Examples of javax.security.jacc.EJBMethodPermission

javax.security.jacc.EJBMethodPermission
@version $Rev: 209985 $ $Date: 2005-07-09 21:22:20 -0600 (Sat, 09 Jul 2005) $

      
      //Am I iterating over the right thing here? Should I be using the stuff from 
      //Advisor.methodInterceptors instead?
      for(Method m : container.getBeanClass().getMethods())
      {
         EJBMethodPermission permission = new EJBMethodPermission(ejbName, null, m);
         log.trace("Creating permission: " + permission);


         PermitAll unchecked = (PermitAll) container.resolveAnnotation(m, PermitAll.class);
         RolesAllowed permissions = (RolesAllowed) container.resolveAnnotation(m, RolesAllowed.class);
         DenyAll exclude = (DenyAll) container.resolveAnnotation(m, DenyAll.class);

View Full Code Here


        Permissions uncheckedPermissions = null;
        Permissions excludedPermissions = null;
        HashMap rolePermissionsTable = null;


        EJBMethodPermission ejbmp = null;


        // phase 1
        Map mpMap = eDescriptor.getMethodPermissionsFromDD();
        if (mpMap != null) {


            Iterator mpIt = mpMap.entrySet().iterator();


            while (mpIt.hasNext()) {


                Map.Entry entry = (Map.Entry)mpIt.next();
                MethodPermission mp = (MethodPermission) entry.getKey();


                Iterator mdIt = ((ArrayList) entry.getValue()).iterator();


                while (mdIt.hasNext()) {


                    MethodDescriptor md = (MethodDescriptor) mdIt.next();


                    String mthdName = md.getName();
                    String mthdIntf = md.getEjbClassSymbol();
                    String mthdParams[] = md.getStyle() == 3 ?
                            md.getParameterClassNames() : null;


                    ejbmp = new EJBMethodPermission(eName, mthdName.equals("*") ?
                            null : mthdName,
                            mthdIntf, mthdParams);
                    rolePermissionsTable =
                            addToRolePermissionsTable(rolePermissionsTable, mp, ejbmp);


                    uncheckedPermissions =
                            addToUncheckedPermissions(uncheckedPermissions, mp, ejbmp);


                    excludedPermissions =
                            addToExcludedPermissions(excludedPermissions, mp, ejbmp);
                }
            }
        }


        // phase 2 - configures additional perms:
        //      . to optimize performance of Permissions.implies
        //      . to cause any uncovered methods to be unchecked


        Iterator mdIt = eDescriptor.getMethodDescriptors().iterator();
        while (mdIt.hasNext()) {


            MethodDescriptor md = (MethodDescriptor) mdIt.next();
            Method mthd = md.getMethod(eDescriptor);
            String mthdIntf = md.getEjbClassSymbol();


            if (mthd == null) {
                continue;
            }


            if (mthdIntf == null || mthdIntf.equals("")) {
                _logger.log(Level.SEVERE, "method_descriptor_not_defined" , new Object[] {eName,
                        md.getName(), md.getParameterClassNames()});


                continue;
            }


            ejbmp = new EJBMethodPermission(eName, mthdIntf, mthd);


            Iterator mpIt = eDescriptor.getMethodPermissionsFor(md).iterator();


            while (mpIt.hasNext()) {

View Full Code Here


        CachedPermission cp = null;
        Permission ejbmp = null;


        if (inv.invocationInfo == null || inv.invocationInfo.cachedPermission == null) {
            ejbmp = new EJBMethodPermission(ejbName, inv.getMethodInterface(), inv.method);
            cp = new CachedPermissionImpl(uncheckedMethodPermissionCache, ejbmp);
            if (inv.invocationInfo != null) {
                inv.invocationInfo.cachedPermission = cp;
                if (_logger.isLoggable(Level.FINE)) {
                    _logger.fine("JACC: permission initialized in InvocationInfo: EJBMethodPermission (Name) = " + ejbmp.getName() + " (Action) = " + ejbmp.getActions());

View Full Code Here

                } else {
                    methodParams = null;
                }


                // create the permission object
                final EJBMethodPermission permission = new EJBMethodPermission(ejbName, methodName, methodIntf, methodParams);
                notAssigned = cullPermissions(notAssigned, permission);


                // if this is unchecked, mark it as unchecked; otherwise assign the roles
                if (unchecked) {
                    uncheckedPermissions.add(permission);

View Full Code Here

        if (clazz == null) {
            return;
        }
        for (final Method method : clazz.getMethods()) {
            final String methodIface = "LocalBean".equals(methodInterface) || "LocalBeanHome".equals(methodInterface) ? null : methodInterface;
            permissions.add(new EJBMethodPermission(ejbName, methodIface, method));
        }
    }

View Full Code Here

            if (currentIdentity == null) {
                securityContext = threadContext.get(SecurityContext.class);
            } else {
                securityContext = new SecurityContext(currentIdentity.getSubject());
            }
            securityContext.acc.checkPermission(new EJBMethodPermission(ejbName, name, method));
        } catch (final AccessControlException e) {
            return false;
        }
        return true;
    }

View Full Code Here

    * @param sc
    * @return
    */
   private int process(Subject callerSubject, Role role) 
   {  
      EJBMethodPermission methodPerm = 
         new EJBMethodPermission(ejbName, methodInterface, ejbMethod); 
      boolean policyDecision = checkWithPolicy(methodPerm, callerSubject, role); 
      if( policyDecision == false )
      {
         String msg = "Denied: "+methodPerm+", caller=" + callerSubject+", role="+role;
         if(trace)

View Full Code Here

                } else {
                    methodParams = null;
                }


                // create the permission object
                EJBMethodPermission permission = new EJBMethodPermission(ejbName, methodName, methodIntf, methodParams);
                notAssigned = cullPermissions(notAssigned, permission);


                // if this is unchecked, mark it as unchecked; otherwise assign the roles
                if (unchecked) {
                    uncheckedPermissions.add(permission);

View Full Code Here

     *          in case a class could not be found
     */
    public void addPossibleEjbMethodPermissions(Permissions permissions, String ejbName, String methodInterface, Class clazz) throws OpenEJBException {
        if (clazz == null) return;
        for (java.lang.reflect.Method method : clazz.getMethods()) {
            permissions.add(new EJBMethodPermission(ejbName, methodInterface, method));
        }
    }

View Full Code Here

            MethodPermissionType methodPermission = methodPermissions[i];
            MethodType[] methods = methodPermission.getMethodArray();


            for (int j = 0; j < methods.length; j++) {
                MethodType method = methods[j];
                EJBMethodPermission permission = new EJBMethodPermission(method.getEjbName().getStringValue(),
                        method.getMethodName().getStringValue(),
                        method.getMethodIntf().getStringValue(),
                        toStringArray(method.getMethodParams().getMethodParamArray()));


                try {
                    if (methodPermission.getUnchecked() != null) {
                        configuration.addToUncheckedPolicy(permission);
                    } else {
                        RoleNameType[] roleNames = methodPermission.getRoleNameArray();


                        for (int k = 0; k < roleNames.length; k++) {
                            configuration.addToRole(roleNames[k].getStringValue(), permission);
                        }
                    }
                } catch (PolicyContextException e) {
                    throw new GeronimoSecurityException(e);
                }
            }
        }


        /**
         * Section 3.1.5.2
         */
        if (excludeList != null) {
            MethodType[] methods = excludeList.getMethodArray();
            try {
                for (int i = 0; i < methods.length; i++) {
                    EJBMethodPermission permission = new EJBMethodPermission(methods[i].getEjbName().getStringValue(),
                            methods[i].getMethodName().getStringValue(),
                            methods[i].getMethodIntf().getStringValue(),
                            toStringArray(methods[i].getMethodParams().getMethodParamArray()));
                    configuration.addToExcludedPolicy(permission);
                }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of javax.security.jacc.EJBMethodPermission

com.sun.enterprise.security.application.EJBSecurityManager

org.apache.geronimo.openejb.deployment.SecurityBuilder

org.apache.geronimo.openejb.GeronimoSecurityService

org.apache.geronimo.security.util.ConfigurationUtil

org.apache.openejb.assembler.classic.JaccPermissionsBuilder

org.apache.openejb.core.security.AbstractSecurityService

org.apache.openejb.core.security.SecurityServiceImpl

org.glassfish.ejb.security.application.EJBSecurityManager

org.hibernate.secure.internal.JACCConfiguration

org.hibernate.secure.internal.JACCPreDeleteEventListener

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.