Package org.jboss.errai.bus.server.security.auth

Examples of org.jboss.errai.bus.server.security.auth.AuthSubject


      }
    });

    bus.subscribe(ErraiService.AUTHORIZATION_SERVICE, new MessageCallback() {
      public void callback(Message message) {
        AuthSubject subject = message.getResource(QueueSession.class, "Session")
            .getAttribute(AuthSubject.class, ErraiService.SESSION_AUTH_DATA);

        Message reply = MessageBuilder.createConversation(message).getMessage();

        if (subject != null) {
          reply.set(SecurityParts.Roles, subject.toRolesString());
          reply.set(SecurityParts.Name, subject.getUsername());
        }

        reply.sendNowWith(bus);
      }
    });
View Full Code Here


            }
        });

        bus.subscribe(ErraiService.AUTHORIZATION_SERVICE, new MessageCallback() {
            public void callback(Message message) {
                AuthSubject subject = message.getResource(QueueSession.class, "Session")
                        .getAttribute(AuthSubject.class, ErraiService.SESSION_AUTH_DATA);

                Message reply = MessageBuilder.createConversation(message).getMessage();

                if (subject != null) {
                    reply.set(SecurityParts.Roles, subject.toRolesString());
                    reply.set(SecurityParts.Name, subject.getUsername());
                }

                reply.sendNowWith(bus);
            }
        });
View Full Code Here

    public boolean decision(final Message message) {
        if (!message.hasResource("Session")) return false;
        else {

            AuthSubject subject = getSession(message).getAttribute(AuthSubject.class, ErraiService.SESSION_AUTH_DATA);

            if (subject == null) {
                /**
                 * Inform the client they must login.
                 */

                if ("LoginClient".equals(message.getSubject())) {
                    /**
                     * Make an exception for the LoginClient ...
                     */
                    return true;
                }


                // TODO: This reside with the "AuthenticationService" listener, no
                // i.e. by forwarding to that subject. See ErraiServiceImpl
                createMessage()
                        .toSubject("LoginClient")
                        .command(SecurityCommands.SecurityChallenge)
                        .with(SecurityParts.CredentialsRequired, "Name,Password")
                        .with(MessageParts.ReplyTo, ErraiService.AUTHORIZATION_SVC_SUBJECT)
                        .with(SecurityParts.RejectedMessage, ServerBusUtils.encodeJSON(message.getParts()))
                        .copyResource("Session", message)
                        .errorsHandledBy(new ErrorCallback() {
                            public boolean error(Message message, Throwable throwable) {
                                ErrorHelper.sendClientError(bus, message, throwable.getMessage(), throwable);
                                return false;
                            }
                        })
                        .sendNowWith(bus, false);

                return false;
            }

            if (!subject.getRoles().containsAll(requiredRoles)) {
                createConversation(message)
                        .toSubject("ClientErrorService")
                        .with(MessageParts.ErrorMessage, "Access denied to service: "
                                + message.get(String.class, MessageParts.ToSubject) +
                                " (Required Roles: [" + getRequiredRolesString() + "])")
View Full Code Here

    }

    public boolean decision(final Message message) {
        if (!message.hasResource("Session")) return false;
        else {
            AuthSubject subject = getSession(message).getAttribute(AuthSubject.class, ErraiService.SESSION_AUTH_DATA);

            if (subject == null) {
                /**
                 * Inform the client they must login.
                 */

                // TODO: This reside with the "AuthenticationService" listener, no
                // i.e. by forwarding to that subject. See ErraiServiceImpl
                createMessage()
                        .toSubject("LoginClient")
                        .command(SecurityCommands.SecurityChallenge)
                        .with(SecurityParts.CredentialsRequired, "Name,Password")
                        .with(MessageParts.ReplyTo, ErraiService.AUTHORIZATION_SVC_SUBJECT)
                        .with(SecurityParts.RejectedMessage, ServerBusUtils.encodeJSON(message.getParts()))
                        .copyResource("Session", message)
                        .errorsHandledBy(new ErrorCallback() {
                            public boolean error(Message message, Throwable throwable) {
                                ErrorHelper.sendClientError(bus, message, "Could not contact LoginClient to handle access denial, due to insufficient privileges for: " + message.getSubject(), throwable);
                                return false;
                            }
                        })
                        .sendNowWith(bus, false);

                return false;
            }

            if (!subject.getRoles().containsAll(requiredRoles)) {
                createConversation(message)
                        .toSubject("ClientErrorService")
                        .signalling()
                        .with(MessageParts.ErrorMessage, "Access denied to service: "
                                + message.get(String.class, MessageParts.ToSubject) +
View Full Code Here

    }

    public boolean decision(final Message message) {
        if (!message.hasResource("Session")) return false;
        else {
            AuthSubject subject = getSession(message).getAttribute(AuthSubject.class, ErraiService.SESSION_AUTH_DATA);

            if (subject == null) {
                /**
                 * Inform the client they must login.
                 */

                // TODO: This reside with the "AuthenticationService" listener, no
                // i.e. by forwarding to that subject. See ErraiServiceImpl
                createMessage()
                        .toSubject("LoginClient")
                        .command(SecurityCommands.SecurityChallenge)
                        .with(SecurityParts.CredentialsRequired, "Name,Password")
                        .with(MessageParts.ReplyTo, ErraiService.AUTHORIZATION_SVC_SUBJECT)
                        .with(SecurityParts.RejectedMessage, ServerBusUtils.encodeJSON(message.getParts()))
                        .copyResource("Session", message)
                        .errorsHandledBy(new ErrorCallback() {
                            public boolean error(Message message, Throwable throwable) {
                                ErrorHelper.sendClientError(bus, message, "Could not contact LoginClient to handle access denial, due to insufficient privileges for: " + message.getSubject(), throwable);
                                return false;
                            }
                        })
                        .sendNowWith(bus, false);

                return false;
            }

            if (!subject.getRoles().containsAll(requiredRoles)) {
                createConversation(message)
                        .toSubject("ClientErrorService")
                        .signalling()
                        .with(MessageParts.ErrorMessage, "Access denied to service: "
                                + message.get(String.class, MessageParts.ToSubject) +
View Full Code Here

            }
        });

        bus.subscribe("AuthorizationService", new MessageCallback() {
            public void callback(Message message) {
                AuthSubject subject = message.getResource(QueueSession.class, "Session")
                        .getAttribute(AuthSubject.class, ErraiService.SESSION_AUTH_DATA);

                Message reply = MessageBuilder.createConversation(message).getMessage();

                if (subject != null) {
                    reply.set(SecurityParts.Roles, subject.toRolesString());
                    reply.set(SecurityParts.Name, subject.getUsername());
                }

                reply.sendNowWith(bus);
            }
        });
View Full Code Here

                .setString("name", name)
                .setString("password", password)
                .uniqueResult();

        if (userObj != null) {
            AuthSubject authSubject = new AuthSubject(name, name, (Collection) MVEL.getProperty(rolesField, userObj));

            /**
             * If we got this far, then the authentication succeeded. So grab access to the HTTPSession and
             * add the authorization token.
             */
            addAuthenticationToken(message, authSubject);

            /**
             * Prepare to send a message back to the client, informing it that a successful login has
             * been performed.
             */
            createConversation(message)
                    .subjectProvided()
                    .command(SecurityCommands.SuccessfulAuth)
                    .with(SecurityParts.Roles, authSubject.toRolesString())
                    .with(SecurityParts.Name, name)
                    .noErrorHandling()
                    .sendNowWith(bus);
        } else {
            /**
 
View Full Code Here

      }
    });

    bus.subscribe(ErraiService.AUTHORIZATION_SERVICE, new MessageCallback() {
      public void callback(Message message) {
        AuthSubject subject = message.getResource(QueueSession.class, "Session")
            .getAttribute(AuthSubject.class, ErraiService.SESSION_AUTH_DATA);

        Message reply = MessageBuilder.createConversation(message).getMessage();

        if (subject != null) {
          reply.set(SecurityParts.Roles, subject.toRolesString());
          reply.set(SecurityParts.Name, subject.getUsername());
        }

        reply.sendNowWith(bus);
      }
    });
View Full Code Here

  public boolean decision(final Message message) {
    if (!message.hasResource("Session")) return false;
    else {

      AuthSubject subject = getSession(message).getAttribute(AuthSubject.class, ErraiService.SESSION_AUTH_DATA);

      if (subject == null) {
        /**
         * Inform the client they must login.
         */

        if ("LoginClient".equals(message.getSubject())) {
          /**
           * Make an exception for the LoginClient ...
           */
          return true;
        }


        // TODO: This reside with the "AuthenticationService" listener, no
        // i.e. by forwarding to that subject. See ErraiServiceImpl
        createMessage()
            .toSubject("LoginClient")
            .command(SecurityCommands.SecurityChallenge)
            .with(SecurityParts.CredentialsRequired, "Name,Password")
            .with(MessageParts.ReplyTo, ErraiService.AUTHORIZATION_SVC_SUBJECT)
            .with(SecurityParts.RejectedMessage, ServerBusTools.encodeMessage(message))
            .copyResource("Session", message)
            .errorsHandledBy(new ErrorCallback() {
              public boolean error(Message message, Throwable throwable) {
                ErrorHelper.sendClientError(bus, message, throwable.getMessage(), throwable);
                return false;
              }
            })
            .sendNowWith(bus, false);

        return false;
      }

      if (!subject.getRoles().containsAll(requiredRoles)) {
        createConversation(message)
            .toSubject("ClientErrorService")
            .with(MessageParts.ErrorMessage, "Access denied to service: "
                + message.get(String.class, MessageParts.ToSubject) +
                " (Required Roles: [" + getRequiredRolesString() + "])")
View Full Code Here

        .setString("name", name)
        .setString("password", password)
        .uniqueResult();

    if (userObj != null) {
      AuthSubject authSubject = new AuthSubject(name, name, (Collection) MVEL.getProperty(rolesField, userObj));

      /**
       * If we got this far, then the authentication succeeded. So grab access to the HTTPSession and
       * add the authorization token.
       */
      addAuthenticationToken(message, authSubject);

      /**
       * Prepare to send a message back to the client, informing it that a successful login has
       * been performed.
       */
      createConversation(message)
          .subjectProvided()
          .command(SecurityCommands.SuccessfulAuth)
          .with(SecurityParts.Roles, authSubject.toRolesString())
          .with(SecurityParts.Name, name)
          .noErrorHandling()
          .sendNowWith(bus);
    } else {
      /**
 
View Full Code Here

TOP

Related Classes of org.jboss.errai.bus.server.security.auth.AuthSubject

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.