if (WildFlySecurityManager.isChecking()) { legacyContext = AccessController.doPrivileged((PrivilegedExceptionAction<SecurityContext>) () -> { SecurityContext sc = SecurityContextFactory.createSecurityContext(this.legacySecurityDomain); sc.getUtil().createSubjectInfo(finalPrincipal, finalCredential, null); return sc; }); } else { legacyContext = SecurityContextFactory.createSecurityContext(this.legacySecurityDomain); legacyContext.getUtil().createSubjectInfo(finalPrincipal, finalCredential, null);
public Object run() throws Exception { SecurityContext sc = SecurityContextFactory.createSecurityContext(domain); sc.getUtil().createSubjectInfo(p, cred, subject); SecurityContextAssociation.setSecurityContext(sc); return null; }}); }
public static void setCredential(Object credential) { SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkPermission(SetSecurityContextPermission); SecurityContext securityContext = SecurityContextAssociation.getSecurityContext(); if (securityContext == null) { try { securityContext = SecurityContextFactory.createSecurityContext("CLIENT_SIDE"); } catch (Exception e) { throw new RuntimeException(e); } SecurityContextAssociation.setSecurityContext(securityContext); } Principal principal = securityContext.getUtil().getUserPrincipal(); Subject subj = securityContext.getUtil().getSubject(); securityContext.getUtil().createSubjectInfo(principal, credential, subj); } }
public static void setPrincipal(Principal principal) { SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkPermission(SetSecurityContextPermission); SecurityContext securityContext = SecurityContextAssociation.getSecurityContext(); if (securityContext == null) { try { securityContext = SecurityContextFactory.createSecurityContext("CLIENT_SIDE"); } catch (Exception e) { throw new RuntimeException(e); } SecurityContextAssociation.setSecurityContext(securityContext); } Object credential = securityContext.getUtil().getCredential(); Subject subj = securityContext.getUtil().getSubject(); securityContext.getUtil().createSubjectInfo(principal, credential, subj); }
org.jboss.security.SecurityContext old_jb_securityContext = SecurityContextAssociation.getSecurityContext(); if (old_jb_securityContext == null) { Set<Object> credentials = subject.getPrivateCredentials(); Object credential = !credentials.isEmpty() ? credentials.iterator().next() : null; org.jboss.security.SecurityContext new_jb_securityContext = SecurityContextFactory.createSecurityContext(securityDomain); SecurityContextAssociation.setSecurityContext(new_jb_securityContext); if (rolesGroup != null) { RoleGroup roleGroup = new SimpleRoleGroup(rolesGroup); Identity identity = CredentialIdentityFactory.createIdentity(principal, credential, roleGroup); new_jb_securityContext.getUtil().createSubjectInfo(identity, subject); new_jb_securityContext.getSubjectInfo().setRoles(roleGroup); } else { Identity identity = CredentialIdentityFactory.createIdentity(principal, credential); new_jb_securityContext.getUtil().createSubjectInfo(identity, subject);
@Override public SecurityContext run() { try { return SecurityContextFactory.createSecurityContext(domain); } catch (Exception e) { throw UndertowLogger.ROOT_LOGGER.failToCreateSecurityContext(e); } } });
/** * Push a new {@link Principal} and Credential pair. * * This method is to be called before an EJB invocation is passed through it's security interceptor, at that point the * Principal and Credential pair can be verified. * * Note: This method should be called from within a {@link PrivilegedAction}. * * @param principal - The alternative {@link Principal} to use in verification before the next EJB is called. * @param credential - The credential to verify with the {@linl Principal} * @return A {@link ContextStateCache} that can later be used to pop the identity pushed here and restore internal state to it's previous values. * @throws Exception If there is a problem associating the new {@link Principal} and Credential pair. */ public static ContextStateCache pushIdentity(final Principal principal, final Object credential) throws Exception { SecurityContext current = SecurityContextAssociation.getSecurityContext(); SecurityContext nextContext = SecurityContextFactory.createSecurityContext(principal, credential, new Subject(), "USER_DELEGATION"); SecurityContextAssociation.setSecurityContext(nextContext); RemoteConnection con = RemotingContext.getRemoteConnection(); RemotingContext.clear(); return new ContextStateCache(con, current); }
private SecurityContext establishSecurityContext(final String securityDomain) { // Do not use SecurityFactory.establishSecurityContext, its static init is broken. try { final SecurityContext securityContext = SecurityContextFactory.createSecurityContext(securityDomain); if (securityManagement == null) throw SecurityLogger.ROOT_LOGGER.securityManagementNotInjected(); securityContext.setSecurityManagement(securityManagement); SecurityContextAssociation.setSecurityContext(securityContext); return securityContext; } catch (Exception e) { throw SecurityLogger.ROOT_LOGGER.securityException(e); } }
public Object run() throws Exception { SecurityContext sc = SecurityContextFactory.createSecurityContext(p, cred, null, domain); SecurityContextAssociation.setSecurityContext(sc); return null; }}); }
SecurityContext securityContext = SecurityContextFactory.createSecurityContext(recoverSecurityDomain); SecurityContextAssociation.setSecurityContext(securityContext); securityContext.getSubjectInfo().setAuthenticatedSubject(unauthenticated);
/** * Construct a SecurityContext * @param securityDomain The Security Domain * @param fqnClass Fully Qualified Name of the SecurityContext Class * @param classLoader ClassLoader to use * @return an instance of SecurityContext * @throws Exception */ public static SecurityContext createSecurityContext(String securityDomain, String fqnClass, ClassLoader classLoader) throws Exception { if(securityDomain == null) throw PicketBoxMessages.MESSAGES.invalidNullArgument("security domain"); if(fqnClass == null) throw PicketBoxMessages.MESSAGES.invalidNullArgument("fqnClass"); defaultSecurityContextClass = getContextClass(fqnClass, classLoader); defaultSecurityContextConstructor = (Constructor<SecurityContext>) defaultSecurityContextClass.getConstructor(CONTEXT_CONSTRUCTOR_TYPES); return createSecurityContext(securityDomain, defaultSecurityContextConstructor); }
map.put(AUDIT_MESSAGE, "logout success"); putPrincipal(map, chan.getPrincipal()); this.securityContext.getAuditManager().audit(new AuditEvent(AuditLevel.SUCCESS, map)); .createSecurityContext(getLocalSecurityDomain()); this.securityContext.getAuditManager() .audit(new AuditEvent(AuditLevel.SUCCESS, map)); map.put(AUDIT_COMMAND_RESPONSE, "Invalid command"); putPrincipal(map, chan.getPrincipal()); this.securityContext.getAuditManager().audit(new AuditEvent(AuditLevel.INFO, map));
/** * Return an instance of the SecurityContextUtil given a FQN of the util class * @param sc SecurityContext * @param utilFQN fqn of the util class * @param classLoader ClassLoader to use * @return */ public static SecurityContextUtil createUtil(SecurityContext sc, String utilFQN, ClassLoader classLoader) throws Exception { SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(new RuntimePermission(SecurityContextFactory.class.getName() + ".createUtil")); } Class<?> clazz = loadClass(utilFQN, classLoader); //Get the CTR Constructor<? extends SecurityContextUtil> ctr = (Constructor<? extends SecurityContextUtil>) clazz.getConstructor(CONTEXT_UTIL_CONSTRUCTOR_TYPES); return ctr.newInstance(sc); }
/** * @see SecurityContext#getUtil() */ public SecurityContextUtil getUtil() { if(util == null) { try { util = SecurityContextFactory.createUtil(this); } catch (Exception e) { throw new IllegalStateException(e); } } return util; }
/** * Return an instance of the SecurityContextUtil * @return */ public static SecurityContextUtil createUtil(SecurityContext sc) throws Exception { Class clazz = getContextClass(defaultUtilClass); //Get the CTR Constructor ctr = clazz.getConstructor(new Class[]{SecurityContext.class}); return (SecurityContextUtil) ctr.newInstance(new Object[]{sc}); }
public Object run() throws Exception { SecurityContext sc = SecurityContextFactory.createSecurityContext(domain); sc.getUtil().createSubjectInfo(p, cred, subject); SecurityContextAssociation.setSecurityContext(sc); return null; }}); }
public static void setCredential(Object credential) { SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkPermission(SetSecurityContextPermission); SecurityContext securityContext = SecurityContextAssociation.getSecurityContext(); if (securityContext == null) { try { securityContext = SecurityContextFactory.createSecurityContext("CLIENT_SIDE"); } catch (Exception e) { throw new RuntimeException(e); } SecurityContextAssociation.setSecurityContext(securityContext); } Principal principal = securityContext.getUtil().getUserPrincipal(); Subject subj = securityContext.getUtil().getSubject(); securityContext.getUtil().createSubjectInfo(principal, credential, subj); } }
public static void setPrincipal(Principal principal) { SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkPermission(SetSecurityContextPermission); SecurityContext securityContext = SecurityContextAssociation.getSecurityContext(); if (securityContext == null) { try { securityContext = SecurityContextFactory.createSecurityContext("CLIENT_SIDE"); } catch (Exception e) { throw new RuntimeException(e); } SecurityContextAssociation.setSecurityContext(securityContext); } Object credential = securityContext.getUtil().getCredential(); Subject subj = securityContext.getUtil().getSubject(); securityContext.getUtil().createSubjectInfo(principal, credential, subj); }
org.jboss.security.SecurityContext old_jb_securityContext = SecurityContextAssociation.getSecurityContext(); if (old_jb_securityContext == null) { Set<Object> credentials = subject.getPrivateCredentials(); Object credential = !credentials.isEmpty() ? credentials.iterator().next() : null; org.jboss.security.SecurityContext new_jb_securityContext = SecurityContextFactory.createSecurityContext(securityDomain); SecurityContextAssociation.setSecurityContext(new_jb_securityContext); if (rolesGroup != null) { RoleGroup roleGroup = new SimpleRoleGroup(rolesGroup); Identity identity = CredentialIdentityFactory.createIdentity(principal, credential, roleGroup); new_jb_securityContext.getUtil().createSubjectInfo(identity, subject); new_jb_securityContext.getSubjectInfo().setRoles(roleGroup); } else { Identity identity = CredentialIdentityFactory.createIdentity(principal, credential); new_jb_securityContext.getUtil().createSubjectInfo(identity, subject);
/** * Create a JBoss Security Context with the given security domain name * * @param domain the security domain name (such as "other" ) * @return an instanceof {@code SecurityContext} */ static SecurityContext createSecurityContext(final String domain) { if (WildFlySecurityManager.isChecking()) { return WildFlySecurityManager.doUnchecked(new PrivilegedAction<SecurityContext>() { @Override public SecurityContext run() { try { return SecurityContextFactory.createSecurityContext(domain); } catch (Exception e) { throw UndertowLogger.ROOT_LOGGER.failToCreateSecurityContext(e); } } }); } else { try { return SecurityContextFactory.createSecurityContext(domain); } catch (Exception e) { throw UndertowLogger.ROOT_LOGGER.failToCreateSecurityContext(e); } } }