Examples with SecurityContextCallbackHandler - org.jboss.security.callbacks.SecurityContextCallbackHandler

Example 1 with SecurityContextCallbackHandler

use of org.jboss.security.callbacks.SecurityContextCallbackHandler in project wildfly by wildfly.

the class JAASIdentityManagerImpl method verifyCredential.

private Account verifyCredential(final AccountImpl account, final Object credential) {
    final AuthenticationManager authenticationManager = securityDomainContext.getAuthenticationManager();
    final AuthorizationManager authorizationManager = securityDomainContext.getAuthorizationManager();
    final SecurityContext sc = SecurityActions.getSecurityContext();
    Principal incomingPrincipal = account.getOriginalPrincipal();
    Subject subject = new Subject();
    try {
        boolean isValid = authenticationManager.isValid(incomingPrincipal, credential, subject);
        if (isValid) {
            UndertowLogger.ROOT_LOGGER.tracef("User: %s is authenticated", incomingPrincipal);
            if (sc == null) {
                throw UndertowLogger.ROOT_LOGGER.noSecurityContext();
            }
            Principal userPrincipal = getPrincipal(subject);
            sc.getUtil().createSubjectInfo(incomingPrincipal, credential, subject);
            SecurityContextCallbackHandler scb = new SecurityContextCallbackHandler(sc);
            RoleGroup roles = authorizationManager.getSubjectRoles(subject, scb);
            Set<String> roleSet = new HashSet<>();
            for (Role role : roles.getRoles()) {
                roleSet.add(role.getRoleName());
            }
            return new AccountImpl(userPrincipal, roleSet, credential, account.getOriginalPrincipal());
        }
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
    return null;
}

Also used : SecurityContextCallbackHandler(org.jboss.security.callbacks.SecurityContextCallbackHandler) Subject(javax.security.auth.Subject) RoleGroup(org.jboss.security.identity.RoleGroup) AuthenticationManager(org.jboss.security.AuthenticationManager) Role(org.jboss.security.identity.Role) SecurityContext(org.jboss.security.SecurityContext) AuthorizationManager(org.jboss.security.AuthorizationManager) Principal(java.security.Principal) HashSet(java.util.HashSet)

Aggregations

Principal (java.security.Principal)1 HashSet (java.util.HashSet)1 Subject (javax.security.auth.Subject)1 AuthenticationManager (org.jboss.security.AuthenticationManager)1 AuthorizationManager (org.jboss.security.AuthorizationManager)1 SecurityContext (org.jboss.security.SecurityContext)1 SecurityContextCallbackHandler (org.jboss.security.callbacks.SecurityContextCallbackHandler)1 Role (org.jboss.security.identity.Role)1 RoleGroup (org.jboss.security.identity.RoleGroup)1