Author: ron.sigal(a)jboss.com Date: 2008-11-20 12:31:58 -0500 (Thu, 20 Nov 2008) New Revision: 4735 Modified: remoting2/branches/2.x/src/main/org/jboss/remoting/util/SecurityUtility.java Log: JBREM-1067: Moved JNDI operations to SecurityUtility for new jnpserver.jar. Modified: remoting2/branches/2.x/src/main/org/jboss/remoting/util/SecurityUtility.java =================================================================== --- remoting2/branches/2.x/src/main/org/jboss/remoting/util/SecurityUtility.java 2008-11-20 17:31:04 UTC (rev 4734) +++ remoting2/branches/2.x/src/main/org/jboss/remoting/util/SecurityUtility.java 2008-11-20 17:31:58 UTC (rev 4735) @@ -59,6 +59,10 @@ import javax.management.MBeanServer; import javax.management.MBeanServerFactory; import javax.management.ObjectName; +import javax.naming.Context; +import javax.naming.InitialContext; +import javax.naming.NamingEnumeration; +import javax.naming.NamingException; import javax.net.ServerSocketFactory; import javax.net.SocketFactory; @@ -73,13 +77,14 @@ /** * SecurityUtility provides a central point for making security sensitive calls. * - * It is divided into five sections: + * It is divided into six sections: * * 1. calls requiring FilePermissions * 2. calls requiring MBeanPermissions * 3. calls requiring PropertyPermissions * 4. calls requiring RuntimePermissions * 5. calls requiring SocketPermissions + * 6. calls requiring JBoss permissions * * When the SecurityUtility class is loaded, it checks for two conditions: * @@ -648,6 +653,8 @@ { return createRemotingClassLoader(remotingClassLoader, userClassLoader, true); } + + static public RemotingClassLoader createRemotingClassLoader(final ClassLoader remotingClassLoader, final ClassLoader userClassLoader, final boolean parentFirstDelegation) { @@ -821,6 +828,37 @@ } + static public void namingBeanImplStart(final Object namingBean, final Method startMethod) + throws IllegalAccessException, InvocationTargetException + { + if (skipAccessControl) + { + startMethod.invoke(namingBean, new Object[] {}); + return; + } + + try + { + AccessController.doPrivileged( new PrivilegedExceptionAction() + { + public Object run() throws IllegalAccessException, InvocationTargetException + { + startMethod.invoke(namingBean, new Object[] {}); + return null; + } + }); + } + catch (PrivilegedActionException e) + { + Throwable cause = e.getCause(); + if (cause instanceof IllegalAccessException) + throw (IllegalAccessException) cause; + else + throw (InvocationTargetException) cause; + } + } + + static public Object readObject(final ObjectInputStream ois) throws IOException, ClassNotFoundException { @@ -1731,4 +1769,136 @@ throw (NotBoundException) cause; } } + + + /////////////////////////////////////////////////////////////////////////////////////// + // JBoss JNDI permission methods + /////////////////////////////////////////////////////////////////////////////////////// + + static public Context createSubcontext(final InitialContext initialContext, final String subContextName) + throws NamingException + { + if (skipAccessControl) + { + return initialContext.createSubcontext(subContextName); + } + + try + { + return (Context) AccessController.doPrivileged( new PrivilegedExceptionAction() + { + public Object run() throws NamingException + { + return initialContext.createSubcontext(subContextName); + } + }); + } + catch (PrivilegedActionException e) + { + throw (NamingException) e.getCause(); + } + } + + + static public Context initialContextLookup(final InitialContext initialContext, final String subContextName) + throws NamingException + { + if (skipAccessControl) + { + return (Context) initialContext.lookup(subContextName); + } + + try + { + return (Context) AccessController.doPrivileged( new PrivilegedExceptionAction() + { + public Object run() throws NamingException + { + return initialContext.lookup(subContextName); + } + }); + } + catch (PrivilegedActionException e) + { + throw (NamingException) e.getCause(); + } + } + + static public NamingEnumeration listBindings(final Context context, final String bindName) + throws NamingException + { + if (skipAccessControl) + { + return context.listBindings(bindName); + } + + try + { + return (NamingEnumeration) AccessController.doPrivileged( new PrivilegedExceptionAction() + { + public Object run() throws NamingException + { + return context.listBindings(bindName); + } + }); + } + catch (PrivilegedActionException e) + { + throw (NamingException) e.getCause(); + } + } + + + static public void rebind(final Context context, final String name, final Object object) + throws NamingException + { + if (skipAccessControl) + { + context.rebind(name, object); + return; + } + + try + { + AccessController.doPrivileged( new PrivilegedExceptionAction() + { + public Object run() throws NamingException + { + context.rebind(name, object); + return null; + } + }); + } + catch (PrivilegedActionException e) + { + throw (NamingException) e.getCause(); + } + } + + + static public void unbind(final Context context, final String name) + throws NamingException + { + if (skipAccessControl) + { + context.unbind(name); + return; + } + + try + { + AccessController.doPrivileged( new PrivilegedExceptionAction() + { + public Object run() throws NamingException + { + context.unbind(name); + return null; + } + }); + } + catch (PrivilegedActionException e) + { + throw (NamingException) e.getCause(); + } + } } \ No newline at end of file