security-context


Symfony2 : Why getToken return null when injecting SecurityContext in a TwigExtension?

孤街浪徒 提交于 2020-02-24 00:50:35
问题 I did exactly the answer from this post but the token property is null and the user is correctly logged in and the route is behind a firewall. Also, I am injecting the SecurityContext in other services and it works fine. services.xml : <service id="tc.extensions.relation_helper" class="TC\CoreBundle\Extensions\RelationHelperExtension"> <argument type="service" id="security.context" /> <tag name="twig.extension" /> </service> My extension: class RelationHelperExtension extends Twig_Extension {

Symfony2 : Why getToken return null when injecting SecurityContext in a TwigExtension?

核能气质少年 提交于 2020-02-24 00:49:11
问题 I did exactly the answer from this post but the token property is null and the user is correctly logged in and the route is behind a firewall. Also, I am injecting the SecurityContext in other services and it works fine. services.xml : <service id="tc.extensions.relation_helper" class="TC\CoreBundle\Extensions\RelationHelperExtension"> <argument type="service" id="security.context" /> <tag name="twig.extension" /> </service> My extension: class RelationHelperExtension extends Twig_Extension {

I don't know what SecurityContextHolder strategy to use

戏子无情 提交于 2019-12-25 01:27:14
问题 I use such code for authentication: @PreAuthorize("isAnonymous()") @RequestMapping(value = "/login", method = RequestMethod.POST) public String doLogin(HttpServletRequest request) { try { Authentication req = new UsernamePasswordAuthenticationToken(request.getParameter("name"), request.getParameter("password")); Authentication result = authenticationManager.authenticate(req); SecurityContextHolder.getContext().setAuthentication(result); logger.debug("Success login"); logger.debug

Is a SecurityContext shared between requests when using Spring Security?

十年热恋 提交于 2019-12-22 05:11:58
问题 I'm seeing some strange behaviour when using stateless token-based authentication on a rest API written using Spring Boot. The client includes a JWT token with each request, and a custom filter I've written that extends GenericFilterBean adds an Authentication object based on the claims in the token to the security context using the following : SecurityContextHolder.getContext().setAuthentication(authentication); And clears the context after processing the request by doing :

How to customize the behaviour of SecurityContextPersistenceFilter?

跟風遠走 提交于 2019-12-22 03:49:30
问题 I developing a stateless REST API that makes use of token based authentication, where I'm manually adding an Authentication object to the security context by calling SecurityContextHolder.getContext().setAuthentication(authentication) from within a custom security filter. I've been experiencing problems with the context not being set correctly which I believe is due to this : Storing the SecurityContext between requests In an application which receives concurrent requests in a single session,

How do I start a thread in a different security context?

强颜欢笑 提交于 2019-12-17 10:54:30
问题 How to start a thread in the security context of a different user? When a process starts a thread normally the security context is also passed but how to launch a thread in a different security context with the principal of a different user? 回答1: I believe that you can just set the CurrentPrincipal as first operation of the thread code after the thread has started, and only then begin to execute the code which is supposed to run with the other principal. This should take care of any .NET role

Wildfly, JAAS and SecurityContext

落花浮王杯 提交于 2019-12-13 07:17:18
问题 I'm still playin with Wildfly-9.0.1.Final and JAAS (see my previous question Wildfly and JAAS login module) in a web application that use a BASIC auth-method . While my custom login module works I got some problems about authorization. I use a RESTeasy RESTFul web service with annotation to test, here is the code: package it.bytebear.web.mongo; import it.bytebear.web.mongo.jaas.MongoModuleCallbackHandler; import it.bytebear.web.mongo.model.User; import java.security.Principal; import java

InitializeSecurityContext (Schannel) not changing BufferType

ぃ、小莉子 提交于 2019-12-08 11:58:56
问题 So i have following code: SecBuffer input_buffers[2]; SecBuffer output_buffers[2]; ULONG context_attributes; /* we need to try and perform the second (next) step of the init */ input_buffers[0].cbBuffer = tls_io_instance->received_byte_count; input_buffers[0].BufferType = SECBUFFER_TOKEN; input_buffers[0].pvBuffer = (void*)tls_io_instance->received_bytes; input_buffers[1].cbBuffer = 0; input_buffers[1].BufferType = SECBUFFER_EMPTY; input_buffers[1].pvBuffer = 0; SecBufferDesc input_buffers

Service not able to access a mapped drive

假装没事ソ 提交于 2019-12-04 20:32:28
I have read in many forums that mapped drives are not accessible from a service as no user is logged on. Question 1) I tried making my service as a log on - as some account and i had my network drive mapped in that very account. The service still cannot access it. Why? Question 2) From the same sevice, i invoke another process. Under what user account will the process run? Thanks 1) Use UNC paths instead, then you do not need access to mapped drive letters. As to why you cannot access them even when running in the same account, it is hard to say for sure without seeing your actual code. 2) it

How do I start a thread in a different security context?

六眼飞鱼酱① 提交于 2019-11-27 13:40:35
How to start a thread in the security context of a different user? When a process starts a thread normally the security context is also passed but how to launch a thread in a different security context with the principal of a different user? I believe that you can just set the CurrentPrincipal as first operation of the thread code after the thread has started, and only then begin to execute the code which is supposed to run with the other principal. This should take care of any .NET role-based checks. If you need impersonation as well for calls to the OS, you can impersonate the

工具导航Map