Examples of AccessControlContext

• java.security.AccessControlContext
  An AccessControlContext is used to make system resource access decisions based on the context it encapsulates.

  More specifically, it encapsulates a context and has a single method, checkPermission, that is equivalent to the checkPermission method in the AccessController class, with one difference: The AccessControlContext checkPermission method makes access decisions based on the context it encapsulates, rather than that of the current execution thread.

  Thus, the purpose of AccessControlContext is for those situations where a security check that should be made within a given context actually needs to be done from within a different context (for example, from within a worker thread).

  An AccessControlContext is created by calling the AccessController.getContext method. The getContext method takes a "snapshot" of the current calling context, and places it in an AccessControlContext object, which it returns. A sample call is the following:

   AccessControlContext acc = AccessController.getContext() 

  Code within a different context can subsequently call the checkPermission method on the previously-saved AccessControlContext object. A sample call is the following:

   acc.checkPermission(permission) 

  @see AccessController @author Roland Schemers
• org.apache.jackrabbit.oak.spi.security.authorization.AccessControlContext
  PermissionProvider... TODO

Examples of java.security.AccessControlContext

                    isAuthenticated = true;
                }
            }


            AccessControlContext acc = ContextManager.getCurrentContext();

            /**
             * JACC v1.0 section 4.1.1
             */
            WebUserDataPermission wudp = new WebUserDataPermission(substitutedPathInContext, new String[]{request.getMethod()}, transportType);
            acc.checkPermission(wudp);

            WebResourcePermission webResourcePermission = new WebResourcePermission(request);
            /**
             * JACC v1.0 section 4.1.2
             */
            if (isAuthenticated) {
                //current user is logged in, this is the actual check
                acc.checkPermission(webResourcePermission);
            } else {
                //user is not logged in: if access denied, try to log them in.
                try {
                    acc.checkPermission(webResourcePermission);
                } catch (AccessControlException e) {
                    //not logged in: try to log them in.
                    Principal user = authenticator.authenticate(realm, pathInContext, request, response);
                    if (user == SecurityHandler.__NOBODY) {
                        return true;

Examples of java.security.AccessControlContext

        ContextManager.setCallers(subject, subject);

        try {

            AccessControlContext acc = ContextManager.getCurrentContext();

            /**
             * JACC v1.0 secion 4.1.1
             */
            WebUserDataPermission wudp = new WebUserDataPermission(request);
            acc.checkPermission(wudp);

        } catch (AccessControlException ace) {
            response.sendError(Response.SC_FORBIDDEN);
            return false;
        }

Examples of java.security.AccessControlContext

            ContextManager.setCallers(currentCaller, currentCaller);
        }

        try {

            AccessControlContext acc = ContextManager.getCurrentContext();


            /**
             * JACC v1.0 section 4.1.2
             */
            acc.checkPermission(new WebResourcePermission(request));

        } catch (AccessControlException ace) {
            response.sendError(Response.SC_FORBIDDEN);
            return false;
        }

Examples of java.security.AccessControlContext

        //Set the caller
        Subject currentCaller = ((JAASTomcatPrincipal) principal).getSubject();
        ContextManager.setCallers(currentCaller, currentCaller);

        AccessControlContext acc = ContextManager.getCurrentContext();

        try {
            /**
             * JACC v1.0 section 4.1.3
             */
            acc.checkPermission(new WebRoleRefPermission(name, role));
        } catch (AccessControlException e) {
            return false;
        }

        return true;

Examples of java.security.AccessControlContext

    public boolean isUserInRole(Principal user, String role) {
        if (user == null || role == null) {
            return false;
        }

        AccessControlContext acc = ContextManager.getCurrentContext();
        try {
            // JACC v1.0 secion B.19
            String servletName = JettyServletHolder.getCurrentServletName();
            if (servletName.equals("jsp")) {
                servletName = "";
            }
            acc.checkPermission(new WebRoleRefPermission(servletName, role));
        } catch (AccessControlException e) {
            return false;
        }
        return true;
    }

Examples of java.security.AccessControlContext

            }
            if (user == SecurityConstraint.__NOBODY) {
                return true;
            }

            AccessControlContext acc = ContextManager.getCurrentContext();
            ServletHttpRequest servletHttpRequest = (ServletHttpRequest) request.getWrapper();

            /**
             * JACC v1.0 secion 4.1.1
             */

            String transportType;
            if (request.isConfidential()) {
                transportType = "CONFIDENTIAL";
            } else if (request.isIntegral()) {
                transportType = "INTEGRAL";
            } else {
                transportType = "NONE";
            }
            WebUserDataPermission wudp = new WebUserDataPermission(servletHttpRequest.getServletPath(), new String[]{servletHttpRequest.getMethod()}, transportType);
            acc.checkPermission(wudp);

            /**
             * JACC v1.0 secion 4.1.2
             */
            acc.checkPermission(new WebResourcePermission(servletHttpRequest));
        } catch (HttpException he) {
            response.sendError(he.getCode(), he.getReason());
            return false;
        } catch (AccessControlException ace) {
            response.sendError(HttpResponse.__403_Forbidden);

Examples of java.security.AccessControlContext

   * @return the current user
   * @throws IOException if login fails
   */
  public synchronized
  static UserGroupInformation getCurrentUser() throws IOException {
    AccessControlContext context = AccessController.getContext();
    Subject subject = Subject.getSubject(context);
    return subject == null ? getLoginUser() : new UserGroupInformation(subject);
  }

Examples of java.security.AccessControlContext

            final ProtectionDomain pd = this.getProtectionDomain();
            if (pd == null)
            {
                return null;
            }
            return (A) new AccessControlContext(new ProtectionDomain[] {pd});

        }
        return null;
    }

Examples of java.security.AccessControlContext

        // Get the current context.
        gripper.m_system = AccessController.getContext();

        // and merge it with the current combiner (i.e., gripper)
        AccessControlContext context = (AccessControlContext) AccessController
            .doPrivileged(gripper);

        gripper.m_system = null;

        // now get the protection domains

Examples of java.security.AccessControlContext

    public Object run()
    {
        // this is a call to merge with the current context.
        if (m_system != null)
        {
            return new AccessControlContext(m_system, this);
        }

        // this is a call to get the protection domains.
        AccessController.checkPermission(ALL_PERMISSION);
        return null;