[jboss-cvs] jboss-tomcat/src/main/org/jboss/web/tomcat/security ...
Anil Saldhana
anil.saldhana at jboss.com
Thu Jul 27 16:20:49 EDT 2006
User: asaldhana
Date: 06/07/27 16:20:49
Modified: src/main/org/jboss/web/tomcat/security JBossWebRealm.java
Log:
JBAS-3373: get the authorization manager for the security domain defined for the web app
Revision Changes Path
1.3 +39 -10 jboss-tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: JBossWebRealm.java
===================================================================
RCS file: /cvsroot/jboss/jboss-tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -b -r1.2 -r1.3
--- JBossWebRealm.java 17 Jul 2006 17:23:19 -0000 1.2
+++ JBossWebRealm.java 27 Jul 2006 20:20:49 -0000 1.3
@@ -52,7 +52,8 @@
import org.jboss.logging.Logger;
import org.jboss.metadata.SecurityRoleRefMetaData;
import org.jboss.metadata.WebMetaData;
-import org.jboss.mx.util.MBeanProxyExt;
+import org.jboss.mx.util.MBeanProxy;
+import org.jboss.mx.util.MBeanProxyCreationException;
import org.jboss.security.AuthorizationManager;
import org.jboss.security.CertificatePrincipal;
import org.jboss.security.RealmMapping;
@@ -67,7 +68,7 @@
import org.jboss.security.plugins.AuthorizationManagerServiceMBean;
import org.jboss.web.tomcat.security.authorization.WebResource;
-//$Id: JBossWebRealm.java,v 1.2 2006/07/17 17:23:19 asaldhana Exp $
+//$Id: JBossWebRealm.java,v 1.3 2006/07/27 20:20:49 asaldhana Exp $
/**
* Implementation of the Tomcat Realm Interface.
@@ -77,7 +78,7 @@
* subcontext to access the security manager interfaces for authentication.
* @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
* @since Jul 10, 2006
- * @version $Revision: 1.2 $
+ * @version $Revision: 1.3 $
*/
public class JBossWebRealm extends RealmBase
{
@@ -637,9 +638,13 @@
//*****************************************************************************
private int authorize(Map map)
{
+ AuthorizationManager authzMgr = this.getAuthorizationManager();
+ if(authzMgr == null)
+ throw new IllegalStateException("Authorization manager is null");
+
+ map.put(ResourceKeys.AUTHORIZATION_MANAGER, authzMgr);
Map readOnlyMap = Collections.unmodifiableMap(map);
WebResource webResource = new WebResource(readOnlyMap);
- AuthorizationManager authzMgr = this.getAuthorizationManager();
int permit = AuthorizationContext.DENY;
try
{
@@ -699,10 +704,34 @@
*/
private AuthorizationManager getAuthorizationManager()
{
- AuthorizationManagerServiceMBean mbean = (AuthorizationManagerServiceMBean)
- MBeanProxyExt.create(AuthorizationManagerServiceMBean.class,
+ //Get the app security domain if available
+ String appSecurityDomain = securityDomain;
+ try
+ {
+ SubjectSecurityManager ssm = (SubjectSecurityManager)getSecurityContext().lookup("securityMgr");
+ appSecurityDomain = ssm.getSecurityDomain();
+ }
+ catch(NamingException ne)
+ {
+ if(trace)
+ {
+ log.trace("Naming exception looking up security domain:",ne);
+ log.trace("Security Domain for Authorization Manager defaults to="+ securityDomain);
+ }
+ appSecurityDomain = securityDomain;
+ }
+ AuthorizationManagerServiceMBean mbean = null;
+ try
+ {
+ mbean = (AuthorizationManagerServiceMBean)
+ MBeanProxy.get(AuthorizationManagerServiceMBean.class,
AuthorizationManagerServiceMBean.OBJECT_NAME,this.mserver);
- return mbean.getAuthorizationManager(securityDomain);
+ }
+ catch (MBeanProxyCreationException e)
+ {
+ log.error("Cannot obtain proxy for AuthorizationManagerService",e);
+ }
+ return mbean != null ? mbean.getAuthorizationManager(appSecurityDomain): null;
}
private Context getSecurityContext()
More information about the jboss-cvs-commits
mailing list