本文整理汇总了Java中org.apache.cxf.security.SecurityContext类的典型用法代码示例。如果您正苦于以下问题:Java SecurityContext类的具体用法?Java SecurityContext怎么用?Java SecurityContext使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
SecurityContext类属于org.apache.cxf.security包,在下文中一共展示了SecurityContext类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: testSecurityContext
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
@Test
public void testSecurityContext() {
DefaultCxfMessageMapper mapper = new DefaultCxfMessageMapper();
HttpServletRequest request = EasyMock.createMock(HttpServletRequest.class);
request.getUserPrincipal();
EasyMock.expectLastCall().andReturn(new SimplePrincipal("barry"));
request.isUserInRole("role1");
EasyMock.expectLastCall().andReturn(true);
request.isUserInRole("role2");
EasyMock.expectLastCall().andReturn(false);
EasyMock.replay(request);
Exchange camelExchange = setupCamelExchange("/", "/", request);
Message cxfMessage = mapper.createCxfMessageFromCamelExchange(
camelExchange, EasyMock.createMock(HeaderFilterStrategy.class));
SecurityContext sc = cxfMessage.get(SecurityContext.class);
assertNotNull(sc);
assertEquals("barry", sc.getUserPrincipal().getName());
assertTrue(sc.isUserInRole("role1"));
assertFalse(sc.isUserInRole("role2"));
}
开发者ID:HydAu,项目名称:Camel,代码行数:23,代码来源:DefaultCxfMessageMapperTest.java
示例2: handleMessage
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
public void handleMessage(Message message) throws Fault
{
SecurityContext sc = message.get(SecurityContext.class);
if (sc == null)
{
return;
}
Method method = getTargetMethod(message);
if (authorize(sc, method))
{
return;
}
throw new AccessDeniedException("Unauthorized");
}
开发者ID:geoserver,项目名称:geofence,代码行数:18,代码来源:AuthorizationHandler.java
示例3: authorize
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
protected boolean authorize(SecurityContext sc, Method method)
{
List<String> expectedRoles = getExpectedRoles(method);
if (expectedRoles.isEmpty())
{
List<String> denyRoles = getDenyRoles(method);
return denyRoles.isEmpty() ? true : isUserInRole(sc, denyRoles, true);
}
if (isUserInRole(sc, expectedRoles, false))
{
return true;
}
if (sc.getUserPrincipal() != null)
{
LOGGER.error(sc.getUserPrincipal().getName() + " is not authorized");
}
return false;
}
开发者ID:geoserver,项目名称:geofence,代码行数:23,代码来源:AuthorizationHandler.java
示例4: doTokenAuth
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
/**
* This Method allows login for tokens following the Convention for a Header: "Authentication: TOKEN 'Token'_'AgentName'"
*/
private SecurityContext doTokenAuth(String type, String auth1) {
if (type.equals(TokenAuthProvider.TOKEN)) {
// Convention: String has the following Form: "Authentication: TOKEN <Token>_<AgentName>"
// auth1 is already reduced to: "<Token>_<AgentName>"
String token = auth1.split("_")[0];
String agentName = auth1.split("_")[1];
EAgentAuthToken authToken = this.dToken.findByToken(token);
if (authToken == null) {
this.handleUnknownToken(token, agentName);
return null;
}
if ((authToken.getRevoked() != null)) {
this.handleAgent(agentName, authToken);
return null;
}
EAgent agent = this.handleAgent(agentName, authToken);
return AuthorizationProvider.createSC(agent.getName());
}
return null;
}
开发者ID:cinovo,项目名称:cloudconductor-server,代码行数:27,代码来源:TokenAuthProvider.java
示例5: populateExchangeFromCxfRsRequest
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
public void populateExchangeFromCxfRsRequest(org.apache.cxf.message.Exchange cxfExchange,
Exchange camelExchange, Method method, Object[] paramArray) {
Message camelMessage = camelExchange.getIn();
//Copy the CXF message header into the Camel inMessage
org.apache.cxf.message.Message cxfMessage = cxfExchange.getInMessage();
// TODO use header filter strategy and cxfToCamelHeaderMap
CxfUtils.copyHttpHeadersFromCxfToCamel(cxfMessage, camelMessage);
// setup the charset from content-type header
setCharsetWithContentType(camelExchange);
//copy the protocol header
copyProtocolHeader(cxfMessage, camelMessage, camelMessage.getExchange());
camelMessage.setHeader(CxfConstants.CAMEL_CXF_RS_RESPONSE_CLASS, method.getReturnType());
camelMessage.setHeader(CxfConstants.CAMEL_CXF_RS_RESPONSE_GENERIC_TYPE, method.getGenericReturnType());
copyOperationResourceInfoStack(cxfMessage, camelMessage);
camelMessage.setHeader(CxfConstants.OPERATION_NAME, method.getName());
camelMessage.setHeader(CxfConstants.CAMEL_CXF_MESSAGE, cxfMessage);
camelMessage.setBody(new MessageContentsList(paramArray));
// propagate the security subject from CXF security context
SecurityContext securityContext = cxfMessage.get(SecurityContext.class);
if (securityContext instanceof LoginSecurityContext
&& ((LoginSecurityContext)securityContext).getSubject() != null) {
camelExchange.getIn().getHeaders().put(Exchange.AUTHENTICATION,
((LoginSecurityContext)securityContext).getSubject());
} else if (securityContext != null && securityContext.getUserPrincipal() != null) {
Subject subject = new Subject();
subject.getPrincipals().add(securityContext.getUserPrincipal());
camelExchange.getIn().getHeaders().put(Exchange.AUTHENTICATION, subject);
}
}
开发者ID:HydAu,项目名称:Camel,代码行数:40,代码来源:DefaultCxfRsBinding.java
示例6: setSecurityContext
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
protected void setSecurityContext(Message cxfMessage, final HttpServletRequest request) {
cxfMessage.put(SecurityContext.class, new SecurityContext() {
public Principal getUserPrincipal() {
return request.getUserPrincipal();
}
@Override
public boolean isUserInRole(String role) {
return request.isUserInRole(role);
}
});
}
开发者ID:HydAu,项目名称:Camel,代码行数:15,代码来源:DefaultCxfMessageMapper.java
示例7: handleMessage
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
@Override
public void handleMessage(Message message) throws Fault
{
Endpoint ep = message.getExchange().get(Endpoint.class);
SecurityDomainContext sdc = ep.getSecurityDomainContext();
SecurityContext context = message.get(SecurityContext.class);
if (context == null || context.getUserPrincipal() == null)
{
Loggers.SECURITY_LOGGER.userPrincipalNotAvailableOnCurrentMessage();
return;
}
SecurityToken token = message.get(SecurityToken.class);
Subject subject = null;
if (token != null)
{
//Try authenticating using SecurityToken info
if (token.getTokenType() != TokenType.UsernameToken)
{
throw Messages.MESSAGES.unsupportedTokenType(token.getTokenType());
}
UsernameToken ut = (UsernameToken) token;
subject = createSubject(sdc, ut.getName(), ut.getPassword(), ut.isHashed(), ut.getNonce(), ut.getCreatedTime());
}
else
{
//Try authenticating using WSS4J internal info (previously set into SecurityContext by WSS4JInInterceptor)
Principal p = context.getUserPrincipal();
if (!(p instanceof UsernameTokenPrincipal)) {
throw Messages.MESSAGES.couldNotGetSubjectInfo();
}
UsernameTokenPrincipal up = (UsernameTokenPrincipal) p;
subject = createSubject(sdc, up.getName(), up.getPassword(), up.isPasswordDigest(), up.getNonce(), up.getCreatedTime());
}
Principal principal = getPrincipal(context.getUserPrincipal(), subject);
message.put(SecurityContext.class, createSecurityContext(principal, subject));
}
开发者ID:jbossws,项目名称:jbossws-cxf,代码行数:40,代码来源:SubjectCreatingPolicyInterceptor.java
示例8: handleMessage
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
@Override
public void handleMessage(SoapMessage msg) throws Fault {
Endpoint ep = msg.getExchange().get(Endpoint.class);
sdc.set(ep.getSecurityDomainContext());
try
{
SecurityToken token = msg.get(SecurityToken.class);
SecurityContext context = msg.get(SecurityContext.class);
if (token == null || context == null || context.getUserPrincipal() == null) {
super.handleMessage(msg);
return;
}
UsernameToken ut = (UsernameToken)token;
Subject subject = createSubject(ut.getName(), ut.getPassword(), ut.isHashed(),
ut.getNonce(), ut.getCreatedTime());
SecurityContext sc = doCreateSecurityContext(context.getUserPrincipal(), subject);
msg.put(SecurityContext.class, sc);
}
finally
{
if (sdc != null)
{
sdc.remove();
}
}
}
开发者ID:jbossws,项目名称:jbossws-cxf,代码行数:29,代码来源:SubjectCreatingInterceptor.java
示例9: createSecurityContext
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
protected SecurityContext createSecurityContext(final Principal p) {
Message msg = PhaseInterceptorChain.getCurrentMessage();
if (msg == null) {
throw new IllegalStateException("Current message is not available");
}
return doCreateSecurityContext(p, msg.get(Subject.class));
}
开发者ID:jbossws,项目名称:jbossws-cxf,代码行数:8,代码来源:SubjectCreatingInterceptor.java
示例10: handleMessage
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
@Override
public void handleMessage(final Message message) throws Fault {
final SecurityContext sc = message.get(SecurityContext.class);
if (sc == null || sc.getUserPrincipal() == null) {
@SuppressWarnings("unchecked")
final Map<String, List<String>> headers = (Map<String, List<String>>) message.get(Message.PROTOCOL_HEADERS);
final List<String> auth = headers.get(AUTHORIZATION_PROPERTY);
if (auth == null || auth.isEmpty()) {
throw new WebApplicationException(Response.Status.UNAUTHORIZED);
}
final String encodedUserPassword = auth.get(0).replaceFirst(AUTHENTICATION_SCHEME + " ", "");
final String usernameAndPassword = new String(Base64.decode(encodedUserPassword));
// Split username and password tokens
final StringTokenizer tokenizer = new StringTokenizer(usernameAndPassword, ":");
final String username = tokenizer.nextToken();
final String password = tokenizer.nextToken();
if (!"odatajclient".equals(username) || !"odatajclient".equals(password)) {
throw new WebApplicationException(Response.Status.UNAUTHORIZED);
}
final SecurityContext newSc = new SecurityContext() {
@Override
public Principal getUserPrincipal() {
return new SimplePrincipal("odatajclient");
}
@Override
public boolean isUserInRole(final String role) {
return false;
}
};
message.put(SecurityContext.class, newSc);
}
}
开发者ID:apache,项目名称:olingo-odata4,代码行数:40,代码来源:StaticSecurityInterceptor.java
示例11: isUserInRole
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
protected boolean isUserInRole(SecurityContext sc, List<String> roles, boolean deny)
{
// System.out.println(":::::::::::::::::::::::: 0");
// if (!isUserAllRole(sc, roles, deny)) {
// System.out.println(":::::::::::::::::::::::: 1");
// return false;
// }
// Additional check.
if (!userRolesMap.isEmpty())
{
List<String> userRoles = userRolesMap.get(sc.getUserPrincipal().getName());
if (userRoles == null)
{
return false;
}
for (String role : roles)
{
if (userRoles.contains(role))
{
return true;
}
}
return false;
}
else
{
return true;
}
}
开发者ID:geoserver,项目名称:geofence,代码行数:32,代码来源:AuthorizationHandler.java
示例12: handleMessage
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
@Override
public void handleMessage(Message message) throws Fault
{
LOGGER.info("In handleMessage");
LOGGER.info("Message --> " + message);
String name = null;
String password = null;
AuthUser user = null;
AuthorizationPolicy policy = (AuthorizationPolicy) message.get(AuthorizationPolicy.class);
if (policy != null)
{
name = policy.getUserName();
password = policy.getPassword();
LOGGER.info("Requesting user: " + name);
// TODO: read user from DB
// if user and pw do not match, throw new AuthenticationException("Unauthorized");
user = new AuthUser();
user.setName(name);
}
else
{
LOGGER.info("No requesting user -- GUEST access");
}
GeofenceSecurityContext securityContext = new GeofenceSecurityContext();
GeofencePrincipal principal = (user != null) ? new GeofencePrincipal(user) : GeofencePrincipal.createGuest();
securityContext.setPrincipal(principal);
message.put(SecurityContext.class, securityContext);
}
开发者ID:geoserver,项目名称:geofence,代码行数:38,代码来源:GeofenceAuthenticationInterceptor.java
示例13: handleAuthHeader
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
@Override
protected SecurityContext handleAuthHeader(ContainerRequestContext requestContext, Message msg, String type, String auth1) {
SecurityContext result = this.noTokenNeededCheck();
if (result != null) {
return result;
}
return this.doTokenAuth(type, auth1);
}
开发者ID:cinovo,项目名称:cloudconductor-server,代码行数:9,代码来源:TokenAuthProvider.java
示例14: handleAuthHeader
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
@Override
protected SecurityContext handleAuthHeader(ContainerRequestContext requestContext, Message msg, String type, String auth) {
final AuthorizationPolicy policy = msg.get(AuthorizationPolicy.class);
if (policy != null) {
if (System.getProperty(AuthProvider.PROP_USERNAME).equals(policy.getUserName()) && System.getProperty(AuthProvider.PROP_PASSWORD).equals(policy.getPassword())) {
return AuthorizationProvider.createSC(AuthProvider.PRINCIPAL);
}
}
return null;
}
开发者ID:cinovo,项目名称:cloudconductor-server,代码行数:11,代码来源:AuthProvider.java
示例15: getUser
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
private String getUser() {
SecurityContext sc = PhaseInterceptorChain.getCurrentMessage().get(SecurityContext.class);
Principal p = sc.getUserPrincipal();
if (p == null) {
return "REST-CALL";
}
return p.getName();
}
开发者ID:cinovo,项目名称:cloudconductor-server,代码行数:9,代码来源:AAuditedEntityHib.java
示例16: getSecurityContext
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
protected SecurityContext getSecurityContext() {
Message m = PhaseInterceptorChain.getCurrentMessage();
org.apache.cxf.security.SecurityContext sc = m.getContent(org.apache.cxf.security.SecurityContext.class);
return sc;
}
开发者ID:williamgrosset,项目名称:OSCAR-ConCert,代码行数:6,代码来源:ProviderService.java
示例17: handleMessage
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
@Override
public void handleMessage(Message message) throws Fault
{
JBossAuthenticationManager authenticationManger = message.get(JBossAuthenticationManager.class);
if (authenticationManger == null) {
return;
}
SecurityContext context = message.get(SecurityContext.class);
if (context == null || context.getUserPrincipal() == null)
{
Loggers.SECURITY_LOGGER.userPrincipalNotAvailableOnCurrentMessage();
return;
}
SecurityToken token = message.get(SecurityToken.class);
Subject subject = null;
if (token != null)
{
//Try authenticating using SecurityToken info
if (token.getTokenType() != TokenType.UsernameToken)
{
throw Messages.MESSAGES.unsupportedTokenType(token.getTokenType());
}
UsernameToken ut = (UsernameToken) token;
subject = helper.createSubject(authenticationManger, ut.getName(), ut.getPassword(), ut.isHashed(), ut.getNonce(), ut.getCreatedTime());
}
else
{
//Try authenticating using WSS4J internal info (previously set into SecurityContext by WSS4JInInterceptor)
Principal p = context.getUserPrincipal();
if (!(p instanceof UsernameTokenPrincipal)) {
throw Messages.MESSAGES.couldNotGetSubjectInfo();
}
UsernameTokenPrincipal up = (UsernameTokenPrincipal) p;
subject = helper.createSubject(authenticationManger, up.getName(), up.getPassword(), up.isPasswordDigest(), up.getNonce(), up.getCreatedTime());
}
Principal principal = getPrincipal(context.getUserPrincipal(), subject);
message.put(SecurityContext.class, createSecurityContext(principal, subject));
}
开发者ID:jbossws,项目名称:jbossws-cxf,代码行数:42,代码来源:AuthenticationMgrSubjectCreatingInterceptor.java
示例18: createSecurityContext
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
protected SecurityContext createSecurityContext(Principal p, Subject subject)
{
return new DefaultSecurityContext(p, subject);
}
开发者ID:jbossws,项目名称:jbossws-cxf,代码行数:5,代码来源:SubjectCreatingPolicyInterceptor.java
示例19: checkAuthorization
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
protected void checkAuthorization(MessageContext ctx)
{
if ((Boolean) ctx.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY))
{
return;
}
Message message = ((WrappedMessageContext) ctx).getWrappedMessage();
Exchange exchange = message.getExchange();
Endpoint ep = exchange.get(Endpoint.class);
EJBMethodSecurityAttributeProvider attributeProvider = ep
.getAttachment(EJBMethodSecurityAttributeProvider.class);
if (attributeProvider != null) //ejb endpoints only can be associated with this...
{
SecurityContext secCtx = message.get(SecurityContext.class);
BindingOperationInfo bop = exchange.getBindingOperationInfo();
MethodDispatcher md = (MethodDispatcher) exchange.getService().get(MethodDispatcher.class.getName());
Method method = md.getMethod(bop);
EJBMethodSecurityAttribute attributes = attributeProvider.getSecurityAttributes(method);
if (attributes == null || attributes.isPermitAll()) //no security requirement or method marked @PermitAll
{
return;
}
if (!attributes.isDenyAll())
{
if (attributes.getRolesAllowed() != null)
{
for (String role : attributes.getRolesAllowed())
{
if (secCtx.isUserInRole(role))
{
return;
}
}
}
}
final Principal p = secCtx.getUserPrincipal();
ctx.put(KEY, true);
throw MESSAGES.authorizationFailed(p != null ? p.getName() : null);
}
}
开发者ID:jbossws,项目名称:jbossws-cxf,代码行数:42,代码来源:HandlerAuthInterceptor.java
示例20: handleOther
import org.apache.cxf.security.SecurityContext; //导入依赖的package包/类
@Override
protected SecurityContext handleOther(ContainerRequestContext requestContext, Message msg, HttpHeaders head) {
return this.noTokenNeededCheck();
}
开发者ID:cinovo,项目名称:cloudconductor-server,代码行数:5,代码来源:TokenAuthProvider.java
注:本文中的org.apache.cxf.security.SecurityContext类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论