private SecurityContext getSecurityContext() { return SecurityContext.getCurrent(); }
/** * This method sets the security context on the current Thread Local * Storage * @param String username is the user who authenticated * @param Subject is the subject representation of the user * @param Credentials the credentials that the server associated with it */ private static void setSecurityContext(String userName, Subject subject, String realm) { SecurityContext securityContext = new SecurityContext(userName, subject, realm); SecurityContext.setCurrent(securityContext); }
public Principal getPrincipal() { return SecurityContext.getCurrent().getCallerPrincipal(); }
public void setSecurityContextWithPrincipal(Principal principal) { SecurityContext ctx = getSecurityContextForPrincipal(principal); setCurrent(ctx); }
/** * This will return the subject associated with the current call. If the * run as subject is in effect. It will return that subject. This is done * to support the JACC specification which says if the runas principal is * in effect, that principal should be used for making a component call. * * @return Subject the current subject. Null if this is not the run-as * case */ public Subject getCurrentSubject() { // just get the security context will return the empt subject // of the default securityContext when appropriate. return SecurityContext.getCurrent().getSubject(); }
sc = SecurityContext.getCurrent(); Set principalSet = sc.getPrincipalSet(); ProtectionDomain prdm = getCachedProtectionDomain(principalSet, true); try { sc = SecurityContext.getCurrent(); caller = sc.getCallerPrincipal().getName(); auditManager.ejbInvocation(caller, ejbName, inv.method.toString(), ret);
private boolean ensureGroupMembership(String user, String realm) { try { SecurityContext secContext = SecurityContext.getCurrent(); Set ps = secContext.getPrincipalSet(); //before generics for (Object principal : ps) { if (principal instanceof Group) { Group group = (Group) principal; if (group.getName().equals(AdminConstants.DOMAIN_ADMIN_GROUP_NAME)) return true; } } ADMSEC_LOGGER.fine("User is not a member of the special admin group"); return false; } catch(Exception e) { ADMSEC_LOGGER.log(Level.FINE, "User is not a member of the special admin group: {0}", e); return false; } }
public Object doAsPrivileged(PrivilegedExceptionAction pea) throws Throwable { SecurityContext sc = SecurityContext.getCurrent(); Set principalSet = sc.getPrincipalSet(); AccessControlContext acc = (AccessControlContext) accessControlContextCache.get(principalSet); if (principalSet != null) { final Subject s = sc.getSubject();
/** * Set the current security context on the Thread Local Storage to null. * */ private static void unsetSecurityContext() { SecurityContext.setCurrent((SecurityContext)null); } /**
/** * This method returns the Client Principal who initiated the current * Invocation. * * @return A Principal object of the client who made this invocation. * or null if the SecurityContext has not been established by the client. */ public Principal getCallerPrincipal() { SecurityContext sc = null; if (runAs != null) { // Run As // return the principal associated with the old security context ComponentInvocation ci = invMgr.getCurrentInvocation(); if (ci == null) { throw new InvocationException(); // 4646060 } sc = (SecurityContext) ci.getOldSecurityContext(); } else { // lets optimize a little. no need to look up oldsecctx // its the same as the new one sc = SecurityContext.getCurrent(); } Principal prin; if (sc != null) { prin = sc.getCallerPrincipal(); } else { prin = SecurityContext.getDefaultCallerPrincipal(); } return prin; }
final HttpSession session = webRequest.getSession(); requestContext.setSecurityContext(new SecurityContext() { @Override public Principal getUserPrincipal() {
final SecurityContext secCtx = SecurityContext.getCurrent(); SecurityContext.setCurrent(newCtx); if(log.isLoggable(Level.FINE)) { log.fine("[SUDO] New SecurityContext established"); result = c.run(); } catch(Exception x) { throw new SudoExecutionException(secCtx.getCallerPrincipal(), x); SecurityContext.setCurrent(secCtx); if(log.isLoggable(Level.FINE)) { log.fine("[SUDO] Original SecurityContext restored");
!principalSetContainsOnlyAnonymousPrincipal(principalSet)) { SecurityContext ctx = new SecurityContext(subject); SecurityContext.setCurrent(ctx); Principal p = ctx.getCallerPrincipal(); WebPrincipal wp = new WebPrincipal(p, ctx); try {
/** * Perform access control based on the <code>HttpServletRequest</code>. * Return <code>true</code> if this constraint is satisfied and processing * should continue, or <code>false</code> otherwise. * @return true is the resource is granted, false if denied */ public boolean hasResourcePermission(HttpServletRequest httpsr){ SecurityContext sc = getSecurityContext(httpsr.getUserPrincipal()); WebResourcePermission perm = createWebResourcePermission(httpsr); setSecurityInfo(httpsr); boolean isGranted = checkPermission(perm,sc.getPrincipalSet()); SecurityContext.setCurrent(sc); if(logger.isLoggable(Level.FINE)){ logger.log(Level.FINE, "[Web-Security] hasResource isGranted: {0}", isGranted); logger.log(Level.FINE, "[Web-Security] hasResource perm: {0}", perm); } recordWebInvocation(httpsr, RESOURCE, isGranted); return isGranted; }
private Subject getSubjectFromSecurityCurrent() throws SecurityMechanismException { com.sun.enterprise.security.SecurityContext sc = null; sc = com.sun.enterprise.security.SecurityContext.getCurrent(); if(sc == null) { if(_logger.isLoggable(Level.FINE)) { _logger.log(Level.FINE," SETTING GUEST ---"); } sc = com.sun.enterprise.security.SecurityContext.init(); } if(sc == null) { throw new SecurityMechanismException("Could not find " + " security information"); } Subject s = sc.getSubject(); if(s == null) { throw new SecurityMechanismException("Could not find " + " subject information in the security context."); } if (_logger.isLoggable(Level.FINE)) { _logger.log(Level.FINE, "Subject in security current:" + s); } return s; }
resetSecurityContext = SecurityContext.getCurrent(); SecurityContext.setCurrent(handle.getSecurityContext());
final Subject wps = sc != null ? sc.getSubject() : null; final Principal callerPrincipal = sc != null ? sc.getCallerPrincipal() : null; final Principal defaultPrincipal = SecurityContext.getDefaultCallerPrincipal();
final SecurityContext securityContext = SecurityContext.getCurrent(); Subject subject = securityContext.didServerGenerateCredentials() ? new Subject() : securityContext.getSubject();
Subject subject = null; if (securityContext != null) { if (securityContext.getCallerPrincipal() != null) { principalName = securityContext.getCallerPrincipal().getName(); subject = securityContext.getSubject(); if (securityContext == SecurityContext.getDefaultSecurityContext()) { defaultSecurityContext = true;
/** * This is an private method for transforming principal into a SecurityContext * @param principal expected to be a WebPrincipal * @return SecurityContext */ private SecurityContext getSecurityContext(Principal principal) { SecurityContext secContext = null; if (principal != null) { if (principal instanceof WebPrincipal){ WebPrincipal wp = (WebPrincipal)principal; secContext = wp.getSecurityContext(); }else { secContext = new SecurityContext(principal.getName(),null); } } if (secContext == null) { secContext = SecurityContext.getDefaultSecurityContext(); } return secContext; }