[jboss-user] [JBoss AOP] - Re: How do I access security info in a Interceport class?
peixubin
do-not-reply at jboss.com
Wed Jan 31 19:44:37 EST 2007
I write the following class to init SecurityContext.currentDomain member.
MyInterceptorFactory.java:
| ...
| public Object createPerClass(Advisor advisor)
| {
| if (log.isDebugEnabled()) {
| log.debug("enter createPerClass");
| }
|
|
| AuthenticationManager manager = (AuthenticationManager) advisor.getDefaultMetaData().getMetaData("security", "authentication-manager");
| if (manager == null) {
| if (log.isDebugEnabled()) {
| log.debug("search manager");
| }
|
| try {
| manager = (AuthenticationManager) new InitialContext().lookup("java:/jaas/ydxt-domain2");
| }
| catch (NamingException e) {
| throw new RuntimeException(e); //To change body of catch statement use Options | File Templates.
| }
| }
| if (manager == null) throw new RuntimeException("Unable to find Security Domain");
| return new MyInterceptor(manager);
| }
| ...
|
|
MyInterceptor.java:
| ...
| public Object invoke(org.jboss.aop.joinpoint.Invocation invocation) throws Throwable {
| if (log.isDebugEnabled()) {
| log.debug("enter MyInterceptor");
| }
|
|
| Object oldDomain = SecurityContext.getCurrentDomain().get();
| try {
| SecurityContext.getCurrentDomain().set(authenticationManager);
| return invocation.invokeNext();
| }
| finally {
| SecurityContext.getCurrentDomain().set(oldDomain);
| }
| }
| ...
|
My SecurityContext.java,extend from org.jboss.aspects.security.SecurityContext:
|
| public class SecurityContext extends org.jboss.aspects.security.SecurityContext {
|
|
| public static ThreadLocal getCurrentDomain() {
| return currentDomain;
| }
|
| }
|
|
in jboss-aop.xml:
| ...
| <bind pointcut="all(@ydxt.ejb.aop.FydSecurity)">
| <interceptor factory="ydxt.ejb.aop.MyInterceptorFactory" scope="PER_CLASS"/>
| <advice name="checkRight" aspect="ydxt.ejb.aop.FydSecurityInterceptor"/>
| </bind>
| ...
|
the isCallerInRole and isCurrentInRole work fine !!!
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4009146#4009146
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4009146
More information about the jboss-user
mailing list