Examples of org.jboss.security.RunAs

• org.jboss.security.RunAs
  Represent an entity X with a proof of identity Y @author Anil.Saldhana@redhat.com @since Mar 6, 2007 @version $Revision$

      if(key == null)
         throw new IllegalArgumentException("Key is null");
      Map<String,Object> contextMap = securityContext.getData();
      if(RUNAS_IDENTITY_IDENTIFIER.equals(key))
      {
         RunAs runAs = securityContext.getOutgoingRunAs();
         //Move the caller RAI to current RAI
         securityContext.setOutgoingRunAs((RunAs) contextMap.get(CALLER_RAI_IDENTIFIER));

         //Clear the Caller RAI
         contextMap.remove(CALLER_RAI_IDENTIFIER);

   private void setRunAsIdentity(RunAsIdentity rai)
   {
      Map<String,Object> contextMap = securityContext.getData();

      //Move the current RAI on the sc into the caller rai
      RunAs currentRA = securityContext.getOutgoingRunAs();
      contextMap.put(CALLER_RAI_IDENTIFIER, currentRA);

      securityContext.setOutgoingRunAs(rai);
   }

            IdentityToken identityToken = absentIdentityToken;
            byte[] encodedAuthenticationToken = noAuthenticationToken;

            if ((secMech.sas_context_mech.target_supports & IdentityAssertion.value) != 0) {
                // will create identity token.
                RunAs runAs = SecurityActions.peekRunAsIdentity();
                Principal p = (runAs != null) ? runAs : SecurityActions.getPrincipal();

                if (p != null) {
                    // The name scope needs to be externalized.
                    String name = p.getName();

    @Override
    public void handleRequest(final HttpServerExchange exchange) throws Exception {
        SecurityContext sc = exchange.getAttachment(UndertowSecurityAttachments.SECURITY_CONTEXT_ATTACHMENT);
        RunAsIdentityMetaData identity = null;
        RunAs old = null;
        try {
            final ServletChain servlet = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getCurrentServlet();
            identity = runAsIdentityMetaDataMap.get(servlet.getManagedServlet().getServletInfo().getName());
            RunAsIdentity runAsIdentity = null;
            if (identity != null) {

        this.runAsIdentityMetaDataMap = runAsIdentityMetaDataMap;
    }

    private void handle(ServletInfo servletInfo, LifecycleContext context) throws ServletException {
        RunAsIdentityMetaData identity = null;
        RunAs old = null;
        SecurityContext sc = SecurityActions.getSecurityContext();
        if (sc == null) {
            context.proceed();
            return;
        }

                @Override
                public RunAs run() {
                    if (sc == null) {
                        throw UndertowLogger.ROOT_LOGGER.noSecurityContext();
                    }
                    RunAs old = sc.getOutgoingRunAs();
                    sc.setOutgoingRunAs(principal);
                    return old;
                }
            });
        } else {
            if (sc == null) {
                throw UndertowLogger.ROOT_LOGGER.noSecurityContext();
            }
            RunAs old = sc.getOutgoingRunAs();
            sc.setOutgoingRunAs(principal);
            return old;
        }
    }

                @Override
                public RunAs run() {
                    if (sc == null) {
                        throw UndertowLogger.ROOT_LOGGER.noSecurityContext();
                    }
                    RunAs principal = sc.getOutgoingRunAs();
                    sc.setOutgoingRunAs(null);
                    return principal;
                }
            });
        } else {
            if (sc == null) {
                throw UndertowLogger.ROOT_LOGGER.noSecurityContext();
            }
            RunAs principal = sc.getOutgoingRunAs();
            sc.setOutgoingRunAs(null);
            return principal;
        }
    }

        if (propagate && previous != null) {
            current.setSubjectInfo(getSubjectInfo(previous));
            current.setIncomingRunAs(previous.getOutgoingRunAs());
        }

        RunAs currentRunAs = current.getIncomingRunAs();
        boolean trusted = currentRunAs != null && currentRunAs instanceof RunAsIdentity;

        if (trusted == false) {
            /*
             * We should only be switching to a context based on an identity from the Remoting connection if we don't already

        if (propagate &&  previous != null) {
            current.setSubjectInfo(getSubjectInfo(previous));
            current.setIncomingRunAs(previous.getOutgoingRunAs());
        }

        RunAs currentRunAs = current.getIncomingRunAs();
        boolean trusted = currentRunAs != null && currentRunAs instanceof RunAsIdentity;

        if (trusted == false) {
            SecurityContextUtil util = current.getUtil();
            util.createSubjectInfo(new SimplePrincipal(userName), new String(password), subject);

            throw SecurityLogger.ROOT_LOGGER.invalidUserException();
        }

        SecurityContext previous = contexts.peek();
        if (runAs != null) {
            RunAs runAsIdentity = new RunAsIdentity(runAs, runAsPrincipal, extraRoles);
            context.setOutgoingRunAs(runAsIdentity);
        } else if (propagate && previous != null && previous.getOutgoingRunAs() != null) {
            // Ensure the propagation continues.
            context.setOutgoingRunAs(previous.getOutgoingRunAs());
        }