Examples of EJBAuthenticationHelper

Examples of org.jboss.security.integration.ejb.EJBAuthenticationHelper

130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
         sc = SecurityActions.getSecurityContext();
         //TODO: Need to get the SecurityManagement instance
         sc.setSecurityManagement(new JNDIBasedSecurityManagement());
          
         //Check if there is a RunAs configured and can be trusted
         EJBAuthenticationHelper helper = new EJBAuthenticationHelper(sc);
         boolean trustedCaller = helper.isTrusted();
         if(!trustedCaller)
         {
            Subject subject = new Subject();
            //Authenticate the caller now
            if(!helper.isValid(subject, method.getName()))
               throw new EJBAccessException("Invalid User");
            helper.pushSubjectContext(subject);
         }
         else
        
            //Trusted caller. No need for authentication. Straight to authorization
         }
View Full Code Here

Examples of org.jboss.security.integration.ejb.EJBAuthenticationHelper

190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
/*     */     {
/* 288 */       throw new SecurityException("Role mapping manager has not been set");
/*     */     }
/*     */
/* 291 */     SecurityContext sc = SecurityActions.getSecurityContext();
/* 292 */     EJBAuthenticationHelper helper = new EJBAuthenticationHelper(sc);
/* 293 */     boolean isTrusted = helper.isTrusted();
/*     */
/* 295 */     if (!isTrusted)
/*     */     {
/* 298 */       Subject subject = new Subject();
/* 299 */       if (!helper.isValid(subject, m.getName()))
/*     */       {
/* 302 */         if (this.authenticationObserver != null) {
/* 303 */           this.authenticationObserver.authenticationFailed();
/*     */         }
/* 305 */         String msg = "Authentication exception, principal=" + principal;
View Full Code Here

Examples of org.jboss.security.integration.ejb.EJBAuthenticationHelper

90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
/*     */
/* 130 */       sc = SecurityActions.getSecurityContext();
/*     */
/* 132 */       sc.setSecurityManagement(new JNDIBasedSecurityManagement());
/*     */
/* 135 */       EJBAuthenticationHelper helper = new EJBAuthenticationHelper(sc);
/* 136 */       boolean trustedCaller = helper.isTrusted();
/* 137 */       if (!trustedCaller)
/*     */       {
/* 139 */         Subject subject = new Subject();
/*     */
/* 141 */         if (!helper.isValid(subject, method.getName()))
/* 142 */           throw new EJBAccessException("Invalid User");
/* 143 */         helper.pushSubjectContext(subject);
/*     */       }
/*     */
/*     */     }
/* 157 */     else if (invSC != null)
/*     */     {
View Full Code Here

Examples of org.jboss.security.javaee.EJBAuthenticationHelper

303
304
305
306
307
308
309
310
311
312
313
314
         throw new SecurityException("Role mapping manager has not been set");
      }

      SecurityContext sc = SecurityActions.getSecurityContext();

      EJBAuthenticationHelper helper = SecurityHelperFactory.getEJBAuthenticationHelper(sc);
      boolean isTrusted = containsTrustableRunAs(sc) || helper.isTrusted();

      if (!isTrusted)
      {
         // Check the security info from the method invocation
         Subject subject = new Subject();
View Full Code Here

Examples of org.jboss.security.javaee.EJBAuthenticationHelper

75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
         }
      });
      SecurityContextAssociation.setSecurityContext(sc);
      try
      {
         EJBAuthenticationHelper authenticationHelper = SecurityHelperFactory.getEJBAuthenticationHelper(sc);
         Subject subject = new Subject();
         boolean isValid = authenticationHelper.isValid(subject, "getCallerPrincipal");
         if(!isValid)
         {
            Exception cause = (Exception) sc.getData().get("org.jboss.security.exception");
            throw new RuntimeException("no valid principal", cause);
         }
         authenticationHelper.pushSubjectContext(subject);
         //RealmMapping rm = (RealmMapping) sc.getAuthenticationManager();
         RealmMapping rm = lookup("java:AuthenticationManager", RealmMapping.class);
         SecurityDomain domain = null;
         return helper.getCallerPrincipal(sc, rm, domain);
      }
View Full Code Here

Examples of org.jboss.security.javaee.EJBAuthenticationHelper

131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
               }
            });
           
             
            //Check if there is a RunAs configured and can be trusted
            EJBAuthenticationHelper helper = null;
            try
            {
               helper = SecurityHelperFactory.getEJBAuthenticationHelper(sc);
            }
            catch(Exception e)
            {
               throw new RuntimeException(e);
            }
            boolean trustedCaller = hasIncomingRunAsIdentity(sc) || helper.isTrusted();
            if(!trustedCaller)
            {
               Subject subject = new Subject();
               /**
                * Special Case: Invocation has no principal set,
                * but an unauthenticatedPrincipal has been configured in JBoss DD
                */
               Principal userPrincipal = sc.getUtil().getUserPrincipal();
               String unauthenticatedPrincipal = domain.unauthenticatedPrincipal();
               if(userPrincipal == null && unauthenticatedPrincipal !=null &&
                     unauthenticatedPrincipal.length() > 0)
               {
                  Identity unauthenticatedIdentity = new SimpleIdentity(unauthenticatedPrincipal);
                  sc.getSubjectInfo().addIdentity(unauthenticatedIdentity);
                  subject.getPrincipals().add(unauthenticatedIdentity.asPrincipal());
               }
               else
               {
                  //Authenticate the caller now
                  if(!helper.isValid(subject, method.getName()))
                     throw new EJBAccessException("Invalid User");
               }
               helper.pushSubjectContext(subject);
            }
            else
           
               //Trusted caller. No need for authentication. Straight to authorization
            }
View Full Code Here

Examples of org.jboss.security.javaee.EJBAuthenticationHelper

130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
               }
            });
           
             
            //Check if there is a RunAs configured and can be trusted
            EJBAuthenticationHelper helper = null;
            try
            {
               helper = SecurityHelperFactory.getEJBAuthenticationHelper(sc);
            }
            catch(Exception e)
            {
               throw new RuntimeException(e);
            }
            boolean trustedCaller = hasIncomingRunAsIdentity(sc) || helper.isTrusted();
            if(!trustedCaller)
            {
               Subject subject = new Subject();
               /**
                * Special Case: Invocation has no principal set,
                * but an unauthenticatedPrincipal has been configured in JBoss DD
                */
               Principal userPrincipal = sc.getUtil().getUserPrincipal();
               String unauthenticatedPrincipal = domain.unauthenticatedPrincipal();
               if(userPrincipal == null && unauthenticatedPrincipal !=null &&
                     unauthenticatedPrincipal.length() > 0)
               {
                  Identity unauthenticatedIdentity = new SimpleIdentity(unauthenticatedPrincipal);
                  sc.getSubjectInfo().addIdentity(unauthenticatedIdentity);
                  subject.getPrincipals().add(unauthenticatedIdentity.asPrincipal());
               }
               else
               {
                  //Authenticate the caller now
                  if(!helper.isValid(subject, method.getName()))
                     throw new EJBAccessException("Invalid User");
               }
               helper.pushSubjectContext(subject);
            }
            else
           
               //Trusted caller. No need for authentication. Straight to authorization
            }
View Full Code Here

Examples of org.jboss.security.javaee.EJBAuthenticationHelper

127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
            }
         });
        
          
         //Check if there is a RunAs configured and can be trusted
         EJBAuthenticationHelper helper = null;
         try
         {
            helper = SecurityHelperFactory.getEJBAuthenticationHelper(sc);
         }
         catch(Exception e)
         {
            throw new RuntimeException(e);
         }
         boolean trustedCaller = hasIncomingRunAsIdentity(sc) || helper.isTrusted();
         if(!trustedCaller)
         {
            Subject subject = new Subject();
            /**
             * Special Case: Invocation has no principal set,
             * but an unauthenticatedPrincipal has been configured in JBoss DD
             */
            String unauthenticatedPrincipal = domain.unauthenticatedPrincipal();
            if(sc.getUtil().getUserPrincipal() == null && unauthenticatedPrincipal !=null &&
                  unauthenticatedPrincipal.length() > 0)
            {
               Identity unauthenticatedIdentity = new SimpleIdentity(unauthenticatedPrincipal);
               sc.getSubjectInfo().addIdentity(unauthenticatedIdentity);
               subject.getPrincipals().add(unauthenticatedIdentity.asPrincipal());
            }
            else
            {
               //Authenticate the caller now
               if(!helper.isValid(subject, method.getName()))
                  throw new EJBAccessException("Invalid User");
            }
            helper.pushSubjectContext(subject);
         }
         else
        
            //Trusted caller. No need for authentication. Straight to authorization
         }
View Full Code Here

Examples of org.jboss.security.javaee.EJBAuthenticationHelper

117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
           
         //TODO: Need to get the SecurityManagement instance
         sc.setSecurityManagement(getSecurityManagement());
          
         //Check if there is a RunAs configured and can be trusted
         EJBAuthenticationHelper helper = null;
         try
         {
            helper = SecurityHelperFactory.getEJBAuthenticationHelper(sc);
         }
         catch(Exception e)
         {
            throw new RuntimeException(e);
         }
         boolean trustedCaller = hasIncomingRunAsIdentity(sc) || helper.isTrusted();
         if(!trustedCaller)
         {
            Subject subject = new Subject();
            //Authenticate the caller now
            if(!helper.isValid(subject, method.getName()))
               throw new EJBAccessException("Invalid User");
            helper.pushSubjectContext(subject);
         }
         else
        
            //Trusted caller. No need for authentication. Straight to authorization
         }
View Full Code Here

Examples of org.jboss.security.javaee.EJBAuthenticationHelper

302
303
304
305
306
307
308
309
310
311
312
313
         throw new SecurityException("Role mapping manager has not been set");
      }

      SecurityContext sc = SecurityActions.getSecurityContext();

      EJBAuthenticationHelper helper = SecurityHelperFactory.getEJBAuthenticationHelper(sc);
      boolean isTrusted = containsTrustableRunAs(sc) || helper.isTrusted();

      if (!isTrusted)
      {
         // Check the security info from the method invocation
         Subject subject = new Subject();
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.