Package javax.security.auth

Examples of javax.security.auth.Subject$AuthPermissionHolder


      Queue queue = (Queue)ic.lookup("/queue/SecureTestQueue");

      Principal nabopolassar = new SimplePrincipal("nabopolassar");
      Set principals = new HashSet();
      principals.add(nabopolassar);
      Subject subject =
         new Subject(false, principals, Collections.EMPTY_SET, Collections.EMPTY_SET);
      Principal nebuchadrezzar = new SimplePrincipal("nebuchadrezzar");

      SecurityAssociation.pushSubjectContext(subject, nebuchadrezzar, "xexe");

      Connection conn = null;

      try
      {
         conn = cf.createConnection();
         conn.start();

         Session session = conn.createSession(false, Session.AUTO_ACKNOWLEDGE);

         MessageProducer prod = session.createProducer(queue);
         MessageConsumer cons = session.createConsumer(queue);

         TextMessage m = session.createTextMessage("floccinaucinihilipilification");

         prod.send(m);

         TextMessage rm = (TextMessage)cons.receive(5000);

         assertEquals("floccinaucinihilipilification", rm.getText());

         SecurityAssociation.SubjectContext context = SecurityAssociation.popSubjectContext();

         Subject s = context.getSubject();
         assertNotNull(s);
         Set ps = s.getPrincipals();
         assertNotNull(ps);
         assertEquals(1, ps.size());
         Principal p = (Principal)ps.iterator().next();
         assertTrue(p instanceof SimplePrincipal);
         assertEquals("nabopolassar", ((SimplePrincipal)p).getName());
View Full Code Here


      Queue queue = (Queue)ic.lookup("/queue/SecureTestQueue");

      Principal nabopolassar = new SimplePrincipal("nabopolassar");
      Set principals = new HashSet();
      principals.add(nabopolassar);
      Subject subject =
         new Subject(false, principals, Collections.EMPTY_SET, Collections.EMPTY_SET);
      Principal nebuchadrezzar = new SimplePrincipal("nebuchadrezzar");

      SecurityAssociation.pushSubjectContext(subject, nebuchadrezzar, "xexe");

      Connection conn = null;

      try
      {
         conn = cf.createConnection("john", "needle");
         conn.start();

         Session session = conn.createSession(false, Session.AUTO_ACKNOWLEDGE);

         MessageProducer prod = session.createProducer(queue);
         MessageConsumer cons = session.createConsumer(queue);

         TextMessage m = session.createTextMessage("floccinaucinihilipilification");

         prod.send(m);

         TextMessage rm = (TextMessage)cons.receive(5000);

         assertEquals("floccinaucinihilipilification", rm.getText());

         SecurityAssociation.SubjectContext context = SecurityAssociation.popSubjectContext();

         Subject s = context.getSubject();
         assertNotNull(s);
         Set ps = s.getPrincipals();
         assertNotNull(ps);
         assertEquals(1, ps.size());
         Principal p = (Principal)ps.iterator().next();
         assertTrue(p instanceof SimplePrincipal);
         assertEquals("nabopolassar", ((SimplePrincipal)p).getName());
View Full Code Here

      String user, pass;
      user = pair[0];
      pass = pair[1];
      Principal principal = new JMXPrincipal(user);
      Subject subject = new Subject();

      securityContext = SecurityFactory.establishSecurityContext(securityDomainName);
      am = securityContext.getAuthenticationManager();

      boolean result = am.isValid(principal, pass , subject);
      if( result ) {
         subject.setReadOnly();
      }
      else {
         throw new SecurityException("user authentication check failed");
      }
      return subject;
View Full Code Here

   {
      if (recoveryRegistered)
      {
         try
         {
            Subject subject = getSubject();

            // Check if we got a valid Subject instance; requirement for recovery
            if (subject != null)
            {
               ManagedConnection mc = open(subject);
View Full Code Here

         public Subject run()
         {
            if (recoverUserName != null && recoverPassword != null)
            {
               // User name and password use-case
               Subject subject = new Subject();

               // Principals
               Principal p = new SimplePrincipal(recoverUserName);
               subject.getPrincipals().add(p);

               // PrivateCredentials
               PasswordCredential pc = new PasswordCredential(recoverUserName, recoverPassword.toCharArray());
               pc.setManagedConnectionFactory(mcf);
               subject.getPrivateCredentials().add(pc);

               // PublicCredentials
               // None

               if (log.isDebugEnabled())
                  log.debug("Recovery Subject=" + subject);

               return subject;
            }
            else
            {
               // Security-domain use-case
               try
               {
                  // Create a security context on the association
                  SecurityContext securityContext = SecurityContextFactory.createSecurityContext(recoverSecurityDomain);
                  SecurityContextAssociation.setSecurityContext(securityContext);
              
                  // Unauthenticated
                  Subject unauthenticated = new Subject();
                 
                  // Leave the subject empty as we don't have any information to do the
                  // authentication with - and we only need it to be able to get the
                  // real subject from the SubjectFactory
                 
                  // Set the authenticated subject
                  securityContext.getSubjectInfo().setAuthenticatedSubject(unauthenticated);

                  // Select the domain
                  String domain = recoverSecurityDomain;
                  if (domain == null)
                     domain = securityDomain;

                  if (domain != null)
                  {
                     // Use the unauthenticated subject to get the real recovery subject instance
                     Subject subject = subjectFactory.createSubject(domain);

                     if (log.isDebugEnabled())
                        log.debug("Recovery Subject=" + subject);
                    
                     return subject;
View Full Code Here

         BasePool basePool = (BasePool)poolingStrategy;
         if (basePool.clf instanceof BaseConnectionManager2)
         {
            try {
               BaseConnectionManager2 baseConnectionMgr = (BaseConnectionManager2)basePool.clf;
               Subject subject = baseConnectionMgr.getSubjectFactory().createSubject(baseConnectionMgr.getSecurityDomainJndiName());
               result = internalTestConnection(subject);
            }
            catch ( Exception ignored // createSubject could throw security exception, ignore it
            {
              
View Full Code Here

      boolean isTrusted = containsTrustableRunAs(sc) || helper.isTrusted();

      if (!isTrusted)
      {
         // Check the security info from the method invocation
         Subject subject = new Subject();
         if (SecurityActions.isValid(helper, subject, m.getName()) == false)
         {
            // Notify authentication observer
            if (authenticationObserver != null)
               authenticationObserver.authenticationFailed();
            // Else throw a generic SecurityException
            String msg = "Authentication exception, principal=" + principal;
            throw new SecurityException(msg);
         }
         else
         {
            SecurityActions.pushSubjectContext(principal, credential, subject);
            if (trace)
            {
               log.trace("Authenticated principal=" + principal + " in security domain=" + sc.getSecurityDomain());
            }
         }
      }
      else
      {
         // Duplicate the current subject context on the stack since
         //SecurityActions.dupSubjectContext(); 
         SecurityActions.pushRunAsIdentity(callerRunAsIdentity);
      }

      Method ejbMethod = mi.getMethod();
      // Ignore internal container calls
      if (ejbMethod == null)
         return;
      // Get the caller
      Subject caller = SecurityActions.getContextSubject();
      if (caller == null)
         throw new IllegalStateException("Authenticated User. But caller subject is null");

      //Establish the deployment rolename-principalset custom mapping(if available)
      SecurityRolesAssociation.setSecurityRoles(this.deploymentRoles);
View Full Code Here

       boolean doesUserHaveRole = false;
       try
       {
          SecurityDomainContext sdc = lookupSecurityDomain(securityDomain);
          // Must first validate the user
          Subject subject = new Subject();
          boolean isValid = sdc.getSecurityManager().isValid(principal, credential, subject);
          if( isValid )
          {
             // Now can query if the authenticated Subject has the role
             SubjectActions.pushSubjectContext(principal, credential, subject,
View Full Code Here

       Set userRoles = null;
       try
       {
          SecurityDomainContext sdc = lookupSecurityDomain(securityDomain);
          // Must first validate the user
          Subject subject = new Subject();
          boolean isValid = sdc.getSecurityManager().isValid(principal, credential, subject);
          // Now can query if the authenticated Subject has the role
          if( isValid )
          {
            SubjectActions.pushSubjectContext(principal, credential, subject,
View Full Code Here

    */
   private void checkAuthorization(Principal caller, String objname, String opname)
      throws Exception
   {
      // Get the active Subject
      Subject subject = SecurityActions.getActiveSubject();
      if( subject == null )
         throw new SecurityException("No active Subject found, add th AuthenticationInterceptor");

      //We will try to use the authorizing class
      try
View Full Code Here

TOP

Related Classes of javax.security.auth.Subject$AuthPermissionHolder

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.