Examples with Roles - org.wildfly.security.authz.Roles

Example 1 with Roles

use of org.wildfly.security.authz.Roles in project wildfly by wildfly.

the class RolesAllowedInterceptor method processInvocation.

public Object processInvocation(final InterceptorContext context) throws Exception {
    final Component component = context.getPrivateData(Component.class);
    if (!(component instanceof EJBComponent)) {
        throw EjbLogger.ROOT_LOGGER.unexpectedComponent(component, EJBComponent.class);
    }
    final Iterator<String> iterator = rolesAllowed.iterator();
    if (iterator.hasNext()) {
        final SecurityDomain securityDomain = context.getPrivateData(SecurityDomain.class);
        final SecurityIdentity identity = securityDomain.getCurrentSecurityIdentity();
        final Roles ejbRoles = identity.getRoles("ejb", true);
        do {
            final String role = iterator.next();
            if (ejbRoles.contains(role) || (role.equals("**") && !identity.isAnonymous())) {
                return context.proceed();
            }
        } while (iterator.hasNext());
    }
    throw EjbLogger.ROOT_LOGGER.invocationOfMethodNotAllowed(context.getMethod(), ((EJBComponent) component).getComponentName());
}

Also used : SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) Roles(org.wildfly.security.authz.Roles) EJBComponent(org.jboss.as.ejb3.component.EJBComponent) Component(org.jboss.as.ee.component.Component) EJBComponent(org.jboss.as.ejb3.component.EJBComponent) SecurityDomain(org.wildfly.security.auth.server.SecurityDomain)

Example 2 with Roles

use of org.wildfly.security.authz.Roles in project wildfly by wildfly.

the class EJBComponent method checkCallerSecurityIdentityRole.

private boolean checkCallerSecurityIdentityRole(String roleName) {
    final SecurityIdentity identity = getCallerSecurityIdentity();
    if ("**".equals(roleName)) {
        return !identity.isAnonymous();
    }
    Roles roles = identity.getRoles("ejb", true);
    if (roles.contains(roleName)) {
        return true;
    }
    if (securityMetaData.getSecurityRoleLinks() != null) {
        Collection<String> linked = securityMetaData.getSecurityRoleLinks().get(roleName);
        if (linked != null) {
            for (String role : roles) {
                if (linked.contains(role)) {
                    return true;
                }
            }
        }
    }
    return false;
}

Also used : SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity) Roles(org.wildfly.security.authz.Roles)

Aggregations

SecurityIdentity (org.wildfly.security.auth.server.SecurityIdentity)2 Roles (org.wildfly.security.authz.Roles)2 Component (org.jboss.as.ee.component.Component)1 EJBComponent (org.jboss.as.ejb3.component.EJBComponent)1 SecurityDomain (org.wildfly.security.auth.server.SecurityDomain)1