Examples of SecurityContext

• br.gov.frameworkdemoiselle.security.SecurityContext
  Structure used to handle both authentication and authorizations mechanisms. @author SERPRO
• com.force.sdk.oauth.context.SecurityContext
  Interface representing the standard fields stored when a user is authenticated. After authentication the security context is stored and made available to the thread processing the user's request. @author John Simone
• com.hazelcast.security.SecurityContext
  SecurityContext is responsible for managing lifecycle of security object such as {@link ICredentialsFactory}, {@link IPermissionPolicy} etc, to creating {@link LoginContext}es for member and client authentications and checking permissions for client operations.
• com.sas.svcs.authentication.client.SecurityContext
• com.sun.enterprise.common.iiop.security.SecurityContext
  A subject is used a container for passing the security context information in the service context field. The security context information in the subject must be stored either as a private or a public credential according to the following convention: PasswordCredential: Client authentication will be performed using the username and password in the PasswordCredential. PasswordCredential must be passed as a PrivateCredential. X500Name: DN name specified in X500Name will be asserted. X500Name must be passed as a PublicCredential. GSSUPName: Identity specified in GSSUPName will be asserted. GSSUPName must be passed as a PublicCredential. X509CertificateCredential: The certificate chain in the credential will be asserted. The credential must be passed as a PublicCredential. AnonCredential: Anonymous identity will be asserted. Credential must be passed as a PublicCredential. Class fields in the SecurityContext are used for credential selection. There are two class fields: authcls and identcls. authcls is a Class object that identifies the credential for client authentication. identcls is a Class object that identifies the credential for identity assertion. The following semantics must be observed: 1. A client authentication token is always passed as a private credential. authcls set to the class of the authentication token 2. An identity token is always passed as a public credential. identcls is set to the class of the identity token. 3. authcls is set to null if there is no client auth token 4. identcls is set to null if there is no ident token 5. There must not be more than one instance of class identified by authcls or identcls. However, there can be one instance of identcls *and* authcls (this allows both a client auth token and an identity token to be passed across the interface).
• com.sun.enterprise.security.SecurityContext
  This class that extends AbstractSecurityContext that gets stored in Thread Local Storage. If the current thread creates child threads, the SecurityContext stored in the current thread is automatically propogated to the child threads. This class is used on the server side to represent the security context. Thread Local Storage is a concept introduced in JDK1.2. @see java.lang.ThreadLocal @see java.lang.InheritableThreadLocal @author Harish Prabandham @author Harpreet Singh
• com.tll.server.SecurityContext
  SecurityContext - {@link SecurityContext} impl. @author jpk
• inspiredbyte.examples.rules.annotations.SecurityContext
• io.undertow.security.api.SecurityContext
  The security context. This context is attached to the exchange and holds all security related information. @author Stuart Douglas @author Darran Lofthouse @see io.undertow.security.impl.SecurityContextImpl
• javax.ws.rs.core.SecurityContext
  An injectable interface that provides access to security related information. @see Context
• javolution.context.SecurityContext
  class defines custom policy with regards to database access. public abstract class DatabaseAccess extends SecurityContext { public static boolean isReadAllowed(Table table) { SecurityContext policy = SecurityContext.current(); return (policy instanceof DatabaseAccess.Permission) ? ((DatabaseAccess.Permission)policy).isReadable(table) : false; } public interface Permission { boolean isReadable(Table table); boolean isWritable(Table table); } }[/code]

  The use of interfaces (such as Permission above) makes it easy for custom policies to support any security actions. For example:[code] class Policy extends SecurityContext implements DatabaseAccess.Permission, FileAccess.Permission { public boolean isReadable(Table table) { return !table.isPrivate(); } public boolean isWritable(Table table) { return Session.getSession().getUser().isAdministrator(); } public boolean isReadable(File file) { return true; } public boolean isWritable(File file) { return false; } } ... Policy localPolicy = new Policy(); SecurityContext.enter(localPolicy); // Current thread overrides default policy (configurable) try { // (if allowed, ref. SecurityContext.isReplaceable()) ... DatabaseAccess.isReadAllowed(table); ... FileAccess.isWriteAllowed(file); ... } finally { SecurityContext.exit(); }[/code]

  The default permissions managed by the {@link #DEFAULT} implementationare the permission to {@link #isReplaceable replace} the current securitycontext by default) and the permission to {@link #isConfigurable configure}the application.

  @author Jean-Marie Dautelle @version 5.2, August 5, 2007
• juzu.request.SecurityContext
  @author Julien Viet
• net.jini.security.SecurityContext
  shot context SecurityContext ctx = Security.getContext(); // restore context AccessController.doPrivileged( ctx.wrap(action), ctx.getAccessControlContext()); @author Sun Microsystems, Inc. @since 2.0
• oracle.adf.share.security.SecurityContext
• org.acegisecurity.context.SecurityContext
  Interface defining the minimum security information associated with the current thread of execution.

  The security context is stored in a {@link SecurityContextHolder}.

  @author Ben Alex @version $Id: SecurityContext.java 1784 2007-02-24 21:00:24Z luke_t $
• org.apache.activemq.security.SecurityContext
  Used to cache up authorizations so that subsequent requests are faster. @version $Revision$
• org.apache.airavata.gfac.SecurityContext
• org.apache.airavata.gfac.context.security.SecurityContext
• org.apache.cxf.security.SecurityContext
  Provides basic security information about the current message exchange
• org.apache.tuscany.sca.host.http.SecurityContext
  A class to store policy context to enable Security QoS to HTTP binding
• org.beangle.security.core.context.SecurityContext
  Interface defining the minimum security information associated with the current thread of execution.

  The security context is stored in a {@link SecurityContextHolder}.

  @author chaostone @version $Id: SecurityContext.java 2217 2007-10-27 00:45:30Z $
• org.gatein.pc.api.spi.SecurityContext
  @author Julien Viet @version $Revision: 5448 $
• org.italiangrid.utils.voms.SecurityContext
• org.jboss.ballroom.client.rbac.SecurityContext
  The security context has access to the authorisation meta data and provides policies to reason over it. Each security context is associated with a specific {@link com.gwtplatform.mvp.client.proxy.PlaceRequest}. @see SecurityService @see com.gwtplatform.mvp.client.proxy.PlaceManager @author Heiko Braun @date 7/3/13
• org.jboss.dna.graph.SecurityContext
  A security context provides a pluggable means to support disparate authentication and authorization mechanisms that specify the user name and roles.

  A security context should only be associated with the execution context after authentication has occurred.

• org.jboss.errai.security.client.local.api.SecurityContext
  Caches information regarding security events and the current user (i.e. which user is logged in, and what was the last page they were rejected from). @author Max Barkley
• org.jboss.portal.portlet.spi.SecurityContext
  @author Julien Viet @version $Revision: 5448 $
• org.jboss.security.SecurityContext
  Encapsulation of Authentication, Authorization, Mapping and other security aspects at the level of a security domain @author Anil Saldhana @version $Revision$ @since Aug 24, 2006
• org.jboss.soa.esb.services.security.SecurityContext
  Security Context contains security related information.

  Note that even though a Subject object instance is serialiable, its private and public credentials are not(they are transient).

  Also not that the Principal interface is not serializable but all implemenations should be.

  When created a SecurityContext will be given a timeout argument which is the time in milliseconds after which the context is considered invalid. @author Daniel Bevenius @since 4.4

• org.jboss.test.security.interfaces.SecurityContext
  @author Scott.Stark@jboss.org @version $Revision: 81036 $
• org.jrest4guice.security.SecurityContext
• org.modeshape.jcr.security.SecurityContext
  A security context provides a pluggable means to support disparate authentication and authorization mechanisms that specify the user name and roles.

  A security context should only be associated with the execution context after authentication has occurred.

• org.mule.api.security.SecurityContext
  SecurityContext holds security information and is associated with the MuleSession. @see org.mule.api.MuleSession
• org.ow2.easybeans.security.propagation.context.SecurityContext
  Security Context that is exchanged and propagated from clients to beans.
  This is also why it is a serializable object (as it has to be exchanged).
  The security contains allow to get the current principal and the roles associated to this principal.
  RunAs mode is managed by keeping the previous security context. @author Florent Benoit
• org.springframework.security.context.SecurityContext
• org.springframework.security.core.context.SecurityContext
  Interface defining the minimum security information associated with the current thread of execution.

  The security context is stored in a {@link SecurityContextHolder}.

  @author Ben Alex
• org.structr.common.SecurityContext
  Encapsulates the current user and access path and provides methods to query permission flags for a given node. This is the place where HttpServletRequest and Authenticator get together. @author Christian Morgner
• org.switchyard.security.context.SecurityContext
  SecurityContext. @author David Ward <dward@jboss.org> © 2013 Red Hat Inc.
• org.uberfire.security.SecurityContext

Examples of org.jboss.security.SecurityContext

public class JBossSecurityHelper implements SecurityHelper, Serializable {
  private static final long serialVersionUID = 3598997061994110254L;

  @Override
  public boolean assosiateSecurityContext(String securityDomain, Object newContext) {
    SecurityContext context = SecurityActions.getSecurityContext();
    if (context == null || (!context.getSecurityDomain().equals(securityDomain) && newContext != null)) {
      SecurityActions.setSecurityContext((SecurityContext)newContext);
      return true;
    }
    return false;
  }

Examples of org.jboss.security.SecurityContext

    return false;
  }

  @Override
  public void clearSecurityContext(String securityDomain) {
    SecurityContext sc = SecurityActions.getSecurityContext();
    if (sc != null && sc.getSecurityDomain().equals(securityDomain)) {
      SecurityActions.clearSecurityContext();
    }
  }

Examples of org.jboss.security.SecurityContext

    }
  }

  @Override
  public Object getSecurityContext(String securityDomain) {
    SecurityContext sc = SecurityActions.getSecurityContext();
    if (sc != null && sc.getSecurityDomain().equals(securityDomain)) {
      return sc;
    }
    return null;
  }

Examples of org.jboss.security.SecurityContext

    return getSecurityContext(securityDomain);
  }

  @Override
  public Subject getSubjectInContext(String securityDomain) {
    SecurityContext sc = SecurityActions.getSecurityContext();
    if (sc != null && sc.getSecurityDomain().equals(securityDomain)) {
      SubjectInfo si = sc.getSubjectInfo();
      Subject subject = si.getAuthenticatedSubject();
      return subject;
    }
    return null;
  }

Examples of org.jboss.security.SecurityContext

  }

  @Override
  public boolean sameSubject(String securityDomain, Object context, Subject subject) {
    Assertion.isNotNull(context);
    SecurityContext previousContext = (SecurityContext)context;
    Subject previousUser = previousContext.getSubjectInfo().getAuthenticatedSubject();

    SecurityContext currentContext = SecurityActions.getSecurityContext();
    if (currentContext != null && currentContext.getSecurityDomain().equals(securityDomain)) {
      Subject currentUser = currentContext.getSubjectInfo().getAuthenticatedSubject();
      if (previousUser.equals(currentUser)) {
        return true;
      }
    }
    return false;

Examples of org.jboss.security.SecurityContext

     static void pushSecurityContext(final Principal p, final Object cred, final Subject subject, final String securityDomain)
     {
      AccessController.doPrivileged(new PrivilegedAction<Object>() {
        public Object run() {
          SecurityContext sc;
          try {
            sc = SecurityContextFactory.createSecurityContext(p, cred, subject, securityDomain);
          } catch (Exception e) {
            throw new RuntimeException(e);
          }

Examples of org.jboss.security.SecurityContext

public class JBossSecurityServices implements SecurityServices
{

   public Principal getPrincipal()
   {
      SecurityContext sc = SecurityContextAssociation.getSecurityContext();
      return sc.getUtil().getUserPrincipal();
   }

Examples of org.jboss.security.SecurityContext

    * @inheritDoc
    *
    */
   public synchronized Subject authenticate(Object creds) {
      AuthenticationManager am;
      SecurityContext securityContext;

      // wine and complain if we don't get what we expect.
      if (creds == null) {
         throw new SecurityException(
            "JMXConnectorAuthenticator requires userid/password credentials to be passed in");
      }
      if (! (creds instanceof String[])) {
         // only support passing in array of Strings
         throw new SecurityException(
            "JMXConnectorAuthenticator can only handle authentication parameter that is array of two strings, instead got " +
            creds.getClass().getName());
      }
      String[] pair = (String[]) creds;
      if( pair.length != 2 ) {
         // only support passing userid + password
         throw new SecurityException(
            "JMXConnectorAuthenticator can only handle authentication parameter that is array of two strings, instead got " +
         pair.length +" strings");
      }

      String user, pass;
      user = pair[0];
      pass = pair[1];
      Principal principal = new JMXPrincipal(user);
      Subject subject = new Subject();

      securityContext = SecurityFactory.establishSecurityContext(securityDomainName);
      am = securityContext.getAuthenticationManager();

      boolean result = am.isValid(principal, pass , subject);
      if( result ) {
         subject.setReadOnly();
      }

Examples of org.jboss.security.SecurityContext

            {
               // Security-domain use-case
               try
               {
                  // Create a security context on the association
                  SecurityContext securityContext = SecurityContextFactory.createSecurityContext(recoverSecurityDomain);
                  SecurityContextAssociation.setSecurityContext(securityContext);

                  // Unauthenticated
                  Subject unauthenticated = new Subject();

                  // Leave the subject empty as we don't have any information to do the
                  // authentication with - and we only need it to be able to get the
                  // real subject from the SubjectFactory

                  // Set the authenticated subject
                  securityContext.getSubjectInfo().setAuthenticatedSubject(unauthenticated);

                  // Select the domain
                  String domain = recoverSecurityDomain;
                  if (domain == null)
                     domain = securityDomain;

Examples of org.jboss.security.SecurityContext

            return getNext().invoke(mi);
         else
            return getNext().invokeHome(mi);
      }

      SecurityContext sc = SecurityActions.getSecurityContext();
      if (sc == null)
         throw new IllegalStateException("Security Context is null");

      RunAs callerRunAsIdentity = sc.getIncomingRunAs();
      if (log.isTraceEnabled())
         log.trace("Caller RunAs=" + callerRunAsIdentity + ": useCallerIdentity=" + this.isUseCallerIdentity);
      // Authenticate the subject and apply any declarative security checks
      try
      {