XmlObject[] items = container.selectChildren(SECURITY_QNAME_SET);
if (items.length > 1) {
throw new DeploymentException("Unexpected count of security elements in geronimo plan " + items.length + " qnameset: " + SECURITY_QNAME_SET);
}
if (items.length == 1) {
GerSecurityType securityType;
try {
securityType = (GerSecurityType) XmlBeansUtil.typedCopy(items[0], GerSecurityType.type);
} catch (XmlException e) {
throw new DeploymentException("Could not validate security element", e);
}
Security security = buildSecurityConfig(securityType);
ClassLoader classLoader = applicationContext.getClassLoader();
SecurityConfiguration securityConfiguration = buildSecurityConfiguration(security, classLoader);
earContext.setSecurityConfiguration(securityConfiguration);
Naming naming = earContext.getNaming();
GBeanData roleMapperData = configureRoleMapper(naming, earContext.getModuleName(), securityConfiguration);
try {
earContext.addGBean(roleMapperData);
} catch (GBeanAlreadyExistsException e) {
throw new DeploymentException("Role mapper gbean already present", e);
}
AbstractNameQuery credentialStoreName;
if (securityType.isSetCredentialStoreRef()) {
PatternType credentialStoreType = securityType.getCredentialStoreRef();
credentialStoreName = SingleGBeanBuilder.buildAbstractNameQuery(credentialStoreType, NameFactory.GERONIMO_SERVICE, Collections.singleton(CredentialStore.class.getName()));
} else {
credentialStoreName = this.credentialStoreName;
}
GBeanData jaccBeanData = configureApplicationPolicyManager(naming, earContext.getModuleName(), earContext.getContextIDToPermissionsMap(), securityConfiguration, credentialStoreName);