Search in sources :

Example 1 with AccountImpl

use of org.wildfly.extension.undertow.security.AccountImpl in project wildfly by wildfly.

the class LogoutSessionListener method clearAccount.

private void clearAccount(Account account) {
    Principal principal = (account instanceof AccountImpl) ? ((AccountImpl) account).getOriginalPrincipal() : account.getPrincipal();
    if (principal != null) {
        // perform the logout of the principal using the subject currently set in the security context.
        Subject subject = SecurityActions.getSubject();
        this.manager.logout(principal, subject);
    }
}
Also used : AccountImpl(org.wildfly.extension.undertow.security.AccountImpl) Principal(java.security.Principal) Subject(javax.security.auth.Subject)

Example 2 with AccountImpl

use of org.wildfly.extension.undertow.security.AccountImpl in project wildfly by wildfly.

the class JASPICAuthenticationMechanism method createAccount.

private Account createAccount(final Account cachedAccount, final org.jboss.security.SecurityContext jbossSct) {
    if (jbossSct == null) {
        throw UndertowLogger.ROOT_LOGGER.nullParamter("org.jboss.security.SecurityContext");
    }
    // null principal: SAM has opted out of the authentication process.
    Principal userPrincipal = jbossSct.getUtil().getUserPrincipal();
    if (userPrincipal == null) {
        return null;
    }
    // SAM handled the same principal found in the cached account: indicates we must use the cached account.
    if (cachedAccount != null && cachedAccount.getPrincipal() == userPrincipal) {
        // populate the security context using the cached account data.
        jbossSct.getUtil().createSubjectInfo(userPrincipal, ((AccountImpl) cachedAccount).getCredential(), jbossSct.getUtil().getSubject());
        RoleGroup roleGroup = new SimpleRoleGroup(SecurityConstants.ROLES_IDENTIFIER);
        for (String role : cachedAccount.getRoles()) roleGroup.addRole(new SimpleRole(role));
        jbossSct.getUtil().setRoles(roleGroup);
        return cachedAccount;
    }
    // SAM handled a different principal or there is no cached account: build a new account.
    Set<String> stringRoles = new HashSet<String>();
    RoleGroup roleGroup = jbossSct.getUtil().getRoles();
    if (roleGroup != null) {
        for (Role role : roleGroup.getRoles()) {
            stringRoles.add(role.getRoleName());
        }
    }
    Object credential = jbossSct.getUtil().getCredential();
    Principal original = null;
    if (cachedAccount != null) {
        original = cachedAccount.getPrincipal();
    }
    return new AccountImpl(userPrincipal, stringRoles, credential, original);
}
Also used : SimpleRole(org.jboss.security.identity.plugins.SimpleRole) Role(org.jboss.security.identity.Role) SimpleRole(org.jboss.security.identity.plugins.SimpleRole) AccountImpl(org.wildfly.extension.undertow.security.AccountImpl) Principal(java.security.Principal) SimplePrincipal(org.jboss.security.SimplePrincipal) RoleGroup(org.jboss.security.identity.RoleGroup) SimpleRoleGroup(org.jboss.security.identity.plugins.SimpleRoleGroup) SimpleRoleGroup(org.jboss.security.identity.plugins.SimpleRoleGroup) HashSet(java.util.HashSet)

Aggregations

Principal (java.security.Principal)2 AccountImpl (org.wildfly.extension.undertow.security.AccountImpl)2 HashSet (java.util.HashSet)1 Subject (javax.security.auth.Subject)1 SimplePrincipal (org.jboss.security.SimplePrincipal)1 Role (org.jboss.security.identity.Role)1 RoleGroup (org.jboss.security.identity.RoleGroup)1 SimpleRole (org.jboss.security.identity.plugins.SimpleRole)1 SimpleRoleGroup (org.jboss.security.identity.plugins.SimpleRoleGroup)1