[teiid-commits] teiid SVN: r4086 - in branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss: deployers and 1 other directory.

teiid-commits at lists.jboss.org teiid-commits at lists.jboss.org
Wed May 9 14:57:43 EDT 2012 

Author: jolee
Date: 2012-05-09 14:57:43 -0400 (Wed, 09 May 2012)
New Revision: 4086

Modified:
   branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java
   branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/SecurityActions.java
   branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java
Log:
TEIID-2037:  Security context is not propagated correctly between Teiid engine and data sources

Modified: branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java
===================================================================
--- branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java	2012-05-09 18:40:59 UTC (rev 4085)
+++ branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java	2012-05-09 18:57:43 UTC (rev 4086)
@@ -38,7 +38,7 @@
 	@Override
 	public boolean assosiateSecurityContext(String securityDomain, Object newContext) {
 		SecurityContext context = SecurityActions.getSecurityContext();
-		if (context == null || (!context.getSecurityDomain().equals(securityDomain) && newContext != null)) {
+		if (newContext != null && (context == null || newContext != context)) {
 			SecurityActions.setSecurityContext((SecurityContext)newContext);
 			return true;
 		}
@@ -47,10 +47,7 @@
 
 	@Override
 	public void clearSecurityContext(String securityDomain) {
-		SecurityContext sc = SecurityActions.getSecurityContext();
-		if (sc != null && sc.getSecurityDomain().equals(securityDomain)) {
-			SecurityActions.clearSecurityContext();
-		}
+		SecurityActions.clearSecurityContext();
 	}
 	
 	@Override
@@ -64,8 +61,7 @@
 	
 	@Override
 	public Object createSecurityContext(String securityDomain, Principal p, Object credentials, Subject subject) {
-		SecurityActions.pushSecurityContext(p, credentials, subject, securityDomain);
-		return getSecurityContext(securityDomain);
+		return SecurityActions.createSecurityContext(p, credentials, subject, securityDomain);
 	}
 
 	@Override

Modified: branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/SecurityActions.java
===================================================================
--- branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/SecurityActions.java	2012-05-09 18:40:59 UTC (rev 4085)
+++ branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/SecurityActions.java	2012-05-09 18:57:43 UTC (rev 4086)
@@ -68,18 +68,17 @@
 	      });
 	   }	 
 	   
-	   static void pushSecurityContext(final Principal p, final Object cred, final Subject subject, final String securityDomain)
+	   static SecurityContext createSecurityContext(final Principal p, final Object cred, final Subject subject, final String securityDomain)
 	   {
-			AccessController.doPrivileged(new PrivilegedAction<Object>() {
-				public Object run() {
+		   return AccessController.doPrivileged(new PrivilegedAction<SecurityContext>() {
+				public SecurityContext run() {
 					SecurityContext sc;
 					try {
 						sc = SecurityContextFactory.createSecurityContext(p, cred, subject, securityDomain);
 					} catch (Exception e) {
 						throw new RuntimeException(e);
 					}
-					setSecurityContext(sc);
-					return null;
+					return sc;
 				}
 			});
 	   }	   

Modified: branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java
===================================================================
--- branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java	2012-05-09 18:40:59 UTC (rev 4085)
+++ branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java	2012-05-09 18:57:43 UTC (rev 4086)
@@ -223,6 +223,7 @@
     	ClientServiceRegistryImpl jdbcCsr = new ClientServiceRegistryImpl();
     	jdbcCsr.registerClientService(ILogon.class, logon, LogConstants.CTX_SECURITY);
     	jdbcCsr.registerClientService(DQP.class, dqpProxy, LogConstants.CTX_DQP);
+    	jdbcCsr.setSecurityHelper(getSecurityHelper());
     	
     	if (this.jdbcSocketConfiguration.getEnabled()) {
 	    	this.jdbcSocket = new SocketListener(this.jdbcSocketConfiguration, jdbcCsr, this.dqpCore.getBufferManager(), offset);
@@ -234,6 +235,7 @@
     	ClientServiceRegistryImpl adminCsr = new ClientServiceRegistryImpl(Type.Admin);
     	adminCsr.registerClientService(ILogon.class, logon, LogConstants.CTX_SECURITY);
     	adminCsr.registerClientService(Admin.class, adminProxy, LogConstants.CTX_ADMIN_API);
+    	adminCsr.setSecurityHelper(getSecurityHelper());
     	
     	if (this.adminSocketConfiguration.getEnabled()) {
 	    	this.adminSocket = new SocketListener(this.adminSocketConfiguration, adminCsr, this.dqpCore.getBufferManager(), offset);

More information about the teiid-commits mailing list