Examples of org.jboss.security.identity.RoleGroup

org.jboss.security.identity.RoleGroup
Represents a group of roles @author Anil.Saldhana@redhat.com @since Nov 16, 2007 @version $Revision$

        final SecurityContext securityContext = doPrivileged(securityContext());
        if (securityContext == null) {
            return false;
        }


        RoleGroup roleGroup = null;


        RunAs runAs = securityContext.getIncomingRunAs();
        if (runAs != null && runAs instanceof RunAsIdentity) {
            RunAsIdentity runAsIdentity = (RunAsIdentity) runAs;
            roleGroup = runAsIdentity.getRunAsRolesAsRoleGroup();
        } else {
            AuthorizationManager am = securityContext.getAuthorizationManager();
            SecurityContextCallbackHandler scb = new SecurityContextCallbackHandler(securityContext);


            roleGroup = am.getSubjectRoles(securityContext.getSubjectInfo().getAuthenticatedSubject(), scb);
        }


        List<Role> roles = roleGroup.getRoles();


        // TODO - Review most performant way.
        Set<String> requiredRoles = new HashSet<String>();
        for (String current : roleNames) {
            requiredRoles.add(current);

View Full Code Here

                    MappingContext<RoleGroup> mc = mappingManager.getMappingContext(MappingType.ROLE.name());
                    if (mc != null && mc.hasModules()) {
                        SecurityRolesAssociation.setSecurityRoles(principalVersusRolesMap);
                    }
                }
                RoleGroup roles = authorizationManager.getSubjectRoles(subject, scb);
                List<Role> rolesAsList = roles.getRoles();
                List<String> rolesAsStringList = new ArrayList<String>();
                for (Role role : rolesAsList) {
                    rolesAsStringList.add(role.getRoleName());
                }
                if (mappingManager != null) {

View Full Code Here

                    MappingContext<RoleGroup> mc = mappingManager.getMappingContext(MappingType.ROLE.name());
                    if (mc != null && mc.hasModules()) {
                        SecurityRolesAssociation.setSecurityRoles(principalVersusRolesMap);
                    }
                }
                RoleGroup roles = authorizationManager.getSubjectRoles(subject, scb);
                List<Role> rolesAsList = roles.getRoles();
                List<String> rolesAsStringList = new ArrayList<String>();
                for (Role role : rolesAsList) {
                    rolesAsStringList.add(role.getRoleName());
                }
                if (mappingManager != null) {

View Full Code Here

                    MappingContext<RoleGroup> mc = mappingManager.getMappingContext(MappingType.ROLE.name());
                    if (mc != null && mc.hasModules()) {
                        SecurityRolesAssociation.setSecurityRoles(principalVersusRolesMap);
                    }
                }
                RoleGroup roles = authorizationManager.getSubjectRoles(subject, scb);
                List<Role> rolesAsList = roles.getRoles();
                List<String> rolesAsStringList = new ArrayList<String>();
                for (Role role : rolesAsList) {
                    rolesAsStringList.add(role.getRoleName());
                }
                if (mappingManager != null) {

View Full Code Here


      public int authorize(Resource resource, Subject subject, RoleGroup role) throws AuthorizationException
      {
         log.debug("authorize " + resource + " " + subject + " " + role);
         EJBResource ejbResource = (EJBResource) resource;
         RoleGroup methodRoles = ejbResource.getEjbMethodRoles();
         if(methodRoles == null)
            return AuthorizationContext.PERMIT;
         if(methodRoles.containsRole(SimpleRole.ANYBODY_ROLE))
            return AuthorizationContext.PERMIT;
         for(Principal p : subject.getPrincipals())
         {
            // TODO: not really true, but for the moment lets assume that the principal is also the role
            Role myRole = new SimpleRole(p.getName());
            if(methodRoles.containsRole(myRole))
               return AuthorizationContext.PERMIT;
         }
         return AuthorizationContext.DENY;
      }

View Full Code Here

    @see Subject#getPrincipals()
    */
   public boolean doesUserHaveRole(Principal principal, Set<Principal> rolePrincipals)
   {
      boolean hasRole = false;
      RoleGroup roles = this.getCurrentRoles(principal);
      if( trace )
         log.trace("doesUserHaveRole(Set), roles: "+roles);
      if(roles != null)
      {
         Iterator<Principal> iter = rolePrincipals.iterator();

View Full Code Here

    @return true if the active principal has the role, false otherwise.
    */
   public boolean doesUserHaveRole(Principal principal, Principal role)
   {
      boolean hasRole = false;
      RoleGroup roles = this.getCurrentRoles(principal);
      hasRole = doesRoleGroupHaveRole(role, roles); 
      return hasRole;
   }

View Full Code Here

    @return The Set<Principal> for the application domain roles that the
    principal has been assigned.
    */
   public Set<Principal> getUserRoles(Principal principal)
   { 
      RoleGroup userRoles = getCurrentRoles(principal);
      return this.getRolesAsSet(userRoles); 
   }

View Full Code Here

      if(callerRunAs != null)
      {
         callerPrincipal = new SimplePrincipal(callerRunAs.getName()); 
      }
      
      RoleGroup roles = this.getCurrentRoles(callerPrincipal, authenticatedSubject, sc);
      if(roles == null)
         roles = new SimpleRoleGroup(SecurityConstants.ROLES_IDENTIFIER);
      return roles; 
   }

View Full Code Here

      
      Group subjectRoles = getGroupFromSubject(subject);
      
      boolean emptyContextRoles = false;
      
      RoleGroup userRoles = sc.getUtil().getRoles();
      //Group userRoles = (Group)sc.getData().get(ROLES_IDENTIFIER);
      if(userRoles == null || "true".equalsIgnoreCase(SubjectActions.getRefreshSecurityContextRoles()))
         emptyContextRoles = true;
      userRoles = copyGroups(userRoles, subjectRoles); 
      
      /**
       * Update the roles in the SecurityContext and
       * allow mapping rules be applied only if the SC roles
       * and the subject roles are not the same
       */
      if(subjectRoles != userRoles || emptyContextRoles)
      { 
         MappingManager mm = sc.getMappingManager();
         MappingContext<RoleGroup> mc = mm.getMappingContext(MappingType.ROLE.name());
        
         RoleGroup mappedUserRoles = userRoles;
         if(mc != null && mc.hasModules())
         {
            Map<String,Object> contextMap = new HashMap<String,Object>();
            contextMap.put(SecurityConstants.ROLES_IDENTIFIER, userRoles);
            if(principal != null)

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.jboss.security.identity.RoleGroup

org.jboss.as.security.service.SimpleSecurityManager

org.jboss.as.web.security.JBossWebRealm

org.jboss.ejb3.core.test.common.SimpleSecurityService$SimpleAuthorizationManager

org.jboss.security.acl.RoleBasedACLProviderImpl

org.jboss.security.authorization.modules.AbstractJACCModuleDelegate

org.jboss.security.authorization.modules.ejb.EJBPolicyModuleDelegate

org.jboss.security.authorization.modules.ejb.EJBXACMLUtil

org.jboss.security.identity.plugins.SimpleRoleGroup

org.jboss.security.mapping.providers.DeploymentRolesMappingProvider

org.jboss.security.plugins.javaee.EJBAuthorizationHelper

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.