Search in sources :

Example 1 with X509CertificateChainPublicCredential

use of org.wildfly.security.credential.X509CertificateChainPublicCredential in project wildfly by wildfly.

the class SubjectUtil method fromSecurityIdentity.

public static Subject fromSecurityIdentity(final SecurityIdentity securityIdentity, Subject subject) {
    if (subject == null) {
        subject = new Subject();
    }
    subject.getPrincipals().add(securityIdentity.getPrincipal());
    // add the 'Roles' group to the subject containing the identity's mapped roles.
    Group rolesGroup = new SimpleGroup("Roles");
    for (String role : securityIdentity.getRoles()) {
        rolesGroup.addMember(new NamePrincipal(role));
    }
    subject.getPrincipals().add(rolesGroup);
    // add a 'CallerPrincipal' group containing the identity's principal.
    Group callerPrincipalGroup = new SimpleGroup("CallerPrincipal");
    callerPrincipalGroup.addMember(securityIdentity.getPrincipal());
    subject.getPrincipals().add(callerPrincipalGroup);
    // process the identity's public and private credentials.
    for (Credential credential : securityIdentity.getPublicCredentials()) {
        if (credential instanceof PublicKeyCredential) {
            subject.getPublicCredentials().add(credential.castAs(PublicKeyCredential.class).getPublicKey());
        } else if (credential instanceof X509CertificateChainPublicCredential) {
            subject.getPublicCredentials().add(credential.castAs(X509CertificateChainPublicCredential.class).getCertificateChain());
        } else {
            subject.getPublicCredentials().add(credential);
        }
    }
    for (Credential credential : securityIdentity.getPrivateCredentials()) {
        if (credential instanceof PasswordCredential) {
            addPrivateCredential(subject, credential.castAs(PasswordCredential.class).getPassword());
        } else if (credential instanceof SecretKeyCredential) {
            addPrivateCredential(subject, credential.castAs(SecretKeyCredential.class).getSecretKey());
        } else if (credential instanceof KeyPairCredential) {
            addPrivateCredential(subject, credential.castAs(KeyPairCredential.class).getKeyPair());
        } else if (credential instanceof X509CertificateChainPrivateCredential) {
            addPrivateCredential(subject, credential.castAs(X509CertificateChainPrivateCredential.class).getCertificateChain());
        } else {
            addPrivateCredential(subject, credential);
        }
    }
    // add the identity itself as a private credential - integration code can interact with the SI instead of the Subject if desired.
    addPrivateCredential(subject, securityIdentity);
    return subject;
}
Also used : Group(java.security.acl.Group) X509CertificateChainPrivateCredential(org.wildfly.security.credential.X509CertificateChainPrivateCredential) X509CertificateChainPublicCredential(org.wildfly.security.credential.X509CertificateChainPublicCredential) PublicKeyCredential(org.wildfly.security.credential.PublicKeyCredential) KeyPairCredential(org.wildfly.security.credential.KeyPairCredential) PasswordCredential(org.wildfly.security.credential.PasswordCredential) SecretKeyCredential(org.wildfly.security.credential.SecretKeyCredential) Credential(org.wildfly.security.credential.Credential) KeyPairCredential(org.wildfly.security.credential.KeyPairCredential) X509CertificateChainPrivateCredential(org.wildfly.security.credential.X509CertificateChainPrivateCredential) NamePrincipal(org.wildfly.security.auth.principal.NamePrincipal) PasswordCredential(org.wildfly.security.credential.PasswordCredential) PublicKeyCredential(org.wildfly.security.credential.PublicKeyCredential) X509CertificateChainPublicCredential(org.wildfly.security.credential.X509CertificateChainPublicCredential) Subject(javax.security.auth.Subject) SecretKeyCredential(org.wildfly.security.credential.SecretKeyCredential)

Aggregations

Group (java.security.acl.Group)1 Subject (javax.security.auth.Subject)1 NamePrincipal (org.wildfly.security.auth.principal.NamePrincipal)1 Credential (org.wildfly.security.credential.Credential)1 KeyPairCredential (org.wildfly.security.credential.KeyPairCredential)1 PasswordCredential (org.wildfly.security.credential.PasswordCredential)1 PublicKeyCredential (org.wildfly.security.credential.PublicKeyCredential)1 SecretKeyCredential (org.wildfly.security.credential.SecretKeyCredential)1 X509CertificateChainPrivateCredential (org.wildfly.security.credential.X509CertificateChainPrivateCredential)1 X509CertificateChainPublicCredential (org.wildfly.security.credential.X509CertificateChainPublicCredential)1