Examples of EJBAuthenticationHelper

Examples of org.jboss.security.javaee.EJBAuthenticationHelper

115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
           
         //TODO: Need to get the SecurityManagement instance
         sc.setSecurityManagement(getSecurityManagement());
          
         //Check if there is a RunAs configured and can be trusted
         EJBAuthenticationHelper helper = null;
         try
         {
            helper = SecurityHelperFactory.getEJBAuthenticationHelper(sc);
         }
         catch(Exception e)
         {
            throw new RuntimeException(e);
         }
         boolean trustedCaller = helper.isTrusted();
         if(!trustedCaller)
         {
            Subject subject = new Subject();
            //Authenticate the caller now
            if(!helper.isValid(subject, method.getName()))
               throw new EJBAccessException("Invalid User");
            helper.pushSubjectContext(subject);
         }
         else
        
            //Trusted caller. No need for authentication. Straight to authorization
         }
View Full Code Here

Examples of org.jboss.security.javaee.EJBAuthenticationHelper

126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
               }
            });
           
             
            //Check if there is a RunAs configured and can be trusted
            EJBAuthenticationHelper helper = null;
            try
            {
               helper = SecurityHelperFactory.getEJBAuthenticationHelper(sc);
            }
            catch(Exception e)
            {
               throw new RuntimeException(e);
            }
            boolean trustedCaller = hasIncomingRunAsIdentity(sc) || helper.isTrusted();
            if(!trustedCaller)
            {
               Subject subject = new Subject();
               /**
                * Special Case: Invocation has no principal set,
                * but an unauthenticatedPrincipal has been configured in JBoss DD
                */
               Principal userPrincipal = sc.getUtil().getUserPrincipal();
               String unauthenticatedPrincipal = domain.unauthenticatedPrincipal();
               if(userPrincipal == null && unauthenticatedPrincipal !=null &&
                     unauthenticatedPrincipal.length() > 0)
               {
                  Identity unauthenticatedIdentity = new SimpleIdentity(unauthenticatedPrincipal);
                  sc.getSubjectInfo().addIdentity(unauthenticatedIdentity);
                  subject.getPrincipals().add(unauthenticatedIdentity.asPrincipal());
               }
               else
               {
                  //Authenticate the caller now
                  if(!helper.isValid(subject, method.getName()))
                     throw new EJBAccessException("Invalid User");
               }
               helper.pushSubjectContext(subject);
            }
            else
           
               //Trusted caller. No need for authentication. Straight to authorization
            }
View Full Code Here

Examples of org.jboss.security.javaee.EJBAuthenticationHelper

40
41
42
43
44
45
46
47
{
   private SecurityContext sc = new JBossSecurityContext("test");
   
   public void testEJBAuthenticationHelper()
   {
     EJBAuthenticationHelper eah = SecurityHelperFactory.getEJBAuthenticationHelper(sc);    
     assertNotNull("auth helper",eah);
   }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.