public final boolean isUserInRole(final String role) { SecurityContext ctx = (SecurityContext)getMessageContext().get(SecurityContext.class.getName()); if (ctx == null) { return false; } return ctx.isUserInRole(role); }
@Override public boolean isUserInRole(String role) { return sc.isUserInRole(role); }
protected boolean isUserInRole(SecurityContext sc, List<String> roles, boolean deny) { if (roles.size() == 1 && ALL_ROLES.equals(roles.get(0))) { return !deny; } for (String role : roles) { if (sc.isUserInRole(role)) { return !deny; } } return deny; }
protected boolean isUserInRole(SecurityContext sc, List<String> roles, boolean deny) { if (roles.size() == 1 && ALL_ROLES.equals(roles.get(0))) { return !deny; } for (String role : roles) { if (sc.isUserInRole(role)) { return !deny; } } return deny; }
protected boolean isUserInRole(SecurityContext sc, List<String> roles, boolean deny) { if (roles.size() == 1 && ALL_ROLES.equals(roles.get(0))) { return !deny; } for (String role : roles) { if (sc.isUserInRole(role)) { return !deny; } } return deny; }
protected boolean isUserInRole(SecurityContext sc, List<String> roles, boolean deny) { if (roles.size() == 1 && ALL_ROLES.equals(roles.get(0))) { return !deny; } for (String role : roles) { if (sc.isUserInRole(role)) { return !deny; } } return deny; }
public boolean isUserInRole(String role) { org.apache.cxf.security.SecurityContext sc = getInternalSecurityContext(); return sc == null ? false : sc.isUserInRole(role); }
public boolean isUserInRole(String role) { org.apache.cxf.security.SecurityContext sc = getInternalSecurityContext(); return sc == null ? false : sc.isUserInRole(role); }
public final boolean isUserInRole(final String role) { SecurityContext ctx = (SecurityContext)getMessageContext().get(SecurityContext.class.getName()); if (ctx == null) { return false; } return ctx.isUserInRole(role); }
@Override public void filter(ContainerRequestContext requestContext) throws IOException { Message m = JAXRSUtils.getCurrentMessage(); final Method method = (Method) m.get("org.apache.cxf.resource.method"); final String[] needed = this.searchRoles(method); if (needed.length == 0) { // No roles needed RolesFilter.LOGGER.debug("No roles needed"); return; } RolesFilter.LOGGER.debug("Needs: {}", Joiner.on(",").join(needed)); final SecurityContext securityContext = m.get(SecurityContext.class); if (securityContext != null) { for (final String need : needed) { if (securityContext.isUserInRole(need)) { // Let it pass RolesFilter.LOGGER.debug("Passed with role {}", need); return; } } } String text = "Missing at least one of the following roles: " + Joiner.on(",").join(needed); requestContext.abortWith(Response.status(Status.FORBIDDEN).entity(text).build()); }
@Override public void filter(ContainerRequestContext requestContext) throws IOException { Message m = JAXRSUtils.getCurrentMessage(); final Method method = (Method) m.get("org.apache.cxf.resource.method"); List<RolesAllowed> list = JaxRsAnnotationScanner.searchForAnnotation(method, RolesAllowed.class); final List<String> needed = new ArrayList<>(); for (RolesAllowed annotation : list) { needed.addAll(Lists.newArrayList(annotation.value())); } if (needed.isEmpty()) { // No roles needed RolesFilter.LOGGER.debug("No roles needed"); return; } if (RolesFilter.LOGGER.isDebugEnabled()) { RolesFilter.LOGGER.debug("Needs: {}", Joiner.on(",").join(needed)); } final SecurityContext securityContext = m.get(SecurityContext.class); if (securityContext != null) { for (final String need : needed) { if (securityContext.isUserInRole(need)) { // Let it pass RolesFilter.LOGGER.debug("Passed with role {}", need); return; } } } String text = "Missing at least one of the following roles: " + Joiner.on(",").join(needed); requestContext.abortWith(Response.status(Status.FORBIDDEN).entity(text).build()); }
if (secCtx.isUserInRole(role))