protected <T> T runPrivileged(Producer<T> producer) { return securityContextManager.runPrivileged(producer); }
private SearchResultList<PrismObject<UserType>> searchUser(String userName) { return getSecurityContextManager().runPrivileged(new Producer<SearchResultList<PrismObject<UserType>>>() { @Override public SearchResultList<PrismObject<UserType>> run() { Task task = getTaskManager().createTaskInstance("Search user by name"); OperationResult result = task.getResult(); SearchResultList<PrismObject<UserType>> users; try { users = getModel().searchObjects(UserType.class, ObjectQueryUtil.createNameQuery(userName, prismContext), null, task, result); } catch (SchemaException | ObjectNotFoundException | SecurityViolationException | CommunicationException | ConfigurationException | ExpressionEvaluationException e) { return null; } finally { SecurityContextHolder.getContext().setAuthentication(null); } return users; } }); }
private List<SecurityQuestionDefinitionType> getQuestions(PrismObject<UserType> user) { return getSecurityContextManager().runPrivileged(new Producer<List<SecurityQuestionDefinitionType>>() { @Override public List<SecurityQuestionDefinitionType> run() { Task task = getTaskManager().createTaskInstance("Search user by name"); OperationResult result = task.getResult(); SecurityPolicyType securityPolicyType = null; try { SecurityContextHolder.getContext().setAuthentication(new AnonymousAuthenticationToken("rest_sec_q_auth", "REST", AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"))); securityPolicyType = modelInteractionService.getSecurityPolicy(user, task, result); } catch (ObjectNotFoundException | SchemaException | CommunicationException | ConfigurationException | SecurityViolationException | ExpressionEvaluationException e) { return null; } finally { SecurityContextHolder.getContext().setAuthentication(null); } if (securityPolicyType.getCredentials() != null && securityPolicyType.getCredentials().getSecurityQuestions() != null){ return securityPolicyType.getCredentials().getSecurityQuestions().getQuestion(); } return null; } }); }