Examples of java.security.AccessControlContext

java.security.AccessControlContext
An AccessControlContext is used to make system resource access decisions based on the context it encapsulates.
More specifically, it encapsulates a context and has a single method, checkPermission, that is equivalent to the checkPermission method in the AccessController class, with one difference: The AccessControlContext checkPermission method makes access decisions based on the context it encapsulates, rather than that of the current execution thread.
Thus, the purpose of AccessControlContext is for those situations where a security check that should be made within a given context actually needs to be done from within a different context (for example, from within a worker thread).
An AccessControlContext is created by calling the AccessController.getContext method. The getContext method takes a "snapshot" of the current calling context, and places it in an AccessControlContext object, which it returns. A sample call is the following:
```
 AccessControlContext acc = AccessController.getContext() 
```
Code within a different context can subsequently call the checkPermission method on the previously-saved AccessControlContext object. A sample call is the following:
```
 acc.checkPermission(permission) 
```
@see AccessController @author Roland Schemers

    public boolean isUserInRole(Principal user, String role) {
        if (user == null || role == null) {
            return false;
        }


        AccessControlContext acc = ContextManager.getCurrentContext();
        try {
            // JACC v1.0 secion B.19
            String servletName = InternalJettyServletHolder.getCurrentServletName();
            if (servletName == null || servletName.equals("jsp")) {
                servletName = "";
            }
            acc.checkPermission(new WebRoleRefPermission(servletName, role));
        } catch (AccessControlException e) {
            return false;
        }
        return true;
    }

View Full Code Here

            ComponentPermissions componentPermissions = new ComponentPermissions(new Permissions(), unchecked, Collections.<String, PermissionCollection>emptyMap());
            setUpJACC(Collections.<String, SubjectInfo>emptyMap(), Collections.<Principal, Set<String>>emptyMap(), componentPermissions, policyContextId);
            LoginService loginService = newLoginService();
//            final ServletCallbackHandler callbackHandler = new ServletCallbackHandler(loginService);
            final Subject subject = new Subject();
            final AccessControlContext acc = ContextManager.registerSubjectShort(subject, null, null);
            securityHandlerFactory = new ServerAuthenticationGBean(new Authenticator() {
                public Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException {
                    return new UserAuthentication(this.getAuthMethod(), new GeronimoUserIdentity(subject, new GeronimoUserPrincipal("foo"), acc));
                }// most likely validatedUser is not needed here.

View Full Code Here


    public SecurityHandler buildSecurityHandler(String policyContextID, Subject defaultSubject, RunAsSource runAsSource, boolean checkRolePermissions) {
        if (defaultSubject == null) {
            defaultSubject = ContextManager.EMPTY;
        }
        AccessControlContext defaultAcc = ContextManager.registerSubjectShort(defaultSubject, null, null);
        IdentityService identityService = new JettyIdentityService(defaultAcc, defaultSubject, runAsSource);
        return new JaccSecurityHandler(policyContextID, authenticator, loginService, identityService, defaultAcc);
    }

View Full Code Here

            authenticator = new FormAuthenticator(loginService, unauthenticatedIdentity, loginPage, errorPage);
        } else {
            authenticator = new NoneAuthenticator(unauthenticatedIdentity);
        }


        AccessControlContext defaultAcc = ContextManager.registerSubjectShort(defaultSubject,  null, null);
        Authorizer authorizer = createAuthorizer(defaultAcc);


        SecurityValve securityValve = new JACCSecurityValve(authenticator, authorizer, identityService, policyContextId);


        geronimoContext.addValve(securityValve);

View Full Code Here

    private Session extendAuthentication(String workspaceName)
            throws RepositoryException, AccessDeniedException {


        Subject subject = null;
        try {
            AccessControlContext acc = AccessController.getContext();
            subject = Subject.getSubject(acc);
        } catch (SecurityException e) {
            log.warn("Can't check for preauthentication. Reason:", e.getMessage());
        }
        if (subject == null) {

View Full Code Here

        SecurityManager sm = System.getSecurityManager();
        if (sm != null) sm.checkPermission(SET_CONTEXT);


        if (subject == null) throw new IllegalArgumentException("Subject must not be null");


        AccessControlContext acc = (AccessControlContext) Subject.doAsPrivileged(subject, new PrivilegedAction() {
            public Object run() {
                return AccessController.getContext();
            }
        }, null);

View Full Code Here

        Context test = subjectContexts.get(subject);
        if (test != null) {
            return test.getContext();
        }


        AccessControlContext acc = (AccessControlContext) Subject.doAsPrivileged(subject, new PrivilegedAction() {
            public Object run() {
                return AccessController.getContext();
            }
        }, null);

View Full Code Here

    private Session extendAuthentication(String workspaceName)
            throws RepositoryException, AccessDeniedException {


        Subject subject = null;
        try {
            AccessControlContext acc = AccessController.getContext();
            subject = Subject.getSubject(acc);
        } catch (SecurityException e) {
            log.warn("Can't check for preauthentication. Reason:", e.getMessage());
        }
        if (subject == null) {

View Full Code Here

    private Session extendAuthentication(String workspaceName)
            throws RepositoryException, AccessDeniedException {


        Subject subject = null;
        try {
            AccessControlContext acc = AccessController.getContext();
            subject = Subject.getSubject(acc);
        } catch (SecurityException e) {
            log.warn("Can't check for preauthentication. Reason:", e.getMessage());
        }
        if (subject == null) {

View Full Code Here

        if (isAssignable(fromValue, toType)) {
            return true;
        }
        
        boolean canConvert = false;
        AccessControlContext acc = blueprintContainer.getAccessControlContext();
        if (acc == null) {
            canConvert = canConvertWithConverters(fromValue, toType);
        } else {
            canConvert = AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
                public Boolean run() {

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of java.security.AccessControlContext

au.net.ocean.maven.plugin.extractor.util.ProjectCompileClassPathLoader

co.paralleluniverse.fibers.Fiber

com.sun.jini.test.impl.end2end.e2etest.ReaderObject

com.sun.jmx.interceptor.DefaultMBeanServerInterceptor

com.sun.jmx.remote.internal.ClientNotifForwarder$NotifFetcher

com.sun.jmx.remote.internal.ServerNotifForwarder

com.sun.jmx.remote.security.JMXSubjectDomainCombiner

com.sun.xml.ws.fault.SOAPFaultBuilder

com.sun.xml.ws.security.impl.kerberos.KerberosLogin$KerberosClientSetupAction

com.sun.xml.ws.security.impl.kerberos.KerberosLogin$KerberosServerSetupAction

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.