project ddf by codice.
the class FilterPlugin method getSubject.
private Subject getSubject(Request input) throws StopProcessingException {
Object securityAssertion = input.getProperties().get(SecurityConstants.SECURITY_SUBJECT);
Subject subject;
if (securityAssertion instanceof Subject) {
subject = (Subject) securityAssertion;
LOGGER.debug("Filter plugin found Subject for query response.");
} else {
throw new StopProcessingException("Unable to filter contents of current message, no user Subject available.");
}
return subject;
}
Also used :
StopProcessingException(ddf.catalog.plugin.StopProcessingException)
Subject(org.apache.shiro.subject.Subject)
Example 75 with Subject
use of org.apache.shiro.subject.Subject in project ddf by codice.
the class FilterPlugin method processPostResource.
@Override
public ResourceResponse processPostResource(ResourceResponse input, Metacard metacard) throws StopProcessingException {
if (input.getRequest() == null || input.getRequest().getProperties() == null) {
throw new StopProcessingException("Unable to filter contents of current message, no user Subject available.");
}
KeyValueCollectionPermission securityPermission = new KeyValueCollectionPermission(CollectionPermission.READ_ACTION);
Subject subject = getSubject(input);
Attribute attr = metacard.getAttribute(Metacard.SECURITY);
if (!checkPermissions(attr, securityPermission, subject, CollectionPermission.READ_ACTION)) {
for (FilterStrategy filterStrategy : filterStrategies.values()) {
FilterResult filterResult = filterStrategy.process(input, metacard);
if (filterResult.processed()) {
if (filterResult.response() == null) {
throw new StopProcessingException("Subject not permitted to receive resource");
} else {
input = (ResourceResponse) filterResult.response();
}
break;
//returned metacards are ignored for resource requests
}
}
if (filterStrategies.size() == 0) {
throw new StopProcessingException("Subject not permitted to receive resource");
}
}
return input;
}
Also used :
KeyValueCollectionPermission(ddf.security.permission.KeyValueCollectionPermission)
Attribute(ddf.catalog.data.Attribute)
FilterStrategy(ddf.catalog.security.FilterStrategy)
StopProcessingException(ddf.catalog.plugin.StopProcessingException)
FilterResult(ddf.catalog.security.FilterResult)
Subject(org.apache.shiro.subject.Subject)
Aggregations
Subject (org.apache.shiro.subject.Subject)78
UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)11
Test (org.junit.Test)9
IOException (java.io.IOException)8
Map (java.util.Map)8
Path (javax.ws.rs.Path)8
StopProcessingException (ddf.catalog.plugin.StopProcessingException)7
ArrayList (java.util.ArrayList)7
HashMap (java.util.HashMap)7
HttpServletRequest (javax.servlet.http.HttpServletRequest)7
AccountVO (com.netsteadfast.greenstep.vo.AccountVO)5
Attribute (ddf.catalog.data.Attribute)5
KeyValueCollectionPermission (ddf.security.permission.KeyValueCollectionPermission)5
GET (javax.ws.rs.GET)5
AuthenticationException (org.apache.shiro.authc.AuthenticationException)5
ServiceException (com.netsteadfast.greenstep.base.exception.ServiceException)4
Metacard (ddf.catalog.data.Metacard)4
ApiOperation (io.swagger.annotations.ApiOperation)4
POST (javax.ws.rs.POST)4
PersistenceException (org.codice.ddf.persistence.PersistenceException)4
