@Override public void filter(final ContainerRequestContext requestContext) throws IOException { requestContext.setSecurityContext(new SecurityContext() { @Override public Principal getUserPrincipal() { return new Principal() { @Override public String getName() { return "Jersey"; } }; } @Override public boolean isUserInRole(final String role) { return "manager".equals(role); } @Override public boolean isSecure() { return false; } @Override public String getAuthenticationScheme() { return null; } }); } }
@Override public void filter(ContainerRequestContext requestContext) throws IOException { requestContext.setSecurityContext(new ShiroSecurityContext(requestContext)); } }
@Override public void filter(ContainerRequestContext filterContext) throws IOException { User user = authenticate(filterContext); filterContext.setSecurityContext(new Authorizer(user)); }
@Override public void filter(ContainerRequestContext containerRequest) throws WebApplicationException { // Get the authentication passed in HTTP headers parameters String auth = containerRequest.getHeaderString(HttpHeaders.AUTHORIZATION); if (auth != null) { if (auth.startsWith("Basic ") || auth.startsWith("basic ")) { if ( ! containerRequest.getSecurityContext().isSecure()) unencrypted(); auth = auth.replaceFirst("[Bb]asic ", ""); String[] split = new String(BaseEncoding.base64().decode(auth)).split(":", 2); if (split.length != 2) return; String user = split[0]; String pass = split[1]; if (pass.equals(passwords.get(user))) { containerRequest.setSecurityContext(makeSecurityContext(user, user)); } else { unauthenticated (user); } } } }
final boolean secure = securityContext != null && securityContext.isSecure(); requestContext.setSecurityContext(new SecurityContext() { @Override public Principal getUserPrincipal() {
@Override public void filter(ContainerRequestContext request) throws IOException { // do not filter requests that do not use OAuth authentication String authHeader = request.getHeaderString(OAuth1Parameters.AUTHORIZATION_HEADER); if (authHeader == null || !authHeader.toUpperCase().startsWith(OAuth1Parameters.SCHEME.toUpperCase())) { return; } // do not filter requests that matches to access or token resources final Method handlingMethod = uriInfo.get().getMatchedResourceMethod().getInvocable().getHandlingMethod(); if (handlingMethod.isAnnotationPresent(TokenResource.class) || handlingMethod.getDeclaringClass().isAnnotationPresent(TokenResource.class)) { return; } // do not filter if the request path matches pattern to ignore if (match(ignorePathPattern, request.getUriInfo().getPath())) { return; } OAuth1SecurityContext sc; try { sc = getSecurityContext(request); } catch (OAuth1Exception e) { if (optional) { return; } else { throw e; } } request.setSecurityContext(sc); }
requestContext.setSecurityContext(securityContext);
requestContext.setSecurityContext(securityContext); } else { Method method = resourceInfo.getResourceMethod();
request.setSecurityContext(new JerseySecurityContext(securityContext, filterContext.getMethodSecurity(), "https".equals(filterContext.getTargetUri().getScheme())));
final HttpSession session = webRequest.getSession(); requestContext.setSecurityContext(new SecurityContext() { @Override public Principal getUserPrincipal() {
@Override public void filter(ContainerRequestContext context) throws IOException { User user = this.authenticate(context); Authorizer authorizer = new Authorizer(user, context.getUriInfo()); context.setSecurityContext(authorizer); }
Authorizer authorizer = new Authorizer(roles, "admin", originalContext.isSecure()); requestContext.setSecurityContext(authorizer);
@Override public void filter(ContainerRequestContext requestContext){ SecurityContext securityContext = new NetworkSecurityContext(this.request){ private Set<String> trustedAddresses = NetworkSecurityContextFilter.this.trustedAddresses; @Override public boolean isTrusted(String address){ return (this.trustedAddresses).contains(address) || (this.trustedAddresses).contains("*"); } }; requestContext.setSecurityContext(securityContext); }
@PreMatching public class AuthenticationRequestFilter implements ContainerRequestFilter { @Override public void filter(ContainerRequestContext request) throws IOException { String authorization = request.getHeaderString("Authorization"); // get BasicAuth header if (StringUtils.isNotEmpty(authorization) && StringUtils.startsWith(authorization, "Basic")) { ... do the password check... you have base64 encrypted string here request.setSecurityContext(new SecurityContext(){ ...implementation... }); }}}
@Override public void filter(ContainerRequestContext context) throws IOException { Authentication authentication = authenticate(context); if(authentication != null) { context.setSecurityContext(new Authorizer(authentication)); } }
@Override public void filter(final ContainerRequestContext requestContext) throws IOException { final boolean secure = ofNullable(requestContext.getSecurityContext()).filter(SecurityContext::isSecure) .isPresent(); getCredentials(requestContext) .map(credentials -> authenticate(credentials) .<RuntimeException>orElseThrow(() -> new NotAuthorizedException(challenge))) .ifPresent(principal -> requestContext .setSecurityContext(new BasiAuthSecurityContext(principal, secure))); }
@Override public void filter(ContainerRequestContext context) throws IOException { Authentication authentication = authenticate(context); if(authentication != null) { context.setSecurityContext(new Authorizer(authentication)); } }
private static SecurityContext filter(GatewayRequest request, AwsSecurityContextFilter filter) { filter.setGatewayRequest(request); ContainerRequestContext containerRequestContext = mock(ContainerRequestContext.class); ArgumentCaptor<SecurityContext> securityContextCapture = ArgumentCaptor.forClass(SecurityContext.class); try { filter.filter(containerRequestContext); } catch (IOException e) { throw new RuntimeException(e); } verify(containerRequestContext).setSecurityContext(securityContextCapture.capture()); return securityContextCapture.getValue(); }
@Override public void filter(ContainerRequestContext requestContext) throws IOException { SecurityProvider.HermesSecurity security = securityProvider.security(requestContext); requestContext.setSecurityContext(security.getSecurityContext()); requestContext.setProperty(OWNERSHIP_RESOLVER, security.getOwnershipResolver()); } }
private void propagateSecurityContext(JaxrsHttpFacade facade, ContainerRequestContext request, KeycloakDeployment resolvedDeployment, BearerTokenRequestAuthenticator bearer) { final RefreshableKeycloakSecurityContext skSession = new RefreshableKeycloakSecurityContext(resolvedDeployment, null, bearer.getTokenString(), bearer.getToken(), null, null, null); facade.setSecurityContext(skSession); final String principalName = AdapterUtils.getPrincipalName(resolvedDeployment, bearer.getToken()); final KeycloakPrincipal<RefreshableKeycloakSecurityContext> principal = new KeycloakPrincipal<>(principalName, skSession); final Set<String> roles = AdapterUtils.getRolesFromSecurityContext(skSession); request.setSecurityContext(new HammockSecurityContext(principal, roles, request.getSecurityContext().isSecure())); }