Search in sources :

Example 1 with RealmRole

use of org.jboss.as.core.security.RealmRole in project wildfly by wildfly.

the class ConnectionSecurityContext method getConnectionPrincipals.

/**
     * Obtain a {@link Collection} containing the {@link Principal} instances for the user associated with the connection.
     *
     * Note: This method should be called from within a {@link PrivilegedAction}.
     *
     * @return The Collection of Principals for the user authenticated with the connection. An empty Collection will be returned
     *         of no user is associated with the connection, {@code null} will be returned if no connection is associated with
     *         the {@link Thread}
     */
public static Collection<Principal> getConnectionPrincipals() {
    Connection con = RemotingContext.getConnection();
    if (con != null) {
        Collection<Principal> principals = new HashSet<>();
        SecurityIdentity localIdentity = con.getLocalIdentity();
        if (localIdentity != null) {
            principals.add(new RealmUser(localIdentity.getPrincipal().getName()));
            StreamSupport.stream(localIdentity.getRoles().spliterator(), true).forEach((String role) -> {
                principals.add(new RealmGroup(role));
                principals.add(new RealmRole(role));
            });
            return principals;
        } else {
            return Collections.emptySet();
        }
    }
    return null;
}
Also used : SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) RealmRole(org.jboss.as.core.security.RealmRole) RealmGroup(org.jboss.as.core.security.RealmGroup) Connection(org.jboss.remoting3.Connection) RealmUser(org.jboss.as.core.security.RealmUser) Principal(java.security.Principal) HashSet(java.util.HashSet)

Example 2 with RealmRole

use of org.jboss.as.core.security.RealmRole in project wildfly by wildfly.

the class RealmDirectLoginModule method getRoleSets.

@Override
protected Group[] getRoleSets() throws LoginException {
    Collection<Principal> principalCol = new HashSet<Principal>();
    principalCol.add(new RealmUser(getUsername()));
    try {
        AuthorizingCallbackHandler callbackHandler = getCallbackHandler();
        SubjectUserInfo sui = callbackHandler.createSubjectUserInfo(principalCol);
        SimpleGroup sg = new SimpleGroup("Roles");
        Set<RealmRole> roles = sui.getSubject().getPrincipals(RealmRole.class);
        for (RealmRole current : roles) {
            sg.addMember(createIdentity(current.getName()));
        }
        return new Group[] { sg };
    } catch (Exception e) {
        throw SecurityLogger.ROOT_LOGGER.failureCallingSecurityRealm(e.getMessage());
    }
}
Also used : SimpleGroup(org.jboss.security.SimpleGroup) Group(java.security.acl.Group) RealmRole(org.jboss.as.core.security.RealmRole) RealmUser(org.jboss.as.core.security.RealmUser) SimpleGroup(org.jboss.security.SimpleGroup) AuthorizingCallbackHandler(org.jboss.as.domain.management.AuthorizingCallbackHandler) SubjectUserInfo(org.jboss.as.core.security.SubjectUserInfo) Principal(java.security.Principal) LoginException(javax.security.auth.login.LoginException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) HashSet(java.util.HashSet)

Aggregations

Principal (java.security.Principal)2 HashSet (java.util.HashSet)2 RealmRole (org.jboss.as.core.security.RealmRole)2 RealmUser (org.jboss.as.core.security.RealmUser)2 IOException (java.io.IOException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 Group (java.security.acl.Group)1 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)1 LoginException (javax.security.auth.login.LoginException)1 RealmGroup (org.jboss.as.core.security.RealmGroup)1 SubjectUserInfo (org.jboss.as.core.security.SubjectUserInfo)1 AuthorizingCallbackHandler (org.jboss.as.domain.management.AuthorizingCallbackHandler)1 Connection (org.jboss.remoting3.Connection)1 SimpleGroup (org.jboss.security.SimpleGroup)1 SecurityIdentity (org.wildfly.security.auth.server.SecurityIdentity)1