[portal-commits] JBoss Portal SVN: r13707 - in modules/authorization/trunk: common-api/src/main/java/org/jboss/security/authz/xacml and 7 other directories.

Author: sohil.shah(a)jboss.com Date: 2009-08-08 19:27:44 -0400 (Sat, 08 Aug 2009) New Revision: 13707 Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/EnforcementStateGenerator.java modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposition.java modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/xacml/AttributeDesignatorUtil.java modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/PolicyDecisionPoint.java modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsRuleManager.java modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinderModule.java modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/provisioning/RelationalDBPolicyStore.java modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/tools/HibernateService.java modules/authorization/trunk/policy-server/src/main/resources/META-INF/authz-config.xml Log: Policy Hot Deployment implementation * Transactional Integrity implemented Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/EnforcementStateGenerator.java =================================================================== --- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/EnforcementStateGenerator.java 2009-08-08 20:44:06 UTC (rev 13706) +++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/EnforcementStateGenerator.java 2009-08-08 23:27:44 UTC (rev 13707) @@ -135,7 +135,7 @@ { log.error(this, e); - //TODO: implement proper exception handling + //FIXME: implement proper exception handling throw new RuntimeException(e); } } Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposition.java =================================================================== --- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposition.java 2009-08-08 20:44:06 UTC (rev 13706) +++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposition.java 2009-08-08 23:27:44 UTC (rev 13707) @@ -171,7 +171,7 @@ } catch (Exception e) { - // TODO: handle this properly + //FIXME: handle this properly log.error(this, e); throw new RuntimeException(e); } Modified: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java =================================================================== --- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java 2009-08-08 20:44:06 UTC (rev 13706) +++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java 2009-08-08 23:27:44 UTC (rev 13707) @@ -71,7 +71,7 @@ } catch(Exception e) { - //TODO: handle this properly + //FIXME: handle this properly log.error(this, e); throw new RuntimeException(e); } @@ -88,7 +88,7 @@ { for(String impliedAction: impliedActions) { - //TODO: Find the Action Component from the repository + //FIXME: Find the Action Component from the repository Object impliedActionComponent = null; if(impliedAction.equals("read")) { @@ -110,7 +110,7 @@ } catch(Exception e) { - //TODO: handle this properly + //FIXME: handle this properly log.error(this, e); throw new RuntimeException(e); } Modified: modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/xacml/AttributeDesignatorUtil.java =================================================================== --- modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/xacml/AttributeDesignatorUtil.java 2009-08-08 20:44:06 UTC (rev 13706) +++ modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/xacml/AttributeDesignatorUtil.java 2009-08-08 23:27:44 UTC (rev 13707) @@ -108,7 +108,7 @@ { String uri = attributeDesignator.getAttributeId(); - //TODO: Include all Attribute Types like Resource, Action, and Environment + //FIXME: Include all Attribute Types like Resource, Action, and Environment if(uri.equals(XACMLConstants.ATTRIBUTEID_ACTION_ID) || uri.equals(ATTRIBUTEID_CUSTOM_SUBJECT_ATTRIBUTE) ) Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java =================================================================== --- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java 2009-08-08 20:44:06 UTC (rev 13706) +++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/components/TestURLPattern.java 2009-08-08 23:27:44 UTC (rev 13707) @@ -90,7 +90,7 @@ assertFalse("Match(prefix/urlfoo/)",Pattern.matches(regex, "prefix/urlfoo/")); assertFalse("Match(/blah/prefix/url/index.html)",Pattern.matches(regex, "/blah/prefix/url/index.html")); - //TODO: fix issue with duplicate matches when using concrete uris and regex uris + //FIXME: fix issue with duplicate matches when using concrete uris and regex uris this.provision("/prefix/url/*"); //this.provision("/prefix/url/index.html"); Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java 2009-08-08 20:44:06 UTC (rev 13706) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/PolicyServer.java 2009-08-08 23:27:44 UTC (rev 13707) @@ -25,9 +25,11 @@ import org.apache.log4j.Logger; +import org.hibernate.Session; +import org.hibernate.Transaction; + import org.jboss.security.authz.model.Policy; import org.jboss.security.authz.model.PolicyMetaData; -import org.jboss.security.authz.model.PolicyException; import org.jboss.security.authz.model.Target; import org.jboss.security.authz.model.AttributeExpression; import org.jboss.security.authz.model.Attribute; @@ -38,6 +40,7 @@ import org.jboss.security.authz.policy.server.plugin.EnterprisePolicyFinderModule; import org.jboss.security.authz.policy.server.plugin.DroolsRuleManager; import org.jboss.security.authz.policy.server.event.EventBus; +import org.jboss.security.authz.policy.server.tools.HibernateService; import org.jboss.security.xacml.sunxacml.finder.PolicyFinderModule; @@ -55,6 +58,7 @@ private EnterprisePolicyFinderModule policyFinderModule; private DroolsRuleManager ruleManager; private EventBus eventBus; + private HibernateService hibernateService; public PolicyServer() { @@ -75,6 +79,8 @@ this.policyFinderModule.setPolicyStore(this.policyStore); this.policyFinderModule.setRuleManager(this.ruleManager); this.policyFinderModule.setEventBus(this.eventBus); + this.policyFinderModule.setHibernateService(this.hibernateService); + this.policyFinderModule.bootup(); } } @@ -129,6 +135,16 @@ { this.eventBus = eventBus; } + + public HibernateService getHibernateService() + { + return hibernateService; + } + + public void setHibernateService(HibernateService hibernateService) + { + this.hibernateService = hibernateService; + } // --------Enforcement Phase // services-------------------------------------------------------------------------------------------------------------------------- /** @@ -144,7 +160,15 @@ */ public Response evaluate(Request request) throws PolicyServerException { - return this.policyDecisionPoint.evaluate(request); + try + { + return this.policyDecisionPoint.evaluate(request); + } + catch(Throwable t) + { + log.error(this, t); + throw new PolicyServerException(t); + } } /** @@ -159,7 +183,15 @@ */ public String evaluate(String xml) throws PolicyServerException { - return this.policyDecisionPoint.evaluate(xml); + try + { + return this.policyDecisionPoint.evaluate(xml); + } + catch(Throwable t) + { + log.error(this, t); + throw new PolicyServerException(t); + } } // ------- Provisioning Phase @@ -174,19 +206,35 @@ public void deploy(PolicyMetaData policyMetaData) throws PolicyServerException { - Policy policy = this.findPolicy(policyMetaData); - - if (policy == null) + Session session = null; + Transaction tx = null; + try { - // Create a New Policy - this.policyFinderModule.newPolicy(policyMetaData); + session = this.hibernateService.getCurrentSession(); + tx = session.beginTransaction(); + + Policy policy = this.findPolicy(policyMetaData); + + if (policy == null) + { + // Create a New Policy + this.policyFinderModule.newPolicy(policyMetaData); + } + else + { + // Update an existing Policy + this.policyFinderModule.updatePolicy(policy, policyMetaData); + + } + + tx.commit(); } - else + catch(Throwable t) { - // Update an existing Policy - this.policyFinderModule.updatePolicy(policy, policyMetaData); - - } + log.error(this, t); + tx.rollback(); + throw new PolicyServerException(t); + } } /** @@ -197,14 +245,23 @@ */ public void deletePolicy(String policyUri) throws PolicyServerException { + Session session = null; + Transaction tx = null; try { + session = this.hibernateService.getCurrentSession(); + tx = session.beginTransaction(); + this.policyFinderModule.deletePolicy(this.policyStore.readPolicy(policyUri), true); + + tx.commit(); } - catch (PolicyException pe) + catch (Throwable t) { - throw new PolicyServerException(pe); - } + log.error(this, t); + tx.rollback(); + throw new PolicyServerException(t); + } } /** @@ -214,14 +271,25 @@ */ public Set<Policy> readAllPolicies() throws PolicyServerException { + Session session = null; + Transaction tx = null; try { - return this.policyStore.readAllPolicies(); + session = this.hibernateService.getCurrentSession(); + tx = session.beginTransaction(); + + Set<Policy> all = this.policyStore.readAllPolicies(); + + tx.commit(); + + return all; } - catch (PolicyException pe) + catch (Throwable t) { - throw new PolicyServerException(pe); - } + log.error(this, t); + tx.rollback(); + throw new PolicyServerException(t); + } } /** @@ -233,14 +301,39 @@ */ public Policy findByResource(Attribute resourceAttribute) throws PolicyServerException { + Session session = null; + Transaction tx = null; + boolean isStartedHere = false; try { - return this.policyStore.findByResource(resourceAttribute); + session = this.hibernateService.getCurrentSession(); + tx = session.getTransaction(); + if(!tx.isActive()) + { + tx.begin(); + isStartedHere = true; + } + + Policy policy = this.policyStore.findByResource(resourceAttribute); + + if(isStartedHere) + { + tx.commit(); + } + + return policy; } - catch (PolicyException pe) + catch (Throwable t) { - throw new PolicyServerException(pe); - } + log.error(this, t); + + if(isStartedHere) + { + tx.rollback(); + } + + throw new PolicyServerException(t); + } } // -------------------------------------------------------------------------------------------------------------------------------------------- private Policy findPolicy(PolicyMetaData policyMetaData) Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/PolicyDecisionPoint.java =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/PolicyDecisionPoint.java 2009-08-08 20:44:06 UTC (rev 13706) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/decision/PolicyDecisionPoint.java 2009-08-08 23:27:44 UTC (rev 13707) @@ -165,8 +165,7 @@ return response; } catch(Exception e) - { - log.error(this, e); + { throw new PolicyServerException(e); } } Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java 2009-08-08 20:44:06 UTC (rev 13706) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java 2009-08-08 23:27:44 UTC (rev 13707) @@ -167,7 +167,7 @@ } /** - * TODO: make this preparation more robust injecting arbitrary Facts and then let the RuleEngine do its thing + * FIXME: make this preparation more robust injecting arbitrary Facts and then let the RuleEngine do its thing * * @param context */ Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsRuleManager.java =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsRuleManager.java 2009-08-08 20:44:06 UTC (rev 13706) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsRuleManager.java 2009-08-08 23:27:44 UTC (rev 13707) @@ -45,8 +45,6 @@ * This service provides management for Drools based authorization Rules/Logic * used by the Drools Function extension of the XACML Engine * - * TODO: Add Database Persistence to the State of this Manager - * * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> * */ @@ -254,13 +252,6 @@ log.error(this, t); tx.rollback(); throw new RuntimeException(t); - } - finally - { - if(session.isOpen()) - { - session.close(); - } - } + } } } Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinderModule.java =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinderModule.java 2009-08-08 20:44:06 UTC (rev 13706) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinderModule.java 2009-08-08 23:27:44 UTC (rev 13707) @@ -28,6 +28,9 @@ import org.apache.log4j.Logger; +import org.hibernate.Session; +import org.hibernate.Transaction; + import org.jboss.security.authz.model.DroolsRuleExpression; import org.jboss.security.authz.model.Policy; import org.jboss.security.authz.model.PolicyMetaData; @@ -36,6 +39,7 @@ import org.jboss.security.authz.model.Expression; import org.jboss.security.authz.policy.server.event.EventBus; import org.jboss.security.authz.policy.server.spi.PolicyStore; +import org.jboss.security.authz.policy.server.tools.HibernateService; import org.jboss.security.authz.policy.server.PolicyServerException; import org.jboss.security.authz.tools.GeneralTool; import org.jboss.security.authz.policy.server.event.HotDeployEvent; @@ -65,7 +69,8 @@ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> * * - * TODO: Transactional Integrity and proper Concurrency when Updating the State of the Rule Engine + * FIXME: Transactional Integrity and proper Concurrency when Updating + * the State of the Rule Engine * */ public class EnterprisePolicyFinderModule extends PolicyFinderModule @@ -73,11 +78,12 @@ private static Logger log = Logger .getLogger(EnterprisePolicyFinderModule.class); - private PolicyReader reader; + private PolicyReader reader; private PolicyStore policyStore; private DroolsRuleManager ruleManager; private EventBus eventBus; - + private HibernateService hibernateService; + private DynamicPolicyCollection policies; public EnterprisePolicyFinderModule() @@ -104,7 +110,7 @@ { this.ruleManager = ruleManager; } - + public EventBus getEventBus() { return eventBus; @@ -114,6 +120,17 @@ { this.eventBus = eventBus; } + + public HibernateService getHibernateService() + { + return hibernateService; + } + + public void setHibernateService(HibernateService hibernateService) + { + this.hibernateService = hibernateService; + } + // -----------PolicyFinderModule // Implementation------------------------------------------------------------------------------------------------------------ /** @@ -178,49 +195,19 @@ return new PolicyFinderResult(e.getStatus()); } } - // ------------------------------------------------------------------------------------------------------------------------------------------ - public void bootup() throws PolicyServerException + + // --------------------------------------------------------------------------------------------------------------------------------------------------------------------- + public void newPolicy(PolicyMetaData policyMetaData) + throws PolicyServerException { try { - // Load the persisted Policies into the Finder's memory - log - .info("------------------------------------------------------------------"); - log - .info("Booting Up the Policy Rule Engine................................."); - Set<Policy> allPolicies = this.policyStore.readAllPolicies(); - if (allPolicies != null) - { - for (Policy policy : allPolicies) - { - this.injectPolicy(policy); - } - log.info("Rule Engine successfully started with [" + allPolicies.size() - + "] stored Policies"); - } - log - .info("------------------------------------------------------------------"); - } - catch (Throwable t) - { - log.error(this, t); - throw new PolicyServerException(t); - } - } - - public void newPolicy(PolicyMetaData policyMetaData) throws PolicyServerException - { - try - { Policy policy = new XACMLPolicy(GeneralTool.generateUniqueId(), policyMetaData); - + // Save the policy in the Policy Store this.policyStore.savePolicy(policy); - - // Inject the new Policy into the Rule Engine - this.injectPolicy(policy); - + // Update the DroolsRuleManager's runtime state with any Drools based // expressions if they are part of this new policy Set<Rule> rules = policyMetaData.getRules(); @@ -232,58 +219,62 @@ this.ruleManager.addRule((DroolsRuleExpression) expression); } } + + // Inject the new Policy into the Rule Engine + this.injectPolicy(policy); } - catch (Throwable t) + catch (PolicyException pe) { - log.error(this, t); - throw new PolicyServerException(t); + throw new PolicyServerException(pe); } } - - public void updatePolicy(Policy oldPolicy, PolicyMetaData newPolicy) throws PolicyServerException + + public void updatePolicy(Policy oldPolicy, PolicyMetaData newPolicy) + throws PolicyServerException { this.deletePolicy(oldPolicy, false); - - //TODO: This hot deployment should be done out-of-band - //and new policy should then be deployed into the rule engine + + //new policy should then be deployed into the rule engine this.newPolicy(newPolicy); - + HotDeployEvent hotDeployEvent = new HotDeployEvent(oldPolicy.getPolicyUri()); this.eventBus.deliver(hotDeployEvent); } - - public void deletePolicy(Policy policy, boolean mustHotDeploy) throws PolicyServerException + + public void deletePolicy(Policy policy, boolean mustHotDeploy) + throws PolicyServerException { try { - AbstractPolicy activePolicy = this.policies.getPolicy(policy.getPolicyUri()); - - //Deactivate this Policy + AbstractPolicy activePolicy = this.policies.getPolicy(policy + .getPolicyUri()); + if(activePolicy != null) { - //First deactivate this policy + // Delete this Policy from the Policy Store + this.policyStore.deletePolicy(policy.getPolicyUri()); + this.policies.deactivate(policy.getPolicyUri()); - - - //Delete any DroolsExpressions associated with this Policy from the Drools Manager - if(policy.getMetaData().getRules()!=null) + + // Delete any DroolsExpressions associated with this Policy from the + // Drools Manager + if (policy.getMetaData().getRules() != null) { - for(Rule policyRule: policy.getMetaData().getRules()) + for (Rule policyRule : policy.getMetaData().getRules()) { Expression ruleExpression = policyRule.getExpression(); - if(ruleExpression instanceof DroolsRuleExpression) + if (ruleExpression instanceof DroolsRuleExpression) { - this.ruleManager.removeRule(((DroolsRuleExpression) ruleExpression).getRuleReference()); + this.ruleManager.removeRule(((DroolsRuleExpression) ruleExpression) + .getRuleReference()); } } } - - //Delete this Policy from the Policy Store - this.policyStore.deletePolicy(policy.getPolicyUri()); - - if(mustHotDeploy) + + if (mustHotDeploy) { - HotDeployEvent hotDeployEvent = new HotDeployEvent(policy.getPolicyUri()); + HotDeployEvent hotDeployEvent = new HotDeployEvent(policy + .getPolicyUri()); this.eventBus.deliver(hotDeployEvent); } } @@ -293,7 +284,45 @@ throw new PolicyServerException(pe); } } - //------------------------------------------------------------------------------------------------------------------------------------------- + + // ------------------------------------------------------------------------------------------------------------------------------------------- + public void bootup() throws PolicyServerException + { + Session session = null; + Transaction tx = null; + try + { + session = this.hibernateService.getCurrentSession(); + tx = session.beginTransaction(); + + // Load the persisted Policies into the Finder's memory + log + .info("------------------------------------------------------------------"); + log + .info("Booting Up the Policy Rule Engine................................."); + Set<Policy> allPolicies = this.policyStore.readAllPolicies(); + if (allPolicies != null) + { + for (Policy policy : allPolicies) + { + this.injectPolicy(policy); + } + log.info("Rule Engine successfully started with [" + allPolicies.size() + + "] stored Policies"); + } + log + .info("------------------------------------------------------------------"); + + tx.commit(); + } + catch (Throwable t) + { + log.error(this, t); + tx.rollback(); + throw new PolicyServerException(t); + } + } + private void injectPolicy(Policy policy) throws PolicyServerException { ByteArrayInputStream bos = null; @@ -307,7 +336,6 @@ } catch (Exception e) { - log.error(this, e); throw new PolicyServerException(e); } finally @@ -323,5 +351,5 @@ } } } - } + } } \ No newline at end of file Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/provisioning/RelationalDBPolicyStore.java =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/provisioning/RelationalDBPolicyStore.java 2009-08-08 20:44:06 UTC (rev 13706) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/provisioning/RelationalDBPolicyStore.java 2009-08-08 23:27:44 UTC (rev 13707) @@ -29,9 +29,7 @@ import org.apache.log4j.Logger; import org.hibernate.Session; -import org.hibernate.Transaction; - import org.jboss.security.authz.model.Policy; import org.jboss.security.authz.model.PolicyException; import org.jboss.security.authz.model.Attribute; @@ -82,12 +80,10 @@ public Set<Policy> readAllPolicies() throws PolicyException { Session session = null; - Transaction tx = null; try { //Join or Create a New Session/Transaction session = hibernateService.getCurrentSession(); - tx = session.beginTransaction(); List allPolicies = session.createQuery("from XACMLPolicy").list(); @@ -96,24 +92,14 @@ { policies.addAll(allPolicies); } - - tx.commit(); - + return policies; } catch(Throwable t) { - log.error(this, t); - tx.rollback(); + log.error(this, t); throw new RuntimeException(t); - } - finally - { - if(session.isOpen()) - { - session.close(); - } - } + } } /** @@ -126,30 +112,17 @@ public void savePolicy(Policy policy) throws PolicyException { Session session = null; - Transaction tx = null; try { //Join or Create a New Session/Transaction - session = hibernateService.getCurrentSession(); - tx = session.beginTransaction(); - + session = hibernateService.getCurrentSession(); session.saveOrUpdate(policy); - - tx.commit(); } catch(Throwable t) { log.error(this, t); - tx.rollback(); throw new RuntimeException(t); - } - finally - { - if(session.isOpen()) - { - session.close(); - } - } + } } /** @@ -161,33 +134,21 @@ public void deletePolicy(String policyUri) throws PolicyException { Session session = null; - Transaction tx = null; try { //Join or Create a New Session/Transaction session = hibernateService.getCurrentSession(); - tx = session.beginTransaction(); session.createQuery("delete from XACMLPolicy policy where policy.policyUri=?").setString(0, policyUri). executeUpdate(); - - tx.commit(); } catch(Throwable t) { - log.error(this, t); - tx.rollback(); + log.error(this, t); throw new RuntimeException(t); - } - finally - { - if(session.isOpen()) - { - session.close(); - } - } + } } - //------------------------------------------------------------------------------------------------------------------------------------------------------------ + /** * Finds the Policy associated with the specified URIResource * @@ -198,12 +159,10 @@ public Policy findByResource(Attribute resourceAttribute) throws PolicyException { Session session = null; - Transaction tx = null; try { //Join or Create a New Session/Transaction session = this.hibernateService.getCurrentSession(); - tx = session.beginTransaction(); Object[] result = (Object[])session.createQuery("from XACMLPolicy policy " + "join policy.metaData.target.resourceMatches match " + @@ -221,23 +180,13 @@ } } - tx.commit(); - return null; } catch(Throwable t) { - log.error(this, t); - tx.rollback(); + log.error(this, t); throw new RuntimeException(t); - } - finally - { - if(session.isOpen()) - { - session.close(); - } - } + } } /** @@ -250,32 +199,20 @@ public Policy readPolicy(String policyUri) throws PolicyException { Session session = null; - Transaction tx = null; try { //Join or Create a New Session/Transaction session = this.hibernateService.getCurrentSession(); - tx = session.beginTransaction(); Policy policy = (Policy)session.createQuery("from XACMLPolicy where policyUri=?"). setString(0, policyUri).uniqueResult(); - tx.commit(); - return policy; } catch(Throwable t) { - log.error(this, t); - tx.rollback(); + log.error(this, t); throw new RuntimeException(t); - } - finally - { - if(session.isOpen()) - { - session.close(); - } - } + } } } Modified: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/tools/HibernateService.java =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/tools/HibernateService.java 2009-08-08 20:44:06 UTC (rev 13706) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/tools/HibernateService.java 2009-08-08 23:27:44 UTC (rev 13707) @@ -63,5 +63,5 @@ public Session getCurrentSession() { return this.sessionFactory.getCurrentSession(); - } + } } Modified: modules/authorization/trunk/policy-server/src/main/resources/META-INF/authz-config.xml =================================================================== --- modules/authorization/trunk/policy-server/src/main/resources/META-INF/authz-config.xml 2009-08-08 20:44:06 UTC (rev 13706) +++ modules/authorization/trunk/policy-server/src/main/resources/META-INF/authz-config.xml 2009-08-08 23:27:44 UTC (rev 13707) @@ -16,6 +16,9 @@ <property name="eventBus"> <inject bean="/policy-server/EventBus"/> </property> + <property name="hibernateService"> + <inject bean="/policy-server/HibernateService"/> + </property> </bean> <bean name="/policy-server/PolicyDecisionPoint" class="org.jboss.security.authz.policy.server.decision.PolicyDecisionPoint">