Roles mapRoles(SecurityIdentity securityIdentity) { Assert.checkNotNullParam("securityIdentity", securityIdentity); AuthorizationIdentity identity = securityIdentity.getAuthorizationIdentity(); RealmInfo realmInfo = securityIdentity.getRealmInfo(); // zeroth role mapping, just grab roles from the identity Roles decodedRoles = realmInfo.getRoleDecoder().decodeRoles(identity); // apply the first level mapping, which is based on the role mapper associated with a realm. Roles realmMappedRoles = realmInfo.getRoleMapper().mapRoles(decodedRoles); // apply the second level mapping, which is based on the role mapper associated with this security domain. Roles domainMappedRoles = roleMapper.mapRoles(realmMappedRoles); if (log.isTraceEnabled()) { log.tracef("Role mapping: principal [%s] -> decoded roles [%s] -> realm mapped roles [%s] -> domain mapped roles [%s]", securityIdentity.getPrincipal(), String.join(", ", decodedRoles), String.join(", ", realmMappedRoles), String.join(", ", domainMappedRoles)); } return domainMappedRoles; }
@Override void succeed() { final SecurityIdentity authorizedIdentity = getSourceIdentity(); final AtomicReference<State> stateRef = getStateRef(); if (! stateRef.compareAndSet(this, new CompleteState(authorizedIdentity))) { stateRef.get().succeed(); return; } SecurityRealm.safeHandleRealmEvent(getRealmInfo().getSecurityRealm(), new RealmSuccessfulAuthenticationEvent(realmIdentity, authorizedIdentity.getAuthorizationIdentity(), null, null)); SecurityDomain.safeHandleSecurityEvent(authorizedIdentity.getSecurityDomain(), new SecurityAuthenticationSuccessfulEvent(authorizedIdentity)); realmIdentity.dispose(); }
SecurityRealm.safeHandleRealmEvent(realmInfo.getSecurityRealm(), new RealmIdentityFailedAuthorizationEvent(authorizedIdentity.getAuthorizationIdentity(), authorizedIdentity.getPrincipal(), authenticationPrincipal)); ElytronMessages.log.trace("Authorization failed - identity does not have required LoginPermission"); return null; } else { SecurityRealm.safeHandleRealmEvent(realmInfo.getSecurityRealm(), new RealmIdentitySuccessfulAuthorizationEvent(authorizedIdentity.getAuthorizationIdentity(), authorizedIdentity.getPrincipal(), authenticationPrincipal));
Roles mapRoles(SecurityIdentity securityIdentity) { Assert.checkNotNullParam("securityIdentity", securityIdentity); AuthorizationIdentity identity = securityIdentity.getAuthorizationIdentity(); RealmInfo realmInfo = securityIdentity.getRealmInfo(); // zeroth role mapping, just grab roles from the identity Roles decodedRoles = realmInfo.getRoleDecoder().decodeRoles(identity); // apply the first level mapping, which is based on the role mapper associated with a realm. Roles realmMappedRoles = realmInfo.getRoleMapper().mapRoles(decodedRoles); // apply the second level mapping, which is based on the role mapper associated with this security domain. Roles domainMappedRoles = roleMapper.mapRoles(realmMappedRoles); if (log.isTraceEnabled()) { log.tracef("Role mapping: principal [%s] -> decoded roles [%s] -> realm mapped roles [%s] -> domain mapped roles [%s]", securityIdentity.getPrincipal(), String.join(", ", decodedRoles), String.join(", ", realmMappedRoles), String.join(", ", domainMappedRoles)); } return domainMappedRoles; }
Roles mapRoles(SecurityIdentity securityIdentity) { Assert.checkNotNullParam("securityIdentity", securityIdentity); AuthorizationIdentity identity = securityIdentity.getAuthorizationIdentity(); RealmInfo realmInfo = securityIdentity.getRealmInfo(); // zeroth role mapping, just grab roles from the identity Roles decodedRoles = realmInfo.getRoleDecoder().decodeRoles(identity); // apply the first level mapping, which is based on the role mapper associated with a realm. Roles realmMappedRoles = realmInfo.getRoleMapper().mapRoles(decodedRoles); // apply the second level mapping, which is based on the role mapper associated with this security domain. Roles domainMappedRoles = roleMapper.mapRoles(realmMappedRoles); if (log.isTraceEnabled()) { log.tracef("Role mapping: principal [%s] -> decoded roles [%s] -> realm mapped roles [%s] -> domain mapped roles [%s]", securityIdentity.getPrincipal(), String.join(", ", decodedRoles), String.join(", ", realmMappedRoles), String.join(", ", domainMappedRoles)); } return domainMappedRoles; }
Roles mapRoles(SecurityIdentity securityIdentity) { Assert.checkNotNullParam("securityIdentity", securityIdentity); AuthorizationIdentity identity = securityIdentity.getAuthorizationIdentity(); RealmInfo realmInfo = securityIdentity.getRealmInfo(); // zeroth role mapping, just grab roles from the identity Roles decodedRoles = realmInfo.getRoleDecoder().decodeRoles(identity); // apply the first level mapping, which is based on the role mapper associated with a realm. Roles realmMappedRoles = realmInfo.getRoleMapper().mapRoles(decodedRoles); // apply the second level mapping, which is based on the role mapper associated with this security domain. Roles domainMappedRoles = roleMapper.mapRoles(realmMappedRoles); if (log.isTraceEnabled()) { log.tracef("Role mapping: principal [%s] -> decoded roles [%s] -> realm mapped roles [%s] -> domain mapped roles [%s]", securityIdentity.getPrincipal(), String.join(", ", decodedRoles), String.join(", ", realmMappedRoles), String.join(", ", domainMappedRoles)); } return domainMappedRoles; }
@Override void succeed() { final SecurityIdentity authorizedIdentity = getSourceIdentity(); final AtomicReference<State> stateRef = getStateRef(); if (! stateRef.compareAndSet(this, new CompleteState(authorizedIdentity))) { stateRef.get().succeed(); return; } SecurityRealm.safeHandleRealmEvent(getRealmInfo().getSecurityRealm(), new RealmSuccessfulAuthenticationEvent(realmIdentity, authorizedIdentity.getAuthorizationIdentity(), null, null)); SecurityDomain.safeHandleSecurityEvent(authorizedIdentity.getSecurityDomain(), new SecurityAuthenticationSuccessfulEvent(authorizedIdentity)); realmIdentity.dispose(); }
@Override void succeed() { final SecurityIdentity authorizedIdentity = getSourceIdentity(); final AtomicReference<State> stateRef = getStateRef(); if (! stateRef.compareAndSet(this, new CompleteState(authorizedIdentity))) { stateRef.get().succeed(); return; } SecurityRealm.safeHandleRealmEvent(getRealmInfo().getSecurityRealm(), new RealmSuccessfulAuthenticationEvent(realmIdentity, authorizedIdentity.getAuthorizationIdentity(), null, null)); SecurityDomain.safeHandleSecurityEvent(authorizedIdentity.getSecurityDomain(), new SecurityAuthenticationSuccessfulEvent(authorizedIdentity)); realmIdentity.dispose(); }
@Override void succeed() { final SecurityIdentity authorizedIdentity = getSourceIdentity(); final AtomicReference<State> stateRef = getStateRef(); if (! stateRef.compareAndSet(this, new CompleteState(authorizedIdentity))) { stateRef.get().succeed(); return; } SecurityRealm.safeHandleRealmEvent(getRealmInfo().getSecurityRealm(), new RealmSuccessfulAuthenticationEvent(realmIdentity, authorizedIdentity.getAuthorizationIdentity(), null, null)); SecurityDomain.safeHandleSecurityEvent(authorizedIdentity.getSecurityDomain(), new SecurityAuthenticationSuccessfulEvent(authorizedIdentity)); realmIdentity.dispose(); }
SecurityRealm.safeHandleRealmEvent(realmInfo.getSecurityRealm(), new RealmIdentityFailedAuthorizationEvent(authorizedIdentity.getAuthorizationIdentity(), authorizedIdentity.getPrincipal(), authenticationPrincipal)); ElytronMessages.log.trace("Authorization failed - identity does not have required LoginPermission"); return null; } else { SecurityRealm.safeHandleRealmEvent(realmInfo.getSecurityRealm(), new RealmIdentitySuccessfulAuthorizationEvent(authorizedIdentity.getAuthorizationIdentity(), authorizedIdentity.getPrincipal(), authenticationPrincipal));
SecurityRealm.safeHandleRealmEvent(realmInfo.getSecurityRealm(), new RealmIdentityFailedAuthorizationEvent(authorizedIdentity.getAuthorizationIdentity(), authorizedIdentity.getPrincipal(), authenticationPrincipal)); ElytronMessages.log.trace("Authorization failed - identity does not have required LoginPermission"); return null; } else { SecurityRealm.safeHandleRealmEvent(realmInfo.getSecurityRealm(), new RealmIdentitySuccessfulAuthorizationEvent(authorizedIdentity.getAuthorizationIdentity(), authorizedIdentity.getPrincipal(), authenticationPrincipal));
SecurityRealm.safeHandleRealmEvent(realmInfo.getSecurityRealm(), new RealmIdentityFailedAuthorizationEvent(authorizedIdentity.getAuthorizationIdentity(), authorizedIdentity.getPrincipal(), authenticationPrincipal)); ElytronMessages.log.trace("Authorization failed - identity does not have required LoginPermission"); return null; } else { SecurityRealm.safeHandleRealmEvent(realmInfo.getSecurityRealm(), new RealmIdentitySuccessfulAuthorizationEvent(authorizedIdentity.getAuthorizationIdentity(), authorizedIdentity.getPrincipal(), authenticationPrincipal));