@Override public RunAs run() { if (sc == null) { throw UndertowLogger.ROOT_LOGGER.noSecurityContext(); } RunAs principal = sc.getOutgoingRunAs(); sc.setOutgoingRunAs(null); return principal; } });
@Override public RunAs run() { if (sc == null) { throw UndertowLogger.ROOT_LOGGER.noSecurityContext(); } RunAs old = sc.getOutgoingRunAs(); sc.setOutgoingRunAs(principal); return old; } });
/** * Removes the run as identity * * @return the identity removed */ static RunAs popRunAsIdentity(final SecurityContext sc) { if (WildFlySecurityManager.isChecking()) { return AccessController.doPrivileged(new PrivilegedAction<RunAs>() { @Override public RunAs run() { if (sc == null) { throw UndertowLogger.ROOT_LOGGER.noSecurityContext(); } RunAs principal = sc.getOutgoingRunAs(); sc.setOutgoingRunAs(null); return principal; } }); } else { if (sc == null) { throw UndertowLogger.ROOT_LOGGER.noSecurityContext(); } RunAs principal = sc.getOutgoingRunAs(); sc.setOutgoingRunAs(null); return principal; } }
/** * Sets the run as identity * * @param principal the identity */ static RunAs setRunAsIdentity(final RunAs principal, final SecurityContext sc) { if (WildFlySecurityManager.isChecking()) { return WildFlySecurityManager.doUnchecked(new PrivilegedAction<RunAs>() { @Override public RunAs run() { if (sc == null) { throw UndertowLogger.ROOT_LOGGER.noSecurityContext(); } RunAs old = sc.getOutgoingRunAs(); sc.setOutgoingRunAs(principal); return old; } }); } else { if (sc == null) { throw UndertowLogger.ROOT_LOGGER.noSecurityContext(); } RunAs old = sc.getOutgoingRunAs(); sc.setOutgoingRunAs(principal); return old; } }
public void authenticate(final String runAs, final String runAsPrincipal, final Set<String> extraRoles) { SecurityContext current = SecurityContextAssociation.getSecurityContext(); SecurityContext previous = contexts.peek(); // skip reauthentication if the current context already has an authenticated subject (copied from the previous context // upon creation - see push method) and both contexts use the same security domain or there is an incoming RunAs of RunAsIdentity type boolean skipReauthentication = current.getSubjectInfo() != null && current.getSubjectInfo().getAuthenticatedSubject() != null && !current.getSubjectInfo().getAuthenticatedSubject().getPrincipals().isEmpty() && ( (previous != null && current.getSecurityDomain().equals(previous.getSecurityDomain())) || current.getIncomingRunAs() instanceof RunAsIdentity ); if (!skipReauthentication) { SecurityContextUtil util = current.getUtil(); Object credential = util.getCredential(); Subject subject = null; if (credential instanceof RemotingConnectionCredential) { subject = ((RemotingConnectionCredential) credential).getSubject(); } if (authenticate(current, subject) == false) { throw SecurityLogger.ROOT_LOGGER.invalidUserException(); } } // setup the run-as identity. if (runAs != null) { RunAs runAsIdentity = new RunAsIdentity(runAs, runAsPrincipal, extraRoles); current.setOutgoingRunAs(runAsIdentity); } else if (propagate && previous != null && previous.getOutgoingRunAs() != null) { // Ensure the propagation continues. current.setOutgoingRunAs(previous.getOutgoingRunAs()); } }
public Object run() { sc.setOutgoingRunAs(outgoingRunAs); return null; } });
public Object run() { sc.setOutgoingRunAs(outgoing); return null; } });
public Object run() { sc.setOutgoingRunAs(incomingRunAs); return null; } });
public void push(RunAs id) { //SecurityAssociation.pushRunAsIdentity(id); SecurityContext sc = SecurityContextAssociation.getSecurityContext(); if(sc == null) throw new IllegalStateException("Security Context is null to push runas"); sc.setOutgoingRunAs(id); }
public Object run() { SecurityContext sc = getSecurityContext(); sc.setOutgoingRunAs(runAsIdentity); return null; } });
public void push(RunAs id) { //SecurityAssociation.pushRunAsIdentity(id); SecurityContext sc = getSecurityContext(); if(sc == null) throw new IllegalStateException("Security Context is null"); sc.setOutgoingRunAs(id); }
public RunAs pop() { //return SecurityAssociation.popRunAsIdentity(); SecurityContext sc = getSecurityContext(); if(sc == null) throw new IllegalStateException("Security Context is null"); RunAs ra = sc.getOutgoingRunAs(); sc.setOutgoingRunAs(null); return ra; } };
public Object run() { //RunAsIdentity principal = SecurityAssociation.popRunAsIdentity(); SecurityContext sc = getSecurityContext(); if(sc == null) throw new IllegalStateException("Security Context is null"); RunAs principal = null; principal = sc.getOutgoingRunAs(); sc.setOutgoingRunAs(null); return principal; } }
private void setRunAsIdentity(RunAsIdentity rai) { Map<String,Object> contextMap = securityContext.getData(); //Move the current RAI on the sc into the caller rai RunAs currentRA = securityContext.getOutgoingRunAs(); contextMap.put(CALLER_RAI_IDENTIFIER, currentRA); securityContext.setOutgoingRunAs(rai); }
@Override public Void run() { SecurityContext sc = getSecurityContext(); if (sc == null) throw MESSAGES.noSecurityContext(); sc.setOutgoingRunAs(principal); return null; } });
@Override public RunAs run() { if (sc == null) { throw UndertowLogger.ROOT_LOGGER.noSecurityContext(); } RunAs principal = sc.getOutgoingRunAs(); sc.setOutgoingRunAs(null); return principal; } });
@Override public RunAs run() { if (sc == null) { throw UndertowLogger.ROOT_LOGGER.noSecurityContext(); } RunAs old = sc.getOutgoingRunAs(); sc.setOutgoingRunAs(principal); return old; } });
@Override public RunAs run() { SecurityContext sc = getSecurityContext(); if (sc == null) throw MESSAGES.noSecurityContext(); RunAs principal = sc.getOutgoingRunAs(); sc.setOutgoingRunAs(null); return principal; } });
@Override public void setSecurityIdentity(SecurityIdentity sidentity) { createSubjectInfo(sidentity.getPrincipal(), sidentity.getCredential(), sidentity.getSubject()); securityContext.setOutgoingRunAs(sidentity.getOutgoingRunAs()); securityContext.setIncomingRunAs(sidentity.getIncomingRunAs()); }
@Override public void setSecurityIdentity(SecurityIdentity sidentity) { createSubjectInfo(sidentity.getPrincipal(), sidentity.getCredential(), sidentity.getSubject()); securityContext.setOutgoingRunAs(sidentity.getOutgoingRunAs()); securityContext.setIncomingRunAs(sidentity.getIncomingRunAs()); }