[jboss-cvs] JBossAS SVN: r62678 - in trunk/server/src/main/org/jboss/ejb/plugins: cmp/jdbc/bridge and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue May 1 00:22:18 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-05-01 00:22:17 -0400 (Tue, 01 May 2007)
New Revision: 62678
Modified:
trunk/server/src/main/org/jboss/ejb/plugins/RunAsSecurityInterceptor.java
trunk/server/src/main/org/jboss/ejb/plugins/SecurityActions.java
trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/JDBCCMRFieldBridge.java
trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions.java
Log:
JBAS-4317: move the security context establishment to a separate interceptor
Modified: trunk/server/src/main/org/jboss/ejb/plugins/RunAsSecurityInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/RunAsSecurityInterceptor.java 2007-05-01 04:21:50 UTC (rev 62677)
+++ trunk/server/src/main/org/jboss/ejb/plugins/RunAsSecurityInterceptor.java 2007-05-01 04:22:17 UTC (rev 62678)
@@ -143,7 +143,9 @@
by this bean will have the runAsRole available for declarative
security checks.
*/
- SecurityActions.pushRunAsIdentity(runAsIdentity);
+
+ SecurityActions.pushRunAsIdentity(runAsIdentity);
+ SecurityActions.pushCallerRunAsIdentity(runAsIdentity);
try
{
Object returnValue = getNext().invoke(mi);
@@ -152,6 +154,7 @@
finally
{
SecurityActions.popRunAsIdentity();
+ SecurityActions.popCallerRunAsIdentity();
}
}
Modified: trunk/server/src/main/org/jboss/ejb/plugins/SecurityActions.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/SecurityActions.java 2007-05-01 04:21:50 UTC (rev 62677)
+++ trunk/server/src/main/org/jboss/ejb/plugins/SecurityActions.java 2007-05-01 04:22:17 UTC (rev 62678)
@@ -34,7 +34,6 @@
import org.jboss.security.RunAs;
import org.jboss.security.SecurityContext;
-import org.jboss.security.SubjectInfo;
import org.jboss.security.plugins.SecurityContextAssociation;
import org.jboss.security.plugins.SecurityContextFactory;
@@ -459,9 +458,9 @@
SecurityContext sc = getSecurityContext();
if(sc == null)
throw new IllegalStateException("Security Context is null");
- SubjectInfo si = sc.getSubjectInfo();
- if(si != null)
- si.setAuthenticatedSubject(null);
+ Principal p = sc.getUtil().getUserPrincipal();
+ Object cred = sc.getUtil().getCredential();
+ sc.getUtil().createSubjectInfo(p,cred,null);
return null;
}}
);
Modified: trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/JDBCCMRFieldBridge.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/JDBCCMRFieldBridge.java 2007-05-01 04:21:50 UTC (rev 62677)
+++ trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/JDBCCMRFieldBridge.java 2007-05-01 04:22:17 UTC (rev 62678)
@@ -1081,8 +1081,7 @@
{
try
{
- EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
- //SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
+ EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
SecurityContext sc = SecurityActions.getSecurityContext();
CMRInvocation invocation = new CMRInvocation();
@@ -1093,8 +1092,7 @@
invocation.setTransaction(tx);
invocation.setPrincipal(sc.getUtil().getUserPrincipal());
invocation.setCredential(sc.getUtil().getCredential());
- invocation.setType(InvocationType.LOCAL);
- invocation.setSecurityContext(sc);
+ invocation.setType(InvocationType.LOCAL);
return manager.getContainer().invoke(invocation);
}
catch(EJBException e)
@@ -1114,8 +1112,7 @@
{
try
{
- EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
- //SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
+ EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
SecurityContext sc = SecurityActions.getSecurityContext();
CMRInvocation invocation = new CMRInvocation();
@@ -1125,8 +1122,7 @@
invocation.setArguments(new Object[]{this});
invocation.setTransaction(tx);
invocation.setPrincipal(sc.getUtil().getUserPrincipal());
- invocation.setCredential(sc.getUtil().getCredential());
- invocation.setSecurityContext(sc);
+ invocation.setCredential(sc.getUtil().getCredential());
invocation.setType(InvocationType.LOCAL);
return manager.getContainer().invoke(invocation);
}
@@ -1148,8 +1144,7 @@
{
try
{
- EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
- //SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
+ EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
SecurityContext sc = SecurityActions.getSecurityContext();
CMRInvocation invocation = new CMRInvocation();
@@ -1159,8 +1154,7 @@
invocation.setArguments(new Object[]{this});
invocation.setTransaction(tx);
invocation.setPrincipal(sc.getUtil().getUserPrincipal());
- invocation.setCredential(sc.getUtil().getCredential());
- invocation.setSecurityContext(sc);
+ invocation.setCredential(sc.getUtil().getCredential());
invocation.setType(InvocationType.LOCAL);
return manager.getContainer().invoke(invocation);
}
@@ -1183,8 +1177,7 @@
try
{
SecurityContext sc = SecurityActions.getSecurityContext();
- EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
- //SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
+ EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
CMRInvocation invocation = new CMRInvocation();
invocation.setCmrMessage(CMRMessage.ADD_RELATION);
@@ -1194,8 +1187,7 @@
invocation.setTransaction(tx);
invocation.setPrincipal(sc.getUtil().getUserPrincipal());
invocation.setCredential(sc.getUtil().getCredential());
- invocation.setType(InvocationType.LOCAL);
- invocation.setSecurityContext(sc);
+ invocation.setType(InvocationType.LOCAL);
manager.getContainer().invoke(invocation);
}
catch(EJBException e)
@@ -1216,8 +1208,7 @@
{
try
{
- EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
- //SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
+ EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
SecurityContext sc = SecurityActions.getSecurityContext();
CMRInvocation invocation = new CMRInvocation();
@@ -1227,8 +1218,7 @@
invocation.setArguments(new Object[]{this, relatedId});
invocation.setTransaction(tx);
invocation.setPrincipal(sc.getUtil().getUserPrincipal());
- invocation.setCredential(sc.getUtil().getCredential());
- invocation.setSecurityContext(sc);
+ invocation.setCredential(sc.getUtil().getCredential());
invocation.setType(InvocationType.LOCAL);
manager.getContainer().invoke(invocation);
}
Modified: trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions.java 2007-05-01 04:21:50 UTC (rev 62677)
+++ trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions.java 2007-05-01 04:22:17 UTC (rev 62678)
@@ -33,8 +33,7 @@
import javax.security.jacc.PolicyContextException;
import org.jboss.security.RunAs;
-import org.jboss.security.SecurityContext;
-import org.jboss.security.SubjectInfo;
+import org.jboss.security.SecurityContext;
import org.jboss.security.plugins.SecurityContextAssociation;
import org.jboss.security.plugins.SecurityContextFactory;
@@ -459,9 +458,9 @@
SecurityContext sc = getSecurityContext();
if(sc == null)
throw new IllegalStateException("Security Context is null");
- SubjectInfo si = sc.getSubjectInfo();
- if(si != null)
- si.setAuthenticatedSubject(null);
+ Principal p = sc.getUtil().getUserPrincipal();
+ Object cred = sc.getUtil().getCredential();
+ sc.getUtil().createSubjectInfo(p, cred,null);
return null;
}}
);
More information about the jboss-cvs-commits
mailing list