@Override public SecurityContext run() { return SecurityContextAssociation.getSecurityContext(); } });
@Override public SecurityContext run() { return SecurityContextAssociation.getSecurityContext(); } });
public SecurityContext run() { return SecurityContextAssociation.getSecurityContext(); } });
public SecurityContext run() { return SecurityContextAssociation.getSecurityContext(); } });
public SecurityContext run() { return SecurityContextAssociation.getSecurityContext(); } };
public SecurityContext run() { return SecurityContextAssociation.getSecurityContext(); } });
private SecurityContext saveSecurityContext() { return SecurityContextAssociation.getSecurityContext(); }
private SecurityContext setupSecurityContext() { final SecurityContext previous = SecurityContextAssociation.getSecurityContext(); SecurityContextAssociation.setSecurityContext(securityContext); return previous; } }
static SecurityContext getSecurityContext() { if (WildFlySecurityManager.isChecking()) { return doPrivileged(new PrivilegedAction<SecurityContext>() { public SecurityContext run() { return SecurityContextAssociation.getSecurityContext(); } }); } else { return SecurityContextAssociation.getSecurityContext(); } }
static SecurityContext getSecurityContext() { if (WildFlySecurityManager.isChecking()) { return doPrivileged(new PrivilegedAction<SecurityContext>() { public SecurityContext run() { return SecurityContextAssociation.getSecurityContext(); } }); } else { return SecurityContextAssociation.getSecurityContext(); } }
@Override public org.jboss.weld.security.spi.SecurityContext getSecurityContext() { SecurityContext ctx; if (WildFlySecurityManager.isChecking()) { ctx = AccessController.doPrivileged((PrivilegedAction<SecurityContext>) () -> SecurityContextAssociation.getSecurityContext()); } else { ctx = SecurityContextAssociation.getSecurityContext(); } return new WeldSecurityContext(ctx); }
private static SecurityContext getSecurityContext() { if (WildFlySecurityManager.isChecking()) { return AccessController.doPrivileged(new PrivilegedAction<SecurityContext>() { @Override public SecurityContext run() { return SecurityContextAssociation.getSecurityContext(); } }); } return SecurityContextAssociation.getSecurityContext(); }
/** * Get the current {@code SecurityContext} * * @return an instance of {@code SecurityContext} */ static SecurityContext getSecurityContext() { if (WildFlySecurityManager.isChecking()) { return WildFlySecurityManager.doUnchecked(new PrivilegedAction<SecurityContext>() { public SecurityContext run() { return SecurityContextAssociation.getSecurityContext(); } }); } else { return SecurityContextAssociation.getSecurityContext(); } }
/** * Get the current {@code SecurityContext} * * @return an instance of {@code SecurityContext} */ public static SecurityContext getSecurityContext() { if (WildFlySecurityManager.isChecking()) { return WildFlySecurityManager.doUnchecked(new PrivilegedAction<SecurityContext>() { @Override public SecurityContext run() { return SecurityContextAssociation.getSecurityContext(); } }); } else { return SecurityContextAssociation.getSecurityContext(); } }
/** * Push a new {@link Principal} and Credential pair. * * This method is to be called before an EJB invocation is passed through it's security interceptor, at that point the * Principal and Credential pair can be verified. * * Note: This method should be called from within a {@link PrivilegedAction}. * * @param principal - The alternative {@link Principal} to use in verification before the next EJB is called. * @param credential - The credential to verify with the {@linl Principal} * @return A {@link ContextStateCache} that can later be used to pop the identity pushed here and restore internal state to it's previous values. * @throws Exception If there is a problem associating the new {@link Principal} and Credential pair. */ public static ContextStateCache pushIdentity(final Principal principal, final Object credential) throws Exception { SecurityContext current = SecurityContextAssociation.getSecurityContext(); SecurityContext nextContext = SecurityContextFactory.createSecurityContext(principal, credential, new Subject(), "USER_DELEGATION"); SecurityContextAssociation.setSecurityContext(nextContext); RemoteConnection con = RemotingContext.getRemoteConnection(); RemotingContext.clear(); return new ContextStateCache(con, current); }
public void push(final String securityDomain, String userName, char[] password, final Subject subject) { final SecurityContext previous = SecurityContextAssociation.getSecurityContext(); contexts.push(previous); SecurityContext current = establishSecurityContext(securityDomain); if (propagate && previous != null) { current.setSubjectInfo(getSubjectInfo(previous)); current.setIncomingRunAs(previous.getOutgoingRunAs()); } RunAs currentRunAs = current.getIncomingRunAs(); boolean trusted = currentRunAs != null && currentRunAs instanceof RunAsIdentity; if (trusted == false) { SecurityContextUtil util = current.getUtil(); util.createSubjectInfo(new SimplePrincipal(userName), new String(password), subject); } }
public void authenticate(final String runAs, final String runAsPrincipal, final Set<String> extraRoles) { SecurityContext current = SecurityContextAssociation.getSecurityContext(); SecurityContext previous = contexts.peek(); // skip reauthentication if the current context already has an authenticated subject (copied from the previous context // upon creation - see push method) and both contexts use the same security domain or there is an incoming RunAs of RunAsIdentity type boolean skipReauthentication = current.getSubjectInfo() != null && current.getSubjectInfo().getAuthenticatedSubject() != null && !current.getSubjectInfo().getAuthenticatedSubject().getPrincipals().isEmpty() && ( (previous != null && current.getSecurityDomain().equals(previous.getSecurityDomain())) || current.getIncomingRunAs() instanceof RunAsIdentity ); if (!skipReauthentication) { SecurityContextUtil util = current.getUtil(); Object credential = util.getCredential(); Subject subject = null; if (credential instanceof RemotingConnectionCredential) { subject = ((RemotingConnectionCredential) credential).getSubject(); } if (authenticate(current, subject) == false) { throw SecurityLogger.ROOT_LOGGER.invalidUserException(); } } // setup the run-as identity. if (runAs != null) { RunAs runAsIdentity = new RunAsIdentity(runAs, runAsPrincipal, extraRoles); current.setOutgoingRunAs(runAsIdentity); } else if (propagate && previous != null && previous.getOutgoingRunAs() != null) { // Ensure the propagation continues. current.setOutgoingRunAs(previous.getOutgoingRunAs()); } }
securityContext = SecurityContextAssociation.getSecurityContext();
securityDomain = AccessController.doPrivileged((PrivilegedAction<SecurityDomain>) SecurityDomain::getCurrent); } else { securityContext = SecurityContextAssociation.getSecurityContext(); securityDomain = SecurityDomain.getCurrent();
final SecurityContext previous = SecurityContextAssociation.getSecurityContext(); contexts.push(previous); SecurityContext current = establishSecurityContext(securityDomain);