Example 1 with AccountImpl
use of org.wildfly.extension.undertow.security.AccountImpl in project wildfly by wildfly.
the class LogoutSessionListener method clearAccount.
private void clearAccount(Account account) {
Principal principal = (account instanceof AccountImpl) ? ((AccountImpl) account).getOriginalPrincipal() : account.getPrincipal();
if (principal != null) {
// perform the logout of the principal using the subject currently set in the security context.
Subject subject = SecurityActions.getSubject();
this.manager.logout(principal, subject);
}
}
Also used :
AccountImpl(org.wildfly.extension.undertow.security.AccountImpl)
Principal(java.security.Principal)
Subject(javax.security.auth.Subject)
Example 2 with AccountImpl
use of org.wildfly.extension.undertow.security.AccountImpl in project wildfly by wildfly.
the class JASPICAuthenticationMechanism method createAccount.
private Account createAccount(final Account cachedAccount, final org.jboss.security.SecurityContext jbossSct) {
if (jbossSct == null) {
throw UndertowLogger.ROOT_LOGGER.nullParamter("org.jboss.security.SecurityContext");
}
// null principal: SAM has opted out of the authentication process.
Principal userPrincipal = jbossSct.getUtil().getUserPrincipal();
if (userPrincipal == null) {
return null;
}
// SAM handled the same principal found in the cached account: indicates we must use the cached account.
if (cachedAccount != null && cachedAccount.getPrincipal() == userPrincipal) {
// populate the security context using the cached account data.
jbossSct.getUtil().createSubjectInfo(userPrincipal, ((AccountImpl) cachedAccount).getCredential(), jbossSct.getUtil().getSubject());
RoleGroup roleGroup = new SimpleRoleGroup(SecurityConstants.ROLES_IDENTIFIER);
for (String role : cachedAccount.getRoles()) roleGroup.addRole(new SimpleRole(role));
jbossSct.getUtil().setRoles(roleGroup);
return cachedAccount;
}
// SAM handled a different principal or there is no cached account: build a new account.
Set<String> stringRoles = new HashSet<String>();
RoleGroup roleGroup = jbossSct.getUtil().getRoles();
if (roleGroup != null) {
for (Role role : roleGroup.getRoles()) {
stringRoles.add(role.getRoleName());
}
}
Object credential = jbossSct.getUtil().getCredential();
Principal original = null;
if (cachedAccount != null) {
original = cachedAccount.getPrincipal();
}
return new AccountImpl(userPrincipal, stringRoles, credential, original);
}
Also used :
SimpleRole(org.jboss.security.identity.plugins.SimpleRole)
Role(org.jboss.security.identity.Role)
SimpleRole(org.jboss.security.identity.plugins.SimpleRole)
AccountImpl(org.wildfly.extension.undertow.security.AccountImpl)
Principal(java.security.Principal)
SimplePrincipal(org.jboss.security.SimplePrincipal)
RoleGroup(org.jboss.security.identity.RoleGroup)
SimpleRoleGroup(org.jboss.security.identity.plugins.SimpleRoleGroup)
SimpleRoleGroup(org.jboss.security.identity.plugins.SimpleRoleGroup)
HashSet(java.util.HashSet)
Aggregations
Principal (java.security.Principal)2
AccountImpl (org.wildfly.extension.undertow.security.AccountImpl)2
HashSet (java.util.HashSet)1
Subject (javax.security.auth.Subject)1
SimplePrincipal (org.jboss.security.SimplePrincipal)1
Role (org.jboss.security.identity.Role)1
RoleGroup (org.jboss.security.identity.RoleGroup)1
SimpleRole (org.jboss.security.identity.plugins.SimpleRole)1
SimpleRoleGroup (org.jboss.security.identity.plugins.SimpleRoleGroup)1
