Examples with SecurityDomainContext org.jboss.wsf.spi.security.SecurityDomainContext used on opensource projects

Example 1 with SecurityDomainContext

use of org.jboss.wsf.spi.security.SecurityDomainContext in project wildfly by wildfly.

the class AbstractInvocationHandler method invoke.

/**
    * Invokes WS endpoint.
    *
    * @param endpoint WS endpoint
    * @param wsInvocation web service invocation
    * @throws Exception if any error occurs
    */
public void invoke(final Endpoint endpoint, final Invocation wsInvocation) throws Exception {
    try {
        if (!EndpointState.STARTED.equals(endpoint.getState())) {
            throw WSLogger.ROOT_LOGGER.endpointAlreadyStopped(endpoint.getShortName());
        }
        SecurityDomainContext securityDomainContext = endpoint.getSecurityDomainContext();
        securityDomainContext.runAs((Callable<Void>) () -> {
            invokeInternal(endpoint, wsInvocation);
            return null;
        });
    } catch (Throwable t) {
        handleInvocationException(t);
    } finally {
        onAfterInvocation(wsInvocation);
    }
}

Example 2 with SecurityDomainContext

use of org.jboss.wsf.spi.security.SecurityDomainContext in project wildfly by wildfly.

the class SamlSecurityContextInInterceptor method handleMessage.

@Override
public void handleMessage(SoapMessage message) throws Fault {
    final SecurityContext securityContext = message.get(SecurityContext.class);
    final Principal principal = securityContext.getUserPrincipal();
    final String name = principal.getName();
    final Endpoint endpoint = message.getExchange().get(Endpoint.class);
    final SecurityDomainContext securityDomainContext = endpoint.getSecurityDomainContext();
    Principal simplePrincipal = new SimplePrincipal(name);
    Subject subject = new Subject(false, Collections.singleton(simplePrincipal), Collections.emptySet(), Collections.emptySet());
    securityDomainContext.pushSubjectContext(subject, simplePrincipal, null);
    message.put(SecurityContext.class, new DefaultSecurityContext(simplePrincipal, subject));
}

Example 3 with SecurityDomainContext

use of org.jboss.wsf.spi.security.SecurityDomainContext in project jbossws-cxf by jbossws.

the class SubjectCreatingPolicyInterceptor method handleMessage.

@Override
public void handleMessage(Message message) throws Fault {
    Endpoint ep = message.getExchange().get(Endpoint.class);
    SecurityDomainContext sdc = ep.getSecurityDomainContext();
    SecurityContext context = message.get(SecurityContext.class);
    if (context == null || context.getUserPrincipal() == null) {
        Loggers.SECURITY_LOGGER.userPrincipalNotAvailableOnCurrentMessage();
        return;
    }
    SecurityToken token = message.get(SecurityToken.class);
    Subject subject = null;
    if (token != null) {
        // Try authenticating using SecurityToken info
        if (token.getTokenType() != TokenType.UsernameToken) {
            throw Messages.MESSAGES.unsupportedTokenType(token.getTokenType());
        }
        UsernameToken ut = (UsernameToken) token;
        subject = createSubject(sdc, ut.getName(), ut.getPassword(), ut.isHashed(), ut.getNonce(), ut.getCreatedTime());
    } else {
        // Try authenticating using WSS4J internal info (previously set into SecurityContext by WSS4JInInterceptor)
        Principal p = context.getUserPrincipal();
        if (!(p instanceof UsernameTokenPrincipal)) {
            throw Messages.MESSAGES.couldNotGetSubjectInfo();
        }
        UsernameTokenPrincipal up = (UsernameTokenPrincipal) p;
        subject = createSubject(sdc, up.getName(), up.getPassword(), up.isPasswordDigest(), up.getNonce(), up.getCreatedTime());
    }
    Principal principal = getPrincipal(context.getUserPrincipal(), subject);
    message.put(SecurityContext.class, createSecurityContext(principal, subject));
}