/** * Create a new authentication context for this security domain which can be used to carry out a single authentication * operation. * * Calling with enabled security manager requires {@code createServerAuthenticationContext} {@link ElytronPermission}. * * @return the new authentication context */ public ServerAuthenticationContext createNewAuthenticationContext() { final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(CREATE_AUTH_CONTEXT); } return new ServerAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY)); }
/** * Attempt to create a new identity that can be used to run as an anonymous user * * Calling with enabled security manager requires {@code setRunAsPrincipal} {@link ElytronPermission}. * * @param authorize whether to check the anonymous identity is authorized to log in * (has {@link org.wildfly.security.auth.permission.LoginPermission}) * @return the new security identity * @throws SecurityException if the caller does not have the {@code setRunAsPrincipal} * {@link ElytronPermission} or if the operation authorization failed for any other reason */ public SecurityIdentity createRunAsAnonymous(boolean authorize) throws SecurityException { final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(SET_RUN_AS_PERMISSION); } try (final ServerAuthenticationContext context = securityDomain.createNewAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY))) { if (! context.authorizeAnonymous(authorize)) { throw log.runAsAuthorizationFailed(principal, AnonymousPrincipal.getInstance(), null); } return context.getAuthorizedIdentity(); } }
/** * Attempt to create a new identity that can be used to run as a user with the given principal. * * Calling with enabled security manager requires {@code setRunAsPrincipal} {@link ElytronPermission}. * * @param principal the principal to attempt to run as * @param authorize whether to check the current identity is authorized to run as a user * with the given principal (has {@link RunAsPrincipalPermission}) * @return the new security identity * @throws SecurityException if the caller does not have the {@code setRunAsPrincipal} * {@link ElytronPermission} or if the operation authorization failed for any other reason */ public SecurityIdentity createRunAsIdentity(Principal principal, boolean authorize) throws SecurityException { Assert.checkNotNullParam("principal", principal); final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(SET_RUN_AS_PERMISSION); } try (final ServerAuthenticationContext context = securityDomain.createNewAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY))) { if (! (context.importIdentity(this) && context.authorize(principal, authorize))) { throw log.runAsAuthorizationFailed(this.principal, principal, null); } return context.getAuthorizedIdentity(); } catch (RealmUnavailableException e) { throw log.runAsAuthorizationFailed(this.principal, principal, e); } }
ServerAuthenticationContext serverAuthenticationContext = new ServerAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY)); if (principal != null) serverAuthenticationContext.setAuthenticationPrincipal(principal); if (serverAuthenticationContext.verifyEvidence(evidence)) {
private static Function<String, HttpAuthenticationFactory> toHttpAuthenticationFactoryFunction(final Supplier<SecurityDomain> securityDomainSupplier) { final HttpServerAuthenticationMechanismFactory mechanismFactory = new FilterServerMechanismFactory(new ServerMechanismFactoryImpl(), SERVLET_MECHANISM); return (realmName) -> HttpAuthenticationFactory.builder().setFactory(mechanismFactory) .setSecurityDomain(securityDomainSupplier.get()) .setMechanismConfigurationSelector( MechanismConfigurationSelector.constantSelector(realmName == null ? MechanismConfiguration.EMPTY : MechanismConfiguration.builder() .addMechanismRealm( MechanismRealmConfiguration.builder().setRealmName(realmName).build()) .build())) .build(); }
final MechanismConfigurationSelector mechanismConfigurationSelector = this.mechanismConfigurationSelector != null ? this.mechanismConfigurationSelector : MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY);
/** * Create a new authentication context for this security domain which can be used to carry out a single authentication * operation. * * Calling with enabled security manager requires {@code createServerAuthenticationContext} {@link ElytronPermission}. * * @return the new authentication context */ public ServerAuthenticationContext createNewAuthenticationContext() { final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(CREATE_AUTH_CONTEXT); } return new ServerAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY)); }
/** * Create a new authentication context for this security domain which can be used to carry out a single authentication * operation. * * Calling with enabled security manager requires {@code createServerAuthenticationContext} {@link ElytronPermission}. * * @return the new authentication context */ public ServerAuthenticationContext createNewAuthenticationContext() { final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(CREATE_AUTH_CONTEXT); } return new ServerAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY)); }
/** * Create a new authentication context for this security domain which can be used to carry out a single authentication * operation. * * Calling with enabled security manager requires {@code createServerAuthenticationContext} {@link ElytronPermission}. * * @return the new authentication context */ public ServerAuthenticationContext createNewAuthenticationContext() { final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(CREATE_AUTH_CONTEXT); } return new ServerAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY)); }
/** * Attempt to create a new identity that can be used to run as an anonymous user * * Calling with enabled security manager requires {@code setRunAsPrincipal} {@link ElytronPermission}. * * @param authorize whether to check the anonymous identity is authorized to log in * (has {@link org.wildfly.security.auth.permission.LoginPermission}) * @return the new security identity * @throws SecurityException if the caller does not have the {@code setRunAsPrincipal} * {@link ElytronPermission} or if the operation authorization failed for any other reason */ public SecurityIdentity createRunAsAnonymous(boolean authorize) throws SecurityException { final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(SET_RUN_AS_PERMISSION); } try (final ServerAuthenticationContext context = securityDomain.createNewAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY))) { if (! context.authorizeAnonymous(authorize)) { throw log.runAsAuthorizationFailed(principal, AnonymousPrincipal.getInstance(), null); } return context.getAuthorizedIdentity(); } }
/** * Attempt to create a new identity that can be used to run as an anonymous user * * Calling with enabled security manager requires {@code setRunAsPrincipal} {@link ElytronPermission}. * * @param authorize whether to check the anonymous identity is authorized to log in * (has {@link org.wildfly.security.auth.permission.LoginPermission}) * @return the new security identity * @throws SecurityException if the caller does not have the {@code setRunAsPrincipal} * {@link ElytronPermission} or if the operation authorization failed for any other reason */ public SecurityIdentity createRunAsAnonymous(boolean authorize) throws SecurityException { final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(SET_RUN_AS_PERMISSION); } try (final ServerAuthenticationContext context = securityDomain.createNewAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY))) { if (! context.authorizeAnonymous(authorize)) { throw log.runAsAuthorizationFailed(principal, AnonymousPrincipal.getInstance(), null); } return context.getAuthorizedIdentity(); } }
/** * Attempt to create a new identity that can be used to run as an anonymous user * * Calling with enabled security manager requires {@code setRunAsPrincipal} {@link ElytronPermission}. * * @param authorize whether to check the anonymous identity is authorized to log in * (has {@link org.wildfly.security.auth.permission.LoginPermission}) * @return the new security identity * @throws SecurityException if the caller does not have the {@code setRunAsPrincipal} * {@link ElytronPermission} or if the operation authorization failed for any other reason */ public SecurityIdentity createRunAsAnonymous(boolean authorize) throws SecurityException { final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(SET_RUN_AS_PERMISSION); } try (final ServerAuthenticationContext context = securityDomain.createNewAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY))) { if (! context.authorizeAnonymous(authorize)) { throw log.runAsAuthorizationFailed(principal, AnonymousPrincipal.getInstance(), null); } return context.getAuthorizedIdentity(); } }
/** * Attempt to create a new identity that can be used to run as a user with the given principal. * * Calling with enabled security manager requires {@code setRunAsPrincipal} {@link ElytronPermission}. * * @param principal the principal to attempt to run as * @param authorize whether to check the current identity is authorized to run as a user * with the given principal (has {@link RunAsPrincipalPermission}) * @return the new security identity * @throws SecurityException if the caller does not have the {@code setRunAsPrincipal} * {@link ElytronPermission} or if the operation authorization failed for any other reason */ public SecurityIdentity createRunAsIdentity(Principal principal, boolean authorize) throws SecurityException { Assert.checkNotNullParam("principal", principal); final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(SET_RUN_AS_PERMISSION); } try (final ServerAuthenticationContext context = securityDomain.createNewAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY))) { if (! (context.importIdentity(this) && context.authorize(principal, authorize))) { throw log.runAsAuthorizationFailed(this.principal, principal, null); } return context.getAuthorizedIdentity(); } catch (RealmUnavailableException e) { throw log.runAsAuthorizationFailed(this.principal, principal, e); } }
/** * Attempt to create a new identity that can be used to run as a user with the given principal. * * Calling with enabled security manager requires {@code setRunAsPrincipal} {@link ElytronPermission}. * * @param principal the principal to attempt to run as * @param authorize whether to check the current identity is authorized to run as a user * with the given principal (has {@link RunAsPrincipalPermission}) * @return the new security identity * @throws SecurityException if the caller does not have the {@code setRunAsPrincipal} * {@link ElytronPermission} or if the operation authorization failed for any other reason */ public SecurityIdentity createRunAsIdentity(Principal principal, boolean authorize) throws SecurityException { Assert.checkNotNullParam("principal", principal); final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(SET_RUN_AS_PERMISSION); } try (final ServerAuthenticationContext context = securityDomain.createNewAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY))) { if (! (context.importIdentity(this) && context.authorize(principal, authorize))) { throw log.runAsAuthorizationFailed(this.principal, principal, null); } return context.getAuthorizedIdentity(); } catch (RealmUnavailableException e) { throw log.runAsAuthorizationFailed(this.principal, principal, e); } }
/** * Attempt to create a new identity that can be used to run as a user with the given principal. * * Calling with enabled security manager requires {@code setRunAsPrincipal} {@link ElytronPermission}. * * @param principal the principal to attempt to run as * @param authorize whether to check the current identity is authorized to run as a user * with the given principal (has {@link RunAsPrincipalPermission}) * @return the new security identity * @throws SecurityException if the caller does not have the {@code setRunAsPrincipal} * {@link ElytronPermission} or if the operation authorization failed for any other reason */ public SecurityIdentity createRunAsIdentity(Principal principal, boolean authorize) throws SecurityException { Assert.checkNotNullParam("principal", principal); final SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(SET_RUN_AS_PERMISSION); } try (final ServerAuthenticationContext context = securityDomain.createNewAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY))) { if (! (context.importIdentity(this) && context.authorize(principal, authorize))) { throw log.runAsAuthorizationFailed(this.principal, principal, null); } return context.getAuthorizedIdentity(); } catch (RealmUnavailableException e) { throw log.runAsAuthorizationFailed(this.principal, principal, e); } }
ServerAuthenticationContext serverAuthenticationContext = new ServerAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY)); if (principal != null) serverAuthenticationContext.setAuthenticationPrincipal(principal); if (serverAuthenticationContext.verifyEvidence(evidence)) {
ServerAuthenticationContext serverAuthenticationContext = new ServerAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY)); if (principal != null) serverAuthenticationContext.setAuthenticationPrincipal(principal); if (serverAuthenticationContext.verifyEvidence(evidence)) {
ServerAuthenticationContext serverAuthenticationContext = new ServerAuthenticationContext(this, MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY)); if (principal != null) serverAuthenticationContext.setAuthenticationPrincipal(principal); if (serverAuthenticationContext.verifyEvidence(evidence)) {
private static Function<String, HttpAuthenticationFactory> toHttpAuthenticationFactoryFunction(final Supplier<SecurityDomain> securityDomainSupplier) { final HttpServerAuthenticationMechanismFactory mechanismFactory = new FilterServerMechanismFactory(new ServerMechanismFactoryImpl(), SERVLET_MECHANISM); return (realmName) -> HttpAuthenticationFactory.builder().setFactory(mechanismFactory) .setSecurityDomain(securityDomainSupplier.get()) .setMechanismConfigurationSelector( MechanismConfigurationSelector.constantSelector(realmName == null ? MechanismConfiguration.EMPTY : MechanismConfiguration.builder() .addMechanismRealm( MechanismRealmConfiguration.builder().setRealmName(realmName).build()) .build())) .build(); }
private static Function<String, HttpAuthenticationFactory> toHttpAuthenticationFactoryFunction(final Supplier<SecurityDomain> securityDomainSupplier) { final HttpServerAuthenticationMechanismFactory mechanismFactory = new FilterServerMechanismFactory(new ServerMechanismFactoryImpl(), SERVLET_MECHANISM); return (realmName) -> HttpAuthenticationFactory.builder().setFactory(mechanismFactory) .setSecurityDomain(securityDomainSupplier.get()) .setMechanismConfigurationSelector( MechanismConfigurationSelector.constantSelector(realmName == null ? MechanismConfiguration.EMPTY : MechanismConfiguration.builder() .addMechanismRealm( MechanismRealmConfiguration.builder().setRealmName(realmName).build()) .build())) .build(); }