protected void resetPreviousAuthentication(Authentication previousAuthentication) { SecurityContextHolder.getContext().setAuthentication(previousAuthentication); }
public final void run() { // background activity gets system credential, // just like executors get it. SecurityContextHolder.getContext().setAuthentication(ACL.SYSTEM); try { doRun(); } catch(Throwable t) { LOGGER.log(Level.SEVERE, "Timer task "+this+" failed",t); } finally { SecurityContextHolder.clearContext(); } }
/** * Builds the dependency graph. */ public DependencyGraph() { // Set full privileges while computing to avoid missing any projects the current user cannot see. // Use setContext (NOT getContext().setAuthentication()) so we don't affect concurrent threads for same HttpSession. SecurityContext saveCtx = SecurityContextHolder.getContext(); try { NotSerilizableSecurityContext system = new NotSerilizableSecurityContext(); system.setAuthentication(ACL.SYSTEM); SecurityContextHolder.setContext(system); for( AbstractProject p : Hudson.getInstance().getAllItems(AbstractProject.class) ) p.buildDependencyGraph(this); forward = finalize(forward); backward = finalize(backward); built = true; alreadyComputedProjects.clear(); } finally { SecurityContextHolder.setContext(saveCtx); } }
/** * Gets the {@link Authentication} object that represents the user * associated with the current request. */ public static Authentication getAuthentication() { Authentication a = SecurityContextHolder.getContext().getAuthentication(); // on Tomcat while serving the login page, this is null despite the fact // that we have filters. Looking at the stack trace, Tomcat doesn't seem to // run the request through filters when this is the login request. // see http://www.nabble.com/Matrix-authorization-problem-tp14602081p14886312.html if (a == null) { a = ANONYMOUS; } return a; }
/** * Sets the thread name to the task for better diagnostics. */ @Override protected void runTask(Task task) throws Exception { if (is != null && is.skipInitTask(task)) { return; } SecurityContextHolder.getContext().setAuthentication(ACL.SYSTEM); // full access in the initialization thread String taskName = task.getDisplayName(); Thread t = Thread.currentThread(); String name = t.getName(); if (taskName != null) { t.setName(taskName); } try { long start = System.currentTimeMillis(); super.runTask(task); if (LOG_STARTUP_PERFORMANCE) { LOGGER.info(String.format("Took %dms for %s by %s", System.currentTimeMillis() - start, taskName, name)); } } finally { t.setName(name); SecurityContextHolder.clearContext(); } } };
logger.debug("Obtained from SPRING_SECURITY_CONTEXT a valid SecurityContext and " + "set to SecurityContextHolder: '" + contextFromSessionObject + "'"); SecurityContextHolder.setContext((SecurityContext) contextFromSessionObject); } else { if (logger.isWarnEnabled()) + "reserved for this class? - new SecurityContext instance associated with " + "SecurityContextHolder"); SecurityContextHolder.setContext(generateNewContext()); logger.debug("PortletSession returned null object for SPRING_SECURITY_CONTEXT - new " + "SecurityContext instance associated with SecurityContextHolder"); SecurityContextHolder.setContext(generateNewContext()); logger.debug("No PortletSession currently exists - new SecurityContext instance " + "associated with SecurityContextHolder"); SecurityContextHolder.setContext(generateNewContext()); request.setAttribute(CONTEXT_HASHCODE, new Integer(SecurityContextHolder.getContext().hashCode()));
@Override public void run() { try { SecurityContextHolder.getContext().setAuthentication(ACL.SYSTEM); reload(); } catch (IOException e) { LOGGER.log(java.util.logging.Level.SEVERE, "Failed to reload Hudson config", e); } catch (ReactorException e) { LOGGER.log(java.util.logging.Level.SEVERE, "Failed to reload Hudson config", e); } catch (InterruptedException e) { LOGGER.log(java.util.logging.Level.SEVERE, "Failed to reload Hudson config", e); } } }.start();
else if (!contextObject.equals(SecurityContextHolder.getContext())) { if (logger.isDebugEnabled()) logger.debug("PortletSession being created as SecurityContextHolder contents are non-default"); if (logger.isDebugEnabled()) logger.debug("PortletSession is null, but SecurityContextHolder has not changed from default: ' " + SecurityContextHolder.getContext() + "'; not creating PortletSession or storing SecurityContextHolder contents"); && (SecurityContextHolder.getContext().hashCode() != oldContextHashCode)) { portletSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext(), portletSessionScope()); if (logger.isDebugEnabled()) logger.debug("SecurityContext stored to PortletSession: '" + SecurityContextHolder.getContext() + "'"); SecurityContextHolder.clearContext(); if (logger.isDebugEnabled()) logger.debug("SecurityContextHolder set to new context, as request processing completed");
private boolean isSAMLInSecurityContext(){ AbstractAuthenticationToken cat = (AbstractAuthenticationToken)SecurityContextHolder.getContext().getAuthentication(); if(cat.getDetails() instanceof SAMLAssertion){ return true; } return false; }
@Override public void _run() throws IOException { super._run(); // if this is a bundled plugin, make sure it won't get overwritten PluginWrapper pw = plugin.getInstalled(); if (pw!=null && pw.isBundled()) try { SecurityContextHolder.getContext().setAuthentication(ACL.SYSTEM); pw.doPin(); } finally { SecurityContextHolder.clearContext(); } }
/** * Return currently logged in user */ public static WsecUser getLoggedInUser() { Object obj = SecurityContextHolder.getContext().getAuthentication().getPrincipal(); if (obj instanceof UserDetails) { WsecUserDetails wsecUserDetails = (WsecUserDetails) obj; return wsecUserDetails.getWsecUser(); } throw new IllegalStateException("No one logged in!!!"); }
SecurityContextHolder.getContext().setAuthentication(new ContainerAuthentication(req)); SecurityContextHolder.clearContext();
@Override public void run() { try { SecurityContextHolder.getContext().setAuthentication(ACL.SYSTEM); // give some time for the browser to load the "reloading" page Thread.sleep(5000); LOGGER.severe(String.format("Restarting VM as requested by %s", exitUser)); for (RestartListener listener : RestartListener.all()) { listener.onRestart(); } lifecycle.restart(); } catch (InterruptedException e) { LOGGER.log(Level.WARNING, "Failed to restart Hudson", e); } catch (IOException e) { LOGGER.log(Level.WARNING, "Failed to restart Hudson", e); } } }.start();
/** * Handles the logout processing. * <p/> * <p/> * The default implementation erases the session and do a few other clean up, then * redirect the user to the URL specified by {@link #getPostLogOutUrl(StaplerRequest, Authentication)}. * * @since 1.314 */ public void doLogout(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException { HttpSession session = req.getSession(false); if (session != null) { session.invalidate(); } Authentication auth = SecurityContextHolder.getContext().getAuthentication(); SecurityContextHolder.clearContext(); //Clear env property. EnvVars.clearHudsonUserEnvVar(); // reset remember-me cookie Cookie cookie = new Cookie(TokenBasedRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY, ""); cookie.setPath(req.getContextPath().length() > 0 ? req.getContextPath() : "/"); rsp.addCookie(cookie); rsp.sendRedirect2(getPostLogOutUrl(req, auth)); }
@Override public void run() { try { SecurityContextHolder.getContext().setAuthentication(ACL.SYSTEM); LOGGER.severe(String.format("Shutting down VM as requested by %s from %s", exitUser, exitAddr)); // Wait 'til we have no active executors. while (isQuietingDown && (overallLoad.computeTotalExecutors() > overallLoad.computeIdleExecutors())) { Thread.sleep(5000); } // Make sure isQuietingDown is still true. if (isQuietingDown) { cleanUp(); System.exit(0); } } catch (InterruptedException e) { LOGGER.log(Level.WARNING, "Failed to shutdown Hudson", e); } } }.start();
SecurityContextHolder.getContext().setAuthentication(ACL.SYSTEM); try { this.root = root; SecurityContextHolder.clearContext();
public void run() { logger.log(Level.INFO, "Started "+name); long startTime = System.currentTimeMillis(); StreamTaskListener l = createListener(); try { SecurityContextHolder.getContext().setAuthentication(ACL.SYSTEM); execute(l); } catch (IOException e) { e.printStackTrace(l.fatalError(e.getMessage())); } catch (InterruptedException e) { e.printStackTrace(l.fatalError("aborted")); } finally { l.closeQuietly(); } logger.log(Level.INFO, "Finished "+name+". "+ (System.currentTimeMillis()-startTime)+" ms"); } },name+" thread");
if (SecurityContextHolder.getContext().getAuthentication() == null) { Authentication authentication = createAuthentication(request); if (authenticationProvider != null) { authentication.setAuthenticated(true); SecurityContextHolder.getContext().setAuthentication(authentication); addedToken = true; + SecurityContextHolder.getContext().getAuthentication() + "'"); + SecurityContextHolder.getContext().getAuthentication() + "'"); } finally { if (addedToken && removeAfterRequest && createAuthentication(request).equals(SecurityContextHolder.getContext().getAuthentication())) { SecurityContextHolder.getContext().setAuthentication(null);
protected void onValidSignature(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException { //signature is verified; create the token, send the response. ConsumerAuthentication authentication = (ConsumerAuthentication) SecurityContextHolder.getContext().getAuthentication(); OAuthProviderToken authToken = createOAuthToken(authentication); if (!authToken.getConsumerKey().equals(authentication.getConsumerDetails().getConsumerKey())) { throw new IllegalStateException("The consumer key associated with the created auth token is not valid for the authenticated consumer."); } String tokenValue = authToken.getValue(); StringBuilder responseValue = new StringBuilder(OAuthProviderParameter.oauth_token.toString()) .append('=') .append(OAuthCodec.oauthEncode(tokenValue)) .append('&') .append(OAuthProviderParameter.oauth_token_secret.toString()) .append('=') .append(OAuthCodec.oauthEncode(authToken.getSecret())); response.setContentType(getResponseContentType()); response.getWriter().print(responseValue.toString()); response.flushBuffer(); }
/** * Common logic for OAuth failed. * * @param request The request. * @param response The response. * @param failure The failure. */ protected void fail(HttpServletRequest request, HttpServletResponse response, AuthenticationException failure) throws IOException, ServletException { SecurityContextHolder.getContext().setAuthentication(null); if (log.isDebugEnabled()) { log.debug(failure); } if (failure instanceof InvalidOAuthParametersException) { response.sendError(400, failure.getMessage()); } else if (failure instanceof UnsupportedSignatureMethodException) { response.sendError(400, failure.getMessage()); } else { authenticationEntryPoint.commence(request, response, failure); } }