You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openwebbeans.apache.org by rm...@apache.org on 2018/11/02 16:36:40 UTC
svn commit: r1845609 -
/openwebbeans/meecrowave/trunk/meecrowave-core/src/main/java/org/apache/meecrowave/openwebbeans/MeecrowaveSecurityService.java
Author: rmannibucau
Date: Fri Nov 2 16:36:40 2018
New Revision: 1845609
URL: http://svn.apache.org/viewvc?rev=1845609&view=rev
Log:
MEECROWAVE-159 ensure MeecrowaveSecurityService is contextual
Modified:
openwebbeans/meecrowave/trunk/meecrowave-core/src/main/java/org/apache/meecrowave/openwebbeans/MeecrowaveSecurityService.java
Modified: openwebbeans/meecrowave/trunk/meecrowave-core/src/main/java/org/apache/meecrowave/openwebbeans/MeecrowaveSecurityService.java
URL: http://svn.apache.org/viewvc/openwebbeans/meecrowave/trunk/meecrowave-core/src/main/java/org/apache/meecrowave/openwebbeans/MeecrowaveSecurityService.java?rev=1845609&r1=1845608&r2=1845609&view=diff
==============================================================================
--- openwebbeans/meecrowave/trunk/meecrowave-core/src/main/java/org/apache/meecrowave/openwebbeans/MeecrowaveSecurityService.java (original)
+++ openwebbeans/meecrowave/trunk/meecrowave-core/src/main/java/org/apache/meecrowave/openwebbeans/MeecrowaveSecurityService.java Fri Nov 2 16:36:40 2018
@@ -18,11 +18,16 @@
*/
package org.apache.meecrowave.openwebbeans;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Proxy;
import java.security.Principal;
+import java.util.Objects;
import java.util.function.Supplier;
+import java.util.stream.Stream;
import javax.enterprise.inject.spi.BeanManager;
import javax.enterprise.inject.spi.CDI;
+import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
import org.apache.webbeans.config.WebBeansContext;
@@ -30,14 +35,39 @@ import org.apache.webbeans.corespi.secur
public class MeecrowaveSecurityService extends SimpleSecurityService {
private final boolean useWrapper;
+ private final Principal proxy;
public MeecrowaveSecurityService(final WebBeansContext context) {
useWrapper = "true".equalsIgnoreCase(context.getOpenWebBeansConfiguration()
.getProperty("org.apache.webbeans.component.PrincipalBean.proxy", "true"));
+ final ClassLoader loader = SimpleSecurityService.class.getClassLoader();
+ final Class<?>[] apiToProxy = Stream.concat(
+ Stream.of(Principal.class),
+ Stream.of(context.getOpenWebBeansConfiguration()
+ .getProperty("org.apache.webbeans.component.PrincipalBean.proxyApis", "org.eclipse.microprofile.jwt.JsonWebToken").split(","))
+ .map(String::trim)
+ .filter(it -> !it.isEmpty())
+ .map(it -> {
+ try { // if MP JWT-Auth is available
+ return loader.loadClass(it.trim());
+ } catch (final NoClassDefFoundError | ClassNotFoundException e) {
+ return null;
+ }
+ })).filter(Objects::nonNull).toArray(Class[]::new);
+ proxy = apiToProxy.length == 1 ? new MeecrowavePrincipal() : Principal.class.cast(
+ Proxy.newProxyInstance(loader, apiToProxy, (proxy, method, args) -> {
+ try {
+ return method.invoke(getCurrentPrincipal(), args);
+ } catch (final InvocationTargetException ite) {
+ throw ite.getTargetException();
+ }
+ }));
+
}
+
@Override // reason of that class
public Principal getCurrentPrincipal() {
- return useWrapper ? new MeecrowavePrincipal() : getUserPrincipal();
+ return useWrapper ? proxy : getUserPrincipal();
}
// ensure it is contextual
@@ -47,6 +77,11 @@ public class MeecrowaveSecurityService e
return unwrap().getName();
}
+ @Override
+ public boolean implies(final Subject subject) {
+ return unwrap().implies(subject);
+ }
+
private Principal unwrap() {
return getUserPrincipal();
}