Examples of org.apache.cxf.security.SecurityContext

• org.apache.cxf.security.SecurityContext
  Provides basic security information about the current message exchange

        ServletContext servletContext =
            (ServletContext)request.getAttribute(WebServiceContainer.SERVLET_CONTEXT);
        message.put(MessageContext.SERVLET_CONTEXT, servletContext);

        if (this.passSecurityContext) {
            message.put(SecurityContext.class, new SecurityContext() {
                public Principal getUserPrincipal() {
                    return servletRequest.getUserPrincipal();
                }
                public boolean isUserInRole(String role) {
                    return servletRequest.isUserInRole(role);

    /**
     * Get the Issuer of the SAML Assertion
     */
    private String getIssuer(Message message) throws WSSecurityException {
        SecurityContext sc = message.get(SecurityContext.class);

        if (sc instanceof SAMLSecurityContext) {
            Element assertionElement = ((SAMLSecurityContext)sc).getAssertionElement();
            if (assertionElement != null) {
                AssertionWrapper wrapper = new AssertionWrapper(assertionElement);

        super(Phase.PRE_INVOKE);
        OpenSAMLUtil.initSamlEngine();
    }

    public void handleMessage(Message message) throws Fault {
        SecurityContext sc = message.get(SecurityContext.class);

        if (sc instanceof LoginSecurityContext) {
            Principal principal = sc.getUserPrincipal();

            LoginSecurityContext loginSecurityContext = (LoginSecurityContext)sc;
            Set<Principal> principalRoles = loginSecurityContext.getUserRoles();
            List<String> roles = new ArrayList<String>();
            if (principalRoles != null) {

    }

    @org.junit.Test
    public void testPermit() throws Exception {
        // Mock up a Security Context
        SecurityContext sc = createSecurityContext("alice", "manager");

        String operation = "{http://www.example.org/contract/DoubleIt}DoubleIt";
        MessageImpl msg = new MessageImpl();
        msg.put(Message.WSDL_OPERATION, QName.valueOf(operation));
        String service = "{http://www.example.org/contract/DoubleIt}DoubleItService";

    }

    @org.junit.Test
    public void testDeny() throws Exception {
        // Mock up a Security Context
        SecurityContext sc = createSecurityContext("alice", "boss");

        String operation = "{http://www.example.org/contract/DoubleIt}DoubleIt";
        MessageImpl msg = new MessageImpl();
        msg.put(Message.WSDL_OPERATION, QName.valueOf(operation));
        String service = "{http://www.example.org/contract/DoubleIt}DoubleItService";

            boolean allow = OAuthConstants.AUTHORIZATION_DECISION_ALLOW.equals(decision);

            Map<String, String> queryParams = new HashMap<String, String>();
            if (allow) {
                SecurityContext sc = (SecurityContext)mc.get(SecurityContext.class.getName());
                List<String> roleNames = Collections.emptyList();
                if (sc instanceof LoginSecurityContext) {
                    roleNames = new ArrayList<String>();
                    Set<Principal> roles = ((LoginSecurityContext)sc).getUserRoles();
                    for (Principal p : roles) {
                        roleNames.add(p.getName());
                    }
                }
                token.setSubject(new UserSubject(sc.getUserPrincipal() == null
                    ? null : sc.getUserPrincipal().getName(), roleNames));

                AuthorizationInput input = new AuthorizationInput();
                input.setToken(token);

                Set<OAuthPermission> approvedScopesSet = new HashSet<OAuthPermission>();

            inMessage.put(Message.BASE_PATH, basePath);
        }
        inMessage.put(Message.FIXED_PARAMETER_ORDER, isFixedParameterOrder());
        inMessage.put(Message.ASYNC_POST_RESPONSE_DISPATCH, Boolean.TRUE);
        final Principal pp = req.getUserPrincipal();
        inMessage.put(SecurityContext.class, new SecurityContext() {
            public Principal getUserPrincipal() {
                return pp;
            }
            public boolean isUserInRole(String role) {
                return req.isUserInRole(role);

        request.setAttribute("oauth_authorities", info.getRoles());

        UserSubject subject = info.getToken().getSubject();

        final UserSubject theSubject = subject;
        return new SecurityContext() {

            public Principal getUserPrincipal() {
                String login = AbstractAuthFilter.this.useUserSubject
                    ? (theSubject != null ? theSubject.getLogin() : null)
                    : info.getToken().getClient().getLoginName();

        }
    }

    protected void setSecurityContext(Message message, AssertionWrapper wrapper) {
        if (scProvider != null) {
            SecurityContext sc = scProvider.getSecurityContext(message, wrapper);
            message.put(SecurityContext.class, sc);
        }
    }

    public SecurityContext getSecurityContext(Message message,
            AssertionWrapper wrapper) {
        Claims claims = getClaims(wrapper);
        Subject subject = getSubject(message, wrapper, claims);
        SecurityContext securityContext = doGetSecurityContext(message, subject, claims);
        if (securityContext instanceof SAMLSecurityContext) {
            Element assertionElement = wrapper.getElement();
            ((SAMLSecurityContext)securityContext).setAssertionElement(assertionElement);
        }
        return securityContext;