List of usage examples for java.security AccessController getContext
public static AccessControlContext getContext()
From source file:Main.java
public static void main(String[] args) { AccessControlContext acc = AccessController.getContext(); System.setProperty("java.security.policy", "file:/C:/java.policy"); SecurityManager sm = new SecurityManager(); System.setSecurityManager(sm); // perform the check sm.checkConnect("www.java2s.com", 8080, acc); System.out.println("Allowed!"); }
From source file:Main.java
public static void main(String[] args) { AccessControlContext con = AccessController.getContext(); System.setProperty("java.security.policy", "file:/C:/java.policy"); SecurityManager sm = new Main(); System.setSecurityManager(sm); sm.checkRead("test.txt", con); System.out.println("Allowed!"); }
From source file:Main.java
public static void main(String[] args) { AccessControlContext con = AccessController.getContext(); System.setProperty("java.security.policy", "file:/C:/java.policy"); SecurityManager sm = new Main(); System.setSecurityManager(sm); sm.checkPermission(new FilePermission("test.txt", "read,write"), con); System.out.println("Allowed!"); }
From source file:ddf.security.common.audit.SecurityLogger.java
private static String getUser(Subject subject) { try {/*from w ww . jav a 2 s .co m*/ if (subject == null) { subject = ThreadContext.getSubject(); } if (subject == null) { javax.security.auth.Subject javaSubject = javax.security.auth.Subject .getSubject(AccessController.getContext()); if (javaSubject != null) { Set<UserPrincipal> userPrincipal = javaSubject.getPrincipals(UserPrincipal.class); if (userPrincipal != null && !userPrincipal.isEmpty()) { return userPrincipal.toArray(new UserPrincipal[1])[0].getName(); } } } else { return SubjectUtils.getName(subject, NO_USER); } } catch (Exception e) { // ignore and return NO_USER } return NO_USER; }
From source file:org.apache.hive.service.auth.HttpAuthUtils.java
/** * @return Stringified Base64 encoded kerberosAuthHeader on success * @throws Exception/*from w ww.j a v a 2s. c om*/ */ public static String getKerberosServiceTicket(String principal, String host, String serverHttpUrl, boolean assumeSubject) throws Exception { String serverPrincipal = ShimLoader.getHadoopThriftAuthBridge().getServerPrincipal(principal, host); if (assumeSubject) { // With this option, we're assuming that the external application, // using the JDBC driver has done a JAAS kerberos login already AccessControlContext context = AccessController.getContext(); Subject subject = Subject.getSubject(context); if (subject == null) { throw new Exception("The Subject is not set"); } return Subject.doAs(subject, new HttpKerberosClientAction(serverPrincipal, serverHttpUrl)); } else { // JAAS login from ticket cache to setup the client UserGroupInformation UserGroupInformation clientUGI = ShimLoader.getHadoopThriftAuthBridge() .getCurrentUGIWithConf("kerberos"); return clientUGI.doAs(new HttpKerberosClientAction(serverPrincipal, serverHttpUrl)); } }
From source file:net.sourceforge.safr.sample.usermgnt.service.UserServiceImpl.java
private static Principal currentUserPrincipal() { Subject s = Subject.getSubject(AccessController.getContext()); return s.getPrincipals(UserPrincipal.class).iterator().next(); }
From source file:net.sourceforge.safr.jaas.permission.PermissionManagerImpl.java
public void checkPermission(Permission permission) { Subject current = Subject.getSubject(AccessController.getContext()); if (!implies(permission, current) && activated) { throw new AccessControlException("access denied", permission); }/*from w w w .ja v a 2 s . co m*/ }
From source file:org.apache.hadoop.gateway.hive.HiveHttpClientDispatch.java
protected Principal getPrimaryPrincipal() { Principal principal = null;//from w w w . j av a 2 s . com Subject subject = Subject.getSubject(AccessController.getContext()); if (subject != null) { principal = (Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0]; } return principal; }
From source file:com.gemstone.gemfire.internal.security.GeodeSecurityUtil.java
/** * It first looks the shiro subject in AccessControlContext since JMX will * use multiple threads to process operations from the same client, then it * looks into Shiro's thead context.// w ww. j a v a 2 s.c om * * @return the shiro subject, null if security is not enabled */ public static Subject getSubject() { if (!isIntegratedSecurity) { return null; } Subject currentUser = null; // First try get the principal out of AccessControlContext instead of Shiro's Thread context // since threads can be shared between JMX clients. javax.security.auth.Subject jmxSubject = javax.security.auth.Subject .getSubject(AccessController.getContext()); if (jmxSubject != null) { Set<ShiroPrincipal> principals = jmxSubject.getPrincipals(ShiroPrincipal.class); if (principals.size() > 0) { ShiroPrincipal principal = principals.iterator().next(); currentUser = principal.getSubject(); ThreadContext.bind(currentUser); return currentUser; } } // in other cases like admin rest call or pulse authorization currentUser = SecurityUtils.getSubject(); if (currentUser == null || currentUser.getPrincipal() == null) { throw new GemFireSecurityException("Error: Anonymous User"); } return currentUser; }
From source file:com.dragome.callbackevictor.serverside.ContinuationClassLoader.java
/** * Creates a classloader by using the classpath given. * * @param urls/*from w w w . j a va2s. c om*/ * The URLs from which to load classes and resources * @param parent * The parent classloader to which unsatisfied loading * attempts are delegated. May be <code>null</code>, * in which case the {@link ClassLoader#getSystemClassLoader() system classloader} * is used as the parent. * @param transformer * This transformer is used to perform the byte-code enhancement. * May not be null. */ public ContinuationClassLoader(URL[] urls, ClassLoader parent, ResourceTransformer transformer) { super(urls, fixNullParent(parent)); if (transformer == null) throw new IllegalArgumentException(); this.transformer = transformer; acc = AccessController.getContext(); }