private List<ConfigAttribute> processAnnotations(Annotation[] annotations) { if (annotations == null || annotations.length == 0) { return null; } List<ConfigAttribute> attributes = new ArrayList<>(); for (Annotation a : annotations) { if (a instanceof DenyAll) { attributes.add(Jsr250SecurityConfig.DENY_ALL_ATTRIBUTE); return attributes; } if (a instanceof PermitAll) { attributes.add(Jsr250SecurityConfig.PERMIT_ALL_ATTRIBUTE); return attributes; } if (a instanceof RolesAllowed) { RolesAllowed ra = (RolesAllowed) a; for (String allowed : ra.value()) { String defaultedAllowed = getRoleWithDefaultPrefix(allowed); attributes.add(new Jsr250SecurityConfig(defaultedAllowed)); } return attributes; } } return null; }
private List<ConfigAttribute> processAnnotations(Annotation[] annotations) { if (annotations == null || annotations.length == 0) { return null; } List<ConfigAttribute> attributes = new ArrayList<>(); for (Annotation a : annotations) { if (a instanceof DenyAll) { attributes.add(Jsr250SecurityConfig.DENY_ALL_ATTRIBUTE); return attributes; } if (a instanceof PermitAll) { attributes.add(Jsr250SecurityConfig.PERMIT_ALL_ATTRIBUTE); return attributes; } if (a instanceof RolesAllowed) { RolesAllowed ra = (RolesAllowed) a; for (String allowed : ra.value()) { String defaultedAllowed = getRoleWithDefaultPrefix(allowed); attributes.add(new Jsr250SecurityConfig(defaultedAllowed)); } return attributes; } } return null; }
final Set<String> bindings = new HashSet<>(); for (final String role : ((RolesAllowed) annotation).value()) { if (securityContext == null || securityContext.isUserInRole(role)) { bindings.add(getRolesAllowedScope(role));
@Override public void configure(final ResourceInfo resourceInfo, final FeatureContext configuration) { final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod()); // DenyAll on the method take precedence over RolesAllowed and PermitAll if (am.isAnnotationPresent(DenyAll.class)) { configuration.register(new RolesAllowedRequestFilter()); return; } // RolesAllowed on the method takes precedence over PermitAll RolesAllowed ra = am.getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(new RolesAllowedRequestFilter(ra.value())); return; } // PermitAll takes precedence over RolesAllowed on the class if (am.isAnnotationPresent(PermitAll.class)) { // Do nothing. return; } // DenyAll can't be attached to classes // RolesAllowed on the class takes precedence over PermitAll ra = resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(new RolesAllowedRequestFilter(ra.value())); } }
@Override public void configure(final ResourceInfo resourceInfo, final FeatureContext configuration) { final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod()); // DenyAll on the method take precedence over RolesAllowed and PermitAll if (am.isAnnotationPresent(DenyAll.class)) { configuration.register(new RolesAllowedRequestFilter()); return; } // RolesAllowed on the method takes precedence over PermitAll RolesAllowed ra = am.getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(new RolesAllowedRequestFilter(ra.value())); return; } // PermitAll takes precedence over RolesAllowed on the class if (am.isAnnotationPresent(PermitAll.class)) { // Do nothing. return; } // DenyAll can't be attached to classes // RolesAllowed on the class takes precedence over PermitAll ra = resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(new RolesAllowedRequestFilter(ra.value())); } }
@Override public List<ResourceFilter> create(AbstractMethod am) { // DenyAll on the method take precedence over RolesAllowed and PermitAll if (am.isAnnotationPresent(DenyAll.class)) return Collections.<ResourceFilter>singletonList(new Filter()); // RolesAllowed on the method takes precedence over PermitAll RolesAllowed ra = am.getAnnotation(RolesAllowed.class); if (ra != null) return Collections.<ResourceFilter>singletonList(new Filter(ra.value())); // PermitAll takes precedence over RolesAllowed on the class if (am.isAnnotationPresent(PermitAll.class)) return null; // RolesAllowed on the class takes precedence over PermitAll ra = am.getResource().getAnnotation(RolesAllowed.class); if (ra != null) return Collections.<ResourceFilter>singletonList(new Filter(ra.value())); // No need to check whether PermitAll is present. return null; } }
if (annotation instanceof RolesAllowed) { roles.addAll(Arrays.asList(((RolesAllowed) annotation).value())); builder.permitAll(false); builder.denyAll(false);
private static boolean checkEJBConstraint(Method m) { // Use dynamic class loading here since if the EJB annotation class is not present // it cannot be on the method, so we don't have to check for it try { Class.forName("javax.annotation.security.RolesAllowed"); } catch (ClassNotFoundException e) { // class not here, therefore not on method either return true; } // From now on we can use this class since it's there. I (Stef Epardaud) don't think we need to // remove the reference here and use reflection. RolesAllowed rolesAllowed = m.getAnnotation(RolesAllowed.class); if(rolesAllowed == null) return true; SecurityContext context = ResteasyContext.getContextData(SecurityContext.class); for(String role : rolesAllowed.value()) if(context.isUserInRole(role)) return true; return false; }
if (allowed != null) rolesAllowed = allowed.value();
@Override public void configure(final ResourceInfo resourceInfo, final FeatureContext configuration) { final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod()); // DenyAll on the method take precedence over RolesAllowed and PermitAll if (am.isAnnotationPresent(DenyAll.class)) { configuration.register(new RolesAllowedRequestFilter()); return; } // RolesAllowed on the method takes precedence over PermitAll RolesAllowed ra = am.getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(new RolesAllowedRequestFilter(ra.value())); return; } // PermitAll takes precedence over RolesAllowed on the class if (am.isAnnotationPresent(PermitAll.class)) { // Do nothing. return; } // DenyAll can't be attached to classes // RolesAllowed on the class takes precedence over PermitAll ra = resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(new RolesAllowedRequestFilter(ra.value())); } }
private String[] searchClassArray(Class<?>[] classes, Method m) { for (final Class<?> iface : classes) { try { final Method iMeth = iface.getMethod(m.getName(), m.getParameterTypes()); if (iMeth.isAnnotationPresent(RolesAllowed.class)) { return iMeth.getAnnotation(RolesAllowed.class).value(); } } catch (NoSuchMethodException | SecurityException e) { // search next } } return new String[0]; } }
private Set < String > getRoles() { Set < String > roles = new HashSet<String>(); RolesAllowed ra1 = info.getResourceClass().getAnnotation(RolesAllowed.class); if (ra1 != null) { roles.addAll(Arrays.asList(ra1.value())); } RolesAllowed ra2 = info.getResourceMethod().getAnnotation(RolesAllowed.class); if (ra2 != null) { roles.addAll(Arrays.asList(ra2.value())); } return roles; }
@Override public boolean accept(Class declaring, Method method) { if(method.isAnnotationPresent(RolesAllowed.class)){ RolesAllowed rolesAnnotation = method.getAnnotation(RolesAllowed.class); Set<String> rolesSet = new HashSet<String (Arrays.asList(rolesAnnotation.value())); return rolesSet.contains("local"); } return false; }
@Override public boolean accept(Class declaring, Method method) { if(method.isAnnotationPresent(RolesAllowed.class)){ RolesAllowed rolesAnnotation = method.getAnnotation(RolesAllowed.class); Set<String> rolesSet = new HashSet<String (Arrays.asList(rolesAnnotation.value())); return rolesSet.contains("remote"); } return false; }
/** * The security roles for this resource. * * @return The security roles for this resource. */ public Set<String> getSecurityRoles() { TreeSet<String> roles = new TreeSet<String>(); RolesAllowed rolesAllowed = getAnnotation(RolesAllowed.class); if (rolesAllowed != null) { Collections.addAll(roles, rolesAllowed.value()); } return roles; } }
private void configureRolesAllowed(RolesAllowed mpJwtAnnotation, FeatureContext context) { context.register(new RolesAllowedFilter(mpJwtAnnotation.value())); }
private String[] searchRoles(Method method) { if (method == null) { return new String[0]; } if (method.isAnnotationPresent(RolesAllowed.class)) { return method.getAnnotation(RolesAllowed.class).value(); } if (method.getDeclaringClass().getInterfaces().length != 0) { final Class<?>[] interfaces = method.getDeclaringClass().getInterfaces(); final String[] needs = this.searchClassArray(interfaces, method); if (needs.length > 0) { return needs; } } return new String[0]; }
/** * The security roles for this method. * * @return The security roles for this method. */ public Set<String> getSecurityRoles() { TreeSet<String> roles = new TreeSet<String>(); RolesAllowed rolesAllowed = getAnnotation(RolesAllowed.class); if (rolesAllowed != null) { Collections.addAll(roles, rolesAllowed.value()); } SpringController parent = getParent(); if (parent != null) { roles.addAll(parent.getSecurityRoles()); } return roles; }
/** * Add roles and permissions to given method in EjbDescriptor. * @param annotation * @param ejbDesc * @param md */ @Override protected void processEjbMethodSecurity(Annotation authAnnotation, MethodDescriptor md, EjbDescriptor ejbDesc) { RolesAllowed rolesAllowedAn = (RolesAllowed)authAnnotation; for (String roleName : rolesAllowedAn.value()) { Role role = new Role(roleName); // add role if not exists ejbDesc.getEjbBundleDescriptor().addRole(role); ejbDesc.addPermissionedMethod(new MethodPermission(role), md); } }