/** * This test verifies that logging out a read only subject should fail. */ @Test public void logoutReadOnlySubject() throws Exception { String clazzName = LoginModuleConfigurationUtils.OS_PRINCIPAL_CLASS_NAME; @SuppressWarnings("unchecked") Class<? extends Principal> clazz = (Class<? extends Principal>) ClassLoader .getSystemClassLoader().loadClass(clazzName); Subject subject = new Subject(); // login, add OS user into subject, and add corresponding Alluxio user into subject LoginContext loginContext = new LoginContext("simple", subject, null, new LoginModuleConfiguration()); loginContext.login(); // verify whether OS user and Alluxio user is added. assertFalse(subject.getPrincipals(clazz).isEmpty()); assertFalse(subject.getPrincipals(User.class).isEmpty()); // logout read only subject should fail. subject.setReadOnly(); mThrown.expect(LoginException.class); mThrown.expectMessage("logout Failed: Subject is Readonly"); loginContext.logout(); assertFalse(subject.getPrincipals(clazz).isEmpty()); assertFalse(subject.getPrincipals(User.class).isEmpty()); }
@Test public void testSubject() { Subject expected = new Subject(); Assert.assertFalse(expected.isReadOnly()); rc.setSubject(expected); Assert.assertEquals(expected, rc.subject()); expected.setReadOnly(); rc.setSubject(expected); Assert.assertEquals(expected, rc.subject()); }
public void addUser( String username, Credential credential, String[] roles) { Principal userPrincipal = new AbstractLoginService.UserPrincipal( username, credential); Subject subject = new Subject(); subject.getPrincipals().add(userPrincipal); subject.getPrivateCredentials().add(credential); if (roles != null) { for (String role : roles) { subject.getPrincipals().add(new AbstractLoginService.RolePrincipal(role)); } } subject.setReadOnly(); _knownUserIdentities.put(username,_identityService.newUserIdentity(subject,userPrincipal,roles)); }
/** * @see org.eclipse.jetty.security.LoginService#login(java.lang.String, java.lang.Object, javax.servlet.ServletRequest) */ @Override public UserIdentity login(String username, Object credentials, ServletRequest request) { if (username == null) return null; UserPrincipal userPrincipal = loadUserInfo(username); if (userPrincipal != null && userPrincipal.authenticate(credentials)) { //safe to load the roles String[] roles = loadRoleInfo(userPrincipal); Subject subject = new Subject(); subject.getPrincipals().add(userPrincipal); subject.getPrivateCredentials().add(userPrincipal._credential); if (roles!=null) for (String role : roles) subject.getPrincipals().add(new RolePrincipal(role)); subject.setReadOnly(); return _identityService.newUserIdentity(subject,userPrincipal,roles); } return null; }
@Override public Object run() { subject.setReadOnly(); return null; } });
public Subject build() { if (readOnly) { _subject.setReadOnly(); } return _subject; }
Subject getSerializableSubject() { if (subject != null) { Subject toSend = new Subject(); Set<Principal> principals = toSend.getPrincipals(); for (Principal current : subject.getPrincipals()) { if (current instanceof Serializable) { principals.add(current); } } toSend.setReadOnly(); return toSend; } return null; }
public Subject createSubjectWithGroups(Principal userPrincipal) { Subject authenticationSubject = new Subject(); authenticationSubject.getPrincipals().add(userPrincipal); authenticationSubject.getPrincipals().addAll(getGroupPrincipals(userPrincipal)); authenticationSubject.setReadOnly(); return authenticationSubject; }
public SecurityContext() { if (_logger.isLoggable(Level.FINE)) { _logger.log(Level.FINE, "Default CTOR of SecurityContext called"); } this.subject = new Subject(); // delay assignment of caller principal until it is requested this.initiator = null; this.setServerGeneratedCredentials(); // read only is only done for guest logins. this.subject.setReadOnly(); }
Subject subject = new Subject(); subject.getPrincipals().add(new SimplePrincipal("system")); subject.setReadOnly(); RunContext runContext = RunContexts.copyCurrent().withSubject(subject);
public synchronized UserIdentity putUser (KnownUser userPrincipal, String[] roles) { Subject subject = new Subject(); subject.getPrincipals().add(userPrincipal); subject.getPrivateCredentials().add(userPrincipal._credential); if (roles!=null) for (String role : roles) subject.getPrincipals().add(new RolePrincipal(role)); subject.setReadOnly(); UserIdentity identity=_identityService.newUserIdentity(subject,userPrincipal,roles); _users.put(userPrincipal._name,identity); return identity; }
public static Subject createServletConnectionSubject(final HttpServletRequest request, Subject original) { Subject subject = new Subject(false, original.getPrincipals(), original.getPublicCredentials(), original.getPrivateCredentials()); subject.getPrincipals().add(new ServletConnectionPrincipal(request)); subject.setReadOnly(); return subject; }
private UserIdentity createUserIdentity(String username, Credential credential) { Principal userPrincipal = new AbstractLoginService.UserPrincipal(username, credential); Subject subject = new Subject(); subject.getPrincipals().add(userPrincipal); subject.getPrivateCredentials().add(credential); subject.setReadOnly(); return identityService.newUserIdentity(subject, userPrincipal, new String[]{"user"}); }
protected Subject getSubject() { PluginUserSession session = (PluginUserSession) UserSession.get(); Credentials credentials = session.getCredentials(); Subject subject = new Subject(); subject.getPrivateCredentials().add(credentials); subject.setReadOnly(); return subject; }
public ClusterSynchronizationService() { m_subject = new Subject(); m_subject.getPrincipals().add(new SimplePrincipal(CONFIG.getPropertyValue(ClusterSyncUserProperty.class))); m_subject.setReadOnly(); }
protected final Subject getSubjectWithAddedSystemRights() { Subject subject = Subject.getSubject(AccessController.getContext()); if(subject == null) { subject = new Subject(); } else { subject = new Subject(false, subject.getPrincipals(), subject.getPublicCredentials(), subject.getPrivateCredentials()); } subject.getPrincipals().add(getSystemPrincipal()); subject.setReadOnly(); return subject; }
@Override public Caller getCaller(AccessControlContext acc, Caller currentCaller) { Subject subject = Subject.getSubject(acc); // This is deliberately checking the Subject is the exact same instance. if (currentCaller == null || subject != currentCaller.getSubject()) { if (subject != null) { subject.setReadOnly(); } return Caller.createCaller(subject); } return currentCaller; }
public Subject getSubject() { Subject subject = new Subject(); subject.getPrincipals().add(getUserPrincipal()); subject.getPublicCredentials().add(credentials); subject.setReadOnly(); return subject; }
@Override protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException { Subject subject = new Subject(); // delegate to the external security system if possible String roleName = "Alice".equals(name) ? "developers" : "pms"; subject.getPrincipals().add(new SimplePrincipal(name)); subject.getPrincipals().add(new SimpleGroup(roleName, name)); subject.setReadOnly(); return subject; }
protected Subject createSubject(String name, String password, boolean isDigest, String nonce, String created) throws SecurityException { Subject subject = new Subject(); // delegate to the external security system if possible // authenticate the user somehow subject.getPrincipals().add(new SimplePrincipal(name)); // add roles this user is in String roleName = "Alice".equals(name) ? "developers" : "pms"; subject.getPrincipals().add(new SimpleGroup(roleName, name)); subject.setReadOnly(); return subject; }