if (previous != null) {
current.setSubjectInfo(previous.getSubjectInfo());
current.setIncomingRunAs(previous.getOutgoingRunAs());
}
RunAs currentRunAs = current.getIncomingRunAs();
boolean trusted = currentRunAs != null && currentRunAs instanceof RunAsIdentity;
// TODO - Set unauthenticated identity if no auth to occur
if (trusted == false) {
if (RemotingContext.isSet()) {
// In this case the principal and credential will not have been set to set some random values.
SecurityContextUtil util = current.getUtil();
Principal p = new SimplePrincipal(UUID.randomUUID().toString());
String credential = UUID.randomUUID().toString();
util.createSubjectInfo(p, credential, null);
}
// If we have a trusted identity no need for a re-auth.
boolean authenticated = authenticate(current);
if (authenticated == false) {
// TODO - Better type needed.
throw new SecurityException("Invalid User");
}
}
if (runAs != null) {
RunAs runAsIdentity = new RunAsIdentity(runAs, runAsPrincipal, extraRoles);
current.setOutgoingRunAs(runAsIdentity);
} else if (previous != null && previous.getOutgoingRunAs() != null) {
// Ensure the propagation continues.
current.setOutgoingRunAs(previous.getOutgoingRunAs());
}