Examples of AbstractWebAuthorizationHelper

Examples of org.jboss.security.javaee.AbstractWebAuthorizationHelper

505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
         Map<String, Object> contextMap = new HashMap<String, Object>();
         contextMap.put(ResourceKeys.RESOURCE_PERM_CHECK, Boolean.TRUE);
         contextMap.put(ResourceKeys.POLICY_REGISTRATION, policyRegistration);
         contextMap.put("securityConstraints", securityConstraints);

         AbstractWebAuthorizationHelper helper = null;
         try
         {
            helper = SecurityHelperFactory.getWebAuthorizationHelper(sc);
         }
         catch (Exception e)
         {
            log.error("Exception in obtaining helper", e);
            return false;
         }

         helper.setPolicyRegistration(policyRegistration);
         helper.setEnableAudit(this.enableAudit);

         //WebAuthorizationHelper helper = new WebAuthorizationHelper(sc, this.enableAudit);
         ok = helper.checkResourcePermission(contextMap, request, response, caller, PolicyContext.getContextID(),
               requestURI(request));
      }
      boolean finalDecision = baseDecision && ok;
      if (trace)
         log.trace("hasResourcePerm:RealmBase says:" + baseDecision + "::Authz framework says:" + ok + ":final=" + finalDecision);
View Full Code Here

Examples of org.jboss.security.javaee.AbstractWebAuthorizationHelper

594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
      if (baseDecision && !ignoreJBossAuthorization)
      {
         SecurityContext sc = SecurityAssociationActions.getSecurityContext();

         AbstractWebAuthorizationHelper helper = null;
         try
         {
            helper = SecurityHelperFactory.getWebAuthorizationHelper(sc);
         }
         catch (Exception e)
         {
            log.error("Error obtaining helper", e);
         }
         helper.setPolicyRegistration(getPolicyRegistration());
         helper.setEnableAudit(enableAudit);
         Subject callerSubject = SecurityAssociationActions.getSubject();
         if (callerSubject == null)
         {
            //During hasResourcePermission check, catalina calls hasRole. But we have not established
            // a subject yet in the security context. So we will get the subject from the cached principal
View Full Code Here

Examples of org.jboss.security.javaee.AbstractWebAuthorizationHelper

646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
         Map<String, Object> map = new HashMap<String, Object>();
         map.put("securityConstraints", constraints);
         map.put(ResourceKeys.USERDATA_PERM_CHECK, Boolean.TRUE);

         SecurityContext sc = SecurityAssociationActions.getSecurityContext();
         AbstractWebAuthorizationHelper helper = null;
         try
         {
            helper = SecurityHelperFactory.getWebAuthorizationHelper(sc);
         }
         catch (Exception e)
         {
            log.error("Error obtaining helper", e);
         }
         helper.setPolicyRegistration(getPolicyRegistration());
         helper.setEnableAudit(enableAudit);
         Subject callerSubject = SecurityAssociationActions.getSubject();
         //JBAS-6419:CallerSubject has no bearing on the user data permission check
         if(callerSubject == null)
            callerSubject = new Subject();

         ok = helper.hasUserDataPermission(map, request, response, PolicyContext.getContextID(),
               callerSubject);
      }

      return ok;
   }
View Full Code Here

Examples of org.jboss.security.javaee.AbstractWebAuthorizationHelper

498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
                caller = getSubjectFromRequestPrincipal(request.getPrincipal());
            Map<String, Object> contextMap = new HashMap<String, Object>();
            contextMap.put(ResourceKeys.RESOURCE_PERM_CHECK, Boolean.TRUE);
            contextMap.put("securityConstraints", constraints);

            AbstractWebAuthorizationHelper helper = null;
            try {
                helper = SecurityHelperFactory.getWebAuthorizationHelper(sc);
            } catch (Exception e) {
                WebLogger.WEB_SECURITY_LOGGER.noAuthorizationHelper(e);
                return false;
            }

            authzDecision = helper.checkResourcePermission(contextMap, request, response, caller, PolicyContext.getContextID(),
                    requestURI(request), getPrincipalRoles(request));
        }
        boolean finalDecision = baseDecision && authzDecision;
        WebLogger.WEB_SECURITY_LOGGER.tracef("hasResourcePermission:RealmBase says:" + baseDecision + "::Authz framework says:" + authzDecision
                + ":final=" + finalDecision);
View Full Code Here

Examples of org.jboss.security.javaee.AbstractWebAuthorizationHelper

558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
                    }
                }
            }

            SecurityContext sc = SecurityActions.getSecurityContext();
            AbstractWebAuthorizationHelper helper = null;
            try {
                helper = SecurityHelperFactory.getWebAuthorizationHelper(sc);
            } catch (Exception e) {
                WebLogger.WEB_SECURITY_LOGGER.noAuthorizationHelper(e);
            }
            Subject callerSubject = sc.getUtil().getSubject();
            if (callerSubject == null) {
                // During hasResourcePermission check, Catalina calls hasRole. But we have not established
                // a subject yet in the security context. So we will get the subject from the cached principal
                callerSubject = getSubjectFromRequestPrincipal(principal);
            }

            authzDecision = helper.hasRole(roleName, principal, servletName, getPrincipalRoles(principal),
                    PolicyContext.getContextID(), callerSubject, getPrincipalRoles(request));
        }
        boolean finalDecision = baseDecision && authzDecision;
        WebLogger.WEB_SECURITY_LOGGER.tracef("hasRole:RealmBase says:" + baseDecision + "::Authz framework says:" + authzDecision + ":final="
                + finalDecision);
View Full Code Here

Examples of org.jboss.security.javaee.AbstractWebAuthorizationHelper

605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
            Map<String, Object> map = new HashMap<String, Object>();
            map.put("securityConstraints", constraints);
            map.put(ResourceKeys.USERDATA_PERM_CHECK, Boolean.TRUE);

            SecurityContext sc = SecurityActions.getSecurityContext();
            AbstractWebAuthorizationHelper helper = null;
            try {
                helper = SecurityHelperFactory.getWebAuthorizationHelper(sc);
            } catch (Exception e) {
                WebLogger.WEB_SECURITY_LOGGER.noAuthorizationHelper(e);
            }

            Subject callerSubject = sc.getUtil().getSubject();
            // JBAS-6419:CallerSubject has no bearing on the user data permission check
            if (callerSubject == null)
                callerSubject = new Subject();

            ok = helper.hasUserDataPermission(map, request, response, PolicyContext.getContextID(), callerSubject,
                    getPrincipalRoles(request));
        }

        return ok;
    }
View Full Code Here

Examples of org.jboss.security.javaee.AbstractWebAuthorizationHelper

487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
         Map<String, Object> contextMap = new HashMap<String, Object>();
         contextMap.put(ResourceKeys.RESOURCE_PERM_CHECK, Boolean.TRUE);
         contextMap.put(ResourceKeys.POLICY_REGISTRATION, policyRegistration);
         contextMap.put("securityConstraints", securityConstraints);

         AbstractWebAuthorizationHelper helper = null;
         try
         {
            helper = SecurityHelperFactory.getWebAuthorizationHelper(sc);
         }
         catch (Exception e)
         {
            log.error("Exception in obtaining helper", e);
            return false;
         }

         helper.setPolicyRegistration(policyRegistration);
         helper.setEnableAudit(this.enableAudit);

         //WebAuthorizationHelper helper = new WebAuthorizationHelper(sc, this.enableAudit);
         ok = helper.checkResourcePermission(contextMap, request, response, caller, PolicyContext.getContextID(),
               requestURI(request));
      }
      if (trace)
         log.trace("hasResourcePerm:RealmBase says:" + baseDecision + "::Authz framework says:" + ok + ":final=" + ok);
      if (ok == false)
View Full Code Here

Examples of org.jboss.security.javaee.AbstractWebAuthorizationHelper

572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
      if (baseDecision)
      {
         SecurityContext sc = SecurityAssociationActions.getSecurityContext();

         AbstractWebAuthorizationHelper helper = null;
         try
         {
            helper = SecurityHelperFactory.getWebAuthorizationHelper(sc);
         }
         catch (Exception e)
         {
            log.error("Error obtaining helper", e);
         }
         helper.setPolicyRegistration(getPolicyRegistration());
         helper.setEnableAudit(enableAudit);
         Subject callerSubject = SecurityAssociationActions.getSubject();
         if (callerSubject == null)
         {
            //During hasResourcePermission check, catalina calls hasRole. But we have not established
            // a subject yet in the security context. So we will get the subject from the cached principal
View Full Code Here

Examples of org.jboss.security.javaee.AbstractWebAuthorizationHelper

621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
         Map<String, Object> map = new HashMap<String, Object>();
         map.put("securityConstraints", constraints);
         map.put(ResourceKeys.USERDATA_PERM_CHECK, Boolean.TRUE);

         SecurityContext sc = SecurityAssociationActions.getSecurityContext();
         AbstractWebAuthorizationHelper helper = null;
         try
         {
            helper = SecurityHelperFactory.getWebAuthorizationHelper(sc);
         }
         catch (Exception e)
         {
            log.error("Error obtaining helper", e);
         }
         helper.setPolicyRegistration(getPolicyRegistration());
         helper.setEnableAudit(enableAudit);
         Subject callerSubject = SecurityAssociationActions.getSubject();
         //JBAS-6419:CallerSubject has no bearing on the user data permission check
         if(callerSubject == null)
            callerSubject = new Subject();

         ok = helper.hasUserDataPermission(map, request, response, PolicyContext.getContextID(),
               callerSubject);
      }

      return ok;
   }
View Full Code Here

Examples of org.jboss.security.javaee.AbstractWebAuthorizationHelper

497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
                caller = getSubjectFromRequestPrincipal(request.getPrincipal());
            Map<String, Object> contextMap = new HashMap<String, Object>();
            contextMap.put(ResourceKeys.RESOURCE_PERM_CHECK, Boolean.TRUE);
            contextMap.put("securityConstraints", constraints);

            AbstractWebAuthorizationHelper helper = null;
            try {
                helper = SecurityHelperFactory.getWebAuthorizationHelper(sc);
            } catch (Exception e) {
                log.errorf("Exception in obtaining helper", e);
                return false;
            }

            authzDecision = helper.checkResourcePermission(contextMap, request, response, caller, PolicyContext.getContextID(),
                    requestURI(request), getPrincipalRoles(request));
        }
        boolean finalDecision = baseDecision && authzDecision;
        log.tracef("hasResourcePermission:RealmBase says:" + baseDecision + "::Authz framework says:" + authzDecision
                + ":final=" + finalDecision);
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.