/** * <p> * Returns the method roles as a set of {@code Principal} instances. All roles specified in the method-permissions or * via {@code RolesAllowed} for this method are wrapped by a {@code SimplePrincipal}. If the method has been added to * the exclude-list or annotated with {@code DenyAll}, a NOBODY_PRINCIPAL is returned. If the method has been added * to the unchecked list or annotated with {@code PermitAll}, an ANYBODY_PRINCIPAL is returned. * </p> * * @return the constructed set of role principals. */ protected Set<Principal> getMethodRolesAsPrincipals() { Set<Principal> methodRoles = new HashSet<Principal>(); if (this.ejbMethodSecurityMetaData.isDenyAll()) methodRoles.add(NobodyPrincipal.NOBODY_PRINCIPAL); else if (this.ejbMethodSecurityMetaData.isPermitAll()) methodRoles.add(AnybodyPrincipal.ANYBODY_PRINCIPAL); else { for (String role : this.ejbMethodSecurityMetaData.getRolesAllowed()) methodRoles.add(new SimplePrincipal(role)); } return methodRoles; }
private void updateSubjectRoles(final org.jboss.security.SecurityContext jbossSct){ if (jbossSct == null) { throw UndertowLogger.ROOT_LOGGER.nullParamter("org.jboss.security.SecurityContext"); } RoleGroup contextRoleGroup = jbossSct.getUtil().getRoles(); if(contextRoleGroup == null){ return; } Collection<Role> contextRoles = contextRoleGroup.getRoles(); if(contextRoles.isEmpty()){ return; } Subject subject = jbossSct.getUtil().getSubject(); Set<Group> groupPrincipals = subject.getPrincipals(Group.class); Group subjectRoleGroup = null; for (Group candidate : groupPrincipals) { if (candidate.getName().equals(ROLES_IDENTIFIER)) { subjectRoleGroup = candidate; break; } } if (subjectRoleGroup == null) { subjectRoleGroup = new SimpleGroup(ROLES_IDENTIFIER); subject.getPrincipals().add(subjectRoleGroup); } for (Role role : contextRoles) { Principal rolePrincipal = new SimplePrincipal(role.getRoleName()); subjectRoleGroup.addMember(rolePrincipal); } }
public void push(final String securityDomain, String userName, char[] password, final Subject subject) { final SecurityContext previous = SecurityContextAssociation.getSecurityContext(); contexts.push(previous); SecurityContext current = establishSecurityContext(securityDomain); if (propagate && previous != null) { current.setSubjectInfo(getSubjectInfo(previous)); current.setIncomingRunAs(previous.getOutgoingRunAs()); } RunAs currentRunAs = current.getIncomingRunAs(); boolean trusted = currentRunAs != null && currentRunAs instanceof RunAsIdentity; if (trusted == false) { SecurityContextUtil util = current.getUtil(); util.createSubjectInfo(new SimplePrincipal(userName), new String(password), subject); } }
@Override protected void executeRuntimeStep(OperationContext context, ModelNode operation) throws OperationFailedException { ModelNode opAddr = operation.require(OP_ADDR); PathAddress address = PathAddress.pathAddress(opAddr); final String securityDomain = address.getLastElement().getValue(); String principal = null; if (operation.hasDefined(Constants.PRINCIPAL_ARGUMENT)) principal = operation.get(Constants.PRINCIPAL_ARGUMENT).asString(); ServiceController<SecurityDomainContext> controller = getSecurityDomainService(context, securityDomain); if (controller != null) { // FIXME this is nasty. waitForService(controller); SecurityDomainContext sdc = controller.getValue(); @SuppressWarnings("unchecked") CacheableManager<?, Principal> manager = (CacheableManager<?, Principal>) sdc.getAuthenticationManager(); if (principal != null) manager.flushCache(new SimplePrincipal(principal)); else manager.flushCache(); } else { throw SecurityLogger.ROOT_LOGGER.noAuthenticationCacheAvailable(securityDomain); } // Can't rollback context.completeStep(OperationContext.RollbackHandler.NOOP_ROLLBACK_HANDLER); } }
p = new SimplePrincipal(localIdentity.getPrincipal().getName()); IdentityCredentials privateCredentials = localIdentity.getPrivateCredentials(); PasswordCredential passwordCredential = privateCredentials.getCredential(PasswordCredential.class, ClearPassword.ALGORITHM_CLEAR);
protected Principal getIdentity() { Principal principal = new SimplePrincipal(principalName); return principal; }
/** * Return the Principal associated with the given user name. */ protected Principal getPrincipal(String username) { return new SimplePrincipal(username); }
protected Principal getIdentity() { log.trace("getIdentity called"); Principal principal = new SimplePrincipal(principalName); return principal; }
protected Principal getIdentity() { log.trace("getIdentity called"); Principal principal = new SimplePrincipal(userName); return principal; }
/** * Construct an inmutable instance of a RunAsIdentity */ public RunAsIdentity(String roleName, String principalName) { // we don't support run-as credetials super(principalName != null ? principalName : ANOYMOUS_PRINCIPAL); if (roleName == null) throw new IllegalArgumentException("The run-as identity must have at least one role"); runAsRoles.add(new SimplePrincipal(roleName)); }
/** * Construct an inmutable instance of a RunAsIdentity */ public RunAsIdentity(String roleName, String principalName) { // we don't support run-as credetials super(principalName != null ? principalName : ANOYMOUS_PRINCIPAL); if (roleName == null) throw PicketBoxMessages.MESSAGES.invalidNullArgument("roleName"); runAsRoles.add(new SimplePrincipal(roleName)); }
protected Principal getIdentity() { PicketBoxLogger.LOGGER.traceBeginGetIdentity(username); Principal principal = new SimplePrincipal(username); return principal; }
protected Principal getIdentity() { PicketBoxLogger.LOGGER.traceBeginGetIdentity(username); Principal principal = new SimplePrincipal(username); return principal; }
private Principal getUserName(MessageInfo messageInfo) { Object requestInfo = messageInfo.getRequestMessage(); String userNameParam = (String) options.get("userNameParam"); if(requestInfo instanceof HttpServletRequest == false) throw PicketBoxMessages.MESSAGES.invalidType(HttpServletRequest.class.getName()); HttpServletRequest hsr = (HttpServletRequest)requestInfo; return new SimplePrincipal(hsr.getParameter(userNameParam)); }
@Override protected Group[] getRoleSets() throws LoginException { Group group = new SimpleGroup("Roles"); List<String> roles = OpenIDProcessor.cachedRoles.get(); if (roles != null) { for (String role : roles) { group.addMember(new SimplePrincipal(role)); } } return new Group[] { group }; } }
@Override public boolean validateUser(String username, String password) { if (defaultUser.equals(username) && defaultPassword.equals(password)) return true; if (securityDomainContext == null) throw MessagingLogger.ROOT_LOGGER.securityDomainContextNotSet(); return securityDomainContext.getAuthenticationManager().isValid(new SimplePrincipal(username), password, new Subject()); }
public Group run() { Group theGroup = new PicketLinkGroup(SecurityConstants.ROLES_IDENTIFIER); for(String role: roles) { theGroup.addMember(new SimplePrincipal(role)); } return theGroup; } });
@Override protected Group[] getRoleSets() throws LoginException { SimpleGroup roles = new SimpleGroup("Roles"); for (String role : rolesList ) { roles.addMember( new SimplePrincipal(role)); } Group[] roleSets = { roles }; return roleSets; }
@Override protected Group[] getRoleSets() throws LoginException { //log.info("getRoleSets"); SimpleGroup roles = new SimpleGroup("Roles"); Group[] roleSets = {roles}; for (String role : roleSet) { //log.info(" adding role: " + role); roles.addMember(new SimplePrincipal(role)); } return roleSets; }
@Override protected Group[] getRoleSets() throws LoginException { Group group = new SimpleGroup(groupName); List<String> roles = ServiceProviderSAMLContext.getRoles(); if (roles != null) { for (String role : roles) { group.addMember(new SimplePrincipal(role)); } } return new Group[]{group}; }