Package org.jboss.security

Examples of org.jboss.security.RunAs


            IdentityToken identityToken = absentIdentityToken;
            byte[] encodedAuthenticationToken = noAuthenticationToken;

            if ((secMech.sas_context_mech.target_supports & IdentityAssertion.value) != 0) {
                // will create identity token.
                RunAs runAs = SecurityContextAssociation.peekRunAsIdentity();
                Principal p = (runAs != null) ? runAs : SecurityContextAssociation.getPrincipal();

                if (p != null) {
                    // The name scope needs to be externalized.
                    String name = p.getName();
View Full Code Here


            return false;
        }

        RoleGroup roleGroup = null;

        RunAs runAs = securityContext.getIncomingRunAs();
        if (runAs != null && runAs instanceof RunAsIdentity) {
            RunAsIdentity runAsIdentity = (RunAsIdentity) runAs;
            roleGroup = runAsIdentity.getRunAsRolesAsRoleGroup();
        } else {
            AuthorizationManager am = securityContext.getAuthorizationManager();
View Full Code Here

        if (previous != null) {
            current.setSubjectInfo(previous.getSubjectInfo());
            current.setIncomingRunAs(previous.getOutgoingRunAs());
        }

        RunAs currentRunAs = current.getIncomingRunAs();
        boolean trusted = currentRunAs != null && currentRunAs instanceof RunAsIdentity;

        if (trusted == false) {
            /*
             * We should only be switching to a context based on an identity from the Remoting connection
             * if we don't already have a trusted identity - this allows for beans to reauthenticate as a
             * different identity.
             */
            boolean authenticated = false;
            if (SecurityActions.remotingContextIsSet()) {
                // In this case the principal and credential will not have been set to set some random values.
                SecurityContextUtil util = current.getUtil();

                UserInfo userInfo = SecurityActions.remotingContextGetConnection().getUserInfo();
                Principal p = null;
                String credential = null;
                Subject subject = null;
                if (userInfo instanceof SubjectUserInfo) {
                    SubjectUserInfo sinfo = (SubjectUserInfo) userInfo;
                    subject = sinfo.getSubject();

                    Set<PasswordCredential> pcSet = subject.getPrivateCredentials(PasswordCredential.class);
                    if (pcSet.size() > 0) {
                        PasswordCredential pc = pcSet.iterator().next();
                        p = new SimplePrincipal(pc.getUserName());
                        credential = new String(pc.getCredential());
                        SecurityActions.remotingContextClear(); // Now that it has been used clear it.
                    }
                    if ((p == null || credential == null) && userInfo instanceof UniqueIdUserInfo) {
                        UniqueIdUserInfo uinfo = (UniqueIdUserInfo) userInfo;
                        p = new SimplePrincipal(sinfo.getUserName());
                        credential = uinfo.getId();
                        // In this case we do not clear the RemotingContext as it is still to be used
                        // here extracting the ID just ensures we are not continually calling the modules
                        // for each invocation.
                    }
                }

                if (p == null || credential == null) {
                    p = new SimplePrincipal(UUID.randomUUID().toString());
                    credential = UUID.randomUUID().toString();
                }

                util.createSubjectInfo(p, credential, subject);
            }

            // If we have a trusted identity no need for a re-auth.
            if (authenticated == false) {
                authenticated = authenticate(current, null);
            }
            if (authenticated == false) {
                // TODO - Better type needed.
                throw SecurityMessages.MESSAGES.invalidUserException();
            }
        }

        if (runAs != null) {
            RunAs runAsIdentity = new RunAsIdentity(runAs, runAsPrincipal, extraRoles);
            current.setOutgoingRunAs(runAsIdentity);
        } else if (previous != null && previous.getOutgoingRunAs() != null) {
            // Ensure the propagation continues.
            current.setOutgoingRunAs(previous.getOutgoingRunAs());
        }
View Full Code Here

        if (previous != null) {
            current.setSubjectInfo(previous.getSubjectInfo());
            current.setIncomingRunAs(previous.getOutgoingRunAs());
        }

        RunAs currentRunAs = current.getIncomingRunAs();
        boolean trusted = currentRunAs != null && currentRunAs instanceof RunAsIdentity;

        if (trusted == false) {
            SecurityContextUtil util = current.getUtil();
            util.createSubjectInfo(new SimplePrincipal(userName), new String(password), subject);
View Full Code Here

      if(key == null)
         throw new IllegalArgumentException("Key is null");
      Map<String,Object> contextMap = securityContext.getData();
      if(RUNAS_IDENTITY_IDENTIFIER.equals(key))
      {
         RunAs runAs = securityContext.getOutgoingRunAs();
         //Move the caller RAI to current RAI
         securityContext.setOutgoingRunAs((RunAs) contextMap.get(CALLER_RAI_IDENTIFIER));
        
         //Clear the Caller RAI
         contextMap.remove(CALLER_RAI_IDENTIFIER);
View Full Code Here

   private void setRunAsIdentity(RunAsIdentity rai)
   {
      Map<String,Object> contextMap = securityContext.getData();
     
      //Move the current RAI on the sc into the caller rai
      RunAs currentRA = securityContext.getOutgoingRunAs();
      contextMap.put(CALLER_RAI_IDENTIFIER, currentRA);
     
      securityContext.setOutgoingRunAs(rai);
   }
View Full Code Here

            @Override
            public RunAs run() {
                SecurityContext sc = getSecurityContext();
                if (sc == null)
                    throw new IllegalStateException("SecurityContext is null");
                RunAs principal = sc.getOutgoingRunAs();
                sc.setOutgoingRunAs(null);
                return principal;
            }
        });
    }
View Full Code Here

      return (ISecurityManagement) clazz.newInstance();   
   }
  
   private boolean hasIncomingRunAsIdentity(SecurityContext sc)
   {
      RunAs incomingRunAs = sc.getIncomingRunAs();
      return incomingRunAs != null && incomingRunAs instanceof RunAsIdentity;
   }
View Full Code Here

      map.put(ResourceKeys.ROLEREF_PERM_CHECK, Boolean.TRUE);
     
      EJBResource ejbResource = new EJBResource(map);
      ejbResource.setPolicyContextID(contextID);
     
      RunAs callerRunAs = SecurityActions.getIncomingRunAs(securityContext);
     
      ejbResource.setEjbVersion(version);
      ejbResource.setEjbName(ejbName);
      ejbResource.setPrincipal(ejbPrincipal);
      ejbResource.setCallerRunAsIdentity(callerRunAs);
View Full Code Here

      if(key == null)
         throw new IllegalArgumentException("Key is null");
      Map<String,Object> contextMap = securityContext.getData();
      if(RUNAS_IDENTITY_IDENTIFIER.equals(key))
      {
         RunAs runAs = securityContext.getOutgoingRunAs();
         //Move the caller RAI to current RAI
         securityContext.setOutgoingRunAs((RunAs) contextMap.get(CALLER_RAI_IDENTIFIER));
        
         //Clear the Caller RAI
         contextMap.remove(CALLER_RAI_IDENTIFIER);
View Full Code Here

TOP

Related Classes of org.jboss.security.RunAs

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.