use of org.jboss.security.SecurityContext in project wildfly by wildfly.
the class SecurityContextAssociationHandler method handleRequest.
@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
SecurityContext sc = exchange.getAttachment(UndertowSecurityAttachments.SECURITY_CONTEXT_ATTACHMENT);
RunAsIdentityMetaData identity = null;
RunAs old = null;
try {
final ServletChain servlet = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getCurrentServlet();
identity = runAsIdentityMetaDataMap.get(servlet.getManagedServlet().getServletInfo().getName());
RunAsIdentity runAsIdentity = null;
if (identity != null) {
UndertowLogger.ROOT_LOGGER.tracef("%s, runAs: %s", servlet.getManagedServlet().getServletInfo().getName(), identity);
runAsIdentity = new RunAsIdentity(identity.getRoleName(), identity.getPrincipalName(), identity.getRunAsRoles());
}
old = SecurityActions.setRunAsIdentity(runAsIdentity, sc);
// Perform the request
next.handleRequest(exchange);
} finally {
if (identity != null) {
SecurityActions.setRunAsIdentity(old, sc);
}
}
}
use of org.jboss.security.SecurityContext in project wildfly by wildfly.
the class SecurityContextHandle method setup.
@Override
public Handle setup() {
final SecurityContext current = getSecurityContext();
setSecurityContext(securityContext);
return new Handle() {
@Override
public void tearDown() {
setSecurityContext(current);
}
};
}
use of org.jboss.security.SecurityContext in project wildfly by wildfly.
the class SimpleSecurityManager method authenticate.
public void authenticate(final String runAs, final String runAsPrincipal, final Set<String> extraRoles) {
SecurityContext current = SecurityContextAssociation.getSecurityContext();
SecurityContext previous = contexts.peek();
// skip reauthentication if the current context already has an authenticated subject (copied from the previous context
// upon creation - see push method) and if both contexts use the same security domain.
boolean skipReauthentication = current.getSubjectInfo() != null && current.getSubjectInfo().getAuthenticatedSubject() != null && previous != null && current.getSecurityDomain().equals(previous.getSecurityDomain());
if (!skipReauthentication) {
SecurityContextUtil util = current.getUtil();
Object credential = util.getCredential();
Subject subject = null;
if (credential instanceof RemotingConnectionCredential) {
subject = ((RemotingConnectionCredential) credential).getSubject();
}
if (authenticate(current, subject) == false) {
throw SecurityLogger.ROOT_LOGGER.invalidUserException();
}
}
// setup the run-as identity.
if (runAs != null) {
RunAs runAsIdentity = new RunAsIdentity(runAs, runAsPrincipal, extraRoles);
current.setOutgoingRunAs(runAsIdentity);
} else if (propagate && previous != null && previous.getOutgoingRunAs() != null) {
// Ensure the propagation continues.
current.setOutgoingRunAs(previous.getOutgoingRunAs());
}
}
use of org.jboss.security.SecurityContext in project wildfly by wildfly.
the class SimpleSecurityManager method push.
public void push(final String securityDomain, String userName, char[] password, final Subject subject) {
final SecurityContext previous = SecurityContextAssociation.getSecurityContext();
contexts.push(previous);
SecurityContext current = establishSecurityContext(securityDomain);
if (propagate && previous != null) {
current.setSubjectInfo(getSubjectInfo(previous));
current.setIncomingRunAs(previous.getOutgoingRunAs());
}
RunAs currentRunAs = current.getIncomingRunAs();
boolean trusted = currentRunAs != null && currentRunAs instanceof RunAsIdentity;
if (trusted == false) {
SecurityContextUtil util = current.getUtil();
util.createSubjectInfo(new SimplePrincipal(userName), new String(password), subject);
}
}
use of org.jboss.security.SecurityContext in project wildfly by wildfly.
the class SecurityActions method getPrincipal.
static Principal getPrincipal() {
if (WildFlySecurityManager.isChecking()) {
return doPrivileged(new PrivilegedAction<Principal>() {
public Principal run() {
Principal principal = null;
SecurityContext sc = getSecurityContext();
if (sc != null) {
principal = sc.getUtil().getUserPrincipal();
}
return principal;
}
});
} else {
Principal principal = null;
SecurityContext sc = getSecurityContext();
if (sc != null) {
principal = sc.getUtil().getUserPrincipal();
}
return principal;
}
}
Aggregations