Examples of SecurityContext

• br.gov.frameworkdemoiselle.security.SecurityContext
  Structure used to handle both authentication and authorizations mechanisms. @author SERPRO
• com.force.sdk.oauth.context.SecurityContext
  Interface representing the standard fields stored when a user is authenticated. After authentication the security context is stored and made available to the thread processing the user's request. @author John Simone
• com.hazelcast.security.SecurityContext
  SecurityContext is responsible for managing lifecycle of security object such as {@link ICredentialsFactory}, {@link IPermissionPolicy} etc, to creating {@link LoginContext}es for member and client authentications and checking permissions for client operations.
• com.sas.svcs.authentication.client.SecurityContext
• com.sun.enterprise.common.iiop.security.SecurityContext
  A subject is used a container for passing the security context information in the service context field. The security context information in the subject must be stored either as a private or a public credential according to the following convention: PasswordCredential: Client authentication will be performed using the username and password in the PasswordCredential. PasswordCredential must be passed as a PrivateCredential. X500Name: DN name specified in X500Name will be asserted. X500Name must be passed as a PublicCredential. GSSUPName: Identity specified in GSSUPName will be asserted. GSSUPName must be passed as a PublicCredential. X509CertificateCredential: The certificate chain in the credential will be asserted. The credential must be passed as a PublicCredential. AnonCredential: Anonymous identity will be asserted. Credential must be passed as a PublicCredential. Class fields in the SecurityContext are used for credential selection. There are two class fields: authcls and identcls. authcls is a Class object that identifies the credential for client authentication. identcls is a Class object that identifies the credential for identity assertion. The following semantics must be observed: 1. A client authentication token is always passed as a private credential. authcls set to the class of the authentication token 2. An identity token is always passed as a public credential. identcls is set to the class of the identity token. 3. authcls is set to null if there is no client auth token 4. identcls is set to null if there is no ident token 5. There must not be more than one instance of class identified by authcls or identcls. However, there can be one instance of identcls *and* authcls (this allows both a client auth token and an identity token to be passed across the interface).
• com.sun.enterprise.security.SecurityContext
  This class that extends AbstractSecurityContext that gets stored in Thread Local Storage. If the current thread creates child threads, the SecurityContext stored in the current thread is automatically propogated to the child threads. This class is used on the server side to represent the security context. Thread Local Storage is a concept introduced in JDK1.2. @see java.lang.ThreadLocal @see java.lang.InheritableThreadLocal @author Harish Prabandham @author Harpreet Singh
• com.tll.server.SecurityContext
  SecurityContext - {@link SecurityContext} impl. @author jpk
• inspiredbyte.examples.rules.annotations.SecurityContext
• io.undertow.security.api.SecurityContext
  The security context. This context is attached to the exchange and holds all security related information. @author Stuart Douglas @author Darran Lofthouse @see io.undertow.security.impl.SecurityContextImpl
• javax.ws.rs.core.SecurityContext
  An injectable interface that provides access to security related information. @see Context
• javolution.context.SecurityContext
  class defines custom policy with regards to database access. public abstract class DatabaseAccess extends SecurityContext { public static boolean isReadAllowed(Table table) { SecurityContext policy = SecurityContext.current(); return (policy instanceof DatabaseAccess.Permission) ? ((DatabaseAccess.Permission)policy).isReadable(table) : false; } public interface Permission { boolean isReadable(Table table); boolean isWritable(Table table); } }[/code]

  The use of interfaces (such as Permission above) makes it easy for custom policies to support any security actions. For example:[code] class Policy extends SecurityContext implements DatabaseAccess.Permission, FileAccess.Permission { public boolean isReadable(Table table) { return !table.isPrivate(); } public boolean isWritable(Table table) { return Session.getSession().getUser().isAdministrator(); } public boolean isReadable(File file) { return true; } public boolean isWritable(File file) { return false; } } ... Policy localPolicy = new Policy(); SecurityContext.enter(localPolicy); // Current thread overrides default policy (configurable) try { // (if allowed, ref. SecurityContext.isReplaceable()) ... DatabaseAccess.isReadAllowed(table); ... FileAccess.isWriteAllowed(file); ... } finally { SecurityContext.exit(); }[/code]

  The default permissions managed by the {@link #DEFAULT} implementationare the permission to {@link #isReplaceable replace} the current securitycontext by default) and the permission to {@link #isConfigurable configure}the application.

  @author Jean-Marie Dautelle @version 5.2, August 5, 2007
• juzu.request.SecurityContext
  @author Julien Viet
• net.jini.security.SecurityContext
  shot context SecurityContext ctx = Security.getContext(); // restore context AccessController.doPrivileged( ctx.wrap(action), ctx.getAccessControlContext()); @author Sun Microsystems, Inc. @since 2.0
• oracle.adf.share.security.SecurityContext
• org.acegisecurity.context.SecurityContext
  Interface defining the minimum security information associated with the current thread of execution.

  The security context is stored in a {@link SecurityContextHolder}.

  @author Ben Alex @version $Id: SecurityContext.java 1784 2007-02-24 21:00:24Z luke_t $
• org.apache.activemq.security.SecurityContext
  Used to cache up authorizations so that subsequent requests are faster. @version $Revision$
• org.apache.airavata.gfac.SecurityContext
• org.apache.airavata.gfac.context.security.SecurityContext
• org.apache.cxf.security.SecurityContext
  Provides basic security information about the current message exchange
• org.apache.tuscany.sca.host.http.SecurityContext
  A class to store policy context to enable Security QoS to HTTP binding
• org.beangle.security.core.context.SecurityContext
  Interface defining the minimum security information associated with the current thread of execution.

  The security context is stored in a {@link SecurityContextHolder}.

  @author chaostone @version $Id: SecurityContext.java 2217 2007-10-27 00:45:30Z $
• org.gatein.pc.api.spi.SecurityContext
  @author Julien Viet @version $Revision: 5448 $
• org.italiangrid.utils.voms.SecurityContext
• org.jboss.ballroom.client.rbac.SecurityContext
  The security context has access to the authorisation meta data and provides policies to reason over it. Each security context is associated with a specific {@link com.gwtplatform.mvp.client.proxy.PlaceRequest}. @see SecurityService @see com.gwtplatform.mvp.client.proxy.PlaceManager @author Heiko Braun @date 7/3/13
• org.jboss.dna.graph.SecurityContext
  A security context provides a pluggable means to support disparate authentication and authorization mechanisms that specify the user name and roles.

  A security context should only be associated with the execution context after authentication has occurred.

• org.jboss.errai.security.client.local.api.SecurityContext
  Caches information regarding security events and the current user (i.e. which user is logged in, and what was the last page they were rejected from). @author Max Barkley
• org.jboss.portal.portlet.spi.SecurityContext
  @author Julien Viet @version $Revision: 5448 $
• org.jboss.security.SecurityContext
  Encapsulation of Authentication, Authorization, Mapping and other security aspects at the level of a security domain @author Anil Saldhana @version $Revision$ @since Aug 24, 2006
• org.jboss.soa.esb.services.security.SecurityContext
  Security Context contains security related information.

  Note that even though a Subject object instance is serialiable, its private and public credentials are not(they are transient).

  Also not that the Principal interface is not serializable but all implemenations should be.

  When created a SecurityContext will be given a timeout argument which is the time in milliseconds after which the context is considered invalid. @author Daniel Bevenius @since 4.4

• org.jboss.test.security.interfaces.SecurityContext
  @author Scott.Stark@jboss.org @version $Revision: 81036 $
• org.jrest4guice.security.SecurityContext
• org.modeshape.jcr.security.SecurityContext
  A security context provides a pluggable means to support disparate authentication and authorization mechanisms that specify the user name and roles.

  A security context should only be associated with the execution context after authentication has occurred.

• org.mule.api.security.SecurityContext
  SecurityContext holds security information and is associated with the MuleSession. @see org.mule.api.MuleSession
• org.ow2.easybeans.security.propagation.context.SecurityContext
  Security Context that is exchanged and propagated from clients to beans.
  This is also why it is a serializable object (as it has to be exchanged).
  The security contains allow to get the current principal and the roles associated to this principal.
  RunAs mode is managed by keeping the previous security context. @author Florent Benoit
• org.springframework.security.context.SecurityContext
• org.springframework.security.core.context.SecurityContext
  Interface defining the minimum security information associated with the current thread of execution.

  The security context is stored in a {@link SecurityContextHolder}.

  @author Ben Alex
• org.structr.common.SecurityContext
  Encapsulates the current user and access path and provides methods to query permission flags for a given node. This is the place where HttpServletRequest and Authenticator get together. @author Christian Morgner
• org.switchyard.security.context.SecurityContext
  SecurityContext. @author David Ward <dward@jboss.org> © 2013 Red Hat Inc.
• org.uberfire.security.SecurityContext

Examples of org.jboss.security.SecurityContext

   private void establishSecurityContext(Invocation mi) throws Exception
   {
      //For Local EJB invocations, the security context needs
      //to be obtained from the thread local. For remote ejb
      //invocations, the SC is obtained in the invocation
      SecurityContext sc = mi.getSecurityContext();
      SecurityContext newSC = SecurityActions.createAndSetSecurityContext(securityDomain,
            container.getSecurityContextClassName());

      if(sc != null)
      {
         //Get the run-as, principal, cred etc from the invocation and set it on the context

Examples of org.jboss.security.SecurityContext

   {
      return AccessController.doPrivileged(new PrivilegedExceptionAction<SecurityContext>()
      {
         public SecurityContext run() throws Exception
         {
            SecurityContext sc =  SecurityContextFactory.createSecurityContext(domain, fqnClassName);
            setSecurityContext(sc);
            return sc;
         }}
      );
   }

Examples of org.jboss.security.SecurityContext

   static void pushCallerRunAsIdentity(final RunAs ra)
   {
      AccessController.doPrivileged(new PrivilegedAction<Object>(){
         public Object run()
         {
            SecurityContext sc = SecurityContextAssociation.getSecurityContext();
            if(sc == null)
               throw new IllegalStateException("Security Context is null");
            sc.setIncomingRunAs(ra);
            return null;
         }
      });
   }

Examples of org.jboss.security.SecurityContext

   static void popCallerRunAsIdentity()
   {
      AccessController.doPrivileged(new PrivilegedAction<Object>(){
         public Object run()
         {
            SecurityContext sc = SecurityContextAssociation.getSecurityContext();
            if(sc == null)
               throw new IllegalStateException("Security Context is null");
            sc.setIncomingRunAs(null);
            return null;
         }
      });
   }

Examples of org.jboss.security.SecurityContext

      return new InvocationResponse(names[0]);
   }

   private void establishSecurityContext(InvocationRequest invocation) throws Exception
   {
      SecurityContext newSC = SecurityActions.createAndSetSecurityContext(securityDomain);

      // Set the SecurityManagement on the context
      SecurityActions.setSecurityManagement(newSC, securityManagement);
      log.trace("establishSecurityIdentity:SecCtx="+SecurityActions.trace(newSC));
   }

Examples of org.jboss.security.SecurityContext

   {
      return AccessController.doPrivileged(new PrivilegedExceptionAction<SecurityContext>()
      {
         public SecurityContext run() throws Exception
         {
            SecurityContext sc =  SecurityContextFactory.createSecurityContext(domain);
            setSecurityContext(sc);
            return sc;
         }}
      );
   }

Examples of org.jboss.security.SecurityContext

    * retrieves the instance from an object table, and invokes the method
    * on the particular instance
    */
   public Object internalInvoke(Invocation mi) throws Exception
   {
      SecurityContext cachedContext = null;
      try
      {
         cachedContext = SecurityActions.getSecurityContext();
         //For message driven beans, there is no security context
         SecurityActions.setSecurityContext(null);

Examples of org.jboss.security.SecurityContext

         if (newCL != null && newCL != oldCL)
            SecurityActions.setContextClassLoader(newCL);

         //JBAS-6449: Cache the incoming security context to be retained on exit
         SecurityContext previousSecurityContext = SecurityActions.getSecurityContext();

         try
         {
            // Set the method hash to Method mapping
            if (invocation instanceof MarshalledInvocation)
            {
               MarshalledInvocation mi = (MarshalledInvocation) invocation;
               mi.setMethodMap(marshalledInvocationMapping);
            }
            // Invoke the MBeanServer method via reflection
            Method method = invocation.getMethod();
            Object[] args = invocation.getArguments();
            Principal principal = invocation.getPrincipal();
            Object credential = invocation.getCredential();
            Object value = null;
            SecurityContext sc = SecurityActions.createSecurityContext(SecurityConstants.DEFAULT_APPLICATION_POLICY);
            SecurityActions.setSecurityContext(sc);
            // Associate the method
            SecurityActions.pushSubjectContext(principal, credential, null);

            try

Examples of org.jboss.security.SecurityContext

    * @return
    * @throws Throwable
    */
   public Object invoke(Invocation invocation) throws Throwable
   {
    SecurityContext previousSC = null;
      String type = invocation.getType();
      Subject subject = null;
      if (!initialized)
         initialize();
      if (type == Invocation.OP_INVOKE && securityMgr != null)
      {
         String opName = invocation.getName();
         if (opName.equals("invoke"))
         {
            Object[] args = invocation.getArgs();
            org.jboss.invocation.Invocation inv = (org.jboss.invocation.Invocation) args[0];
            // Authenticate the caller based on the security association
            Principal caller = inv.getPrincipal();
            Object credential = inv.getCredential();
            subject = new Subject();
            boolean isValid = securityMgr.isValid(caller, credential, subject);
            if (isValid == false)
            {
               String msg = "Failed to authenticate principal=" + caller + ", securityDomain="
                     + securityMgr.getSecurityDomain();
               throw new SecurityException(msg);

            }
            String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
            if (securityMgr != null)
               securityDomain = securityMgr.getSecurityDomain();
            // store current security context
            previousSC = SecurityActions.getSecurityContext();
            SecurityContext sc = SecurityActions.createSecurityContext(securityDomain);
            SecurityActions.setSecurityContext(sc);
            // Push the caller security context
            SecurityActions.pushSubjectContext(caller, credential, subject);
         }
      }

Examples of org.jboss.security.SecurityContext

   @Override
   public void invoke(Request request, Response response)
   throws IOException, ServletException
   {
      SecurityContext cachedContext = null;

      boolean createdSecurityContext = false;
      //Set the security context if one is unavailable
      SecurityContext sc = SecurityAssociationActions.getSecurityContext();
      if(sc != null &&
            sc.getSecurityDomain().equals(configuredSecurityDomainName) == false)
      {
         cachedContext = sc;
         SecurityContext newSC = createSecurityContext();
         SecurityAssociationActions.setSecurityContext(newSC);
         createdSecurityContext = true;
      }

      if(sc == null)