Search in sources :

Example 1 with PrincipalImpl

use of org.glassfish.security.common.PrincipalImpl in project Payara by payara.

the class WorkContextHandlerImpl method getWorkContextMap.

/**
 * get the security work context map (if any) for the resource-adapter
 * look for <[raname]-principals-map> & <[raname]-groups-map> jvm-options
 * to generate the map
 *
 * @param raName resource-adapter name
 * @return security-map
 */
/*
    private Map getSecurityWorkContextMap(String raName) {
        HashMap eisASMap = new HashMap();

        String principalsMap = System.getProperty(raName + "-principals-map");
        if (principalsMap != null) {
            StringTokenizer tokenizer = new StringTokenizer(principalsMap, ",");
            while (tokenizer.hasMoreElements()) {
                String nameValue = (String) tokenizer.nextElement();
                if (nameValue != null && nameValue.contains("=")) {
                    int delimiterLocation = nameValue.indexOf("=");
                    String eisPrincipal = nameValue.substring(0, delimiterLocation);
                    String appserverPrincipal = nameValue.substring(delimiterLocation + 1);
                    eisASMap.put(new PrincipalImpl(eisPrincipal), new PrincipalImpl(appserverPrincipal));
                }
            }
        }

        //TODO V3 refactor (common code for principals & groups)
        String groupsMap = System.getProperty(raName + "-groups-map");
        if (groupsMap != null) {
            StringTokenizer tokenizer = new StringTokenizer(groupsMap, ",");
            while (tokenizer.hasMoreElements()) {
                String nameValue = (String) tokenizer.nextElement();
                if (nameValue != null && nameValue.contains("=")) {
                    int delimiterLocation = nameValue.indexOf("=");
                    String eisGroup = nameValue.substring(0, delimiterLocation);
                    String appserverGroup = nameValue.substring(delimiterLocation + 1);
                    eisASMap.put(new Group(eisGroup), new Group(appserverGroup));
                }
            }
            return eisASMap;
        }
        return null;
    }
*/
/**
 * Given a resource-adapter name, get all its work-context-map
 * @param raName resource-adapter-name
 * @return work-context-map
 */
private Map getWorkContextMap(String raName) {
    List<WorkSecurityMap> maps = runtime.getWorkSecurityMap(raName);
    List<PrincipalMap> principalsMap = getPrincipalsMap(maps);
    List<GroupMap> groupsMap = getGroupsMap(maps);
    HashMap eisASMap = new HashMap();
    for (PrincipalMap map : principalsMap) {
        eisASMap.put(new PrincipalImpl(map.getEisPrincipal()), new PrincipalImpl(map.getMappedPrincipal()));
    }
    for (GroupMap map : groupsMap) {
        eisASMap.put(new Group(map.getEisGroup()), new Group(map.getMappedGroup()));
    }
    return eisASMap;
}
Also used : Group(org.glassfish.security.common.Group) PrincipalMap(org.glassfish.connectors.config.PrincipalMap) GroupMap(org.glassfish.connectors.config.GroupMap) WorkSecurityMap(org.glassfish.connectors.config.WorkSecurityMap) PrincipalImpl(org.glassfish.security.common.PrincipalImpl)

Example 2 with PrincipalImpl

use of org.glassfish.security.common.PrincipalImpl in project Payara by payara.

the class PrincipalGroupFactoryImpl method getPrincipalInstance.

@Override
public PrincipalImpl getPrincipalInstance(String name, String realm) {
    WebSecurityManagerFactory fact = getWebSecurityManagerFactory();
    PrincipalImpl p = (PrincipalImpl) fact.getAdminPrincipal(name, realm);
    if (p == null) {
        p = new PrincipalImpl(name);
    }
    return p;
}
Also used : PrincipalImpl(org.glassfish.security.common.PrincipalImpl)

Example 3 with PrincipalImpl

use of org.glassfish.security.common.PrincipalImpl in project Payara by payara.

the class WebSecurityManager method initialise.

private void initialise(String appName) throws PolicyContextException {
    getPolicyFactory();
    CODEBASE = removeSpaces(CONTEXT_ID);
    // V3:Commented if(VirtualServer.ADMIN_VS.equals(getVirtualServers(appName))){
    if (Constants.ADMIN_VS.equals(getVirtualServers(appName))) {
        LoginConfiguration lgConf = wbd.getLoginConfiguration();
        if (lgConf != null) {
            String realmName = lgConf.getRealmName();
            SunWebApp sunDes = wbd.getSunDescriptor();
            if (sunDes != null) {
                SecurityRoleMapping[] srms = sunDes.getSecurityRoleMapping();
                if (srms != null) {
                    for (SecurityRoleMapping srm : srms) {
                        String[] principals = srm.getPrincipalName();
                        if (principals != null) {
                            for (String principal : principals) {
                                wsmf.ADMIN_PRINCIPAL.put(realmName + principal, new PrincipalImpl(principal));
                            }
                        }
                        for (String group : srm.getGroupNames()) {
                            wsmf.ADMIN_GROUP.put(realmName + group, new Group(group));
                        }
                    }
                }
                SecurityRoleAssignment[] sras = sunDes.getSecurityRoleAssignments();
                if (sras != null) {
                    for (SecurityRoleAssignment sra : sras) {
                        List<String> principals = sra.getPrincipalNames();
                        if (sra.isExternallyDefined()) {
                            wsmf.ADMIN_GROUP.put(realmName + sra.getRoleName(), new Group(sra.getRoleName()));
                            continue;
                        }
                        for (String principal : principals) {
                            wsmf.ADMIN_PRINCIPAL.put(realmName + principal, new PrincipalImpl(principal));
                        }
                    }
                }
            }
        }
    }
    // will require stuff in hash format for reference later on.
    try {
        java.net.URI uri = null;
        try {
            if (logger.isLoggable(Level.FINE))
                logger.log(Level.FINE, "[Web-Security] Creating a Codebase URI with = {0}", CODEBASE);
            uri = new java.net.URI("file:///" + CODEBASE);
            if (uri != null) {
                codesource = new CodeSource(new URL(uri.toString()), (java.security.cert.Certificate[]) null);
            }
        } catch (java.net.URISyntaxException use) {
            // manually create the URL
            logger.log(Level.FINE, "[Web-Security] Error Creating URI ", use);
            throw new RuntimeException(use);
        }
    } catch (java.net.MalformedURLException mue) {
        logger.log(Level.SEVERE, "[Web-Security] Exception while getting the CodeSource", mue);
        throw new RuntimeException(mue);
    }
    if (logger.isLoggable(Level.FINE)) {
        logger.log(Level.FINE, "[Web-Security] Context id (id under which  WEB component in application will be created) = {0}", CONTEXT_ID);
        logger.log(Level.FINE, "[Web-Security] Codebase (module id for web component) {0}", CODEBASE);
    }
    loadPolicyConfiguration();
    if (uncheckedPermissionCache == null) {
        if (register) {
            uncheckedPermissionCache = PermissionCacheFactory.createPermissionCache(this.CONTEXT_ID, codesource, protoPerms, null);
            allResourcesCP = new CachedPermissionImpl(uncheckedPermissionCache, allResources);
            allConnectionsCP = new CachedPermissionImpl(uncheckedPermissionCache, allConnections);
        }
    } else {
        uncheckedPermissionCache.reset();
    }
}
Also used : SunWebApp(com.sun.enterprise.deployment.runtime.web.SunWebApp) Group(org.glassfish.security.common.Group) SecurityRoleMapping(com.sun.enterprise.deployment.runtime.common.SecurityRoleMapping) LoginConfiguration(com.sun.enterprise.deployment.web.LoginConfiguration) URL(java.net.URL) CachedPermissionImpl(com.sun.enterprise.security.ee.CachedPermissionImpl) PrincipalImpl(org.glassfish.security.common.PrincipalImpl) SecurityRoleAssignment(com.sun.enterprise.deployment.runtime.common.wls.SecurityRoleAssignment)

Example 4 with PrincipalImpl

use of org.glassfish.security.common.PrincipalImpl in project Payara by payara.

the class SubjectUtil method getUsernamesFromSubject.

/**
 * Utility method to find the user names from a subject. The method assumes the user name is
 * represented by {@link org.glassfish.security.common.PrincipalImpl PrincipalImpl } inside the Subject's principal set.
 * @param subject the subject from which to find the user name
 * @return a list of strings representing the user name. The list may have more than one entry if the subject's principal set
 * contains more than one PrincipalImpl instances, or empty entry (i.e., anonymous user) if the subject's principal set contains no PrincipalImpl instances.
 */
public static List<String> getUsernamesFromSubject(Subject subject) {
    List<String> userList = new ArrayList<String>();
    Set<Principal> princSet = null;
    if (subject != null) {
        princSet = subject.getPrincipals();
        for (Principal p : princSet) {
            if ((p != null) && (p.getClass().isAssignableFrom(PrincipalImpl.class) || "weblogic.security.principal.WLSUserImpl".equals(p.getClass().getCanonicalName()))) {
                String uName = p.getName();
                userList.add(uName);
            }
        }
    }
    return userList;
}
Also used : ArrayList(java.util.ArrayList) Principal(java.security.Principal) PrincipalImpl(org.glassfish.security.common.PrincipalImpl)

Example 5 with PrincipalImpl

use of org.glassfish.security.common.PrincipalImpl in project Payara by payara.

the class SubjectUtilTest method testUserNameUtil_multi.

@Test
public void testUserNameUtil_multi() {
    Subject sub = createSub(USERNAME, GROUPS);
    sub.getPrincipals().add(new PrincipalImpl(USERNAME2));
    List<String> usernames = SubjectUtil.getUsernamesFromSubject(sub);
    if (debug)
        System.out.println("user list =" + usernames);
    Assert.assertEquals(2, usernames.size());
}
Also used : Subject(javax.security.auth.Subject) PrincipalImpl(org.glassfish.security.common.PrincipalImpl) Test(org.junit.Test)

Aggregations

PrincipalImpl (org.glassfish.security.common.PrincipalImpl)17 Subject (javax.security.auth.Subject)8 Group (org.glassfish.security.common.Group)8 Principal (java.security.Principal)5 ArrayList (java.util.ArrayList)2 SecurityRoleMapping (com.sun.enterprise.deployment.runtime.common.SecurityRoleMapping)1 SecurityRoleAssignment (com.sun.enterprise.deployment.runtime.common.wls.SecurityRoleAssignment)1 SunWebApp (com.sun.enterprise.deployment.runtime.web.SunWebApp)1 LoginConfiguration (com.sun.enterprise.deployment.web.LoginConfiguration)1 PrincipalGroupFactory (com.sun.enterprise.security.PrincipalGroupFactory)1 SecurityContext (com.sun.enterprise.security.SecurityContext)1 DistinguishedPrincipalCredential (com.sun.enterprise.security.auth.login.DistinguishedPrincipalCredential)1 PasswordCredential (com.sun.enterprise.security.auth.login.common.PasswordCredential)1 X509CertificateCredential (com.sun.enterprise.security.auth.login.common.X509CertificateCredential)1 AbstractSecurityContext (com.sun.enterprise.security.common.AbstractSecurityContext)1 CachedPermissionImpl (com.sun.enterprise.security.ee.CachedPermissionImpl)1 AppClientSSL (com.sun.enterprise.security.integration.AppClientSSL)1 AppServSecurityContext (com.sun.enterprise.security.integration.AppServSecurityContext)1 WebPrincipal (com.sun.enterprise.security.web.integration.WebPrincipal)1 URL (java.net.URL)1