Java Code Examples for org.wildfly.security.manager.WildFlySecurityManager#isChecking()

The following examples show how to use org.wildfly.security.manager.WildFlySecurityManager#isChecking() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: AbstractLoggingDeploymentProcessor.java    From wildfly-core with GNU Lesser General Public License v2.1 6 votes vote down vote up 
private void unregisterLogContext(final DeploymentUnit deploymentUnit, final AttachmentKey<LogContext> attachmentKey, final Module module) {
    final LogContext logContext = deploymentUnit.removeAttachment(attachmentKey);
    if (logContext != null) {
        final boolean success;
        if (WildFlySecurityManager.isChecking()) {
            success = WildFlySecurityManager.doUnchecked(new PrivilegedAction<Boolean>() {
                @Override
                public Boolean run() {
                    return logContextSelector.unregisterLogContext(module.getClassLoader(), logContext);
                }
            });
        } else {
            success = logContextSelector.unregisterLogContext(module.getClassLoader(), logContext);
        }
        if (success) {
            LoggingLogger.ROOT_LOGGER.tracef("Removed LogContext '%s' from '%s'", logContext, module);
        } else {
            LoggingLogger.ROOT_LOGGER.logContextNotRemoved(logContext, deploymentUnit.getName());
        }
    }
}
Example 2
Source File: SecurityActions.java    From wildfly-core with GNU Lesser General Public License v2.1 6 votes vote down vote up 
static void setGlobalJaasConfiguration(final Configuration configuration) throws SecurityException {
    if (WildFlySecurityManager.isChecking() == false) {
        internalSetGlobalJaasConfiguration(configuration);
    } else {

        try {
            doPrivileged(new PrivilegedExceptionAction<Void>() {

                @Override
                public Void run() throws Exception {
                    internalSetGlobalJaasConfiguration(configuration);

                    return null;
                }

            });
        } catch (PrivilegedActionException e) {
            throw (SecurityException) e.getCause();
        }

    }
}
Example 3
Source File: SecurityActions.java    From wildfly-core with GNU Lesser General Public License v2.1 6 votes vote down vote up 
/**
 * WARNING: Calling this method in non modular context has the side effect to load the Module class.
 * This is problematic, the system packages required to properly execute an embedded-server will not
 * be correct.
 */
static <T> T loadAndInstantiateFromModule(final String moduleId, final Class<T> iface, final String name) throws Exception {
    if (!WildFlySecurityManager.isChecking()) {
        return internalLoadAndInstantiateFromModule(moduleId, iface, name);
    } else {
        try {
            return doPrivileged(new PrivilegedExceptionAction<T>() {
                @Override
                public T run() throws Exception {
                    return internalLoadAndInstantiateFromModule(moduleId, iface, name);
                }
            });
        } catch (PrivilegedActionException e) {
            Throwable t = e.getCause();
            if (t instanceof RuntimeException){
                throw (RuntimeException)t;
            }
            throw new Exception(t);
        }
    }
}
Example 4
Source File: AccessAuditContext.java    From wildfly-core with GNU Lesser General Public License v2.1 6 votes vote down vote up 
private AccessAuditContext(final boolean inflowed, final SecurityIdentity securityIdentity, final InetAddress remoteAddress, final AccessAuditContext previous) {
    // This can only be instantiated as part of the doAs call.
    this.securityIdentity = securityIdentity;
    // The address would be set on the first context in the stack so use it.
    if (previous != null) {
        domainUuid = previous.domainUuid;
        accessMechanism = previous.accessMechanism;
        domainRollout = previous.domainRollout;
        this.remoteAddress = previous.remoteAddress;
        this.inflowed = previous.inflowed;
    } else {
        this.inflowed = inflowed;
        this.remoteAddress = remoteAddress;
    }

    // This is checked here so code can not obtain a reference to an AccessAuditContext with an inflowed identity and then
    // use it swap in any arbitrary identity.
    if (this.inflowed && WildFlySecurityManager.isChecking()) {
        System.getSecurityManager().checkPermission(ControllerPermission.INFLOW_SECURITY_IDENTITY);
    }
}
Example 5
Source File: SecurityActions.java    From wildfly-core with GNU Lesser General Public License v2.1 6 votes vote down vote up 
static Configuration getGlobalJaasConfiguration() throws SecurityException {
    if (WildFlySecurityManager.isChecking() == false) {
        return internalGetGlobalJaasConfiguration();
    } else {

        try {
            return doPrivileged(new PrivilegedExceptionAction<Configuration>() {

                @Override
                public Configuration run() throws Exception {
                    return internalGetGlobalJaasConfiguration();
                }

            });
        } catch (PrivilegedActionException e) {
            throw (SecurityException) e.getCause();
        }

    }
}
Example 6
Source File: SecurityActions.java    From wildfly-core with GNU Lesser General Public License v2.1 5 votes vote down vote up 
static void setThreadContextClassLoader(ClassLoader cl) {
    if (! WildFlySecurityManager.isChecking()) {
        SetThreadContextClassLoaderAction.NON_PRIVILEGED.setThreadContextClassLoader(cl);
    } else {
        SetThreadContextClassLoaderAction.PRIVILEGED.setThreadContextClassLoader(cl);
    }
}
Example 7
Source File: TransactionalProtocolClientImpl.java    From wildfly-core with GNU Lesser General Public License v2.1 5 votes vote down vote up 
@Override
public <T extends Operation> AsyncFuture<OperationResponse> execute(TransactionalOperationListener<T> listener, T operation) throws IOException {
    AccessAuditContext accessAuditContext = WildFlySecurityManager.isChecking()
            ? doPrivileged((PrivilegedAction<AccessAuditContext>) AccessAuditContext::currentAccessAuditContext)
            : AccessAuditContext.currentAccessAuditContext();
    final ExecuteRequestContext context = new ExecuteRequestContext(new OperationWrapper<>(listener, operation),
            accessAuditContext != null ? accessAuditContext.getSecurityIdentity() : null,
            accessAuditContext != null ? accessAuditContext.getRemoteAddress() : null,
            tempDir,
            InVmAccess.isInVmCall());
    final ActiveOperation<OperationResponse, ExecuteRequestContext> op = channelAssociation.initializeOperation(context, context);
    final AtomicBoolean cancelSent = new AtomicBoolean();
    final AsyncFuture<OperationResponse> result = new AbstractDelegatingAsyncFuture<OperationResponse>(op.getResult()) {
        @Override
        public synchronized void asyncCancel(boolean interruptionDesired) {
            if (!cancelSent.get()) {
                try {
                    // Execute
                    channelAssociation.executeRequest(op, new CompleteTxRequest(ModelControllerProtocol.PARAM_ROLLBACK, channelAssociation));
                    cancelSent.set(true);
                } catch (IOException e) {
                    throw new RuntimeException(e);
                }
            }
        }
    };
    context.initialize(result);
    channelAssociation.executeRequest(op, new ExecuteRequest());
    return result;
}
Example 8
Source File: ElytronDefinition.java    From wildfly-core with GNU Lesser General Public License v2.1 5 votes vote down vote up 
@Override
public Boolean get() {
    if (WildFlySecurityManager.isChecking()) {
        return doPrivileged((PrivilegedAction<Boolean>) () -> SecurityContextAssociation.getSecurityContext() != null);
    } else {
        return SecurityContextAssociation.getSecurityContext() != null;
    }
}
Example 9
Source File: SecurityActions.java    From wildfly-core with GNU Lesser General Public License v2.1 4 votes vote down vote up 
static TCLAction getTCLAction() {
    return WildFlySecurityManager.isChecking() ? PRIVILEGED : NON_PRIVILEGED;
}
Example 10
Source File: HostControllerClient.java    From wildfly-core with GNU Lesser General Public License v2.1 4 votes vote down vote up 
/** Provides function execution in a doPrivileged block if a security manager is checking privileges */
private static Execution privilegedExecution() {
    return WildFlySecurityManager.isChecking() ? Execution.PRIVILEGED : Execution.NON_PRIVILEGED;
}
Example 11
Source File: SecurityActions.java    From wildfly-core with GNU Lesser General Public License v2.1 4 votes vote down vote up 
static ClassLoader getClassLoader(final Class<?> clazz) {
    return ! WildFlySecurityManager.isChecking() ? clazz.getClassLoader() : doPrivileged(new GetClassLoaderAction(clazz));
}
Example 12
Source File: SecurityActions.java    From wildfly-core with GNU Lesser General Public License v2.1 4 votes vote down vote up 
private static CallerActions createCallerActions() {
    return WildFlySecurityManager.isChecking() ? CallerActions.PRIVILEGED : CallerActions.NON_PRIVILEGED;
}
Example 13
Source File: SecurityActions.java    From wildfly-core with GNU Lesser General Public License v2.1 4 votes vote down vote up 
private static CallerActions createCallerActions() {
    return WildFlySecurityManager.isChecking() ? CallerActions.PRIVILEGED : CallerActions.NON_PRIVILEGED;
}
Example 14
Source File: TransactionalProtocolOperationHandler.java    From wildfly-core with GNU Lesser General Public License v2.1 4 votes vote down vote up 
/**
 * Provides a Supplier execution in a doPrivileged block if a security manager is checking privileges
 */
private static Execution privilegedExecution() {
    return WildFlySecurityManager.isChecking() ? Execution.PRIVILEGED : Execution.NON_PRIVILEGED;
}
Example 15
Source File: DefaultDeploymentOperations.java    From wildfly-core with GNU Lesser General Public License v2.1 4 votes vote down vote up 
/** Provides function execution in a doPrivileged block if a security manager is checking privileges */
private static Execution privilegedExecution() {
    return WildFlySecurityManager.isChecking() ? Execution.PRIVILEGED : Execution.NON_PRIVILEGED;
}
Example 16
Source File: SecurityActions.java    From wildfly-core with GNU Lesser General Public License v2.1 4 votes vote down vote up 
/** Provides function execution in a doPrivileged block if a security manager is checking privileges */
private static Execution privilegedExecution() {
    return WildFlySecurityManager.isChecking() ? Execution.PRIVILEGED : Execution.NON_PRIVILEGED;
}
Example 17
Source File: SecurityActions.java    From wildfly-core with GNU Lesser General Public License v2.1 4 votes vote down vote up 
private static AccessAuditContextActions createAccessAuditContextActions() {
    return WildFlySecurityManager.isChecking() ? AccessAuditContextActions.PRIVILEGED : AccessAuditContextActions.NON_PRIVILEGED;
}
Example 18
Source File: ContentRepositoryCleaner.java    From wildfly-core with GNU Lesser General Public License v2.1 4 votes vote down vote up 
/** Provides function execution in a doPrivileged block if a security manager is checking privileges */
private static Execution privilegedExecution() {
    return WildFlySecurityManager.isChecking() ? Execution.PRIVILEGED : Execution.NON_PRIVILEGED;
}
Example 19
Source File: SecurityActions.java    From wildfly-core with GNU Lesser General Public License v2.1 4 votes vote down vote up 
private static AccessAuditContextActions createAccessAuditContextActions() {
    return WildFlySecurityManager.isChecking() ? AccessAuditContextActions.PRIVILEGED : AccessAuditContextActions.NON_PRIVILEGED;
}
Example 20
Source File: SecurityActions.java    From wildfly-core with GNU Lesser General Public License v2.1 4 votes vote down vote up 
static <T> T doPrivileged(final PrivilegedAction<T> action) {
    return WildFlySecurityManager.isChecking() ? AccessController.doPrivileged(action) : action.run();
}