@Test public void testInitSecurityAwarePrototypeBean() { final DefaultListableBeanFactory lbf = new DefaultListableBeanFactory(); BeanDefinitionBuilder bdb = BeanDefinitionBuilder .genericBeanDefinition(NonPrivilegedBean.class).setScope( ConfigurableBeanFactory.SCOPE_PROTOTYPE) .setInitMethodName("init").setDestroyMethodName("destroy") .addConstructorArgValue("user1"); lbf.registerBeanDefinition("test", bdb.getBeanDefinition()); final Subject subject = new Subject(); subject.getPrincipals().add(new TestPrincipal("user1")); NonPrivilegedBean bean = Subject.doAsPrivileged( subject, new PrivilegedAction<NonPrivilegedBean>() { @Override public NonPrivilegedBean run() { return lbf.getBean("test", NonPrivilegedBean.class); } }, null); assertNotNull(bean); }
@SuppressWarnings("unchecked") @Test public void testInitSecurityAwarePrototypeBean() { final DefaultListableBeanFactory lbf = new DefaultListableBeanFactory(); RootBeanDefinition bd = new RootBeanDefinition(TestSecuredBean.class); bd.setScope(ConfigurableBeanFactory.SCOPE_PROTOTYPE); bd.setInitMethodName("init"); lbf.registerBeanDefinition("test", bd); final Subject subject = new Subject(); subject.getPrincipals().add(new TestPrincipal("user1")); TestSecuredBean bean = (TestSecuredBean) Subject.doAsPrivileged(subject, new PrivilegedAction() { @Override public Object run() { return lbf.getBean("test"); } }, null); assertNotNull(bean); assertEquals("user1", bean.getUserName()); }
Subject.doAsPrivileged(subject, new PrivilegedAction<Object>() {
@SuppressWarnings("unchecked") public SecurityContext(final Subject subject) { this.subject = subject; this.acc = (AccessControlContext) Subject.doAsPrivileged(subject, new PrivilegedAction() { @Override public Object run() { return AccessController.getContext(); } }, null); } }
public Object run() { // run check only using the the subject // (by using null as the AccessControlContext) final AccessControlContext acc = null; Subject.doAsPrivileged(subject, runCheck, acc); return null; } };
public Object run() { // run check only using the the subject // (by using null as the AccessControlContext) final AccessControlContext acc = null; Subject.doAsPrivileged(subject, runCheck, acc); return null; } };
@SuppressWarnings("unchecked") public SecurityContext(final Subject subject) { this.subject = subject; this.acc = (AccessControlContext) Subject.doAsPrivileged(subject, new PrivilegedAction() { @Override public Object run() { return AccessController.getContext(); } }, null); } }
public Object run() { // run check only using the the subject // (by using null as the AccessControlContext) final AccessControlContext acc = null; Subject.doAsPrivileged(subject, runCheck, acc); return null; } };
public SecurityContext(Subject subject) { this.subject = subject; this.acc = (AccessControlContext) Subject.doAsPrivileged(subject, new PrivilegedAction() { public Object run() { return AccessController.getContext(); } }, null); } }
Subject.doAsPrivileged(Subject subject, PrivilegedAction<Object> action, null)
@Override public Thread newThread(final Runnable runnable) { return Subject.doAsPrivileged(_subject, new PrivilegedAction<Thread>() { @Override public Thread run() { Thread thread = _defaultThreadFactory.newThread(runnable); if (_threadNamePrefix != null) { thread.setName(_threadNamePrefix + "-" + _threadId.getAndIncrement()); } return thread; } }, null); } }
@Override public Thread newThread(final Runnable runnable) { return Subject.doAsPrivileged(_subject, new PrivilegedAction<Thread>() { @Override public Thread run() { Thread thread = _defaultThreadFactory.newThread(runnable); if (_threadNamePrefix != null) { thread.setName(_threadNamePrefix + "-" + _threadId.getAndIncrement()); } return thread; } }, null); } }
/** * Wrapper for * {@link javax.security.auth.Subject#doAsPrivileged(Subject, java.security.PrivilegedExceptionAction, java.security.AccessControlContext)} * that executes an action with the privileges posssessed by a * WikiSession's Subject. The action executes with a <code>null</code> * AccessControlContext, which has the effect of running it "cleanly" * without the AccessControlContexts of the caller. * @param session the wiki session * @param action the privileged action * @return the result of the privileged action; may be <code>null</code> * @throws java.security.AccessControlException if the action is not permitted * by the security policy */ public static Object doPrivileged( WikiSession session, PrivilegedAction<?> action ) throws AccessControlException { return Subject.doAsPrivileged( session.m_subject, action, null ); }
protected Session loginSubject(@NotNull Subject subject) { try { return Subject.doAsPrivileged(subject, new PrivilegedExceptionAction<Session>() { @Override public Session run() throws Exception { return getRepository().login(null, null); } }, null); } catch (Exception e) { throw new RuntimeException(e); } }
@Override public Object run() throws Exception { try { return Subject.doAsPrivileged( login.getSubject(), action, null); } catch (PrivilegedActionException e) { throw e.getException(); } } });
private <S> S privileged(final Function<T, S> f) { return Subject.doAsPrivileged(factory.getSubject(), new PrivilegedAction<S>() { public S run() { return f.apply(value); } }, null); }
public Object run() { return Subject.doAsPrivileged( login.getSubject(), new GetThreadPoolAction(false), null); } });
@Override public void runTest() throws RepositoryException { for (int i = 0; i < COUNT; i++) { try { Subject.doAsPrivileged(subject, new PrivilegedExceptionAction<Session>() { @Override public Session run() throws Exception { return getRepository().login(null, null); } }, null).logout(); } catch (PrivilegedActionException e) { throw new RepositoryException("failed to retrieve admin session.", e); } } } }
@Test public void testSubjectAndCredentials() throws Exception { final Subject subject = new Subject(true, principals, Collections.<Object>emptySet(), Collections.<Object>emptySet()); ContentSession cs = Subject.doAsPrivileged(subject, new PrivilegedAction<ContentSession>() { @Override public ContentSession run() { ContentSession cs; try { cs = login(new GuestCredentials()); return cs; } catch (Exception e) { return null; } } }, null); assertNull("Login should have failed.", cs); }
@Test public void testValidSubjectWithAuthInfo() throws Exception { AuthInfo info = new AuthInfoImpl("testUserId", Collections.<String, Object>emptyMap(), Collections.<Principal>emptySet()); Set<AuthInfo> publicCreds = Collections.singleton(info); final Subject subject = new Subject(false, Collections.singleton(new TestPrincipal()), publicCreds, Collections.<Object>emptySet()); ContentSession cs = Subject.doAsPrivileged(subject, new PrivilegedAction<ContentSession>() { @Override public ContentSession run() { try { return login(null); } catch (Exception e) { return null; } } }, null); try { assertSame(info, cs.getAuthInfo()); } finally { if (cs != null) { cs.close(); } } }