*/
LOGGER.debug(securityContext);
}
}
final SecurityService securityService = SecurityServiceFactory.getSecurityService();
final String moduleName = securityConf.getModuleName() ;
if (securityContext == null || !securityContext.isValid() || ((moduleName != null) && !moduleName.equals(securityContext.getDomain())))
{
if (authRequest == null)
{
throw new SecurityServiceException("Service '" + serviceName + "' has been configured for security but no AuthenticationRequest could be located in the Message Context. Cannot authenticate without an AuthenticationRequest.");
}
// No existing security context exist or it had expired. Create a new one to drive the autentication.
securityContext = new SecurityContext(new Subject(), getSecurityContextTimeout(securityConf), moduleName);
// Authenticate the caller
securityService.authenticate(securityConf, securityContext, authRequest);
// Store the encrypted security context. Will be re-attached to outgoing messages.
SecurityContext.setSecurityContext(SecurityContext.encryptContext(securityContext));
}
// Check that the caller is a member of atleast one of the declared roles.
if (!securityService.checkRolesAllowed(securityConf.getRolesAllowed(), securityContext))
{
throw new SecurityServiceException("Caller did not belong to any of the rolesAllowed " + securityConf.getRolesAllowed());
}
}
}