Search in sources :

Example 1 with SubjectSecurityContext

use of org.glassfish.jersey.server.SubjectSecurityContext in project jersey by jersey.

the class SubResourceLocatorRouter method getResource.

private Object getResource(final RequestProcessingContext context) {
    final Object resource = context.routingContext().peekMatchedResource();
    final Method handlingMethod = locatorModel.getInvocable().getHandlingMethod();
    final Object[] parameterValues = ParameterValueHelper.getParameterValues(valueProviders);
    context.triggerEvent(RequestEvent.Type.LOCATOR_MATCHED);
    final PrivilegedAction invokeMethodAction = new PrivilegedAction() {

        @Override
        public Object run() {
            try {
                return handlingMethod.invoke(resource, parameterValues);
            } catch (IllegalAccessException | IllegalArgumentException | UndeclaredThrowableException ex) {
                throw new ProcessingException(LocalizationMessages.ERROR_RESOURCE_JAVA_METHOD_INVOCATION(), ex);
            } catch (final InvocationTargetException ex) {
                final Throwable cause = ex.getCause();
                if (cause instanceof WebApplicationException) {
                    throw (WebApplicationException) cause;
                }
                // handle all exceptions as potentially mappable (incl. ProcessingException)
                throw new MappableException(cause);
            } catch (final Throwable t) {
                throw new ProcessingException(t);
            }
        }
    };
    final SecurityContext securityContext = context.request().getSecurityContext();
    return (securityContext instanceof SubjectSecurityContext) ? ((SubjectSecurityContext) securityContext).doAsSubject(invokeMethodAction) : invokeMethodAction.run();
}
Also used : MappableException(org.glassfish.jersey.server.internal.process.MappableException) WebApplicationException(javax.ws.rs.WebApplicationException) ResourceMethod(org.glassfish.jersey.server.model.ResourceMethod) Method(java.lang.reflect.Method) InvocationTargetException(java.lang.reflect.InvocationTargetException) SubjectSecurityContext(org.glassfish.jersey.server.SubjectSecurityContext) PrivilegedAction(java.security.PrivilegedAction) UndeclaredThrowableException(java.lang.reflect.UndeclaredThrowableException) SecurityContext(javax.ws.rs.core.SecurityContext) SubjectSecurityContext(org.glassfish.jersey.server.SubjectSecurityContext) ProcessingException(javax.ws.rs.ProcessingException)

Example 2 with SubjectSecurityContext

use of org.glassfish.jersey.server.SubjectSecurityContext in project jersey by jersey.

the class AbstractJavaResourceMethodDispatcher method invoke.

/**
     * Use the underlying invocation handler to invoke the underlying Java method
     * with the supplied input method argument values on a given resource instance.
     *
     * @param containerRequest container request.
     * @param resource         resource class instance.
     * @param args             input argument values for the invoked Java method.
     * @return invocation result.
     * @throws ProcessingException (possibly {@link MappableException mappable})
     *                             container exception in case the invocation failed.
     */
final Object invoke(final ContainerRequest containerRequest, final Object resource, final Object... args) throws ProcessingException {
    try {
        // Validate resource class & method input parameters.
        if (validator != null) {
            validator.validateResourceAndInputParams(resource, resourceMethod, args);
        }
        final PrivilegedAction invokeMethodAction = new PrivilegedAction() {

            @Override
            public Object run() {
                final TracingLogger tracingLogger = TracingLogger.getInstance(containerRequest);
                final long timestamp = tracingLogger.timestamp(ServerTraceEvent.METHOD_INVOKE);
                try {
                    return methodHandler.invoke(resource, method, args);
                } catch (IllegalAccessException | IllegalArgumentException | UndeclaredThrowableException ex) {
                    throw new ProcessingException(LocalizationMessages.ERROR_RESOURCE_JAVA_METHOD_INVOCATION(), ex);
                } catch (InvocationTargetException ex) {
                    throw mapTargetToRuntimeEx(ex.getCause());
                } catch (Throwable t) {
                    throw new ProcessingException(t);
                } finally {
                    tracingLogger.logDuration(ServerTraceEvent.METHOD_INVOKE, timestamp, resource, method);
                }
            }
        };
        final SecurityContext securityContext = containerRequest.getSecurityContext();
        final Object invocationResult = (securityContext instanceof SubjectSecurityContext) ? ((SubjectSecurityContext) securityContext).doAsSubject(invokeMethodAction) : invokeMethodAction.run();
        // Validate response entity.
        if (validator != null) {
            validator.validateResult(resource, resourceMethod, invocationResult);
        }
        return invocationResult;
    } catch (ValidationException ex) {
        // handle validation exceptions -> potentially mappable
        throw new MappableException(ex);
    }
}
Also used : MappableException(org.glassfish.jersey.server.internal.process.MappableException) ValidationException(javax.validation.ValidationException) TracingLogger(org.glassfish.jersey.message.internal.TracingLogger) InvocationTargetException(java.lang.reflect.InvocationTargetException) SubjectSecurityContext(org.glassfish.jersey.server.SubjectSecurityContext) PrivilegedAction(java.security.PrivilegedAction) UndeclaredThrowableException(java.lang.reflect.UndeclaredThrowableException) SecurityContext(javax.ws.rs.core.SecurityContext) SubjectSecurityContext(org.glassfish.jersey.server.SubjectSecurityContext) ProcessingException(javax.ws.rs.ProcessingException)

Aggregations

InvocationTargetException (java.lang.reflect.InvocationTargetException)2 UndeclaredThrowableException (java.lang.reflect.UndeclaredThrowableException)2 PrivilegedAction (java.security.PrivilegedAction)2 ProcessingException (javax.ws.rs.ProcessingException)2 SecurityContext (javax.ws.rs.core.SecurityContext)2 SubjectSecurityContext (org.glassfish.jersey.server.SubjectSecurityContext)2 MappableException (org.glassfish.jersey.server.internal.process.MappableException)2 Method (java.lang.reflect.Method)1 ValidationException (javax.validation.ValidationException)1 WebApplicationException (javax.ws.rs.WebApplicationException)1 TracingLogger (org.glassfish.jersey.message.internal.TracingLogger)1 ResourceMethod (org.glassfish.jersey.server.model.ResourceMethod)1