Examples of org.jboss.security.SecurityContext

• org.jboss.security.SecurityContext
  Encapsulation of Authentication, Authorization, Mapping and other security aspects at the level of a security domain @author Anil Saldhana @version $Revision$ @since Aug 24, 2006

      }
   }

   private SecurityContext createSecurityContext()
   {
      SecurityContext securityContext = null;
      try
      {
         securityContext =
            SecurityAssociationActions.createSecurityContext(this.configuredSecurityDomainName,
               this.securityContextClass);
      }
      catch (PrivilegedActionException e)
      {
         throw new RuntimeException(e);
      }

      securityContext.setSecurityManagement(securityManagement);
      return securityContext;
   }

   @Override
   public void event(Request request, Response response, HttpEvent event)
      throws IOException, ServletException
   {
      SecurityContext cachedContext = null;

      boolean createdSecurityContext = false;
      //Set the security context if one is unavailable
      SecurityContext sc = SecurityAssociationActions.getSecurityContext();
      if(sc != null &&
            sc.getSecurityDomain().equals(configuredSecurityDomainName) == false)
      {
         cachedContext = sc;
         SecurityContext newSC = createSecurityContext();
         SecurityAssociationActions.setSecurityContext(newSC);
         createdSecurityContext = true;
      }

      if(sc == null)

      Principal getCallerPrincipalInternal()
      {
         if( beanPrincipal == null )
         {
            RealmMapping rm = con.getRealmMapping();
            SecurityContext sc = SecurityActions.getSecurityContext();
            Principal caller = null;
            try
            {
               caller = SecurityHelperFactory.getEJBAuthorizationHelper(sc).getCallerPrincipal();
            }

         {
           if(log.isTraceEnabled())
              log.trace("PolicyContextException in getting caller subject:",pe);
         }

         SecurityContext sc = SecurityActions.getSecurityContext();
         String ejbName = container.getBeanMetaData().getEjbName();

         try
         {
            return SecurityActions.isCallerInRole(sc, roleName,

      AccessController.doPrivileged(new PrivilegedAction<Void>()
      {

         public Void run()
         {
            final SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
            if (securityContext == null)
            {
               throw new IllegalStateException("Security Context is null");
            }

            securityContext.getUtil().createSubjectInfo(principal, credential, subject);

            return null;
         }
      });
   }

      {
         Subject caller = this.establishSubjectContext(request.getPrincipal());

         PolicyRegistration policyRegistration = getPolicyRegistration();

         SecurityContext sc = SecurityAssociationActions.getSecurityContext();
         Map<String, Object> contextMap = new HashMap<String, Object>();
         contextMap.put(ResourceKeys.RESOURCE_PERM_CHECK, Boolean.TRUE);
         contextMap.put(ResourceKeys.POLICY_REGISTRATION, policyRegistration);
         contextMap.put("securityConstraints", securityConstraints);

      boolean authzDecision = ignoreJBossAuthorization ? true : false;
      boolean baseDecision = ignoreBaseDecision ? true : super.hasRole(principal, role);

      if (baseDecision && !ignoreJBossAuthorization)
      {
         SecurityContext sc = SecurityAssociationActions.getSecurityContext();

         AbstractWebAuthorizationHelper helper = null;
         try
         {
            helper = SecurityHelperFactory.getWebAuthorizationHelper(sc);

         establishSubjectContext(requestPrincipal);
         Map<String, Object> map = new HashMap<String, Object>();
         map.put("securityConstraints", constraints);
         map.put(ResourceKeys.USERDATA_PERM_CHECK, Boolean.TRUE);

         SecurityContext sc = SecurityAssociationActions.getSecurityContext();
         AbstractWebAuthorizationHelper helper = null;
         try
         {
            helper = SecurityHelperFactory.getWebAuthorizationHelper(sc);
         }

      contextMap.put("Source", getClass().getName());
      AuditEvent ae = new AuditEvent(level);
      ae.setContextMap(contextMap);
      ae.setUnderlyingException(e);

      SecurityContext sc = SecurityAssociationActions.getSecurityContext();
      if (sc != null)
      {
         AuditManager auditManager = sc.getAuditManager();
         if (auditManager != null)
            auditManager.audit(ae);
         else
            log.trace("Audit Manager obtained from Security Context is null");
      }

    @Override
    public void pushSubjectContext(final Subject subject, final Principal principal, final Object credential) {
        AccessController.doPrivileged(new PrivilegedAction<Void>() {

            public Void run() {
                SecurityContext securityContext = SecurityContextAssociation.getSecurityContext();
                if (securityContext == null) {
                    securityContext = createSecurityContext(getSecurityDomain());
                    setSecurityContextOnAssociation(securityContext);
                }
                securityContext.getUtil().createSubjectInfo(principal, credential, subject);
                return null;
            }
        });
    }