• Home
• com.github.exabrial
• javax-security-cdi-extension
• 1.0.0
• source code
• JavaXSecurityInterceptor.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.github.exabrial.cdi.javaxsecurity.JavaXSecurityInterceptor Maven / Gradle / Ivy

package com.github.exabrial.cdi.javaxsecurity;

import java.util.stream.Stream;

import javax.annotation.security.RolesAllowed;
import javax.enterprise.inject.Instance;
import javax.inject.Inject;
import javax.interceptor.AroundInvoke;
import javax.interceptor.InvocationContext;

import org.slf4j.Logger;

public class JavaXSecurityInterceptor {
	@Inject
	private Instance logInstance;
	@Inject
	@SkipSecurity
	private Instance skipSecurityInstance;
	@Inject
	private JavaXSecurityChecker javaXSecurityChecker;
	@Inject
	private JavaXSecurityFailureHandler handler;

	@AroundInvoke
	public Object intercept(InvocationContext ctx) throws Exception {
		boolean skipSecurity = skipSecurityInstance.isUnsatisfied() ? false : skipSecurityInstance.get();
		if (!skipSecurity) {
			if (javaXSecurityChecker.authenticate()) {
				RolesAllowed rolesAllowed = ctx.getMethod().getAnnotation(RolesAllowed.class);
				if (rolesAllowed == null) {
					rolesAllowed = ctx.getTarget().getClass().getAnnotation(RolesAllowed.class);
				}
				if (rolesAllowed != null) {
					Stream.of(rolesAllowed.value()).forEach(roleName -> {
						if (!javaXSecurityChecker.isCallerInRole(roleName)) {
							handler.authorizationFailure(ctx.getTarget().getClass(), ctx.getMethod(), roleName);
						}
					});
				}
			} else {
				handler.authenticationFailure();
			}
		} else if (!logInstance.isUnsatisfied()) {
			logInstance.get().warn("check() Security disabled; skipping check for:{}:{}", ctx.getTarget().getClass().getName(),
					ctx.getMethod().getName());
		}
		return ctx.proceed();
	}
}