private ServiceLoader(Class svc, ClassLoader cl) { Service = Objects.RequireNonNull(svc, "Service interface cannot be null"); Loader = (cl == null) ? ClassLoader.SystemClassLoader : cl; Acc = (System.SecurityManager != null) ? AccessController.Context : null; Reload(); }
public AuthorizeCardHandler( DeviceController deviceController, AccessControlContext context) { _deviceController = deviceController; _context = context; }
/// <summary> /// Version for InnocuousForkJoinWorkerThread /// </summary> internal ForkJoinWorkerThread(ForkJoinPool pool, ThreadGroup threadGroup, AccessControlContext acc) : base(threadGroup, null, "aForkJoinWorkerThread") { U.putOrderedObject(this, INHERITEDACCESSCONTROLCONTEXT, acc); EraseThreadLocals(); // clear before registering this.Pool_Renamed = pool; this.WorkQueue = pool.RegisterWorker(this); }
/// <summary> /// Implements the SPNEGO authentication sequence interaction using the current default principal /// in the Kerberos cache (normally set via kinit). /// </summary> /// <param name="token">the authentication token being used for the user.</param> /// <exception cref="System.IO.IOException">if an IO error occurred.</exception> /// <exception cref="AuthenticationException">if an authentication error occurred.</exception> /// <exception cref="Org.Apache.Hadoop.Security.Authentication.Client.AuthenticationException /// "/> private void DoSpnegoSequence(AuthenticatedURL.Token token) { try { AccessControlContext context = AccessController.GetContext(); Subject subject = Subject.GetSubject(context); if (subject == null || (subject.GetPrivateCredentials <KerberosKey>().IsEmpty() && subject.GetPrivateCredentials <KerberosTicket>().IsEmpty())) { Log.Debug("No subject in context, logging in"); subject = new Subject(); LoginContext login = new LoginContext(string.Empty, subject, null, new KerberosAuthenticator.KerberosConfiguration ()); login.Login(); } if (Log.IsDebugEnabled()) { Log.Debug("Using subject: " + subject); } Subject.DoAs(subject, new _PrivilegedExceptionAction_287(this)); } catch (PrivilegedActionException ex) { // Loop while the context is still not established throw new AuthenticationException(ex.GetException()); } catch (LoginException ex) { throw new AuthenticationException(ex); } AuthenticatedURL.ExtractToken(conn, token); }
/// <summary> /// Extract the appropriate property value from the event and /// pass it to the action associated with /// this <code>EventHandler</code>. /// </summary> /// <param name="proxy"> the proxy object </param> /// <param name="method"> the method in the listener interface </param> /// <returns> the result of applying the action to the target /// </returns> /// <seealso cref= EventHandler </seealso> //JAVA TO C# CONVERTER WARNING: 'final' parameters are not allowed in .NET: //ORIGINAL LINE: public Object invoke(final Object proxy, final Method method, final Object[] arguments) public virtual Object Invoke(Object proxy, Method method, Object[] arguments) { AccessControlContext acc = this.Acc; if ((acc == null) && (System.SecurityManager != null)) { throw new SecurityException("AccessControlContext is not set"); } return(AccessController.doPrivileged(new PrivilegedActionAnonymousInnerClassHelper(this, proxy, method, arguments), acc)); }
/// <summary> /// Reads the menu component from an object input stream. /// </summary> /// <param name="s"> the <code>ObjectInputStream</code> to read </param> /// <exception cref="HeadlessException"> if /// <code>GraphicsEnvironment.isHeadless</code> returns /// <code>true</code> /// @serial </exception> /// <seealso cref= java.awt.GraphicsEnvironment#isHeadless </seealso> //JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in .NET: //ORIGINAL LINE: private void readObject(java.io.ObjectInputStream s) throws ClassNotFoundException, java.io.IOException, HeadlessException private void ReadObject(ObjectInputStream s) { GraphicsEnvironment.CheckHeadless(); Acc = AccessController.Context; s.DefaultReadObject(); AppContext = AppContext.AppContext; }
/// <summary> /// Creates a new instance of URLClassLoader for the specified /// URLs and default parent class loader. If a security manager is /// installed, the {@code loadClass} method of the URLClassLoader /// returned by this method will invoke the /// {@code SecurityManager.checkPackageAccess} before /// loading the class. /// </summary> /// <param name="urls"> the URLs to search for classes and resources </param> /// <exception cref="NullPointerException"> if {@code urls} is {@code null}. </exception> /// <returns> the resulting class loader </returns> //JAVA TO C# CONVERTER WARNING: 'final' parameters are not allowed in .NET: //ORIGINAL LINE: public static URLClassLoader newInstance(final URL[] urls) public static URLClassLoader NewInstance(URL[] urls) { // Save the caller's context //JAVA TO C# CONVERTER WARNING: The original Java variable was marked 'final': //ORIGINAL LINE: final java.security.AccessControlContext acc = java.security.AccessController.getContext(); AccessControlContext acc = AccessController.Context; // Need a privileged block to create the class loader URLClassLoader ucl = AccessController.doPrivileged(new PrivilegedActionAnonymousInnerClassHelper5(urls, acc)); return(ucl); }
/// <summary> /// Constructs a new URLClassLoader for the specified URLs using the /// default delegation parent {@code ClassLoader}. The URLs will /// be searched in the order specified for classes and resources after /// first searching in the parent class loader. Any URL that ends with /// a '/' is assumed to refer to a directory. Otherwise, the URL is /// assumed to refer to a JAR file which will be downloaded and opened /// as needed. /// /// <para>If there is a security manager, this method first /// calls the security manager's {@code checkCreateClassLoader} method /// to ensure creation of a class loader is allowed. /// /// </para> /// </summary> /// <param name="urls"> the URLs from which to load classes and resources /// </param> /// <exception cref="SecurityException"> if a security manager exists and its /// {@code checkCreateClassLoader} method doesn't allow /// creation of a class loader. </exception> /// <exception cref="NullPointerException"> if {@code urls} is {@code null}. </exception> /// <seealso cref= SecurityManager#checkCreateClassLoader </seealso> public URLClassLoader(URL[] urls) : base() { // this is to make the stack depth consistent with 1.1 SecurityManager security = System.SecurityManager; if (security != null) { security.CheckCreateClassLoader(); } Ucp = new URLClassPath(urls); this.Acc = AccessController.Context; }
/// <summary> /// Constructs a new URLClassLoader for the specified URLs, parent /// class loader, and URLStreamHandlerFactory. The parent argument /// will be used as the parent class loader for delegation. The /// factory argument will be used as the stream handler factory to /// obtain protocol handlers when creating new jar URLs. /// /// <para>If there is a security manager, this method first /// calls the security manager's {@code checkCreateClassLoader} method /// to ensure creation of a class loader is allowed. /// /// </para> /// </summary> /// <param name="urls"> the URLs from which to load classes and resources </param> /// <param name="parent"> the parent class loader for delegation </param> /// <param name="factory"> the URLStreamHandlerFactory to use when creating URLs /// </param> /// <exception cref="SecurityException"> if a security manager exists and its /// {@code checkCreateClassLoader} method doesn't allow /// creation of a class loader. </exception> /// <exception cref="NullPointerException"> if {@code urls} is {@code null}. </exception> /// <seealso cref= SecurityManager#checkCreateClassLoader </seealso> public URLClassLoader(URL[] urls, ClassLoader parent, URLStreamHandlerFactory factory) : base(parent) { // this is to make the stack depth consistent with 1.1 SecurityManager security = System.SecurityManager; if (security != null) { security.CheckCreateClassLoader(); } Ucp = new URLClassPath(urls, factory); Acc = AccessController.Context; }
internal URLClassLoader(URL[] urls, ClassLoader parent, AccessControlContext acc) : base(parent) { // this is to make the stack depth consistent with 1.1 SecurityManager security = System.SecurityManager; if (security != null) { security.CheckCreateClassLoader(); } Ucp = new URLClassPath(urls); this.Acc = acc; }
internal PrivilegedThreadFactory() : base() { SecurityManager sm = System.SecurityManager; if (sm != null) { // Calls to getContextClassLoader from this class // never trigger a security check, but we check // whether our callers have this permission anyways. sm.CheckPermission(SecurityConstants.GET_CLASSLOADER_PERMISSION); // Fail fast sm.CheckPermission(new RuntimePermission("setContextClassLoader")); } this.Acc = AccessController.Context; this.Ccl = Thread.CurrentThread.ContextClassLoader; }
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in .NET: //ORIGINAL LINE: Object invoke() throws Exception internal virtual Object Invoke() { AccessControlContext acc = this.Acc; if ((acc == null) && (System.SecurityManager != null)) { throw new SecurityException("AccessControlContext is not set"); } try { return(AccessController.doPrivileged(new PrivilegedExceptionActionAnonymousInnerClassHelper(this), acc)); } catch (PrivilegedActionException exception) { throw exception.Exception; } }
internal PrivilegedCallableUsingCurrentClassLoader(Callable <T> task) { SecurityManager sm = System.SecurityManager; if (sm != null) { // Calls to getContextClassLoader from this class // never trigger a security check, but we check // whether our callers have this permission anyways. sm.CheckPermission(SecurityConstants.GET_CLASSLOADER_PERMISSION); // Whether setContextClassLoader turns out to be necessary // or not, we fail fast if permission is not available. sm.CheckPermission(new RuntimePermission("setContextClassLoader")); } this.Task = task; this.Acc = AccessController.Context; this.Ccl = Thread.CurrentThread.ContextClassLoader; }
//JAVA TO C# CONVERTER WARNING: 'final' parameters are not allowed in .NET: //ORIGINAL LINE: @Override public <T> T doIntersectionPrivilege(PrivilegedAction<T> action, final AccessControlContext stack, final AccessControlContext context) public override T doIntersectionPrivilege <T>(PrivilegedAction <T> action, AccessControlContext stack, AccessControlContext context) { if (action == null) { throw new NullPointerException(); } return(AccessController.doPrivileged(action, GetCombinedACC(context, stack))); }
internal PrivilegedCallable(Callable <T> task) { this.Task = task; this.Acc = AccessController.Context; }
public override T doIntersectionPrivilege <T>(PrivilegedAction <T> action, AccessControlContext context) { return(DoIntersectionPrivilege(action, AccessController.Context, context)); }
public PrivilegedActionAnonymousInnerClassHelper5(java.net.URL[] urls, AccessControlContext acc) { this.Urls = urls; this.Acc = acc; }
public PrivilegedActionAnonymousInnerClassHelper4(java.net.URL[] urls, java.lang.ClassLoader parent, AccessControlContext acc) { this.Urls = urls; this.Parent = parent; this.Acc = acc; }
protected override void Seed(AccessControlContext context) { var persons = new List <Person> { new Person { FirstName = "Riste", LastName = "Poposki", DateOfBirth = DateTime.Parse("2018-09-17"), EnrollmentDate = DateTime.Now }, new Person { FirstName = "Monkas", LastName = "Noob", DateOfBirth = DateTime.Parse("2018-06-01"), EnrollmentDate = DateTime.Now } }; persons.ForEach(s => context.Persons.Add(s)); context.SaveChanges(); var devices = new List <Device> { new Device { Type = DeviceType.Card, Code = "12345678", DateCreated = DateTime.Now, PersonID = 1 }, new Device { Type = DeviceType.KeyPadCode, Code = "1234", DateCreated = DateTime.Now, PersonID = 2 } }; devices.ForEach(s => context.Devices.Add(s)); context.SaveChanges(); var pointOfAccess = new List <PointOfAccess> { new PointOfAccess { Name = "DomaVrata", Location = "Skopje", DateCreated = DateTime.Now, }, new PointOfAccess { Name = "Garaza", Location = "Struga", DateCreated = DateTime.Now.AddDays(-5) }, }; pointOfAccess.ForEach(s => context.PointsOfAccess.Add(s)); context.SaveChanges(); var registrations = new List <Registration> { new Registration { PointOfAccessID = 1, DeviceID = 1, DateCreated = DateTime.Now, }, new Registration { PointOfAccessID = 1, DeviceID = 2, DateCreated = DateTime.Now, }, new Registration { PointOfAccessID = 2, DeviceID = 1, DateCreated = DateTime.Now, }, }; registrations.ForEach(s => context.Registrations.Add(s)); context.SaveChanges(); var logs = new List <EntryLog> { new EntryLog { PointOfAccessID = 1, DeviceID = 2, DateCreated = DateTime.Now.AddDays(-1), Success = true }, new EntryLog { PointOfAccessID = 2, DeviceID = 1, DateCreated = DateTime.Now.AddDays(-2), Success = false }, }; logs.ForEach(s => context.EntryLogs.Add(s)); context.SaveChanges(); }
internal FactoryURLClassLoader(URL[] urls, AccessControlContext acc) : base(urls, acc) { }
public ItemsController(AccessControlContext db) { this.db = db; }
public IdentitiesController(AccessControlContext db) { this.db = db; }
public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { if (!context.HttpContext.Request.Headers.TryGetValue("X-API-Key", out var extractedApiKey)) { context.Result = new ContentResult() { StatusCode = 401, Content = "'X-API-Key'-Header was not provided" }; return; } ApiKeyConfigurationEntry keyConfig = AccessSettings.Current.ApiKeys.Where(e => e.ApiKey.Equals(extractedApiKey)).SingleOrDefault(); if (keyConfig == null) { context.Result = new ContentResult() { StatusCode = 401, Content = "'X-API-Key'-Header doesn't contain a valid api key" }; return; } if (keyConfig.Expires > DateTime.MinValue && keyConfig.Expires < DateTime.Now) { context.Result = new ContentResult() { StatusCode = 401, Content = "the provided api key has expired" }; return; } if (keyConfig.AllowedHosts != null && keyConfig.AllowedHosts.Length > 0) { if (!keyConfig.AllowedHosts.Contains(context.HttpContext.Request.Host.Host.ToLower())) { context.Result = new ContentResult() { StatusCode = 401, Content = "access denied by firewall rules" }; return; } } using (var mac = new AccessControlContext()) { mac.AddPermissions(keyConfig.Permissions); mac.AddDeniedPermissions(keyConfig.DenyPermissions); mac.AddClearances(new { Institute = keyConfig.ScopeToExecutingInstituteIdentifier, Study = keyConfig.ScopeToStudyIdentifier, }); if (_RequiredPermissions.Length > 0) { foreach (string requiredPermission in _RequiredPermissions) { if (!mac.HasEffectivePermission(requiredPermission)) { context.Result = new ContentResult() { StatusCode = 401, Content = "missing permissions for this operation" }; return; } } } await next(); } }
internal static AccessControlContext GetCombinedACC(AccessControlContext context, AccessControlContext stack) { AccessControlContext acc = new AccessControlContext(context, stack.Combiner, true); return((new AccessControlContext(stack.Context, acc)).Optimize()); }
public static object doPrivileged(Type accessController, PrivilegedAction action, AccessControlContext context) { return(doPrivileged(accessController, action)); }
public AccessLogController(AccessControlContext db) { this.db = db; }