List of usage examples for javax.security.auth Subject getPublicCredentials
public <T> Set<T> getPublicCredentials(Class<T> c)
From source file:com.eucalyptus.ws.handlers.HmacHandler.java
@Override @SuppressWarnings("deprecation") public void incomingMessage(MessageEvent event) throws Exception { if (event.getMessage() instanceof MappingHttpRequest) { final MappingHttpRequest httpRequest = (MappingHttpRequest) event.getMessage(); final Map<String, String> parameters = httpRequest.getParameters(); final ByteArrayOutputStream bos = new ByteArrayOutputStream(); httpRequest.getContent().readBytes(bos, httpRequest.getContent().readableBytes()); final String body = bos.toString(); bos.close();//from w ww . j av a 2s . c o m final Function<String, List<String>> headerLookup = SignatureHandlerUtils.headerLookup(httpRequest); final Function<String, List<String>> parameterLookup = SignatureHandlerUtils .parameterLookup(httpRequest); final HmacUtils.SignatureVariant variant = HmacUtils.detectSignatureVariant(headerLookup, parameterLookup); final Map<String, List<String>> headers = Maps.newHashMap(); for (final String header : httpRequest.getHeaderNames()) { headers.put(header.toLowerCase(), httpRequest.getHeaders(header)); } if (variant.getVersion().value() <= 2) { if (!parameters.containsKey(SecurityParameter.AWSAccessKeyId.parameter())) { throw new AuthenticationException( "Missing required parameter: " + SecurityParameter.AWSAccessKeyId); } } final HmacCredentials credentials = new HmacCredentials(httpRequest.getCorrelationId(), variant, processParametersForVariant(httpRequest, variant), headers, httpRequest.getMethod().getName(), httpRequest.getServicePath(), body); SecurityContext.getLoginContext(credentials).login(); final Subject subject = Contexts.lookup(httpRequest.getCorrelationId()).getSubject(); final QueryIdCredential credential = Iterables .getFirst(subject.getPublicCredentials(QueryIdCredential.class), null); if (credential == null || (credential.getType().isPresent() && !allowedTemporaryKeyTypes.contains(credential.getType().get()))) { throw new AuthenticationException("Temporary credentials forbidden for service"); } parameters.keySet().removeAll(variant.getParametersToRemove()); parameters.remove(SecurityParameter.SecurityToken.parameter()); } }
From source file:org.springframework.security.web.authentication.preauth.websphere.DefaultWASUsernameAndGroupsExtractor.java
/** * Get the security name for the given subject. * * @param subject The subject for which to retrieve the security name * @return String the security name for the given subject *///from w ww . j a v a 2s . c o m private static String getSecurityName(final Subject subject) { if (logger.isDebugEnabled()) { logger.debug("Determining Websphere security name for subject " + subject); } String userSecurityName = null; if (subject != null) { // SEC-803 Object credential = subject.getPublicCredentials(getWSCredentialClass()).iterator().next(); if (credential != null) { userSecurityName = (String) invokeMethod(getSecurityNameMethod(), credential); } } if (logger.isDebugEnabled()) { logger.debug("Websphere security name is " + userSecurityName + " for subject " + subject); } return userSecurityName; }