javax.security.jacc.PolicyContextException Java Examples
The following examples show how to use
javax.security.jacc.PolicyContextException.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: AuthorizationPreInitializer.java From piranha with BSD 3-Clause "New" or "Revised" License | 6 votes |
|
public void setPermissions(ServletContext servletContext, AuthorizationService authorizationService) throws ServletException {
// Add permissions to the policy configuration, which is the repository that the policy (authorization module)
// uses
PolicyConfiguration policyConfiguration = authorizationService.getPolicyConfiguration();
try {
List<Permission> unchecked = getOptionalAttribute(servletContext, UNCHECKED_PERMISSIONS);
if (unchecked != null) {
for (Permission permission : unchecked) {
policyConfiguration.addToUncheckedPolicy(permission);
}
}
List<Entry<String, Permission>> perRole = getOptionalAttribute(servletContext, PERROLE_PERMISSIONS);
if (perRole != null) {
for (Entry<String, Permission> perRoleEntry : perRole) {
policyConfiguration.addToRole(perRoleEntry.getKey(), perRoleEntry.getValue());
}
}
// TODO: Move commit moment to after all ServletContainerInitializer, Filters and Servlets have initialized
policyConfiguration.commit();
} catch (PolicyContextException e) {
throw new IllegalStateException(e);
}
}
Example #2
| Source File: StandardJaccServiceImpl.java From lams with GNU General Public License v2.0 | 6 votes |
|
@Override
public void addPermission(GrantedPermission permissionDeclaration) {
// todo : do we need to wrap these PolicyConfiguration calls in privileged actions like we do during permission checks?
if ( policyConfiguration == null ) {
policyConfiguration = locatePolicyConfiguration( contextId );
}
for ( String grantedAction : permissionDeclaration.getPermissibleAction().getImpliedActions() ) {
final EJBMethodPermission permission = new EJBMethodPermission(
permissionDeclaration.getEntityName(),
grantedAction,
null, // interfaces
null // arguments
);
log.debugf( "Adding permission [%s] to role [%s]", grantedAction, permissionDeclaration.getRole() );
try {
policyConfiguration.addToRole( permissionDeclaration.getRole(), permission );
}
catch (PolicyContextException pce) {
throw new HibernateException( "policy context exception occurred", pce );
}
}
}
Example #3
| Source File: JBossTimeBasedOTPLoginModule.java From lams with GNU General Public License v2.0 | 6 votes |
|
private String getTimeBasedOTPFromRequest()
{
String totp = null;
//This is JBoss AS specific mechanism
String WEB_REQUEST_KEY = "javax.servlet.http.HttpServletRequest";
try
{
HttpServletRequest request = (HttpServletRequest) PolicyContext.getContext(WEB_REQUEST_KEY);
totp = request.getParameter( TOTP );
}
catch (PolicyContextException e)
{
PicketBoxLogger.LOGGER.debugErrorGettingRequestFromPolicyContext(e);
}
return totp;
}
Example #4
| Source File: SecurityActions.java From lams with GNU General Public License v2.0 | 6 votes |
|
public CallbackHandler getContextCallbackHandler()
throws PolicyContextException
{
try
{
return (CallbackHandler) AccessController.doPrivileged(exAction);
}
catch(PrivilegedActionException e)
{
Exception ex = e.getException();
if( ex instanceof PolicyContextException )
throw (PolicyContextException) ex;
else
throw new UndeclaredThrowableException(ex);
}
}
Example #5
| Source File: JBossPolicyConfiguration.java From lams with GNU General Public License v2.0 | 6 votes |
|
protected JBossPolicyConfiguration(String contextID, DelegatingPolicy policy, StateMachine configStateMachine)
throws PolicyContextException
{
this.contextID = contextID;
this.policy = policy;
this.configStateMachine = configStateMachine;
if (contextID == null)
throw PicketBoxMessages.MESSAGES.invalidNullArgument("contextID");
if (policy == null)
throw PicketBoxMessages.MESSAGES.invalidNullArgument("policy");
if (configStateMachine == null)
throw PicketBoxMessages.MESSAGES.invalidNullArgument("configStateMachine");
validateState("getPolicyConfiguration");
PicketBoxLogger.LOGGER.debugJBossPolicyConfigurationConstruction(contextID);
}
Example #6
| Source File: BasicJaccProvider.java From tomee with Apache License 2.0 | 6 votes |
|
public boolean implies(final ProtectionDomain domain, final Permission permission) {
final String contextID = PolicyContext.getContextID();
if (contextID != null && JACC_PERMISSIONS.contains(permission.getClass())) {
try {
final BasicPolicyConfiguration configuration = configurations.get(contextID);
if (configuration == null || !configuration.inService()) {
return false;
}
return configuration.implies(domain, permission);
} catch (final PolicyContextException e) {
// no-op
}
}
return systemPolicy != null ? systemPolicy.implies(domain, permission) : false;
}
Example #7
| Source File: JBossPolicyConfiguration.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void addToUncheckedPolicy(Permission permission)
throws PolicyContextException
{
PicketBoxLogger.LOGGER.traceAddPermissionToUncheckedPolicy(permission);
validateState("addToUncheckedPolicy");
policy.addToUncheckedPolicy(contextID, permission);
}
Example #8
| Source File: BasicPolicyConfiguration.java From tomee with Apache License 2.0 | 5 votes |
|
public void removeRole(final String roleName) throws PolicyContextException {
if (state != OPEN) {
throw new UnsupportedOperationException("Not in an open state");
}
rolePermissionsMap.remove(roleName);
}
Example #9
| Source File: JBossPolicyConfiguration.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void addToRole(String roleName, PermissionCollection permissions)
throws PolicyContextException
{
PicketBoxLogger.LOGGER.traceAddPermissionsToRole(permissions);
validateState("addToRole");
policy.addToRole(contextID, roleName, permissions);
}
Example #10
| Source File: JBossPolicyConfiguration.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void addToRole(String roleName, Permission permission)
throws PolicyContextException
{
PicketBoxLogger.LOGGER.traceAddPermissionToRole(permission);
validateState("addToRole");
policy.addToRole(contextID, roleName, permission);
}
Example #11
| Source File: JBossPolicyConfiguration.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void addToExcludedPolicy(PermissionCollection permissions)
throws PolicyContextException
{
PicketBoxLogger.LOGGER.traceAddPermissionsToExcludedPolicy(permissions);
validateState("addToExcludedPolicy");
policy.addToExcludedPolicy(contextID, permissions);
}
Example #12
| Source File: JBossPolicyConfiguration.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void addToExcludedPolicy(Permission permission)
throws PolicyContextException
{
PicketBoxLogger.LOGGER.traceAddPermissionToExcludedPolicy(permission);
validateState("addToExcludedPolicy");
policy.addToExcludedPolicy(contextID, permission);
}
Example #13
| Source File: BasicPolicyConfiguration.java From tomee with Apache License 2.0 | 5 votes |
|
public void removeUncheckedPolicy() throws PolicyContextException {
if (state != OPEN) {
throw new UnsupportedOperationException("Not in an open state");
}
unchecked = null;
}
Example #14
| Source File: BasicPolicyConfiguration.java From tomee with Apache License 2.0 | 5 votes |
|
public void removeExcludedPolicy() throws PolicyContextException {
if (state != OPEN) {
throw new UnsupportedOperationException("Not in an open state");
}
excluded = null;
}
Example #15
| Source File: ContextPolicy.java From lams with GNU General Public License v2.0 | 5 votes |
|
void addToExcludedPolicy(PermissionCollection permissions)
throws PolicyContextException
{
Enumeration<Permission> iter = permissions.elements();
while( iter.hasMoreElements() )
{
Permission p = iter.nextElement();
excludedPermissions.add(p);
}
}
Example #16
| Source File: ServiceServlet.java From microprofile-jwt-auth with Apache License 2.0 | 5 votes |
|
private String getSubject(HttpServletResponse response) throws IOException {
try {
Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
Set<? extends Principal> principalSet = subject.getPrincipals(JsonWebToken.class);
if(principalSet.size() > 0) {
return "subject.getPrincipals(JsonWebToken.class) ok";
}
response.sendError(500, "subject.getPrincipals(JsonWebToken.class) == 0");
}
catch (PolicyContextException e) {
e.printStackTrace();
response.sendError(500, e.getMessage());
}
throw new IllegalStateException("subject.getPrincipals(JsonWebToken.class) == 0");
}
Example #17
| Source File: JaccProvider.java From tomee with Apache License 2.0 | 5 votes |
|
/**
* This static method uses a system property to find and instantiate (via a
* public constructor) a provider specific factory implementation class.
* The name of the provider specific factory implementation class is
* obtained from the value of the system property,<p>
* <code>org.apache.openejb.security.JaccProvider</code>.
* PolicyConfigurationFactory implementation class.
*
* @throws ClassNotFoundException when the class named by the system
* property could not be found including because the value of the system
* property has not be set.
* @throws PolicyContextException if the implementation throws a checked
* exception that has not been accounted for by the
* getPolicyConfigurationFactory method signature. The exception thrown by
* the implementation class will be encapsulated (during construction) in
* the thrown PolicyContextException
*/
public static void install() throws ClassNotFoundException, PolicyContextException {
if (jaccProvider != null) {
return;
}
final String[] factoryClassName = {null};
try {
jaccProvider = (JaccProvider) AccessController.doPrivileged(new PrivilegedExceptionAction() {
public Object run() throws Exception {
factoryClassName[0] = System.getProperty(FACTORY_NAME);
if (factoryClassName[0] == null) {
throw new ClassNotFoundException("Property " + FACTORY_NAME + " not set");
}
final Thread currentThread = Thread.currentThread();
final ClassLoader tccl = currentThread.getContextClassLoader();
return Class.forName(factoryClassName[0], true, tccl).newInstance();
}
});
} catch (final PrivilegedActionException pae) {
if (pae.getException() instanceof ClassNotFoundException) {
throw (ClassNotFoundException) pae.getException();
} else if (pae.getException() instanceof InstantiationException) {
throw new ClassNotFoundException(factoryClassName[0] + " could not be instantiated");
} else if (pae.getException() instanceof IllegalAccessException) {
throw new ClassNotFoundException("Illegal access to " + factoryClassName);
}
throw new PolicyContextException(pae.getException());
}
}
Example #18
| Source File: JBossPolicyConfiguration.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void addToUncheckedPolicy(PermissionCollection permissions)
throws PolicyContextException
{
PicketBoxLogger.LOGGER.traceAddPermissionsToUncheckedPolicy(permissions);
validateState("addToUncheckedPolicy");
policy.addToUncheckedPolicy(contextID, permissions);
}
Example #19
| Source File: JBossPolicyConfiguration.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void commit()
throws PolicyContextException
{
PicketBoxLogger.LOGGER.tracePolicyConfigurationCommit(contextID);
validateState("commit");
policy.commit(contextID);
}
Example #20
| Source File: JBossPolicyConfiguration.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void delete()
throws PolicyContextException
{
PicketBoxLogger.LOGGER.tracePolicyConfigurationDelete(contextID);
validateState("delete");
policy.delete(contextID);
}
Example #21
| Source File: JBossPolicyConfiguration.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void linkConfiguration(PolicyConfiguration link)
throws PolicyContextException
{
if (PicketBoxLogger.LOGGER.isTraceEnabled())
{
PicketBoxLogger.LOGGER.traceLinkConfiguration(link.getContextID());
}
validateState("linkConfiguration");
policy.linkConfiguration(contextID, link);
}
Example #22
| Source File: JBossPolicyConfiguration.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void removeExcludedPolicy()
throws PolicyContextException
{
PicketBoxLogger.LOGGER.traceRemoveExcludedPolicy(contextID);
validateState("removeExcludedPolicy");
policy.removeExcludedPolicy(contextID);
}
Example #23
| Source File: JBossPolicyConfiguration.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void removeRole(String roleName)
throws PolicyContextException
{
PicketBoxLogger.LOGGER.traceRemoveRole(roleName, contextID);
validateState("removeRole");
policy.removeRole(contextID, roleName);
}
Example #24
| Source File: JBossPolicyConfiguration.java From lams with GNU General Public License v2.0 | 5 votes |
|
public void removeUncheckedPolicy()
throws PolicyContextException
{
PicketBoxLogger.LOGGER.traceRemoveUncheckedPolicy(contextID);
validateState("removeUncheckedPolicy");
policy.removeUncheckedPolicy(contextID);
}
Example #25
| Source File: JBossPolicyConfiguration.java From lams with GNU General Public License v2.0 | 5 votes |
|
protected void validateState(String action)
throws PolicyContextException
{
try
{
configStateMachine.nextState(action);
}
catch(IllegalTransitionException e)
{
throw new PolicyContextException(PicketBoxMessages.MESSAGES.operationNotAllowedMessage(), e);
}
}
Example #26
| Source File: BasicJaccProvider.java From tomee with Apache License 2.0 | 5 votes |
|
public PolicyConfiguration getPolicyConfiguration(final String contextID, final boolean remove) throws PolicyContextException {
BasicPolicyConfiguration configuration = configurations.get(contextID);
if (configuration == null) {
configuration = createPolicyConfiguration(contextID);
configurations.put(contextID, configuration);
} else {
configuration.open(remove);
}
return configuration;
}
Example #27
| Source File: JACCConfiguration.java From cacheonix-core with GNU Lesser General Public License v2.1 | 5 votes |
|
public JACCConfiguration(String contextId) throws HibernateException {
try {
policyConfiguration = PolicyConfigurationFactory
.getPolicyConfigurationFactory()
.getPolicyConfiguration( contextId, false );
}
catch (ClassNotFoundException cnfe) {
throw new HibernateException( "JACC provider class not found", cnfe );
}
catch (PolicyContextException pce) {
throw new HibernateException( "policy context exception occurred", pce );
}
}
Example #28
| Source File: JACCConfiguration.java From cacheonix-core with GNU Lesser General Public License v2.1 | 5 votes |
|
public void addPermission(String role, String entityName, String action) {
if ( action.equals( "*" ) ) {
action = "insert,read,update,delete";
}
StringTokenizer tok = new StringTokenizer( action, "," );
while ( tok.hasMoreTokens() ) {
String methodName = tok.nextToken().trim();
EJBMethodPermission permission = new EJBMethodPermission(
entityName,
methodName,
null, // interfaces
null // arguments
);
if ( log.isDebugEnabled() ) {
log.debug( "adding permission to role " + role + ": " + permission );
}
try {
policyConfiguration.addToRole( role, permission );
}
catch (PolicyContextException pce) {
throw new HibernateException( "policy context exception occurred", pce );
}
}
}
Example #29
| Source File: JACCPermissions.java From cacheonix-core with GNU Lesser General Public License v2.1 | 5 votes |
|
public Subject getContextSubject() throws PolicyContextException {
try {
return (Subject) AccessController.doPrivileged( exAction );
}
catch (PrivilegedActionException e) {
Exception ex = e.getException();
if ( ex instanceof PolicyContextException ) {
throw (PolicyContextException) ex;
}
else {
throw new UndeclaredThrowableException( ex );
}
}
}
Example #30
| Source File: JACCPermissions.java From cacheonix-core with GNU Lesser General Public License v2.1 | 5 votes |
|
static Subject getContextSubject() throws PolicyContextException {
if ( System.getSecurityManager() == null ) {
return PolicyContextActions.NON_PRIVILEGED.getContextSubject();
}
else {
return PolicyContextActions.PRIVILEGED.getContextSubject();
}
}
