Package org.jboss.security

Examples of org.jboss.security.RunAs


   private void setRunAsIdentity(RunAsIdentity rai)
   {
      Map<String,Object> contextMap = securityContext.getData();
     
      //Move the current RAI on the sc into the caller rai
      RunAs currentRA = securityContext.getOutgoingRunAs();
      contextMap.put(CALLER_RAI_IDENTIFIER, currentRA);
     
      securityContext.setOutgoingRunAs(rai);
   }
View Full Code Here


public class JavaEETrustModule extends AbstractIdentityTrustModule
   @Override
   public TrustDecision isTrusted() throws IdentityTrustException
   {
      RunAs runAs = this.securityContext.getIncomingRunAs();
      if(runAs instanceof RunAsIdentity )
      {
         RunAsIdentity runAsIdentity = (RunAsIdentity)runAs;
         if(SecurityConstants.JAVAEE.equals(runAsIdentity.getProof()))
               return TrustDecision.Permit;
View Full Code Here

      }
      SecurityContext sc = scb.getSecurityContext();
     
      //Handle the case of Incoming RunAs
      Principal callerPrincipal = null;
      RunAs callerRunAs = sc.getIncomingRunAs();
      if(callerRunAs != null)
      {
         callerPrincipal = new SimplePrincipal(callerRunAs.getName());
      }
     
      RoleGroup roles = this.getCurrentRoles(callerPrincipal, authenticatedSubject, sc);
      if(roles == null)
         roles = new SimpleRoleGroup(SecurityConstants.ROLES_IDENTIFIER);
View Full Code Here

            @Override
            public RunAs run() {
                SecurityContext sc = getSecurityContext();
                if (sc == null)
                    throw new IllegalStateException("SecurityContext is null");
                RunAs principal = sc.getOutgoingRunAs();
                sc.setOutgoingRunAs(null);
                return principal;
            }
        });
    }
View Full Code Here

                    runAs = role.getName();
                }
                roles.add(role.getName());
            }
        }
        RunAs new_jb_runAs = runAs != null ? new RunAsIdentity(runAs, principal != null ? principal.getName() : null, roles) : null;
        org.jboss.security.SecurityContext old_jb_securityContext = SecurityContextAssociation.getSecurityContext();
        if (old_jb_securityContext == null) {
            Set<Object> credentials = subject.getPrivateCredentials();
            Object credential = !credentials.isEmpty() ? credentials.iterator().next() : null;
            org.jboss.security.SecurityContext new_jb_securityContext = SecurityContextFactory.createSecurityContext(securityDomain);
            SecurityContextAssociation.setSecurityContext(new_jb_securityContext);
            if (rolesGroup != null) {
                RoleGroup roleGroup = new SimpleRoleGroup(rolesGroup);
                Identity identity = CredentialIdentityFactory.createIdentity(principal, credential, roleGroup);
                new_jb_securityContext.getUtil().createSubjectInfo(identity, subject);
                new_jb_securityContext.getSubjectInfo().setRoles(roleGroup);
            } else {
                Identity identity = CredentialIdentityFactory.createIdentity(principal, credential);
                new_jb_securityContext.getUtil().createSubjectInfo(identity, subject);
            }
            if (new_jb_runAs != null) {
                new_jb_securityContext.setOutgoingRunAs(new_jb_runAs);
            }
            return new JBossContainerContext(null, null, null);
        } else {
            RoleGroup old_jb_roleGroup = old_jb_securityContext.getSubjectInfo().getRoles();
            if (rolesGroup != null) {
                old_jb_securityContext.getSubjectInfo().setRoles(new SimpleRoleGroup(rolesGroup));
            }
            RunAs old_jb_runAs = old_jb_securityContext.getOutgoingRunAs();
            if (new_jb_runAs != null) {
                old_jb_securityContext.setOutgoingRunAs(new_jb_runAs);
            }
            return new JBossContainerContext(old_jb_securityContext, old_jb_roleGroup, old_jb_runAs);
        }
View Full Code Here

         @Override
         public RunAs run() {
            SecurityContext sc = getSecurityContext();
            if (sc == null)
               throw MESSAGES.noSecurityContext();
            RunAs principal = sc.getOutgoingRunAs();
            sc.setOutgoingRunAs(null);
            return principal;
         }
      });
   }
View Full Code Here

public class JavaEETrustModule extends AbstractIdentityTrustModule
   @Override
   public TrustDecision isTrusted() throws IdentityTrustException
   {
      RunAs runAs = this.securityContext.getIncomingRunAs();
      if(runAs instanceof RunAsIdentity )
      {
         RunAsIdentity runAsIdentity = (RunAsIdentity)runAs;
         if(SecurityConstants.JAVAEE.equals(runAsIdentity.getProof()))
               return TrustDecision.Permit;
View Full Code Here

            return false;
        }

        RoleGroup roleGroup = null;

        RunAs runAs = securityContext.getIncomingRunAs();
        if (runAs != null && runAs instanceof RunAsIdentity) {
            RunAsIdentity runAsIdentity = (RunAsIdentity) runAs;
            roleGroup = runAsIdentity.getRunAsRolesAsRoleGroup();
        } else {
            AuthorizationManager am = securityContext.getAuthorizationManager();
View Full Code Here

        if (previous != null) {
            current.setSubjectInfo(previous.getSubjectInfo());
            current.setIncomingRunAs(previous.getOutgoingRunAs());
        }

        RunAs currentRunAs = current.getIncomingRunAs();
        boolean trusted = currentRunAs != null && currentRunAs instanceof RunAsIdentity;

        if (trusted == false) {
            /*
             * We should only be switching to a context based on an identity from the Remoting connection
             * if we don't already have a trusted identity - this allows for beans to reauthenticate as a
             * different identity.
             */
            boolean authenticated = false;
            if (RemotingContext.isSet()) {
                // In this case the principal and credential will not have been set to set some random values.
                SecurityContextUtil util = current.getUtil();

                UserInfo userInfo = RemotingContext.getConnection().getUserInfo();
                Principal p = null;
                String credential = null;
                Subject subject = null;
                if (userInfo instanceof SubjectUserInfo) {
                    SubjectUserInfo sinfo = (SubjectUserInfo) userInfo;
                    subject = sinfo.getSubject();

                    Set<PasswordCredential> pcSet = subject.getPrivateCredentials(PasswordCredential.class);
                    if (pcSet.size() > 0) {
                        PasswordCredential pc = pcSet.iterator().next();
                        p = new SimplePrincipal(pc.getUserName());
                        credential = new String(pc.getCredential());
                        RemotingContext.clear(); // Now that it has been used clear it.
                    }
                }
                if (p == null || credential == null) {
                    p = new SimplePrincipal(UUID.randomUUID().toString());
                    credential = UUID.randomUUID().toString();
                }

                util.createSubjectInfo(p, credential, subject);
            }

            // If we have a trusted identity no need for a re-auth.
            if (authenticated == false) {
                authenticated = authenticate(current);
            }
            if (authenticated == false) {
                // TODO - Better type needed.
                throw SecurityMessages.MESSAGES.invalidUserException();
            }
        }

        if (runAs != null) {
            RunAs runAsIdentity = new RunAsIdentity(runAs, runAsPrincipal, extraRoles);
            current.setOutgoingRunAs(runAsIdentity);
        } else if (previous != null && previous.getOutgoingRunAs() != null) {
            // Ensure the propagation continues.
            current.setOutgoingRunAs(previous.getOutgoingRunAs());
        }
View Full Code Here

      if(key == null)
         throw new IllegalArgumentException("Key is null");
      Map<String,Object> contextMap = securityContext.getData();
      if(RUNAS_IDENTITY_IDENTIFIER.equals(key))
      {
         RunAs runAs = securityContext.getOutgoingRunAs();
         //Move the caller RAI to current RAI
         securityContext.setOutgoingRunAs((RunAs) contextMap.get(CALLER_RAI_IDENTIFIER));
        
         //Clear the Caller RAI
         contextMap.remove(CALLER_RAI_IDENTIFIER);
View Full Code Here

TOP

Related Classes of org.jboss.security.RunAs

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.