Examples of java.security.AccessControlContext

java.security.AccessControlContext
An AccessControlContext is used to make system resource access decisions based on the context it encapsulates.
More specifically, it encapsulates a context and has a single method, checkPermission, that is equivalent to the checkPermission method in the AccessController class, with one difference: The AccessControlContext checkPermission method makes access decisions based on the context it encapsulates, rather than that of the current execution thread.
Thus, the purpose of AccessControlContext is for those situations where a security check that should be made within a given context actually needs to be done from within a different context (for example, from within a worker thread).
An AccessControlContext is created by calling the AccessController.getContext method. The getContext method takes a "snapshot" of the current calling context, and places it in an AccessControlContext object, which it returns. A sample call is the following:
```
 AccessControlContext acc = AccessController.getContext() 
```
Code within a different context can subsequently call the checkPermission method on the previously-saved AccessControlContext object. A sample call is the following:
```
 acc.checkPermission(permission) 
```
@see AccessController @author Roland Schemers

            _logger.debug("User trying to create or unregister an MBean");
            throw new SecurityException("Access denied: " + methodName);
        }


        // Retrieve Subject from current AccessControlContext
        AccessControlContext acc = AccessController.getContext();
        Subject subject = Subject.getSubject(acc);


        try
        {
            if(invokeDirectly(methodName, args, subject))

View Full Code Here

            getWorkspaceInfo(workspaceName);


            if (credentials == null) {
                // null credentials, obtain the identity of the already-authenticated
                // subject from access control context
                AccessControlContext acc = AccessController.getContext();
                Subject subject = Subject.getSubject(acc);
                if (subject != null) {
                    return createSession(subject, workspaceName);
                }
            }

View Full Code Here


            String name = (type == null) ? null : type.getSpecName();


            Permission permission = new EJBMethodPermission(ejbName, name, method);


            AccessControlContext accessContext = ContextManager.getCurrentContext();


            if (permission != null) accessContext.checkPermission(permission);


        } catch (AccessControlException e) {
            return false;
        }
        return true;

View Full Code Here

        }


        String EJBName = deploymentInfo.getEjbName();
        if (EJBName == null) throw new IllegalArgumentException("EJBName must not be null");
        try {
            AccessControlContext context = ContextManager.getCurrentContext();
            context.checkPermission(new EJBRoleRefPermission(EJBName, role));
        } catch (AccessControlException e) {
            return false;
        }
        return true;
    }

View Full Code Here

    public boolean hasResourcePermissions(Request request, AuthResult authResult, Object constraints, UserIdentity userIdentity) {
        if (!(userIdentity instanceof JACCUserIdentity)) {
            return false;
        }


        AccessControlContext acc = ((JACCUserIdentity)userIdentity).getAccessControlContext();
        try {
            acc.checkPermission(new WebResourcePermission(request));
            return true;
        } catch (AccessControlException e) {
            return false;
        }
    }

View Full Code Here

        currentRequestWrapperName.set(requestWrapperName);
        return old;
    }


    public boolean hasRole(Principal principal, String role) {
        AccessControlContext acc = ContextManager.getCurrentContext();
        String name = currentRequestWrapperName.get();


        /**
         * JACC v1.0 secion B.19
         */
        if (name == null || name.equals("jsp")) {
            name = "";
        }
        try {
            acc.checkPermission(new WebRoleRefPermission(name, role));
            return true;
        } catch (AccessControlException e) {
            return false;
        }
    }

View Full Code Here

        ContextManager.popCallers((Callers) previousToken);
    }


    public UserIdentity newUserIdentity(Subject subject, Principal userPrincipal, String[] roles) {
        if (subject != null) {
            AccessControlContext acc = ContextManager.registerSubjectShort(subject, userPrincipal, roles == null? null: Arrays.asList(roles));
            return new GeronimoUserIdentity(subject, userPrincipal, acc);
        }
        return new GeronimoUserIdentity(null, null, defaultAcc);
    }

View Full Code Here

        if (servletName == null || servletName.equals("jsp")) {
            servletName = "";
        }
        try {
            //correct run-as identity available from context manager.
            AccessControlContext acc = ContextManager.getCurrentContext();
            acc.checkPermission(new WebRoleRefPermission(servletName, role));
            return true;
        } catch (AccessControlException e) {
            return false;
        }
    }

View Full Code Here


    public SecurityHandler buildSecurityHandler(String policyContextID, Subject defaultSubject, RunAsSource runAsSource, boolean checkRolePermissions) {
        if (defaultSubject == null) {
            defaultSubject = ContextManager.EMPTY;
        }
        AccessControlContext defaultAcc = ContextManager.registerSubjectShort(defaultSubject, null, null);
        IdentityService identityService = new JettyIdentityService(defaultAcc, defaultSubject, runAsSource);
        authConfigProperties.put(POLICY_CONTEXT_ID_KEY, policyContextID);
        Authenticator authenticator = new JaspiAuthenticator(serverAuthConfig, authConfigProperties, servletCallbackHandler, serviceSubject, allowLazyAuthentication, identityService);
        //login service functionality is already inside the servletCallbackHandler
        return new JaccSecurityHandler(policyContextID, authenticator, loginService, identityService, defaultAcc);

View Full Code Here

        final LoginService loginService = new JAASLoginService(configurationFactory, realmName);
        Authenticator authenticator = buildAuthenticator();
        if (defaultSubject == null) {
            defaultSubject = ContextManager.EMPTY;
        }
        AccessControlContext defaultAcc = ContextManager.registerSubjectShort(defaultSubject, null, null);
        IdentityService identityService = new JettyIdentityService(defaultAcc, defaultSubject, runAsSource);
        if (checkRolePermissions) {
            return new JaccSecurityHandler(policyContextID, authenticator, loginService, identityService, defaultAcc);
        } else {
            return new EJBWebServiceSecurityHandler(policyContextID, authenticator, loginService, identityService, defaultAcc);

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of java.security.AccessControlContext

au.net.ocean.maven.plugin.extractor.util.ProjectCompileClassPathLoader

co.paralleluniverse.fibers.Fiber

com.sun.jini.test.impl.end2end.e2etest.ReaderObject

com.sun.jmx.interceptor.DefaultMBeanServerInterceptor

com.sun.jmx.remote.internal.ClientNotifForwarder$NotifFetcher

com.sun.jmx.remote.internal.ServerNotifForwarder

com.sun.jmx.remote.security.JMXSubjectDomainCombiner

com.sun.xml.ws.fault.SOAPFaultBuilder

com.sun.xml.ws.security.impl.kerberos.KerberosLogin$KerberosClientSetupAction

com.sun.xml.ws.security.impl.kerberos.KerberosLogin$KerberosServerSetupAction

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.