[jboss-cvs] JBossAS SVN: r63504 - in projects/security/security-jboss-sx/trunk/src/main/org/jboss/security: jacc and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Jun 13 15:23:54 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-06-13 15:23:54 -0400 (Wed, 13 Jun 2007)
New Revision: 63504
Modified:
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/SecurityAssociation.java
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/jacc/SubjectPolicyContextHandler.java
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContext.java
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContextUtil.java
Log:
SECURITY-62: differentiate incoming/outgoing runas
Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/SecurityAssociation.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/SecurityAssociation.java 2007-06-13 19:23:32 UTC (rev 63503)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/SecurityAssociation.java 2007-06-13 19:23:54 UTC (rev 63504)
@@ -680,7 +680,7 @@
SecurityContext sc = SecurityContextAssociation.getSecurityContext();
if( sc != null)
{
- sc.setRunAs(runAs);
+ sc.setOutgoingRunAs(runAs);
}
}
@@ -700,8 +700,8 @@
RunAsIdentity ra = null;
if( sc != null)
{
- ra = (RunAsIdentity) sc.getRunAs();
- sc.setRunAs(null);
+ ra = (RunAsIdentity) sc.getOutgoingRunAs();
+ sc.setOutgoingRunAs(null);
}
return ra;
}
@@ -717,7 +717,7 @@
SecurityContext sc = SecurityContextAssociation.getSecurityContext();
if( sc != null)
{
- ra = (RunAsIdentity) sc.getRunAs();
+ ra = (RunAsIdentity) sc.getOutgoingRunAs();
}
return ra;
}
@@ -743,7 +743,7 @@
RunAsIdentity ra = null;
if( sc != null)
{
- ra = (RunAsIdentity) sc.getUtil().getCallerRunAs();
+ ra = (RunAsIdentity) sc.getIncomingRunAs();
}
return ra;
}
Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/jacc/SubjectPolicyContextHandler.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/jacc/SubjectPolicyContextHandler.java 2007-06-13 19:23:32 UTC (rev 63503)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/jacc/SubjectPolicyContextHandler.java 2007-06-13 19:23:54 UTC (rev 63504)
@@ -61,7 +61,7 @@
if(si != null)
{
Subject activeSubject = si.getAuthenticatedSubject();
- RunAsIdentity callerRunAsIdentity = (RunAsIdentity)sc.getUtil().get(CALLER_RAI_IDENTIFIER);
+ RunAsIdentity callerRunAsIdentity = (RunAsIdentity)sc.getIncomingRunAs();
if( activeSubject != null )
{
Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContext.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContext.java 2007-06-13 19:23:32 UTC (rev 63503)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContext.java 2007-06-13 19:23:54 UTC (rev 63504)
@@ -46,7 +46,8 @@
protected SubjectInfo subjectInfo = null;
- protected RunAs configuredRunAs = null;
+ protected RunAs incomingRunAs = null;
+ protected RunAs outgoingRunAs = null;
public JBossSecurityContext(String securityDomain)
{
@@ -105,22 +106,38 @@
public MappingManager getMappingManager()
{
return new JBossMappingManager(this.securityDomain);
- }
+ }
+
+ /**
+ * @see SecurityContext#getOutgoingRunAs()
+ */
+ public RunAs getIncomingRunAs()
+ {
+ return this.incomingRunAs;
+ }
/**
- * @see SecurityContext#getRunAs()
+ * @see SecurityContext#setOutgoingRunAs(RunAs)
*/
- public RunAs getRunAs()
+ public void setIncomingRunAs(RunAs runAs)
{
- return this.configuredRunAs;
+ this.incomingRunAs = runAs;
+ }
+
+ /**
+ * @see SecurityContext#getOutgoingRunAs()
+ */
+ public RunAs getOutgoingRunAs()
+ {
+ return this.outgoingRunAs;
}
/**
- * @see SecurityContext#setRunAs(RunAs)
+ * @see SecurityContext#setOutgoingRunAs(RunAs)
*/
- public void setRunAs(RunAs runAs)
+ public void setOutgoingRunAs(RunAs runAs)
{
- this.configuredRunAs = runAs;
+ this.outgoingRunAs = runAs;
}
/**
Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContextUtil.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContextUtil.java 2007-06-13 19:23:32 UTC (rev 63503)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContextUtil.java 2007-06-13 19:23:54 UTC (rev 63504)
@@ -58,7 +58,7 @@
{
validateSecurityContext();
if(RUNAS_IDENTITY_IDENTIFIER.equals(key))
- return (T)securityContext.getRunAs();
+ return (T)securityContext.getOutgoingRunAs();
else
return (T) securityContext.getData().get(key);
}
@@ -134,9 +134,9 @@
Map<String,Object> contextMap = securityContext.getData();
if(RUNAS_IDENTITY_IDENTIFIER.equals(key))
{
- RunAs runAs = securityContext.getRunAs();
+ RunAs runAs = securityContext.getOutgoingRunAs();
//Move the caller RAI to current RAI
- securityContext.setRunAs((RunAs) contextMap.get(CALLER_RAI_IDENTIFIER));
+ securityContext.setOutgoingRunAs((RunAs) contextMap.get(CALLER_RAI_IDENTIFIER));
//Clear the Caller RAI
contextMap.remove(CALLER_RAI_IDENTIFIER);
@@ -144,23 +144,8 @@
}
return (T) contextMap.remove(key);
}
-
- @Override
- public RunAs getCallerRunAs()
- {
- validateSecurityContext();
- return (RunAs) securityContext.getData().get(CALLER_RAI_IDENTIFIER);
- }
@Override
- public void setCallerRunAs(RunAs runAs)
- {
- validateSecurityContext();
- securityContext.getData().put(CALLER_RAI_IDENTIFIER, runAs);
- }
-
-
- @Override
public <T> void setRoles(T roles)
{
validateSecurityContext();
@@ -173,15 +158,15 @@
{
createSubjectInfo(sidentity.getPrincipal(), sidentity.getCredential(),
sidentity.getSubject());
- securityContext.setRunAs(sidentity.getRunAs());
- setCallerRunAs(sidentity.getCallerRunAs());
+ securityContext.setOutgoingRunAs(sidentity.getOutgoingRunAs());
+ securityContext.setIncomingRunAs(sidentity.getIncomingRunAs());
}
@Override
public SecurityIdentity getSecurityIdentity()
{
- return new SecurityIdentity(securityContext.getSubjectInfo(), securityContext.getRunAs(),
- getCallerRunAs());
+ return new SecurityIdentity(securityContext.getSubjectInfo(),
+ securityContext.getOutgoingRunAs(), securityContext.getIncomingRunAs());
}
@@ -191,10 +176,10 @@
Map<String,Object> contextMap = securityContext.getData();
//Move the current RAI on the sc into the caller rai
- RunAs currentRA = securityContext.getRunAs();
+ RunAs currentRA = securityContext.getOutgoingRunAs();
contextMap.put(CALLER_RAI_IDENTIFIER, currentRA);
- securityContext.setRunAs(rai);
+ securityContext.setOutgoingRunAs(rai);
}
More information about the jboss-cvs-commits
mailing list