[jboss-cvs] JBossAS SVN: r58050 - branches/JEE5_TCK/ejb3/src/main/org/jboss/ejb3/security
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Nov 3 00:01:43 EST 2006
Author: anil.saldhana at jboss.com
Date: 2006-11-03 00:01:42 -0500 (Fri, 03 Nov 2006)
New Revision: 58050
Modified:
branches/JEE5_TCK/ejb3/src/main/org/jboss/ejb3/security/JaccHelper.java
Log:
EJBTHREE-776:consider RunAsIdentity of caller
Modified: branches/JEE5_TCK/ejb3/src/main/org/jboss/ejb3/security/JaccHelper.java
===================================================================
--- branches/JEE5_TCK/ejb3/src/main/org/jboss/ejb3/security/JaccHelper.java 2006-11-03 05:00:45 UTC (rev 58049)
+++ branches/JEE5_TCK/ejb3/src/main/org/jboss/ejb3/security/JaccHelper.java 2006-11-03 05:01:42 UTC (rev 58050)
@@ -28,6 +28,8 @@
import java.security.Policy;
import java.security.Principal;
import java.security.ProtectionDomain;
+import java.util.ArrayList;
+import java.util.Iterator;
import java.util.Set;
import javax.annotation.security.DeclareRoles;
@@ -48,6 +50,7 @@
import org.jboss.ejb3.EJBContainer;
import org.jboss.logging.Logger;
import org.jboss.security.RealmMapping;
+import org.jboss.security.RunAsIdentity;
/**
* JACC Helper class that created permissions as well as done the checks
@@ -298,22 +301,32 @@
Policy policy = Policy.getPolicy();
// Get the caller
Subject caller = SecurityActions.getContextSubject();
+
+ RunAsIdentity rai = SecurityActions.peekRunAsIdentity();
Principal[] principals = null;
- /*if (caller != null)
+ if(rai != null)
{
- // Get the caller principals
- Set principalsSet = caller.getPrincipals();
- principals = new Principal[principalsSet.size()];
- principalsSet.toArray(principals);
- }*/
+ Set runAsRoles = rai.getRunAsRoles();
+ principals = new Principal[runAsRoles.size()];
+ runAsRoles.toArray(principals);
+ }
+ else
+ {
+ /*if (caller != null)
+ {
+ // Get the caller principals
+ Set principalsSet = caller.getPrincipals();
+ principals = new Principal[principalsSet.size()];
+ principalsSet.toArray(principals);
+ }*/
+ //Get the current roles from the Authorization Manager
+ Principal callerP = SecurityActions.getCallerPrincipal();
+ Set principalSet = realmMapping.getUserRoles(callerP);
+ principals = new Principal[principalSet.size()];
+ principalSet.toArray(principals);
+ }
- //Get the current roles from the Authorization Manager
- Principal callerP = SecurityActions.getCallerPrincipal();
- Set principalSet = realmMapping.getUserRoles(callerP);
- principals = new Principal[principalSet.size()];
- principalSet.toArray(principals);
-
ProtectionDomain pd = new ProtectionDomain(ejbCS, null, null, principals);
if (policy.implies(pd, methodPerm) == false)
{
More information about the jboss-cvs-commits
mailing list