Package javax.security.jacc

Examples of javax.security.jacc.EJBMethodPermission

292
293
294
295
296
297
298
299
     */
    public void addPossibleEjbMethodPermissions(Permissions permissions, String ejbName, String methodInterface, Class clazz) throws OpenEJBException {
        if (clazz == null) return;
        for (java.lang.reflect.Method method : clazz.getMethods()) {
            String methodIface = ("LocalBean".equals(methodInterface) || "LocalBeanHome".equals(methodInterface)) ? null : methodInterface;
            permissions.add(new EJBMethodPermission(ejbName, methodIface, method));
        }
    }
View Full Code Here
95
96
97
98
99
100
101
102
103
104
105
            InterfaceType type = deploymentInfo.getInterfaceType(method.getDeclaringClass());

            String name = (type == null) ? null : type.getSpecName();

            Permission permission = new EJBMethodPermission(ejbName, name, method);

            AccessControlContext accessContext = ContextManager.getCurrentContext();

            if (permission != null) accessContext.checkPermission(permission);
View Full Code Here
175
176
177
178
179
180
181
182
183
184
185
        }

        // check if any security metadata was defined for the method.
        if (ejbMethodSecurityMetaData != null) {
            final MethodInterfaceType interfaceType = this.getMethodInterfaceType(ejbViewConfiguration.getMethodIntf());
            final EJBMethodPermission permission = new EJBMethodPermission(description.getEJBName(), methodIdentifier.getName(), interfaceType.name(), methodIdentifier.getParameterTypes());

            if (ejbMethodSecurityMetaData.isPermitAll()) {
                ejbJaccConfig.addPermit(permission);
            }
View Full Code Here
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
      Permissions uncheckedPermissions = null;
      Permissions excludedPermissions = null;
      HashMap rolePermissionsTable = null;

      EJBMethodPermission ejbmp = null;

      // phase 1
      Map mpMap = eDescriptor.getMethodPermissionsFromDD();
      if (mpMap != null) {

    Iterator mpIt = mpMap.keySet().iterator();

    while(mpIt.hasNext()) {

        MethodPermission mp = (MethodPermission)mpIt.next();

        Iterator mdIt = ((ArrayList) mpMap.get(mp)).iterator();

        while(mdIt.hasNext()) {

      MethodDescriptor md = (MethodDescriptor) mdIt.next();

      String mthdName = md.getName();
      String mthdIntf = md.getEjbClassSymbol();
      String mthdParams[] = md.getStyle() == 3 ?
          md.getParameterClassNames() : null;

      ejbmp = new EJBMethodPermission(eName,mthdName.equals("*") ?
              null : mthdName,
              mthdIntf,mthdParams);
      rolePermissionsTable =
          addToRolePermissionsTable(rolePermissionsTable,mp,ejbmp);

      uncheckedPermissions =
          addToUncheckedPermissions(uncheckedPermissions,mp,ejbmp);

      excludedPermissions =
          addToExcludedPermissions(excludedPermissions,mp,ejbmp);
        }
    }
      }

      // phase 2 - configures additional perms:
      //      . to optimize performance of Permissions.implies
      //      . to cause any uncovered methods to be unchecked

      Iterator mdIt = eDescriptor.getMethodDescriptors().iterator();
      while(mdIt.hasNext()) {

    MethodDescriptor md = (MethodDescriptor)mdIt.next();
    Method mthd = md.getMethod(eDescriptor);
    String mthdIntf = md.getEjbClassSymbol();

    if(mthd == null){
        continue;
    }

    if(mthdIntf == null || mthdIntf.equals("")) {
        _logger.severe("MethodDescriptor interface not defined - "+
           " ejbName: "+eName+
           " methodName: " +md.getName()+
           " methodParams: " +md.getParameterClassNames());
        continue;
    }

    ejbmp = new EJBMethodPermission(eName,mthdIntf,mthd);
 
    Iterator mpIt = eDescriptor.getMethodPermissionsFor(md).iterator();

    while(mpIt.hasNext()) {

View Full Code Here
641
642
643
644
645
646
647
648
649
650
651
  CachedPermission cp = null;
  Permission ejbmp = null;

  if (inv.invocationInfo == null || inv.invocationInfo.cachedPermission == null) {
      ejbmp = new EJBMethodPermission(ejbName,inv.getMethodInterface(),inv.method);
      cp = new CachedPermissionImpl(uncheckedMethodPermissionCache,ejbmp);
      if (inv.invocationInfo != null) {
    inv.invocationInfo.cachedPermission = cp;
    if (_logger.isLoggable(Level.FINE)){
        _logger.fine("JACC: permission initialized in InvocationInfo: EJBMethodPermission (Name) = "+ ejbmp.getName() + " (Action) = "+ ejbmp.getActions());
View Full Code Here
225
226
227
228
229
230
231
232
233
234
235
            InterfaceType type = deploymentInfo.getInterfaceType(method.getDeclaringClass());

            String name = (type == null)? null: type.getSpecName();

            Permission permission = new EJBMethodPermission(ejbName, name, method);

            if (permission != null) securityContext.acc.checkPermission(permission);

        } catch (AccessControlException e) {
            return false;
View Full Code Here
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
                } else {
                    methodParams = null;
                }

                // create the permission object
                EJBMethodPermission permission = new EJBMethodPermission(ejbName, methodName, methodIntf, methodParams);
                notAssigned = cullPermissions(notAssigned, permission);

                // if this is unchecked, mark it as unchecked; otherwise assign the roles
                if (unchecked) {
                    uncheckedPermissions.add(permission);
                } else {
                    for (String roleName : roleNames) {
                        Permissions permissions = (Permissions) rolePermissions.get(roleName);
                        if (permissions == null) {
                            permissions = new Permissions();
                            rolePermissions.put(roleName, permissions);
                        }
                        permissions.add(permission);
                    }
                }
            }

        }

        /**
         * JACC v1.0 section 3.1.5.2
         */
        for (MethodInfo method : ejbJar.excludeList) {
            if (!ejbName.equals(method.ejbName)) {
                continue;
            }

            // method name
            String methodName = method.methodName;
            // method interface
            String methodIntf = method.methodIntf;

            // method parameters
            String[] methodParams;
            if (method.methodParams != null) {
                List<String> paramList = method.methodParams;
                methodParams = paramList.toArray(new String[paramList.size()]);
            } else {
                methodParams = null;
            }

            // create the permission object
            EJBMethodPermission permission = new EJBMethodPermission(ejbName, methodName, methodIntf, methodParams);

            excludedPermissions.add(permission);
            notAssigned = cullPermissions(notAssigned, permission);
        }

View Full Code Here
250
251
252
253
254
255
256
257
     *          in case a class could not be found
     */
    public void addPossibleEjbMethodPermissions(Permissions permissions, String ejbName, String methodInterface, Class clazz) throws OpenEJBException {
        if (clazz == null) return;
        for (java.lang.reflect.Method method : clazz.getMethods()) {
            permissions.add(new EJBMethodPermission(ejbName, methodInterface, method));
        }
    }
View Full Code Here
288
289
290
291
292
293
294
295
296
297
298
            if (currentIdentity == null) {
                securityContext = threadContext.get(SecurityContext.class);
            } else {
                securityContext = new SecurityContext(currentIdentity.getSubject());
            }
            securityContext.acc.checkPermission(new EJBMethodPermission(ejbName, name, method));
        } catch (final AccessControlException e) {
            return false;
        }
        return true;
    }
View Full Code Here
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
                    } else {
                        methodParams = null;
                    }

                    // create the permission object
                    EJBMethodPermission permission = new EJBMethodPermission(ejbName, methodName, methodIntf, methodParams);

                    excludedPermissions.add(permission);
                    allExcludedPermissions.addAll(intersectPermissions(notAssigned, permission, false));
                }
            }
            /**
             * JACC v1.0 section 3.1.5.1
             */
            for (MethodPermission methodPermission : assemblyDescriptor.getMethodPermission()) {
                List<String> roleNames = methodPermission.getRoleName();
                boolean unchecked = methodPermission.getUnchecked();

                for (Method method : methodPermission.getMethod()) {
                    if (!ejbName.equals(method.getEjbName())) {
                        continue;
                    }

                    // method name
                    String methodName = method.getMethodName();
                    if ("*".equals(methodName)) {
                        // jacc uses null instead of *
                        methodName = null;
                    }
                    // method interface
                    String methodIntf = method.getMethodIntf() == null? null: method.getMethodIntf().toString();

                    // method parameters
                    String[] methodParams;
                    if (method.getMethodParams() != null) {
                        List<String> paramList = method.getMethodParams().getMethodParam();
                        methodParams = paramList.toArray(new String[paramList.size()]);
                    } else {
                        methodParams = null;
                    }

                    // create the permission object
                    EJBMethodPermission permission = new EJBMethodPermission(ejbName, methodName, methodIntf, methodParams);
                    Collection<Permission> culled = intersectPermissions(notAssigned, permission, true);
                    //does this intersect the excluded permissions?
                    int size = culled.size();
                    culled.removeAll(allExcludedPermissions);
                    if (size == culled.size()) {
View Full Code Here
TOP

Related Classes of javax.security.jacc.EJBMethodPermission

  • com.sun.enterprise.security.application.EJBSecurityManager
  • org.apache.geronimo.openejb.deployment.SecurityBuilder
  • org.apache.geronimo.openejb.GeronimoSecurityService
  • org.apache.geronimo.security.util.ConfigurationUtil
  • org.apache.openejb.assembler.classic.JaccPermissionsBuilder
  • org.apache.openejb.core.security.AbstractSecurityService
  • org.apache.openejb.core.security.SecurityServiceImpl
  • org.glassfish.ejb.security.application.EJBSecurityManager
  • org.hibernate.secure.internal.JACCConfiguration
  • org.hibernate.secure.internal.JACCPreDeleteEventListener
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.