final Principal userPrincipal = request.getUserPrincipal(); GenericPrincipal genericPrincipal = (GenericPrincipal) userPrincipal; final String[] roles = genericPrincipal.getRoles();
private String[] getRolePrincipal() { final GenericPrincipal genericPrincipal = (GenericPrincipal) getUserPrincipal(); return genericPrincipal.getRoles(); }
public TribestreamPrincipal merge(final Principal principal) { if (!GenericPrincipal.class.isInstance(principal)) { return this; } final String[] otherRoles = GenericPrincipal.class.cast(principal).getRoles(); if (otherRoles.length > 0) { // make sure we don't get duplicates Set<String> mergedRoles = new HashSet<String>(); Collections.addAll(mergedRoles, roles); Collections.addAll(mergedRoles, otherRoles); roles = mergedRoles.toArray(new String[mergedRoles.size()]); } return this; }
@Override public String[] getRoles(Principal principal) { if (principal instanceof GenericPrincipal) { return ((GenericPrincipal) principal).getRoles(); } String className = principal.getClass().getSimpleName(); throw new IllegalStateException(sm.getString("realmBase.cannotGetRoles", className)); } }
public String[] roles(final Principal userPrincipal) { Principal pcp = userPrincipal; if (!GenericPrincipal.class.isInstance(userPrincipal)) { pcp = tomcatPrincipal(); } return GenericPrincipal.class.isInstance(pcp) ? GenericPrincipal.class.cast(pcp).getRoles() : null; } }
@Override public String[] getRoles(Principal principal) { if (principal instanceof GenericPrincipal) { return ((GenericPrincipal) principal).getRoles(); } String className = principal.getClass().getSimpleName(); throw new IllegalStateException(sm.getString("realmBase.cannotGetRoles", className)); } }
@Override public boolean commit() throws LoginException { if (!subject.getPrincipals().contains(principal)) { subject.getPrincipals().add(principal); if (GenericPrincipal.class.isInstance(principal)) { final String roles[] = GenericPrincipal.class.cast(principal).getRoles(); for (final String role : roles) { subject.getPrincipals().add(new GenericPrincipal(role, null, null)); } } } return true; }
@Override public boolean commit() throws LoginException { // If authentication was not successful, just return false if (principal == null) { return (false); } // Add our Principal to the Subject if needed if (!subject.getPrincipals().contains(principal)) { subject.getPrincipals().add(principal); // add roles as special Principal that implements java.security.acl.Group if (principal instanceof GenericPrincipal) { String roles[] = ((GenericPrincipal) principal).getRoles(); rolePrincipal = new SimpleRolePrincipal(roles); subject.getPrincipals().add(rolePrincipal); } } // add client (kie server) principal if (!subject.getPrincipals().contains(clientPrincipal)) { subject.getPrincipals().add(clientPrincipal); } committed = true; return (true); }
/** * Access the set of role Princpals associated with the given caller princpal. * * @param principal - the Principal mapped from the authentication principal * and visible from the HttpServletRequest.getUserPrincipal * @return a possible null Set<Principal> for the caller roles */ protected Set<Principal> getPrincipalRoles(Principal principal) { if ((principal instanceof GenericPrincipal) == false) throw new IllegalStateException("Expected GenericPrincipal, but saw: " + principal.getClass()); GenericPrincipal gp = (GenericPrincipal) principal; String[] roleNames = gp.getRoles(); Set<Principal> userRoles = new HashSet<Principal>(); if (roleNames != null) { for (int n = 0; n < roleNames.length; n++) { SimplePrincipal sp = new SimplePrincipal(roleNames[n]); userRoles.add(sp); } } return userRoles; }
public static SerializablePrincipal createPrincipal(GenericPrincipal principal) { if ( principal==null) return null; return new SerializablePrincipal(principal.getName(), principal.getPassword(), principal.getRoles()!=null?Arrays.asList(principal.getRoles()):null, principal.getUserPrincipal()!=principal?principal.getUserPrincipal():null); }
public static SerializablePrincipal createPrincipal(GenericPrincipal principal) { if ( principal==null) return null; return new SerializablePrincipal(principal.getName(), principal.getPassword(), principal.getRoles()!=null?Arrays.asList(principal.getRoles()):null, principal.getUserPrincipal()!=principal?principal.getUserPrincipal():null); }
public static void writePrincipal(GenericPrincipal p, ObjectOutput out) throws IOException { out.writeUTF(p.getName()); out.writeBoolean(p.getPassword()!=null); if ( p.getPassword()!= null ) out.writeUTF(p.getPassword()); String[] roles = p.getRoles(); if ( roles == null ) roles = new String[0]; out.writeInt(roles.length); for ( int i=0; i<roles.length; i++ ) out.writeUTF(roles[i]); boolean hasUserPrincipal = (p != p.getUserPrincipal() && p.getUserPrincipal() instanceof Serializable); out.writeBoolean(hasUserPrincipal); if (hasUserPrincipal) out.writeObject(p.getUserPrincipal()); }
@Override public boolean isCallerInRole(final String role) { final Principal principal = getCallerPrincipal(); if (TomcatUser.class.isInstance(principal)) { if ("**".equals(role)) { return true; // ie logged in through tomcat } final TomcatUser tomcatUser = (TomcatUser) principal; final GenericPrincipal genericPrincipal = (GenericPrincipal) tomcatUser.getTomcatPrincipal(); final String[] roles = genericPrincipal.getRoles(); if (roles != null) { for (final String userRole : roles) { if (userRole.equals(role)) { return true; } } } return false; } return super.isCallerInRole(role); }
public static void writePrincipal(GenericPrincipal p, ObjectOutput out) throws IOException { out.writeUTF(p.getName()); out.writeBoolean(p.getPassword()!=null); if ( p.getPassword()!= null ) out.writeUTF(p.getPassword()); String[] roles = p.getRoles(); if ( roles == null ) roles = new String[0]; out.writeInt(roles.length); for ( int i=0; i<roles.length; i++ ) out.writeUTF(roles[i]); boolean hasUserPrincipal = (p != p.getUserPrincipal() && p.getUserPrincipal() instanceof Serializable); out.writeBoolean(hasUserPrincipal); if (hasUserPrincipal) out.writeObject(p.getUserPrincipal()); }
@Override protected Principal doLogin(final Request request, final String username, final String password) throws ServletException { this.log.debug("logging in: {}", username); IWindowsIdentity windowsIdentity; try { windowsIdentity = this.auth.logonUser(username, password); } catch (final Exception e) { this.log.error(e.getMessage()); this.log.trace("", e); return super.doLogin(request, username, password); } // disable guest login if (!this.allowGuestLogin && windowsIdentity.isGuest()) { this.log.warn("guest login disabled: {}", windowsIdentity.getFqn()); return super.doLogin(request, username, password); } try { this.log.debug("successfully logged in {} ({})", username, windowsIdentity.getSidString()); final GenericPrincipal genericPrincipal = this.createPrincipal(windowsIdentity); this.log.debug("roles: {}", String.join(", ", genericPrincipal.getRoles())); return genericPrincipal; } finally { windowsIdentity.dispose(); } }
@Override protected Principal doLogin(final Request request, final String username, final String password) throws ServletException { this.log.debug("logging in: {}", username); IWindowsIdentity windowsIdentity; try { windowsIdentity = this.auth.logonUser(username, password); } catch (final Exception e) { this.log.error(e.getMessage()); this.log.trace("", e); return super.doLogin(request, username, password); } // disable guest login if (!this.allowGuestLogin && windowsIdentity.isGuest()) { this.log.warn("guest login disabled: {}", windowsIdentity.getFqn()); return super.doLogin(request, username, password); } try { this.log.debug("successfully logged in {} ({})", username, windowsIdentity.getSidString()); final GenericPrincipal genericPrincipal = this.createPrincipal(windowsIdentity); this.log.debug("roles: {}", String.join(", ", genericPrincipal.getRoles())); return genericPrincipal; } finally { windowsIdentity.dispose(); } }
@Override protected Principal doLogin(final Request request, final String username, final String password) throws ServletException { this.log.debug("logging in: {}", username); IWindowsIdentity windowsIdentity; try { windowsIdentity = this.auth.logonUser(username, password); } catch (final Exception e) { this.log.error(e.getMessage()); this.log.trace("", e); return super.doLogin(request, username, password); } // disable guest login if (!this.allowGuestLogin && windowsIdentity.isGuest()) { this.log.warn("guest login disabled: {}", windowsIdentity.getFqn()); return super.doLogin(request, username, password); } try { this.log.debug("successfully logged in {} ({})", username, windowsIdentity.getSidString()); final GenericPrincipal genericPrincipal = this.createPrincipal(windowsIdentity); this.log.debug("roles: {}", String.join(", ", genericPrincipal.getRoles())); return genericPrincipal; } finally { windowsIdentity.dispose(); } }
@Override protected Principal doLogin(final Request request, final String username, final String password) throws ServletException { this.log.debug("logging in: {}", username); IWindowsIdentity windowsIdentity; try { windowsIdentity = this.auth.logonUser(username, password); } catch (final Exception e) { this.log.error(e.getMessage()); this.log.trace("", e); return super.doLogin(request, username, password); } // disable guest login if (!this.allowGuestLogin && windowsIdentity.isGuest()) { this.log.warn("guest login disabled: {}", windowsIdentity.getFqn()); return super.doLogin(request, username, password); } try { this.log.debug("successfully logged in {} ({})", username, windowsIdentity.getSidString()); final GenericPrincipal genericPrincipal = this.createPrincipal(windowsIdentity); this.log.debug("roles: {}", String.join(", ", genericPrincipal.getRoles())); return genericPrincipal; } finally { windowsIdentity.dispose(); } }
@Override protected Principal doLogin(final Request request, final String username, final String password) throws ServletException { this.log.debug("logging in: {}", username); IWindowsIdentity windowsIdentity; try { windowsIdentity = this.auth.logonUser(username, password); } catch (final Exception e) { this.log.error(e.getMessage()); this.log.trace("", e); return super.doLogin(request, username, password); } // disable guest login if (!this.allowGuestLogin && windowsIdentity.isGuest()) { this.log.warn("guest login disabled: {}", windowsIdentity.getFqn()); return super.doLogin(request, username, password); } try { this.log.debug("successfully logged in {} ({})", username, windowsIdentity.getSidString()); final GenericPrincipal genericPrincipal = this.createPrincipal(windowsIdentity); this.log.debug("roles: {}", String.join(", ", genericPrincipal.getRoles())); return genericPrincipal; } finally { windowsIdentity.dispose(); } }
protected SkeletonKeyToken buildToken(GenericPrincipal gp) { SkeletonKeyToken token = new SkeletonKeyToken(); token.id(generateId()); token.principal(gp.getName()); token.audience(skeletonKeyConfig.getRealm()); int expiration = skeletonKeyConfig.getAccessCodeLifetime() == 0 ? 3600 : skeletonKeyConfig.getAccessCodeLifetime(); if (skeletonKeyConfig.getTokenLifetime() > 0) { token.expiration((System.currentTimeMillis() / 1000) + expiration); } SkeletonKeyToken.Access realmAccess = new SkeletonKeyToken.Access(); for (String role : gp.getRoles()) { realmAccess.addRole(role); } token.setRealmAccess(realmAccess); return token; }