List of usage examples for javax.security.auth Subject getPrincipals
public <T extends Principal> Set<T> getPrincipals(Class<T> c)
From source file:org.atricore.idbus.capabilities.sso.support.federation.UidAccountLinkEmitter.java
public AccountLink emit(Subject subject) { Set<SubjectAttribute> subjectAttrs = subject.getPrincipals(SubjectAttribute.class); if (logger.isDebugEnabled()) logger.debug("Pricipals found: " + subjectAttrs.size()); for (SubjectAttribute subjectAttribute : subjectAttrs) { if (logger.isDebugEnabled()) { logger.debug("Pricipal Name: " + subjectAttribute.getName()); logger.debug("Pricipal Value: " + subjectAttribute.getValue()); }/* w w w . j a v a2s.c o m*/ if (subjectAttribute.getName().startsWith("/UserAttribute[@ldap:targetAttribute=\"uid\"]") || subjectAttribute.getName().trim().equalsIgnoreCase("UserName") || subjectAttribute.getName().trim().equalsIgnoreCase("uid")) { String uid = subjectAttribute.getValue(); if (logger.isDebugEnabled()) logger.debug("Found UID [" + uid + "]"); // uid attribute is used as username return new DynamicAccountLinkImpl(subject, uid, NameIDFormat.UNSPECIFIED.getValue()); } } /* Set<SubjectAttribute> idpAttrs = subject.getPrincipals(SubjectAttribute.class); for (SubjectAttribute idpAttr : idpAttrs) { if (idpAttr.getName().equals( DCEPACAttributeDefinition.PRINCIPAL.getValue() )) { return new DynamicAccountLinkImpl(subject, idpAttr.getValue() ); } } */ logger.error("Cannot create account link for subject : " + subject); return null; }
From source file:org.sakaiproject.nakamura.lite.jackrabbit.SparseImpersonationImpl.java
public boolean allows(Subject subject) throws RepositoryException { if (!subject.getPrincipals(AdminPrincipal.class).isEmpty() || !subject.getPrincipals(SystemPrincipal.class).isEmpty()) { return true; }/*from w ww . j av a 2s . c om*/ User u = sparseUser.getSparseUser(); String impersonators = (String) u.getProperty(User.IMPERSONATORS_FIELD); Set<String> imp = new HashSet<String>(); Collections.addAll(imp, StringUtils.split(impersonators, ';')); for (Principal p : subject.getPrincipals()) { if (imp.contains(p.getName())) { return true; } } return false; }
From source file:org.atricore.idbus.capabilities.josso.main.producers.AbstractJossoProducer.java
protected Collection<SSORole> toSSORoles(Subject subject) { Set<SubjectRole> roles = subject.getPrincipals(SubjectRole.class); Set<SSORole> ssoRoles = new HashSet<SSORole>(roles.size()); for (SubjectRole role : roles) { ssoRoles.add(new BaseRoleImpl(role.getName())); }//from ww w .ja v a 2 s . co m return ssoRoles; }
From source file:org.atricore.idbus.capabilities.sso.support.federation.OneToOneAccountLinkEmitter.java
public AccountLink emit(Subject subject) { Set<SubjectNameID> subjectNameIDs = subject.getPrincipals(SubjectNameID.class); if (logger.isDebugEnabled()) logger.debug("Principals found: " + subjectNameIDs.size()); for (SubjectNameID subjectNameID : subjectNameIDs) { if (logger.isDebugEnabled()) { logger.debug("Principal Name: " + subjectNameID.getName()); logger.debug("Principal Format: " + subjectNameID.getFormat()); }/* w w w . ja v a 2 s.c om*/ if (subjectNameID.getFormat() != null) { NameIDFormat fmt = NameIDFormat.asEnum(subjectNameID.getFormat()); switch (fmt) { case UNSPECIFIED: return new DynamicAccountLinkImpl(subject, subjectNameID.getName(), NameIDFormat.UNSPECIFIED.getValue()); case EMAIL: return new DynamicAccountLinkImpl(subject, subjectNameID.getName(), NameIDFormat.EMAIL.getValue()); case TRANSIENT: // TODO : Implement better TRANSIENT NameID support return new DynamicAccountLinkImpl(subject, subjectNameID.getName(), NameIDFormat.TRANSIENT.getValue()); case PERSISTENT: // TODO : Implement PERSISTENT NameID support return new DynamicAccountLinkImpl(subject, subjectNameID.getName(), NameIDFormat.PERSISTENT.getValue()); default: logger.warn("Unrecognized Name ID Format : " + fmt); return new DynamicAccountLinkImpl(subject, subjectNameID.getName(), NameIDFormat.UNSPECIFIED.getValue()); } } else { // If no format is specified, take it as it is return new DynamicAccountLinkImpl(subject, subjectNameID.getName(), NameIDFormat.UNSPECIFIED.getValue()); } } /* Set<SubjectAttribute> idpAttrs = subject.getPrincipals(SubjectAttribute.class); for (SubjectAttribute idpAttr : idpAttrs) { if (idpAttr.getName().equals( DCEPACAttributeDefinition.PRINCIPAL.getValue() )) { return new DynamicAccountLinkImpl(subject, idpAttr.getValue() ); } } */ logger.error("Cannot create account link for subject : " + subject); return null; }
From source file:org.atricore.idbus.capabilities.josso.main.producers.AbstractJossoProducer.java
protected SSOUser toSSOUser(Subject subject) { Set<SubjectNameID> ids = subject.getPrincipals(SubjectNameID.class); if (ids.size() != 1) { logger.error("Invalid subjectNameID count " + ids.size()); return null; }/*from w w w . j ava2 s .c o m*/ SubjectNameID id = ids.iterator().next(); BaseUserImpl user = new BaseUserImpl(id.getName()); Set<SubjectAttribute> attrs = subject.getPrincipals(SubjectAttribute.class); for (SubjectAttribute attr : attrs) { // TODO : Make this configurable ?! perhaps the JOSSO Assertion should already be modified ?! String name = attr.getName(); if (name.lastIndexOf(":") > 0) name = name.substring(name.lastIndexOf(':') + 1); name = name.replace('.', '_'); user.addProperty(new SSONameValuePair(name, attr.getValue())); } return user; }
From source file:fi.okm.mpass.shibboleth.authn.impl.ValidateShibbolethAuthenticationTest.java
/** * Runs action with username in HTTP headers map. *//*from ww w. j a v a 2 s .c o m*/ @Test public void testHeader() { final AuthenticationContext ac = prc.getSubcontext(AuthenticationContext.class, false); ac.setAttemptedFlow(authenticationFlows.get(0)); final ShibbolethAuthnContext shibContext = prc.getSubcontext(AuthenticationContext.class, false) .getSubcontext(ShibbolethAuthnContext.class, true); Assert.assertNotNull(shibContext); shibContext.getHeaders().put(uid, uidValue); final Event event = action.execute(src); ActionTestingSupport.assertProceedEvent(event); Assert.assertNotNull(ac.getAuthenticationResult()); final Subject subject = ac.getAuthenticationResult().getSubject(); Assert.assertEquals(subject.getPrincipals(UsernamePrincipal.class).iterator().next().getName(), uidValue); Assert.assertEquals(subject.getPrincipals(ShibHeaderPrincipal.class).iterator().hasNext(), false); Assert.assertEquals(subject.getPrincipals(ShibAttributePrincipal.class).iterator().hasNext(), false); }
From source file:fi.okm.mpass.shibboleth.authn.impl.ValidateShibbolethAuthenticationTest.java
/** * Runs action with username in attribute map. */// w w w . jav a2s . co m @Test public void testAttribute() { final AuthenticationContext ac = prc.getSubcontext(AuthenticationContext.class, false); ac.setAttemptedFlow(authenticationFlows.get(0)); final ShibbolethAuthnContext shibContext = prc.getSubcontext(AuthenticationContext.class, false) .getSubcontext(ShibbolethAuthnContext.class, true); Assert.assertNotNull(shibContext); shibContext.getAttributes().put(uid, uidValue); final Event event = action.execute(src); ActionTestingSupport.assertProceedEvent(event); Assert.assertNotNull(ac.getAuthenticationResult()); final Subject subject = ac.getAuthenticationResult().getSubject(); Assert.assertEquals(subject.getPrincipals(UsernamePrincipal.class).iterator().next().getName(), uidValue); Assert.assertEquals(subject.getPrincipals(ShibHeaderPrincipal.class).iterator().hasNext(), false); final ShibAttributePrincipal principal = subject.getPrincipals(ShibAttributePrincipal.class).iterator() .next(); Assert.assertEquals(principal.getValue(), uidValue); }
From source file:org.apache.hadoop.gateway.hive.HiveHttpClientDispatch.java
protected Principal getPrimaryPrincipal() { Principal principal = null;/* www . ja v a 2 s . c om*/ Subject subject = Subject.getSubject(AccessController.getContext()); if (subject != null) { principal = (Principal) subject.getPrincipals(PrimaryPrincipal.class).toArray()[0]; } return principal; }
From source file:org.opengroupware.web.OGoSession.java
public Number loginId() { final Subject subject = this.loginSubject(); if (subject == null) return null; /* find uid */ for (OGoAccountPrincipal p : subject.getPrincipals(OGoAccountPrincipal.class)) return p.id(); return null;/*from w w w .jav a 2s . c o m*/ }
From source file:org.opengroupware.web.OGoSession.java
public String loginName() { final Subject subject = this.loginSubject(); if (subject == null) return null; /* find uid */ for (OGoAccountPrincipal p : subject.getPrincipals(OGoAccountPrincipal.class)) return p.getName(); return null;/*from w ww .ja v a2 s.c om*/ }