Examples with AuthorizationFailureException - org.wildfly.security.authz.AuthorizationFailureException

Example 1 with AuthorizationFailureException

use of org.wildfly.security.authz.AuthorizationFailureException in project wildfly by wildfly.

the class RunAsPrincipalInterceptor method processInvocation.

public Object processInvocation(final InterceptorContext context) throws Exception {
    final Component component = context.getPrivateData(Component.class);
    if (component instanceof EJBComponent == false) {
        throw EjbLogger.ROOT_LOGGER.unexpectedComponent(component, EJBComponent.class);
    }
    final EJBComponent ejbComponent = (EJBComponent) component;
    // Set the incomingRunAsIdentity before switching users
    final SecurityDomain securityDomain = context.getPrivateData(SecurityDomain.class);
    Assert.checkNotNullParam("securityDomain", securityDomain);
    final SecurityIdentity currentIdentity = securityDomain.getCurrentSecurityIdentity();
    final SecurityIdentity oldIncomingRunAsIdentity = ejbComponent.getIncomingRunAsIdentity();
    SecurityIdentity newIdentity;
    try {
        // run as a user with the given name or if the caller has sufficient permission
        if (runAsPrincipal.equals(ANONYMOUS_PRINCIPAL)) {
            try {
                newIdentity = currentIdentity.createRunAsAnonymous();
            } catch (AuthorizationFailureException ex) {
                newIdentity = currentIdentity.createRunAsAnonymous(false);
            }
        } else {
            try {
                newIdentity = currentIdentity.createRunAsIdentity(runAsPrincipal);
            } catch (AuthorizationFailureException ex) {
                newIdentity = currentIdentity.createRunAsIdentity(runAsPrincipal, false);
            }
        }
        ejbComponent.setIncomingRunAsIdentity(currentIdentity);
        return newIdentity.runAs(context);
    } catch (PrivilegedActionException e) {
        Throwable cause = e.getCause();
        if (cause != null) {
            if (cause instanceof Exception) {
                throw (Exception) cause;
            } else {
                throw new RuntimeException(e);
            }
        } else {
            throw e;
        }
    } finally {
        ejbComponent.setIncomingRunAsIdentity(oldIncomingRunAsIdentity);
    }
}

Also used : SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) AuthorizationFailureException(org.wildfly.security.authz.AuthorizationFailureException) PrivilegedActionException(java.security.PrivilegedActionException) EJBComponent(org.jboss.as.ejb3.component.EJBComponent) Component(org.jboss.as.ee.component.Component) EJBComponent(org.jboss.as.ejb3.component.EJBComponent) PrivilegedActionException(java.security.PrivilegedActionException) AuthorizationFailureException(org.wildfly.security.authz.AuthorizationFailureException) SecurityDomain(org.wildfly.security.auth.server.SecurityDomain)

Aggregations

PrivilegedActionException (java.security.PrivilegedActionException)1 Component (org.jboss.as.ee.component.Component)1 EJBComponent (org.jboss.as.ejb3.component.EJBComponent)1 SecurityDomain (org.wildfly.security.auth.server.SecurityDomain)1 SecurityIdentity (org.wildfly.security.auth.server.SecurityIdentity)1 AuthorizationFailureException (org.wildfly.security.authz.AuthorizationFailureException)1