[jboss-cvs] JBossAS SVN: r77490 - in projects/ejb3/trunk/security: src/main/java/org/jboss/ejb3/security/helpers and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Aug 26 10:22:16 EDT 2008
Author: wolfc
Date: 2008-08-26 10:22:16 -0400 (Tue, 26 Aug 2008)
New Revision: 77490
Modified:
projects/ejb3/trunk/security/pom.xml
projects/ejb3/trunk/security/src/main/java/org/jboss/ejb3/security/helpers/EJBContextHelper.java
Log:
EJBTHREE-1475: check for stateless lifecycle callbacks
Modified: projects/ejb3/trunk/security/pom.xml
===================================================================
--- projects/ejb3/trunk/security/pom.xml 2008-08-26 14:19:20 UTC (rev 77489)
+++ projects/ejb3/trunk/security/pom.xml 2008-08-26 14:22:16 UTC (rev 77490)
@@ -51,6 +51,18 @@
<dependencies>
+ <dependency>
+ <groupId>org.jboss.aspects</groupId>
+ <artifactId>jboss-current-invocation-aspects</artifactId>
+ <version>1.0.0.CR1</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jboss.ejb3</groupId>
+ <artifactId>jboss-ejb3-interceptors</artifactId>
+ <version>0.13.5-SNAPSHOT</version>
+ </dependency>
+
<!-- JBoss Security SPI -->
<dependency>
<groupId>org.jboss.security</groupId>
Modified: projects/ejb3/trunk/security/src/main/java/org/jboss/ejb3/security/helpers/EJBContextHelper.java
===================================================================
--- projects/ejb3/trunk/security/src/main/java/org/jboss/ejb3/security/helpers/EJBContextHelper.java 2008-08-26 14:19:20 UTC (rev 77489)
+++ projects/ejb3/trunk/security/src/main/java/org/jboss/ejb3/security/helpers/EJBContextHelper.java 2008-08-26 14:22:16 UTC (rev 77490)
@@ -27,11 +27,15 @@
import java.util.HashSet;
import java.util.Set;
+import javax.ejb.Stateless;
import javax.naming.InitialContext;
import javax.security.auth.Subject;
import javax.security.jacc.PolicyContext;
+import org.jboss.aop.joinpoint.Invocation;
+import org.jboss.aspects.currentinvocation.CurrentInvocation;
import org.jboss.ejb3.annotation.SecurityDomain;
+import org.jboss.ejb3.interceptors.container.InvocationHelper;
import org.jboss.metadata.ejb.jboss.JBossEnterpriseBeanMetaData;
import org.jboss.metadata.javaee.spec.SecurityRoleRefMetaData;
import org.jboss.security.RealmMapping;
@@ -54,6 +58,10 @@
public Principal getCallerPrincipal(SecurityContext sc,
RealmMapping rm, SecurityDomain domain)
{
+ Invocation invocation = getCurrentInvocation("getCallerPrincipal");
+ if(isStateless(invocation) && isLifecycleCallback(invocation))
+ throw new IllegalStateException("getCallerPrincipal is not allowed in a stateless lifecycle callback (EJB3 4.5.2)");
+
Principal callerPrincipal = null;
if(sc == null)
@@ -96,6 +104,14 @@
return callerPrincipal;
}
+ private static Invocation getCurrentInvocation(String reason)
+ {
+ Invocation current = CurrentInvocation.getCurrentInvocation();
+ if(isInjection(current))
+ throw new IllegalStateException(reason + " not allowed during injection (EJB3 4.4.1 & 4.5.2)");
+ return current;
+ }
+
public boolean isCallerInRole(SecurityContext sc,
SecurityDomain domain,
RealmMapping rm,
@@ -103,6 +119,10 @@
String roleName,
String ejbName)
{
+ Invocation invocation = getCurrentInvocation("isCallerInRole");
+ if(isStateless(invocation) && isLifecycleCallback(invocation))
+ throw new IllegalStateException("getCallerPrincipal is not allowed in a stateless lifecycle callback (EJB3 4.5.2)");
+
if(sc == null)
{
try
@@ -157,6 +177,22 @@
srset);
}
+ private static boolean isInjection(Invocation invocation)
+ {
+ return InvocationHelper.isInjection(invocation);
+ }
+
+ private static boolean isLifecycleCallback(Invocation invocation)
+ {
+ return InvocationHelper.isLifecycleCallback(invocation);
+ }
+
+ private static boolean isStateless(Invocation inv)
+ {
+ assert inv != null : "inv is null";
+ return inv.getAdvisor().resolveAnnotation(Stateless.class) != null;
+ }
+
private PolicyRegistration getPolicyRegistration()
{
PolicyRegistration policyRegistration = null;
More information about the jboss-cvs-commits
mailing list