org.wildfly.security.http.util.PrivilegedServerMechanism Maven / Gradle / Ivy
Go to download
This artifact provides a single jar that contains all classes required to use remote Jakarta Enterprise Beans and Jakarta Messaging, including
all dependencies. It is intended for use by those not using maven, maven users should just import the Jakarta Enterprise Beans and
Jakarta Messaging BOM's instead (shaded JAR's cause lots of problems with maven, as it is very easy to inadvertently end up
with different versions on classes on the class path).
/*
* JBoss, Home of Professional Open Source.
* Copyright 2015 Red Hat, Inc., and individual contributors
* as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wildfly.security.http.util;
import static org.wildfly.common.Assert.checkNotNullParam;
import java.io.InputStream;
import java.lang.reflect.UndeclaredThrowableException;
import java.net.InetSocketAddress;
import java.net.URI;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.cert.Certificate;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.net.ssl.SSLSession;
import org.wildfly.security.http.HttpAuthenticationException;
import org.wildfly.security.http.HttpScope;
import org.wildfly.security.http.HttpServerAuthenticationMechanism;
import org.wildfly.security.http.HttpServerCookie;
import org.wildfly.security.http.HttpServerMechanismsResponder;
import org.wildfly.security.http.HttpServerRequest;
import org.wildfly.security.http.HttpServerResponse;
import org.wildfly.security.http.Scope;
/**
* A {@link HttpServerAuthenticationMechanism} with a stored {@link AccessControlContext} that is used for all request
* processing calls.
*
* @author Darran Lofthouse
*/
final class PrivilegedServerMechanism implements HttpServerAuthenticationMechanism {
private final HttpServerAuthenticationMechanism mechanism;
private final AccessControlContext accessControlContext;
/**
* Construct a new instance of {@code PrivilegedServerMechanism}.
*
* @param mechanism the mechanism to be wrapped.
* @param accessControlContext the {@link AccessControlContext} to use for calls to the wrapped mechanism.
*/
PrivilegedServerMechanism(final HttpServerAuthenticationMechanism mechanism, final AccessControlContext accessControlContext) {
this.mechanism = checkNotNullParam("mechanism", mechanism);
this.accessControlContext = checkNotNullParam("accessControlContext", accessControlContext);
}
/**
* @see org.wildfly.security.http.HttpServerAuthenticationMechanism#getMechanismName()
*/
@Override
public String getMechanismName() {
return mechanism.getMechanismName();
}
/**
* @see org.wildfly.security.http.HttpServerAuthenticationMechanism#evaluateRequest(org.wildfly.security.http.HttpServerRequest)
*/
@Override
public void evaluateRequest(final HttpServerRequest request) throws HttpAuthenticationException {
try {
AccessController.doPrivileged((PrivilegedExceptionAction) () -> {
mechanism.evaluateRequest(new HttpServerRequestWrapper(request));
return null;
}, accessControlContext);
} catch (PrivilegedActionException pae) {
try {
throw pae.getCause();
} catch (HttpAuthenticationException | RuntimeException | Error e) {
throw e;
} catch (Throwable throwable) {
throw new UndeclaredThrowableException(throwable);
}
}
}
@Override
public Object getNegotiatedProperty(String propertyName) {
return mechanism.getNegotiatedProperty(propertyName);
}
@Override
public T getNegotiationProperty(String propertyName, Class type) {
return mechanism.getNegotiationProperty(propertyName, type);
}
private HttpServerMechanismsResponder wrap(final HttpServerMechanismsResponder toWrap) {
return toWrap != null ? (HttpServerResponse r) ->
{
try {
AccessController.doPrivileged((PrivilegedExceptionAction) () -> {
toWrap.sendResponse(r);
return null;
}
, accessControlContext);
} catch (PrivilegedActionException e) {
if (e.getCause() instanceof HttpAuthenticationException) {
throw (HttpAuthenticationException) e.getCause();
}
throw new HttpAuthenticationException(e);
}
}
: null;
}
private class HttpServerRequestWrapper implements HttpServerRequest {
private final HttpServerRequest wrapped;
private HttpServerRequestWrapper(HttpServerRequest toWrap) {
wrapped = toWrap;
}
@Override
public List getRequestHeaderValues(String headerName) {
return wrapped.getRequestHeaderValues(headerName);
}
@Override
public String getFirstRequestHeaderValue(String headerName) {
return wrapped.getFirstRequestHeaderValue(headerName);
}
@Override
public SSLSession getSSLSession() {
return wrapped.getSSLSession();
}
@Override
public Certificate[] getPeerCertificates() {
return wrapped.getPeerCertificates();
}
@Override
public HttpScope getScope(Scope scope) {
return wrapped.getScope(scope);
}
@Override
public Collection getScopeIds(Scope scope) {
return wrapped.getScopeIds(scope);
}
@Override
public HttpScope getScope(Scope scope, String id) {
return wrapped.getScope(scope, id);
}
@Override
public void noAuthenticationInProgress(HttpServerMechanismsResponder responder) {
wrapped.noAuthenticationInProgress(wrap(responder));
}
@Override
public void authenticationInProgress(HttpServerMechanismsResponder responder) {
wrapped.authenticationInProgress(wrap(responder));
}
@Override
public void authenticationComplete(HttpServerMechanismsResponder responder) {
wrapped.authenticationComplete(wrap(responder));
}
@Override
public void authenticationComplete(HttpServerMechanismsResponder responder, Runnable logoutHandler) {
wrapped.authenticationComplete(responder, logoutHandler);
}
@Override
public void authenticationFailed(String message, HttpServerMechanismsResponder responder) {
wrapped.authenticationFailed(message, wrap(responder));
}
@Override
public void badRequest(HttpAuthenticationException failure, HttpServerMechanismsResponder responder) {
wrapped.badRequest(failure, wrap(responder));
}
@Override
public String getRequestMethod() {
return wrapped.getRequestMethod();
}
@Override
public URI getRequestURI() {
return wrapped.getRequestURI();
}
@Override
public String getRequestPath() {
return wrapped.getRequestPath();
}
@Override
public Map> getParameters() {
return wrapped.getParameters();
}
@Override
public Set getParameterNames() {
return wrapped.getParameterNames();
}
@Override
public List getParameterValues(String name) {
return wrapped.getParameterValues(name);
}
@Override
public String getFirstParameterValue(String name) {
return wrapped.getFirstParameterValue(name);
}
@Override
public List getCookies() {
return wrapped.getCookies();
}
@Override
public InputStream getInputStream() {
return wrapped.getInputStream();
}
@Override
public InetSocketAddress getSourceAddress() {
return wrapped.getSourceAddress();
}
@Override
public boolean suspendRequest() {
return wrapped.suspendRequest();
}
@Override
public boolean resumeRequest() {
return wrapped.resumeRequest();
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy