Package org.jboss.metadata.ejb.spec

Examples of org.jboss.metadata.ejb.spec.MethodInterfaceType


                  else
                     params = null;
                  String methodName = mmd.getMethodName();
                  if (methodName != null && methodName.equals("*"))
                     methodName = null;
                  MethodInterfaceType miType = mmd.getMethodIntf();
                  String iface = miType != null ? miType.name() : null;
                  EJBMethodPermission p = new EJBMethodPermission(mmd.getEjbName(), methodName, iface, params);
                  if (perm.getUnchecked() != null)
                  {
                     pc.addToUncheckedPolicy(p);
                  }
                  else
                  {
                     Set<String> roles = perm.getRoles();
                     Iterator riter = roles.iterator();
                     while (riter.hasNext())
                     {
                        String role = (String) riter.next();
                        pc.addToRole(role, p);
                     }
                  }
               }
         }

      // Process the exclude-list MethodMetaData
      ExcludeListMetaData excluded = bean.getExcludeList();
      if (excluded != null)
      {
         MethodsMetaData methods = excluded.getMethods();
         if (methods != null)
            for (org.jboss.metadata.ejb.spec.MethodMetaData mmd : methods)
            {
               String[] params =
               {};
               if (mmd.getMethodParams() != null)
                  params = mmd.getMethodParams().toArray(params);
               else
                  params = null;
               String methodName = mmd.getMethodName();
               if (methodName != null && methodName.equals("*"))
                  methodName = null;
               MethodInterfaceType miType = mmd.getMethodIntf();
               String iface = miType != null ? miType.name() : null;
               EJBMethodPermission p = new EJBMethodPermission(mmd.getEjbName(), methodName, iface, params);
               pc.addToExcludedPolicy(p);
            }
      }

View Full Code Here


            String[] params = null;
            if (methodParams != null)
            {
               params = methodParams.toArray(params);
            }
            MethodInterfaceType methodIntf = methodMetaData.getMethodIntf();
            try
            {
               if (methodIntf != null)
               {
                  Class<?> declaringClass = this.getMethodInterface(cl, methodIntf);
View Full Code Here

            }
        }

        // check if any security metadata was defined for the method.
        if (ejbMethodSecurityMetaData != null) {
            final MethodInterfaceType interfaceType = this.getMethodInterfaceType(ejbViewConfiguration.getMethodIntf());
            final EJBMethodPermission permission = new EJBMethodPermission(description.getEJBName(), methodIdentifier.getName(), interfaceType.name(), methodIdentifier.getParameterTypes());

            if (ejbMethodSecurityMetaData.isPermitAll()) {
                ejbJaccConfig.addPermit(permission);
            }
View Full Code Here

        if (!this.viewClassName.equals(viewClassOfInvokedMethod) || !this.viewMethod.equals(invokedMethod)) {
            throw MESSAGES.failProcessInvocation(this.getClass().getName(), invokedMethod,viewClassOfInvokedMethod, viewMethod, viewClassName);
        }
        final EJBComponent ejbComponent = (EJBComponent) component;
        final ServerSecurityManager securityManager = ejbComponent.getSecurityManager();
        final MethodInterfaceType methodIntfType = this.getMethodInterfaceType(componentView.getPrivateData(MethodIntf.class));

        // set the JACC contextID before calling the security manager.
        final String previousContextID = setContextID(this.contextID);
        try {
            if (!securityManager.authorize(ejbComponent.getComponentName(), componentView.getProxyClass().getProtectionDomain().getCodeSource(),
                methodIntfType.name(), this.viewMethod, this.getMethodRolesAsPrincipals(), this.contextID))
                throw MESSAGES.invocationOfMethodNotAllowed(invokedMethod,ejbComponent.getComponentName());
        }
        finally {
            // reset the previous JACC contextID.
            setContextID(previousContextID);
View Full Code Here

                        String viewClassName = view.getViewClassName();
                        if (!component.isDenyAllApplicableToClass(viewClassName, ejbClassName)) {
                            denyOnAllViews = false;
                        } else {
                            EJBViewDescription ejbView = EJBViewDescription.class.cast(view);
                            MethodInterfaceType type = getMethodInterfaceType(ejbView.getMethodIntf());
                            EJBMethodPermission p = new EJBMethodPermission(ejbName, null, type.name(), null);
                            permissions.add(p);
                        }
                        if (!component.isPermitAllApplicableToClass(viewClassName, ejbClassName)) {
                            permitOnAllViews = false;
                        } else {
                            EJBViewDescription ejbView = EJBViewDescription.class.cast(view);
                            MethodInterfaceType type = getMethodInterfaceType(ejbView.getMethodIntf());
                            EJBMethodPermission p = new EJBMethodPermission(ejbName, null, type.name(), null);
                            uncheckedPermissions.add(p);
                        }
                        Set<String> roles = component.getRolesAllowedForClass(viewClassName, ejbClassName);
                        for (String role : roles) {
                            policyConfiguration.addToRole(role, new EJBMethodPermission(ejbName, null, null, null));
                        }

                        // check method level
                        Collection<EJBMethodIdentifier> methods = component.getDenyAllMethodsForView(viewClassName);
                        for (EJBMethodIdentifier method : methods) {
                            MethodIdentifier identifier = method.getMethodIdentifier();
                            EJBViewDescription ejbView = EJBViewDescription.class.cast(view);
                            MethodInterfaceType type = getMethodInterfaceType(ejbView.getMethodIntf());
                            EJBMethodPermission p = new EJBMethodPermission(ejbName, identifier.getName(), type.name(),
                                    identifier.getParameterTypes());
                            policyConfiguration.addToExcludedPolicy(p);
                        }
                        methods = component.getPermitAllMethodsForView(viewClassName);
                        for (EJBMethodIdentifier method : methods) {
                            MethodIdentifier identifier = method.getMethodIdentifier();
                            EJBViewDescription ejbView = EJBViewDescription.class.cast(view);
                            MethodInterfaceType type = getMethodInterfaceType(ejbView.getMethodIntf());
                            EJBMethodPermission p = new EJBMethodPermission(ejbName, identifier.getName(), type.name(),
                                    identifier.getParameterTypes());
                            policyConfiguration.addToUncheckedPolicy(p);
                        }
                        Map<EJBMethodIdentifier, Set<String>> rolesMap = component.getRolesAllowed(viewClassName);
                        for (Entry<EJBMethodIdentifier, Set<String>> entry : rolesMap.entrySet()) {
                            MethodIdentifier identifier = entry.getKey().getMethodIdentifier();
                            EJBViewDescription ejbView = EJBViewDescription.class.cast(view);
                            MethodInterfaceType type = getMethodInterfaceType(ejbView.getMethodIntf());
                            for (String role : entry.getValue()) {
                                EJBMethodPermission p = new EJBMethodPermission(ejbName, identifier.getName(), type.name(),
                                        identifier.getParameterTypes());
                                policyConfiguration.addToRole(role, p);
                            }
                        }
                    }
View Full Code Here

            assertEquals(1, roles.size());
            assertTrue(roles.contains("override"));
         }
         else if("Overriden".equals(ejbName))
         {
            MethodInterfaceType methodIntf = method.getMethodIntf();
            if(MethodInterfaceType.Local == methodIntf)
            {
               assertEquals(1, roles.size());
               assertTrue(roles.contains("original"));              
            }
View Full Code Here

        if (!this.viewClassName.equals(viewClassOfInvokedMethod) || !this.viewMethod.equals(invokedMethod)) {
            throw EjbLogger.ROOT_LOGGER.failProcessInvocation(this.getClass().getName(), invokedMethod, viewClassOfInvokedMethod, viewMethod, viewClassName);
        }
        final EJBComponent ejbComponent = (EJBComponent) component;
        final ServerSecurityManager securityManager = ejbComponent.getSecurityManager();
        final MethodInterfaceType methodIntfType = this.getMethodInterfaceType(componentView.getPrivateData(MethodIntf.class));

        // set the JACC contextID before calling the security manager.
        final String previousContextID = setContextID(this.contextID);
        try {
            if(WildFlySecurityManager.isChecking()) {
                try {
                    AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
                        @Override
                        public ProtectionDomain run() {

                            if (!securityManager.authorize(ejbComponent.getComponentName(), componentView.getProxyClass().getProtectionDomain().getCodeSource(),
                                    methodIntfType.name(), AuthorizationInterceptor.this.viewMethod, AuthorizationInterceptor.this.getMethodRolesAsPrincipals(), AuthorizationInterceptor.this.contextID)) {
                                throw EjbLogger.ROOT_LOGGER.invocationOfMethodNotAllowed(invokedMethod,ejbComponent.getComponentName());
                            }
                            return null;
                        }
                    });
                } catch (PrivilegedActionException e) {
                    throw e.getException();
                }
            } else {
                if (!securityManager.authorize(ejbComponent.getComponentName(), componentView.getProxyClass().getProtectionDomain().getCodeSource(),
                        methodIntfType.name(), this.viewMethod, this.getMethodRolesAsPrincipals(), this.contextID)) {
                    throw EjbLogger.ROOT_LOGGER.invocationOfMethodNotAllowed(invokedMethod,ejbComponent.getComponentName());
                }
            }
            // successful authorization, let the invocation proceed
            return context.proceed();
View Full Code Here

            }
        }

        // check if any security metadata was defined for the method.
        if (ejbMethodSecurityMetaData != null) {
            final MethodInterfaceType interfaceType = this.getMethodInterfaceType(ejbViewConfiguration.getMethodIntf());
            final EJBMethodPermission permission = new EJBMethodPermission(description.getEJBName(), methodIdentifier.getName(), interfaceType.name(), methodIdentifier.getParameterTypes());

            if (ejbMethodSecurityMetaData.isPermitAll()) {
                ejbJaccConfig.addPermit(permission);
            }
View Full Code Here

                viewClass = classIndex.classIndex(viewClassName);
            } catch (ClassNotFoundException e) {
                throw EjbMessages.MESSAGES.failToLoadEjbViewClass(e);
            }
            MethodIntf methodIntf = ((EJBViewDescription) view).getMethodIntf();
            MethodInterfaceType type = getMethodInterfaceType(methodIntf);
            EJBMethodSecurityAttribute classLevel = perms.getClassLevelAttribute(ejbClassName);
            if (classLevel != null && !classLevel.isDenyAll()) {
                denyOnAllViews = false;
            } else {
                EJBMethodPermission p = new EJBMethodPermission(ejbName, null, type.name(), null);
                permissions.add(p);
            }
            if (classLevel != null && !classLevel.isPermitAll()) {
                permitOnAllViews = false;
            } else {
                EJBMethodPermission p = new EJBMethodPermission(ejbName, null, type.name(), null);
                uncheckedPermissions.add(p);
            }
            if (classLevel != null) {
                for (String role : classLevel.getRolesAllowed()) {
                    config.addRole(role, new EJBMethodPermission(ejbName, null, null, null));
                }
            }

            for (Method method : viewClass.getClassMethods()) {
                final MethodIdentifier identifier = MethodIdentifier.getIdentifierForMethod(method);
                EJBMethodSecurityAttribute methodLevel = component.getDescriptorMethodPermissions().getAttribute(methodIntf, method.getDeclaringClass().getName(), method.getName(), identifier.getParameterTypes());
                // check method level
                if (methodLevel == null) {
                    methodLevel = component.getAnnotationMethodPermissions().getAttribute(methodIntf, method.getDeclaringClass().getName(), method.getName(), identifier.getParameterTypes());
                    if (methodLevel == null) {
                        continue;
                    }
                }
                EJBMethodPermission p = new EJBMethodPermission(ejbName, identifier.getName(), type.name(), identifier.getParameterTypes());

                if (methodLevel.isDenyAll()) {
                    config.addDeny(p);
                }
                if (methodLevel.isPermitAll()) {
View Full Code Here

                  else
                     params = null;
                  String methodName = mmd.getMethodName();
                  if (methodName != null && methodName.equals("*"))
                     methodName = null;
                  MethodInterfaceType miType = mmd.getMethodIntf();
                  String iface = miType != null ? miType.name() : null;
                  EJBMethodPermission p = new EJBMethodPermission(mmd.getEjbName(), methodName, iface, params);
                  if (perm.getUnchecked() != null)
                  {
                     pc.addToUncheckedPolicy(p);
                  }
                  else
                  {
                     Set<String> roles = perm.getRoles();
                     Iterator riter = roles.iterator();
                     while (riter.hasNext())
                     {
                        String role = (String) riter.next();
                        pc.addToRole(role, p);
                     }
                  }
               }
         }

      // Process the exclude-list MethodMetaData
      ExcludeListMetaData excluded = bean.getExcludeList();
      if (excluded != null)
      {
         MethodsMetaData methods = excluded.getMethods();
         if (methods != null)
            for (org.jboss.metadata.ejb.spec.MethodMetaData mmd : methods)
            {
               String[] params =
               {};
               if (mmd.getMethodParams() != null)
                  params = mmd.getMethodParams().toArray(params);
               else
                  params = null;
               String methodName = mmd.getMethodName();
               if (methodName != null && methodName.equals("*"))
                  methodName = null;
               MethodInterfaceType miType = mmd.getMethodIntf();
               String iface = miType != null ? miType.name() : null;
               EJBMethodPermission p = new EJBMethodPermission(mmd.getEjbName(), methodName, iface, params);
               pc.addToExcludedPolicy(p);
            }
      }

View Full Code Here

TOP

Related Classes of org.jboss.metadata.ejb.spec.MethodInterfaceType

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.