Examples of SecurityContext

• br.gov.frameworkdemoiselle.security.SecurityContext
  Structure used to handle both authentication and authorizations mechanisms. @author SERPRO
• com.force.sdk.oauth.context.SecurityContext
  Interface representing the standard fields stored when a user is authenticated. After authentication the security context is stored and made available to the thread processing the user's request. @author John Simone
• com.hazelcast.security.SecurityContext
  SecurityContext is responsible for managing lifecycle of security object such as {@link ICredentialsFactory}, {@link IPermissionPolicy} etc, to creating {@link LoginContext}es for member and client authentications and checking permissions for client operations.
• com.sas.svcs.authentication.client.SecurityContext
• com.sun.enterprise.common.iiop.security.SecurityContext
  A subject is used a container for passing the security context information in the service context field. The security context information in the subject must be stored either as a private or a public credential according to the following convention: PasswordCredential: Client authentication will be performed using the username and password in the PasswordCredential. PasswordCredential must be passed as a PrivateCredential. X500Name: DN name specified in X500Name will be asserted. X500Name must be passed as a PublicCredential. GSSUPName: Identity specified in GSSUPName will be asserted. GSSUPName must be passed as a PublicCredential. X509CertificateCredential: The certificate chain in the credential will be asserted. The credential must be passed as a PublicCredential. AnonCredential: Anonymous identity will be asserted. Credential must be passed as a PublicCredential. Class fields in the SecurityContext are used for credential selection. There are two class fields: authcls and identcls. authcls is a Class object that identifies the credential for client authentication. identcls is a Class object that identifies the credential for identity assertion. The following semantics must be observed: 1. A client authentication token is always passed as a private credential. authcls set to the class of the authentication token 2. An identity token is always passed as a public credential. identcls is set to the class of the identity token. 3. authcls is set to null if there is no client auth token 4. identcls is set to null if there is no ident token 5. There must not be more than one instance of class identified by authcls or identcls. However, there can be one instance of identcls *and* authcls (this allows both a client auth token and an identity token to be passed across the interface).
• com.sun.enterprise.security.SecurityContext
  This class that extends AbstractSecurityContext that gets stored in Thread Local Storage. If the current thread creates child threads, the SecurityContext stored in the current thread is automatically propogated to the child threads. This class is used on the server side to represent the security context. Thread Local Storage is a concept introduced in JDK1.2. @see java.lang.ThreadLocal @see java.lang.InheritableThreadLocal @author Harish Prabandham @author Harpreet Singh
• com.tll.server.SecurityContext
  SecurityContext - {@link SecurityContext} impl. @author jpk
• inspiredbyte.examples.rules.annotations.SecurityContext
• io.undertow.security.api.SecurityContext
  The security context. This context is attached to the exchange and holds all security related information. @author Stuart Douglas @author Darran Lofthouse @see io.undertow.security.impl.SecurityContextImpl
• javax.ws.rs.core.SecurityContext
  An injectable interface that provides access to security related information. @see Context
• javolution.context.SecurityContext
  class defines custom policy with regards to database access. public abstract class DatabaseAccess extends SecurityContext { public static boolean isReadAllowed(Table table) { SecurityContext policy = SecurityContext.current(); return (policy instanceof DatabaseAccess.Permission) ? ((DatabaseAccess.Permission)policy).isReadable(table) : false; } public interface Permission { boolean isReadable(Table table); boolean isWritable(Table table); } }[/code]

  The use of interfaces (such as Permission above) makes it easy for custom policies to support any security actions. For example:[code] class Policy extends SecurityContext implements DatabaseAccess.Permission, FileAccess.Permission { public boolean isReadable(Table table) { return !table.isPrivate(); } public boolean isWritable(Table table) { return Session.getSession().getUser().isAdministrator(); } public boolean isReadable(File file) { return true; } public boolean isWritable(File file) { return false; } } ... Policy localPolicy = new Policy(); SecurityContext.enter(localPolicy); // Current thread overrides default policy (configurable) try { // (if allowed, ref. SecurityContext.isReplaceable()) ... DatabaseAccess.isReadAllowed(table); ... FileAccess.isWriteAllowed(file); ... } finally { SecurityContext.exit(); }[/code]

  The default permissions managed by the {@link #DEFAULT} implementationare the permission to {@link #isReplaceable replace} the current securitycontext by default) and the permission to {@link #isConfigurable configure}the application.

  @author Jean-Marie Dautelle @version 5.2, August 5, 2007
• juzu.request.SecurityContext
  @author Julien Viet
• net.jini.security.SecurityContext
  shot context SecurityContext ctx = Security.getContext(); // restore context AccessController.doPrivileged( ctx.wrap(action), ctx.getAccessControlContext()); @author Sun Microsystems, Inc. @since 2.0
• oracle.adf.share.security.SecurityContext
• org.acegisecurity.context.SecurityContext
  Interface defining the minimum security information associated with the current thread of execution.

  The security context is stored in a {@link SecurityContextHolder}.

  @author Ben Alex @version $Id: SecurityContext.java 1784 2007-02-24 21:00:24Z luke_t $
• org.apache.activemq.security.SecurityContext
  Used to cache up authorizations so that subsequent requests are faster. @version $Revision$
• org.apache.airavata.gfac.SecurityContext
• org.apache.airavata.gfac.context.security.SecurityContext
• org.apache.cxf.security.SecurityContext
  Provides basic security information about the current message exchange
• org.apache.tuscany.sca.host.http.SecurityContext
  A class to store policy context to enable Security QoS to HTTP binding
• org.beangle.security.core.context.SecurityContext
  Interface defining the minimum security information associated with the current thread of execution.

  The security context is stored in a {@link SecurityContextHolder}.

  @author chaostone @version $Id: SecurityContext.java 2217 2007-10-27 00:45:30Z $
• org.gatein.pc.api.spi.SecurityContext
  @author Julien Viet @version $Revision: 5448 $
• org.italiangrid.utils.voms.SecurityContext
• org.jboss.ballroom.client.rbac.SecurityContext
  The security context has access to the authorisation meta data and provides policies to reason over it. Each security context is associated with a specific {@link com.gwtplatform.mvp.client.proxy.PlaceRequest}. @see SecurityService @see com.gwtplatform.mvp.client.proxy.PlaceManager @author Heiko Braun @date 7/3/13
• org.jboss.dna.graph.SecurityContext
  A security context provides a pluggable means to support disparate authentication and authorization mechanisms that specify the user name and roles.

  A security context should only be associated with the execution context after authentication has occurred.

• org.jboss.errai.security.client.local.api.SecurityContext
  Caches information regarding security events and the current user (i.e. which user is logged in, and what was the last page they were rejected from). @author Max Barkley
• org.jboss.portal.portlet.spi.SecurityContext
  @author Julien Viet @version $Revision: 5448 $
• org.jboss.security.SecurityContext
  Encapsulation of Authentication, Authorization, Mapping and other security aspects at the level of a security domain @author Anil Saldhana @version $Revision$ @since Aug 24, 2006
• org.jboss.soa.esb.services.security.SecurityContext
  Security Context contains security related information.

  Note that even though a Subject object instance is serialiable, its private and public credentials are not(they are transient).

  Also not that the Principal interface is not serializable but all implemenations should be.

  When created a SecurityContext will be given a timeout argument which is the time in milliseconds after which the context is considered invalid. @author Daniel Bevenius @since 4.4

• org.jboss.test.security.interfaces.SecurityContext
  @author Scott.Stark@jboss.org @version $Revision: 81036 $
• org.jrest4guice.security.SecurityContext
• org.modeshape.jcr.security.SecurityContext
  A security context provides a pluggable means to support disparate authentication and authorization mechanisms that specify the user name and roles.

  A security context should only be associated with the execution context after authentication has occurred.

• org.mule.api.security.SecurityContext
  SecurityContext holds security information and is associated with the MuleSession. @see org.mule.api.MuleSession
• org.ow2.easybeans.security.propagation.context.SecurityContext
  Security Context that is exchanged and propagated from clients to beans.
  This is also why it is a serializable object (as it has to be exchanged).
  The security contains allow to get the current principal and the roles associated to this principal.
  RunAs mode is managed by keeping the previous security context. @author Florent Benoit
• org.springframework.security.context.SecurityContext
• org.springframework.security.core.context.SecurityContext
  Interface defining the minimum security information associated with the current thread of execution.

  The security context is stored in a {@link SecurityContextHolder}.

  @author Ben Alex
• org.structr.common.SecurityContext
  Encapsulates the current user and access path and provides methods to query permission flags for a given node. This is the place where HttpServletRequest and Authenticator get together. @author Christian Morgner
• org.switchyard.security.context.SecurityContext
  SecurityContext. @author David Ward <dward@jboss.org> © 2013 Red Hat Inc.
• org.uberfire.security.SecurityContext

Examples of org.apache.cxf.security.SecurityContext

        ServletContext servletContext =
            (ServletContext)request.getAttribute(WebServiceContainer.SERVLET_CONTEXT);
        message.put(MessageContext.SERVLET_CONTEXT, servletContext);

        if (this.passSecurityContext) {
            message.put(SecurityContext.class, new SecurityContext() {
                public Principal getUserPrincipal() {
                    return servletRequest.getUserPrincipal();
                }
                public boolean isUserInRole(String role) {
                    return servletRequest.isUserInRole(role);

Examples of org.apache.cxf.security.SecurityContext

    /**
     * Get the Issuer of the SAML Assertion
     */
    private String getIssuer(Message message) throws WSSecurityException {
        SecurityContext sc = message.get(SecurityContext.class);

        if (sc instanceof SAMLSecurityContext) {
            Element assertionElement = ((SAMLSecurityContext)sc).getAssertionElement();
            if (assertionElement != null) {
                AssertionWrapper wrapper = new AssertionWrapper(assertionElement);

Examples of org.apache.tuscany.sca.host.http.SecurityContext

        if (!servletMapping.endsWith("*")) {
            servletMapping += "*";
        }


        SecurityContext securityContext = new SecurityContext();
        boolean isConfidentialityRequired = false;
        boolean isAuthenticationRequired = false;


        // find out which policies are active
        if (binding instanceof PolicySetAttachPoint) {
            List<Intent> intents = ((PolicySetAttachPoint)binding).getRequiredIntents();
            for(Intent intent : intents) {
                if (intent.getName().equals(AUTEHTICATION_INTENT)) {
                    isAuthenticationRequired = true;
                } else if (intent.getName().equals(CONFIDENTIALITY_INTENT)) {
                    isConfidentialityRequired = true;
                }
            }

            List<PolicySet> policySets = ((PolicySetAttachPoint)binding).getApplicablePolicySets();
            for (PolicySet ps : policySets) {
                for (Object p : ps.getPolicies()) {
                    if (ConfidentialityPolicy.class.isInstance(p) && isConfidentialityRequired) {
                        //Handle enabling and configuring SSL
                        ConfidentialityPolicy confidentialityPolicy = (ConfidentialityPolicy)p;

                        securityContext.setSSLEnabled(true);
                        securityContext.setSSLProperties(confidentialityPolicy.toProperties());
                    } else if(AuthenticationConfigurationPolicy.class.isInstance(p) && isAuthenticationRequired) {
                        // Handle authentication and user configuration
                        AuthenticationConfigurationPolicy authenticationConfiguration = (AuthenticationConfigurationPolicy)p;

                        securityContext.setAuthenticationEnabled(true);
                        securityContext.getUsers().clear();
                        securityContext.getUsers().addAll(authenticationConfiguration.getUsers());
                    }
                }
            }
        }

Examples of org.beangle.security.core.context.SecurityContext

      return;
    }

    HttpSession httpSession = safeGetSession(request, forceEagerSessionCreation);
    boolean httpSessionExistedAtStartOfRequest = httpSession != null;
    SecurityContext contextBeforeChainExecution = readSecurityContextFromSession(httpSession);

    // Make the HttpSession null, as we don't want to keep a reference to it
    // lying
    // around in case chain.doFilter() invalidates it.
    httpSession = null;

    if (contextBeforeChainExecution == null) {
      contextBeforeChainExecution = generateNewContext();
      logger.debug("New SecurityContext instance will be associated with SecurityContextHolder");
    } else {
      logger.debug("Obtained a valid SecurityContext from Beangle_SECURITY_CONTEXT to "
          + "associate with SecurityContextHolder: '{}'", contextBeforeChainExecution);
    }

    int contextHashBeforeChainExecution = contextBeforeChainExecution.hashCode();
    request.setAttribute(FILTER_APPLIED, Boolean.TRUE);

    // Create a wrapper that will eagerly update the session with the
    // security context
    // if anything in the chain does a sendError() or sendRedirect().
    // See SEC-398
    OnRedirectUpdateSessionResponseWrapper responseWrapper = new OnRedirectUpdateSessionResponseWrapper(
        response, request, httpSessionExistedAtStartOfRequest, contextHashBeforeChainExecution);
    // Proceed with chain
    try {
      // This is the only place in this class where
      // SecurityContextHolder.setContext() is called
      SecurityContextHolder.setContext(contextBeforeChainExecution);

      chain.doFilter(request, responseWrapper);
    } finally {
      // This is the only place in this class where
      // SecurityContextHolder.getContext() is called
      SecurityContext contextAfterChainExecution = SecurityContextHolder.getContext();

      // Crucial removal of SecurityContextHolder contents - do this
      // before anything else.
      SecurityContextHolder.clearContext();

Examples of org.gatein.pc.api.spi.SecurityContext

      markupRequest = createMarkupRequestFrom(markupTypes, params, portlet);

      // prepare information for invocation
      final org.oasis.wsrp.v2.UserContext wsrpUserContext = getUserContext();
      checkUserContext(wsrpUserContext);
      SecurityContext securityContext = createSecurityContext(params, runtimeContext, wsrpUserContext);
      final MediaType mediaType = createMediaType(markupRequest);
      PortalContext portalContext = createPortalContext(params, markupRequest);
      UserContext userContext = createUserContext(wsrpUserContext, markupRequest.getLocale(), desiredLocales);
      String portletInstanceKey = runtimeContext.getPortletInstanceKey();
      instanceContext = createInstanceContext(portletContext, getAccessMode(), portletInstanceKey);

Examples of org.italiangrid.utils.voms.SecurityContext

     * @return the {@link CurrentAdmin} object representing the currently active
     *         administrator
     */
    public static CurrentAdmin instance() {

        SecurityContext theContext = SecurityContextImpl.getCurrentContext();

        String rfcReadableString = X500NameUtils.getReadableForm(theContext.getClientX500Principal());
        String adminDN = OpensslNameUtils.convertFromRfc2253(rfcReadableString, false);

        X509Principal papAdmin = PAPAdminFactory.getDn( adminDN );

        if ( papAdmin == null )

Examples of org.jboss.ballroom.client.rbac.SecurityContext

    }

    @Override
    public Set<String> getReadOnlyNames() {
        SecurityService securityFacilities = framework.getSecurityService();
        SecurityContext securityContext = securityFacilities.getSecurityContext();

        if(resourceAddress !=null)
        {
            return securityFacilities.getReadOnlyJavaNames(conversionType, resourceAddress, securityContext);
        }

Examples of org.jboss.dna.graph.SecurityContext

            }
        };

        repository = new JcrRepository(context, connectionFactory, "unused");

        SecurityContext mockSecurityContext = new MockSecurityContext("testuser",
                                                                      Collections.singleton(JcrSession.DNA_WRITE_PERMISSION));
        session = (JcrSession)repository.login(new SecurityContextCredentials(mockSecurityContext));
    }

Examples of org.jboss.errai.security.client.local.api.SecurityContext

  }

  @Override
  public void observeEvent(final LifecycleEvent<W> event) {
    // There is no good way to inject the context within the bootstrapper.
    final SecurityContext securityContext = SecurityContextHoldingSingleton.getSecurityContext();
    final Set<Role> roles = roleExtractor.extractAllRoles(annotation);

    if (!securityContext.isUserCacheValid() || !securityContext.hasCachedUser()
            || !securityContext.getCachedUser().getRoles().containsAll(roles)) {
      event.veto();

      if (!securityContext.hasCachedUser())
        securityContext.redirectToLoginPage(event.getInstance().getClass());
      else
        securityContext.redirectToSecurityErrorPage(event.getInstance().getClass());
    }
  }

Examples of org.jboss.portal.portlet.spi.SecurityContext

   public PortletInvocationResponse invoke(PortletInvocation invocation) throws IllegalArgumentException, PortletInvokerException
   {
      PortletContainer container = (PortletContainer)invocation.getAttribute(ContainerPortletInvoker.PORTLET_CONTAINER);
      PortletInfo containerInfo = container.getInfo();
      SecurityInfo securityInfo = containerInfo.getSecurity();
      SecurityContext securityContext = invocation.getSecurityContext();
      boolean invoke = true;
      if (!securityContext.isSecure())
      {
         if (securityInfo.containsTransportGuarantee(TransportGuarantee.CONFIDENTIAL))
         {
            invoke = false;
         }