Author: jolee
Date: 2012-05-09 14:57:43 -0400 (Wed, 09 May 2012)
New Revision: 4086
Modified:
branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java
branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/SecurityActions.java
branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java
Log:
TEIID-2037: Security context is not propagated correctly between Teiid engine and data
sources
Modified:
branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java
===================================================================
---
branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java 2012-05-09
18:40:59 UTC (rev 4085)
+++
branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java 2012-05-09
18:57:43 UTC (rev 4086)
@@ -38,7 +38,7 @@
@Override
public boolean assosiateSecurityContext(String securityDomain, Object newContext) {
SecurityContext context = SecurityActions.getSecurityContext();
- if (context == null || (!context.getSecurityDomain().equals(securityDomain) &&
newContext != null)) {
+ if (newContext != null && (context == null || newContext != context)) {
SecurityActions.setSecurityContext((SecurityContext)newContext);
return true;
}
@@ -47,10 +47,7 @@
@Override
public void clearSecurityContext(String securityDomain) {
- SecurityContext sc = SecurityActions.getSecurityContext();
- if (sc != null && sc.getSecurityDomain().equals(securityDomain)) {
- SecurityActions.clearSecurityContext();
- }
+ SecurityActions.clearSecurityContext();
}
@Override
@@ -64,8 +61,7 @@
@Override
public Object createSecurityContext(String securityDomain, Principal p, Object
credentials, Subject subject) {
- SecurityActions.pushSecurityContext(p, credentials, subject, securityDomain);
- return getSecurityContext(securityDomain);
+ return SecurityActions.createSecurityContext(p, credentials, subject, securityDomain);
}
@Override
Modified:
branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/SecurityActions.java
===================================================================
---
branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/SecurityActions.java 2012-05-09
18:40:59 UTC (rev 4085)
+++
branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/SecurityActions.java 2012-05-09
18:57:43 UTC (rev 4086)
@@ -68,18 +68,17 @@
});
}
- static void pushSecurityContext(final Principal p, final Object cred, final Subject
subject, final String securityDomain)
+ static SecurityContext createSecurityContext(final Principal p, final Object cred,
final Subject subject, final String securityDomain)
{
- AccessController.doPrivileged(new PrivilegedAction<Object>() {
- public Object run() {
+ return AccessController.doPrivileged(new PrivilegedAction<SecurityContext>()
{
+ public SecurityContext run() {
SecurityContext sc;
try {
sc = SecurityContextFactory.createSecurityContext(p, cred, subject,
securityDomain);
} catch (Exception e) {
throw new RuntimeException(e);
}
- setSecurityContext(sc);
- return null;
+ return sc;
}
});
}
Modified:
branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java
===================================================================
---
branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java 2012-05-09
18:40:59 UTC (rev 4085)
+++
branches/7.4.x/jboss-integration/src/main/java/org/teiid/jboss/deployers/RuntimeEngineDeployer.java 2012-05-09
18:57:43 UTC (rev 4086)
@@ -223,6 +223,7 @@
ClientServiceRegistryImpl jdbcCsr = new ClientServiceRegistryImpl();
jdbcCsr.registerClientService(ILogon.class, logon, LogConstants.CTX_SECURITY);
jdbcCsr.registerClientService(DQP.class, dqpProxy, LogConstants.CTX_DQP);
+ jdbcCsr.setSecurityHelper(getSecurityHelper());
if (this.jdbcSocketConfiguration.getEnabled()) {
this.jdbcSocket = new SocketListener(this.jdbcSocketConfiguration, jdbcCsr,
this.dqpCore.getBufferManager(), offset);
@@ -234,6 +235,7 @@
ClientServiceRegistryImpl adminCsr = new ClientServiceRegistryImpl(Type.Admin);
adminCsr.registerClientService(ILogon.class, logon, LogConstants.CTX_SECURITY);
adminCsr.registerClientService(Admin.class, adminProxy,
LogConstants.CTX_ADMIN_API);
+ adminCsr.setSecurityHelper(getSecurityHelper());
if (this.adminSocketConfiguration.getEnabled()) {
this.adminSocket = new SocketListener(this.adminSocketConfiguration, adminCsr,
this.dqpCore.getBufferManager(), offset);