Examples of io.undertow.security.idm.Account

io.undertow.security.idm.Account
Representation of an account, most likely a user account. @author Darran Lofthouse


    @Override
    public Principal getUserPrincipal() {
        SecurityContext securityContext = exchange.getAttachment(SecurityContext.ATTACHMENT_KEY);
        Principal result = null;
        Account account = null;
        if (securityContext != null && (account = securityContext.getAuthenticatedAccount()) != null) {
            result = account.getPrincipal();
        }
        return result;
    }

View Full Code Here

        } else if (roles == null || roles.isEmpty()) {
            next.handleRequest(exchange);
        } else {
            for (final Set<String> roleSet : roles) {
                boolean found = false;
                Account account = sc.getAuthenticatedAccount();
                for (String role : roleSet) {
                    if (account.isUserInRole(role)) {
                        found = true;
                        break;
                    }
                }
                if (!found) {

View Full Code Here

    public void handleNotification(SecurityNotification notification) {
        EventType event = notification.getEventType();
        if (event == EventType.AUTHENTICATED || event == EventType.FAILED_AUTHENTICATION) {
            AuditEvent auditEvent = new AuditEvent(event == EventType.AUTHENTICATED ? AuditLevel.SUCCESS : AuditLevel.FAILURE);
            Map<String, Object> ctxMap = new HashMap<String, Object>();
            Account account = notification.getAccount();
            if (account != null) {
                ctxMap.put("principal", account.getPrincipal().getName());
            }
            ctxMap.put("message", notification.getMessage());
            /*
             * HttpServletRequest hsr = getServletRequest(); if (hsr != null) { ctxMap.put("request",
             * WebUtil.deriveUsefulInfo(hsr)); }

View Full Code Here

        final String applicationIdentifier = buildApplicationIdentifier(requestContext);
        final JASPICallbackHandler cbh = new JASPICallbackHandler();


        UndertowLogger.ROOT_LOGGER.debugf("validateRequest for layer [%s] and applicationContextIdentifier [%s]", JASPI_HTTP_SERVLET_LAYER, applicationIdentifier);


        Account cachedAccount = null;
        final JASPICSecurityContext jaspicSecurityContext = (JASPICSecurityContext) exchange.getSecurityContext();
        final AuthenticatedSessionManager sessionManager = exchange.getAttachment(AuthenticatedSessionManager.ATTACHMENT_KEY);


        if (sessionManager != null) {
            AuthenticatedSessionManager.AuthenticatedSession authSession = sessionManager.lookupSession(exchange);
            cachedAccount = authSession.getAccount();
            // if there is a cached account we set it in the security context so that the principal is available to
            // SAM modules via request.getUserPrincipal().
            if (cachedAccount !=  null) {
                jaspicSecurityContext.setCachedAuthenticatedAccount(cachedAccount);
            }
        }


        AuthenticationMechanismOutcome outcome = AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
        Account authenticatedAccount = null;


        boolean isValid = sam.isValid(messageInfo, new Subject(), JASPI_HTTP_SERVLET_LAYER, applicationIdentifier, cbh);
        jaspicSecurityContext.setCachedAuthenticatedAccount(null);


        if (isValid) {

View Full Code Here

     *
     * @return the authenticated account (or cached account when it is null).
     */
    @Override
    public Account getAuthenticatedAccount() {
        Account account = super.getAuthenticatedAccount();
        if (account == null)
            account = this.cachedAuthenticatedAccount;
        return account;
    }

View Full Code Here

    @Test
    public void createSingleSignOn() {
        String id = "sso";
        Batcher<Batch> batcher = mock(Batcher.class);
        Batch batch = mock(Batch.class);
        Account account = mock(Account.class);
        String mechanism = HttpServletRequest.BASIC_AUTH;
        SSO<AuthenticatedSession, String, Void> sso = mock(SSO.class);
        ArgumentCaptor<AuthenticatedSession> authenticationCaptor = ArgumentCaptor.forClass(AuthenticatedSession.class);


        when(this.manager.createIdentifier()).thenReturn(id);

View Full Code Here

    @Override
    public Object getAttribute(String name) {
        Session<LocalSessionContext> session = this.entry.getKey();
        try (BatchContext context = this.manager.getSessionManager().getBatcher().resumeBatch(this.batch)) {
            if (AUTHENTICATED_SESSION_ATTRIBUTE_NAME.equals(name)) {
                Account account = (Account) session.getAttributes().getAttribute(name);
                return (account != null) ? new AuthenticatedSession(account, HttpServletRequest.FORM_AUTH) : session.getLocalContext().getAuthenticatedSession();
            }
            return session.getAttributes().getAttribute(name);
        }
    }

View Full Code Here

        try (BatchContext context = this.manager.getSessionManager().getBatcher().resumeBatch(this.batch)) {
            if (AUTHENTICATED_SESSION_ATTRIBUTE_NAME.equals(name)) {
                AuthenticatedSession authSession = (AuthenticatedSession) value;
                // If using FORM authentication, we store the corresponding Account in a session attribute
                if (authSession.getMechanism().equals(HttpServletRequest.FORM_AUTH)) {
                    Account account = (Account) session.getAttributes().setAttribute(name, authSession.getAccount());
                    return (account != null) ? new AuthenticatedSession(account, HttpServletRequest.FORM_AUTH) : null;
                }
                // Otherwise we store the whole AuthenticatedSession in the local context
                LocalSessionContext localContext = session.getLocalContext();
                AuthenticatedSession old = localContext.getAuthenticatedSession();

View Full Code Here

    @Override
    public Object removeAttribute(String name) {
        Session<LocalSessionContext> session = this.entry.getKey();
        try (BatchContext context = this.manager.getSessionManager().getBatcher().resumeBatch(this.batch)) {
            if (AUTHENTICATED_SESSION_ATTRIBUTE_NAME.equals(name)) {
                Account account = (Account) session.getAttributes().removeAttribute(name);
                if (account != null) {
                    return new AuthenticatedSession(account, HttpServletRequest.FORM_AUTH);
                }
                LocalSessionContext localContext = session.getLocalContext();
                AuthenticatedSession old = localContext.getAuthenticatedSession();

View Full Code Here

        verifyZeroInteractions(this.batch);
    }


    @Test
    public void getAccount() {
        Account account = mock(Account.class);
        String mechanism = HttpServletRequest.BASIC_AUTH;
        AuthenticatedSession authentication = new AuthenticatedSession(account, mechanism);


        when(this.sso.getAuthentication()).thenReturn(authentication);


        Account result = this.subject.getAccount();


        assertSame(account, result);


        verifyZeroInteractions(this.batch);
    }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of io.undertow.security.idm.Account

io.undertow.examples.security.basic.MapIdentityManager

io.undertow.security.impl.BasicAuthenticationMechanism

io.undertow.security.impl.CachedAuthenticatedSessionMechanism

io.undertow.security.impl.ClientCertAuthenticationMechanism

io.undertow.security.impl.DigestAuthenticationMechanism

io.undertow.security.impl.ExternalAuthenticationMechanism

io.undertow.security.impl.FormAuthenticationMechanism

io.undertow.security.impl.GSSAPIAuthenticationMechanism

io.undertow.security.impl.GSSAPIAuthenticationMechanism$AcceptSecurityContext

io.undertow.security.impl.SecurityContextImpl

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.