public static void requestSessionCreation(boolean createSessionRequest) { ThreadContext.put(AUTO_CREATE_SESSION_KEY, createSessionRequest); } }
/** * Convenience method that simplifies binding a Subject to the ThreadContext. * <p/> * <p>The method's existence is to help reduce casting in your own code and to simplify remembering of * ThreadContext key names. The implementation is simple in that, if the Subject is not <tt>null</tt>, * it binds it to the thread, i.e.: * <p/> * <pre> * if (subject != null) { * put( SUBJECT_KEY, subject ); * }</pre> * * @param subject the Subject object to bind to the thread. If the argument is null, nothing will be done. * @since 0.2 */ public static void bind(Subject subject) { if (subject != null) { put(SUBJECT_KEY, subject); } }
/** * Convenience method that simplifies binding the application's SecurityManager instance to the ThreadContext. * <p/> * <p>The method's existence is to help reduce casting in code and to simplify remembering of * ThreadContext key names. The implementation is simple in that, if the SecurityManager is not <tt>null</tt>, * it binds it to the thread, i.e.: * <p/> * <pre> * if (securityManager != null) { * put( SECURITY_MANAGER_KEY, securityManager); * }</pre> * * @param securityManager the application's SecurityManager instance to bind to the thread. If the argument is * null, nothing will be done. * @since 0.9 */ public static void bind(SecurityManager securityManager) { if (securityManager != null) { put(SECURITY_MANAGER_KEY, securityManager); } }
ThreadContext.put(REQUEST_HEADERS, headers);
/** * Convenience method that simplifies binding a Subject to the ThreadContext. * <p/> * <p>The method's existence is to help reduce casting in your own code and to simplify remembering of * ThreadContext key names. The implementation is simple in that, if the Subject is not <tt>null</tt>, * it binds it to the thread, i.e.: * <p/> * <pre> * if (subject != null) { * put( SUBJECT_KEY, subject ); * }</pre> * * @param subject the Subject object to bind to the thread. If the argument is null, nothing will be done. * @since 0.2 */ public static void bind(Subject subject) { if (subject != null) { put(SUBJECT_KEY, subject); } }
/** * Convenience method that simplifies binding the application's SecurityManager instance to the ThreadContext. * <p/> * <p>The method's existence is to help reduce casting in code and to simplify remembering of * ThreadContext key names. The implementation is simple in that, if the SecurityManager is not <tt>null</tt>, * it binds it to the thread, i.e.: * <p/> * <pre> * if (securityManager != null) { * put( SECURITY_MANAGER_KEY, securityManager); * }</pre> * * @param securityManager the application's SecurityManager instance to bind to the thread. If the argument is * null, nothing will be done. * @since 0.9 */ public static void bind(SecurityManager securityManager) { if (securityManager != null) { put(SECURITY_MANAGER_KEY, securityManager); } }
public static void requestSessionCreation(boolean createSessionRequest) { ThreadContext.put(AUTO_CREATE_SESSION_KEY, createSessionRequest); } }
/** * Convenience method that simplifies binding the application's SecurityManager instance to the ThreadContext. * <p/> * <p>The method's existence is to help reduce casting in code and to simplify remembering of * ThreadContext key names. The implementation is simple in that, if the SecurityManager is not <tt>null</tt>, * it binds it to the thread, i.e.: * <p/> * <pre> * if (securityManager != null) { * put( SECURITY_MANAGER_KEY, securityManager); * }</pre> * * @param securityManager the application's SecurityManager instance to bind to the thread. If the argument is * null, nothing will be done. * @since 0.9 */ public static void bind(SecurityManager securityManager) { if (securityManager != null) { put(SECURITY_MANAGER_KEY, securityManager); } }
/** * Convenience method that simplifies binding a Subject to the ThreadContext. * <p/> * <p>The method's existence is to help reduce casting in your own code and to simplify remembering of * ThreadContext key names. The implementation is simple in that, if the Subject is not <tt>null</tt>, * it binds it to the thread, i.e.: * <p/> * <pre> * if (subject != null) { * put( SUBJECT_KEY, subject ); * }</pre> * * @param subject the Subject object to bind to the thread. If the argument is null, nothing will be done. * @since 0.2 */ public static void bind(Subject subject) { if (subject != null) { put(SUBJECT_KEY, subject); } }
@Override public void onSuccess(AuthenticationToken token, AuthenticationInfo info) { if (!(token instanceof ProcessAuthenticationToken) && !(token instanceof SystemAccountAuthenticationToken)) { LogonEvent event = new LogonEvent(token, info); ThreadContext.put(IN_AUTHENTICATION_EVENT_FLAG, new InAuthenticationEvent()); try { logonEvent.fire(event); } finally { // In any case (also in case of access denied) we need to remove this flag ThreadContext.remove(IN_AUTHENTICATION_EVENT_FLAG); } } }
public void loginSubject() throws AuthenticationException { // what a hack :( ThreadContext.put("REQUEST_HEADERS", headers); subject.login(token); // the subject instance will change to include the session final Subject newSubject = ThreadContext.getSubject(); if (newSubject != null) { subject = newSubject; } ThreadContext.remove("REQUEST_HEADERS"); }
@Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { ThreadContext.put(IN_AUTHORIZATION_FLAG, new InAuthorization()); AuthorizationInfo authorizationInfo = null; try { Iterator<OctopusDefinedAuthorizationInfo> iterator = octopusDefinedAuthorizationInfoList.iterator(); Object primaryPrincipal = principals.getPrimaryPrincipal(); while (authorizationInfo == null && iterator.hasNext()) { authorizationInfo = iterator.next().getAuthorizationInfo(primaryPrincipal); } if (authorizationInfo == null) { authorizationInfo = securityDataProvider.getAuthorizationInfo(principals); } } finally { ThreadContext.remove(IN_AUTHORIZATION_FLAG); } return authorizationInfo; }
ThreadContext.put(REQUEST_HEADERS, headers);
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { AuthenticationInfo authenticationInfo = null; // TODO What about IncorrectDataToken, should be return null immediatly?? // How is IncorrectDataToken used? Iterator<OctopusDefinedAuthenticationInfo> iterator = octopusDefinedAuthenticationInfoList.iterator(); while (authenticationInfo == null && iterator.hasNext()) { authenticationInfo = iterator.next().getAuthenticationInfo(token); } if (authenticationInfo == null && !(token instanceof IncorrectDataToken)) { ThreadContext.put(IN_AUTHENTICATION_FLAG, new InAuthentication()); try { authenticationInfo = securityDataProvider.getAuthenticationInfo(token); verifyHashEncoding(authenticationInfo); } finally { // Even in the case of an exception (access not allowed) we need to reset this flag ThreadContext.remove(IN_AUTHENTICATION_FLAG); } } if (authenticationInfo != null && authenticationInfo.getPrincipals() != null) { Object principal = authenticationInfo.getPrincipals().getPrimaryPrincipal(); if (principal instanceof UserPrincipal) { UserPrincipal user = (UserPrincipal) principal; user.addUserInfo(OctopusConstants.TOKEN, token); } } return authenticationInfo; }
@Override protected AuthenticationInfo doSingleRealmAuthentication(Realm realm, AuthenticationToken token) { AuthenticationInfo authenticationInfo = super.doSingleRealmAuthentication(realm, token); // At this point the user is authenticated, otherwise there was already an exception thrown. if (authorizationInfoRequired && realm instanceof OctopusRealm) { ThreadContext.put(IN_AUTHORIZATION_FLAG, new InAuthorization()); try { OctopusRealm octopusRealm = (OctopusRealm) realm; AuthorizationInfo authorizationInfo = octopusRealm.doGetAuthorizationInfo(authenticationInfo.getPrincipals()); UserPrincipal userPrincipal = authenticationInfo.getPrincipals().oneByType(UserPrincipal.class); if (userPrincipal != null) { userPrincipal.addUserInfo(AUTHORIZATION_INFO, authorizationInfo); // authorizationInfoRequired -> When PrincipalAuthorizationInfoAvailibility implementing bean found // By default only when jwt-scs-client is added to the project // Can also be used (a possibility need to investigate another options) for Octopus SSO client to make sure that with every logon // of the user, the latest permissions are retrieved from the octopus SSO server. // TODO Document this octopusRealm.setAuthorizationCachedData(userPrincipal, authorizationInfo); } } finally { ThreadContext.remove(IN_AUTHORIZATION_FLAG); } } return authenticationInfo; }