@Override public ContainerRequest filter(ContainerRequest request) { if (!denyAll) { for (String role : rolesAllowed) { if (sc.isUserInRole(role)) return request; } } throw new WebApplicationException(Response.Status.FORBIDDEN); } }
@Override public boolean isUserInRole(String role) { if (securityContext == null) throw new UnsupportedOperationException(); return securityContext.isUserInRole(role); }
@Override public boolean isUserInRole(String role) { checkState(); return requestContext.getSecurityContext().isUserInRole(role); }
@Override public boolean isUserInRole(String role) { checkState(); return requestContext.getSecurityContext().isUserInRole(role); }
@Override public Set<String> getFilteringScopes(final Annotation[] entityAnnotations, final boolean defaultIfNotFound) { Set<String> filteringScope = super.getFilteringScopes(entityAnnotations, false); if (filteringScope.isEmpty()) { filteringScope = new HashSet<>(); // Get all roles collected from entities and check with current security context. for (final String role : SecurityHelper.getProcessedRoles()) { if (securityContext.isUserInRole(role)) { filteringScope.add(SecurityHelper.getRolesAllowedScope(role)); } } } // Use default scope if not in other scope. return returnFilteringScopes(filteringScope, defaultIfNotFound); } }
if (securityContext == null || securityContext.isUserInRole(role)) { bindings.add(getRolesAllowedScope(role));
@Override public void filter(final ContainerRequestContext requestContext) throws IOException { if (!denyAll) { if (rolesAllowed.length > 0 && !isAuthenticated(requestContext)) { throw new ForbiddenException(LocalizationMessages.USER_NOT_AUTHORIZED()); } for (final String role : rolesAllowed) { if (requestContext.getSecurityContext().isUserInRole(role)) { return; } } } throw new ForbiddenException(LocalizationMessages.USER_NOT_AUTHORIZED()); }
@Override public void filter(final ContainerRequestContext requestContext) throws IOException { if (!denyAll) { if (rolesAllowed.length > 0 && !isAuthenticated(requestContext)) { throw new ForbiddenException(LocalizationMessages.USER_NOT_AUTHORIZED()); } for (final String role : rolesAllowed) { if (requestContext.getSecurityContext().isUserInRole(role)) { return; } } } throw new ForbiddenException(LocalizationMessages.USER_NOT_AUTHORIZED()); }
@Path("basket") public ShoppingBasketResource get(@Context SecurityContext sc) { if (sc.isUserInRole("PreferredCustomer") { return new PreferredCustomerShoppingBasketResource(); } else { return new ShoppingBasketResource(); } }
@Override public boolean isUserInRole(String role) { return this.securityContext.isUserInRole(role); }
public Response getEvent(@Context SecurityContext sc,@PathParam("id") long id) { log.debug("auth: " + sc.getAuthenticationScheme()); log.debug("user: " + sc.getUserPrincipal().getName()); // the username! log.debug("admin-privileges: " + sc.isUserInRole("webapp-admin")); return Response.ok(“auth success”).build(); }
@Override public boolean isUserInRole(String role) { checkState(); return requestContext.getSecurityContext().isUserInRole(role); }
private static boolean checkEJBConstraint(Method m) { // Use dynamic class loading here since if the EJB annotation class is not present // it cannot be on the method, so we don't have to check for it try { Class.forName("javax.annotation.security.RolesAllowed"); } catch (ClassNotFoundException e) { // class not here, therefore not on method either return true; } // From now on we can use this class since it's there. I (Stef Epardaud) don't think we need to // remove the reference here and use reflection. RolesAllowed rolesAllowed = m.getAnnotation(RolesAllowed.class); if(rolesAllowed == null) return true; SecurityContext context = ResteasyContext.getContextData(SecurityContext.class); for(String role : rolesAllowed.value()) if(context.isUserInRole(role)) return true; return false; }
@Override public void filter(ContainerRequestContext requestContext) throws IOException { if (denyAll) { throw new ForbiddenException(Response.status(403).entity("Access forbidden: role not allowed").type("text/html;charset=UTF-8").build()); } if (permitAll) return; if (rolesAllowed != null) { SecurityContext context = ResteasyContext.getContextData(SecurityContext.class); if (context != null) { for (String role : rolesAllowed) { if (context.isUserInRole(role)) return; } throw new ForbiddenException(Response.status(403).entity("Access forbidden: role not allowed").type("text/html;charset=UTF-8").build()); } } return; } }
@Override public void filter(final ContainerRequestContext requestContext) throws IOException { if (!denyAll) { if (rolesAllowed.length > 0 && !isAuthenticated(requestContext)) { throw new ForbiddenException(LocalizationMessages.USER_NOT_AUTHORIZED()); } for (final String role : rolesAllowed) { if (requestContext.getSecurityContext().isUserInRole(role)) { return; } } } throw new ForbiddenException(LocalizationMessages.USER_NOT_AUTHORIZED()); }
@Override public ContainerRequest filter(ContainerRequest request) { if (!denyAll) { for (String role : rolesAllowed) { if (sc.isUserInRole(role)) return request; } } throw new WebApplicationException(Response.Status.FORBIDDEN); } }
@Override public boolean isUserInRole(String role) { if (securityContext == null) throw new UnsupportedOperationException(); return securityContext.isUserInRole(role); }
@Override public boolean isUserInRole(String role) { checkState(); return requestContext.getSecurityContext().isUserInRole(role); }
public Book getThatBook() throws BookNotFoundFault { if (!uriInfo.getBaseUri().getScheme().startsWith("http")) { throw new WebApplicationException(500); } if ((securityContext.isUserInRole("ROLE_ADMIN") || securityContext.isUserInRole("ROLE_BOOK_OWNER")) && !securityContext.isUserInRole("ROLE_BAZ")) { return books.get(123L); } throw new WebApplicationException(403); }
protected void checkSecurityContext() { SecurityContext sc = mc.getSecurityContext(); if (sc.getUserPrincipal() == null) { throw ExceptionUtils.toNotAuthorizedException(null, null); } if (userRole != null && !sc.isUserInRole(userRole)) { throw ExceptionUtils.toForbiddenException(null, null); } }