Example 1 with RealmRole
use of org.jboss.as.core.security.RealmRole in project wildfly by wildfly.
the class ConnectionSecurityContext method getConnectionPrincipals.
/**
* Obtain a {@link Collection} containing the {@link Principal} instances for the user associated with the connection.
*
* Note: This method should be called from within a {@link PrivilegedAction}.
*
* @return The Collection of Principals for the user authenticated with the connection. An empty Collection will be returned
* of no user is associated with the connection, {@code null} will be returned if no connection is associated with
* the {@link Thread}
*/
public static Collection<Principal> getConnectionPrincipals() {
Connection con = RemotingContext.getConnection();
if (con != null) {
Collection<Principal> principals = new HashSet<>();
SecurityIdentity localIdentity = con.getLocalIdentity();
if (localIdentity != null) {
principals.add(new RealmUser(localIdentity.getPrincipal().getName()));
StreamSupport.stream(localIdentity.getRoles().spliterator(), true).forEach((String role) -> {
principals.add(new RealmGroup(role));
principals.add(new RealmRole(role));
});
return principals;
} else {
return Collections.emptySet();
}
}
return null;
}
Also used :
SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity)
RealmRole(org.jboss.as.core.security.RealmRole)
RealmGroup(org.jboss.as.core.security.RealmGroup)
Connection(org.jboss.remoting3.Connection)
RealmUser(org.jboss.as.core.security.RealmUser)
Principal(java.security.Principal)
HashSet(java.util.HashSet)
Example 2 with RealmRole
use of org.jboss.as.core.security.RealmRole in project wildfly by wildfly.
the class RealmDirectLoginModule method getRoleSets.
@Override
protected Group[] getRoleSets() throws LoginException {
Collection<Principal> principalCol = new HashSet<Principal>();
principalCol.add(new RealmUser(getUsername()));
try {
AuthorizingCallbackHandler callbackHandler = getCallbackHandler();
SubjectUserInfo sui = callbackHandler.createSubjectUserInfo(principalCol);
SimpleGroup sg = new SimpleGroup("Roles");
Set<RealmRole> roles = sui.getSubject().getPrincipals(RealmRole.class);
for (RealmRole current : roles) {
sg.addMember(createIdentity(current.getName()));
}
return new Group[] { sg };
} catch (Exception e) {
throw SecurityLogger.ROOT_LOGGER.failureCallingSecurityRealm(e.getMessage());
}
}
Also used :
SimpleGroup(org.jboss.security.SimpleGroup)
Group(java.security.acl.Group)
RealmRole(org.jboss.as.core.security.RealmRole)
RealmUser(org.jboss.as.core.security.RealmUser)
SimpleGroup(org.jboss.security.SimpleGroup)
AuthorizingCallbackHandler(org.jboss.as.domain.management.AuthorizingCallbackHandler)
SubjectUserInfo(org.jboss.as.core.security.SubjectUserInfo)
Principal(java.security.Principal)
LoginException(javax.security.auth.login.LoginException)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
IOException(java.io.IOException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
HashSet(java.util.HashSet)
Aggregations
Principal (java.security.Principal)2
HashSet (java.util.HashSet)2
RealmRole (org.jboss.as.core.security.RealmRole)2
RealmUser (org.jboss.as.core.security.RealmUser)2
IOException (java.io.IOException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
Group (java.security.acl.Group)1
UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)1
LoginException (javax.security.auth.login.LoginException)1
RealmGroup (org.jboss.as.core.security.RealmGroup)1
SubjectUserInfo (org.jboss.as.core.security.SubjectUserInfo)1
AuthorizingCallbackHandler (org.jboss.as.domain.management.AuthorizingCallbackHandler)1
Connection (org.jboss.remoting3.Connection)1
SimpleGroup (org.jboss.security.SimpleGroup)1
SecurityIdentity (org.wildfly.security.auth.server.SecurityIdentity)1
