[Jboss-cvs] JBossAS SVN: r56361 - trunk/tomcat/src/main/org/jboss/web/tomcat/security
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Aug 28 16:52:12 EDT 2006
Author: anil.saldhana at jboss.com
Date: 2006-08-28 16:52:11 -0400 (Mon, 28 Aug 2006)
New Revision: 56361
Modified:
trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationActions.java
trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationValve.java
Log:
JBAS-3576: Security Context
Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationActions.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationActions.java 2006-08-28 20:51:27 UTC (rev 56360)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationActions.java 2006-08-28 20:52:11 UTC (rev 56361)
@@ -29,6 +29,7 @@
import org.jboss.security.SecurityAssociation;
import org.jboss.security.RunAsIdentity;
+import org.jboss.security.SecurityContext;
/** A PrivilegedAction implementation for setting the SecurityAssociation
* principal and credential
@@ -106,6 +107,31 @@
return credential;
}
}
+ private static class GetSecurityContextAction implements PrivilegedAction
+ {
+ static PrivilegedAction ACTION = new GetSecurityContextAction();
+ public Object run()
+ {
+ Object sc = SecurityAssociation.getSecurityContext();
+ return sc;
+ }
+ }
+
+ private static class SetSecurityContextAction implements PrivilegedAction
+ {
+ private SecurityContext securityContext;
+ SetSecurityContextAction(SecurityContext sc)
+ {
+ this.securityContext = sc;
+ }
+
+ public Object run()
+ {
+ SecurityAssociation.setSecurityContext(securityContext);
+ return null;
+ }
+ }
+
private static class PushRunAsRoleAction implements PrivilegedAction
{
RunAsIdentity principal;
@@ -147,7 +173,34 @@
return exception;
}
}
+ private static class ClearSecurityContextAction implements PrivilegedAction
+ {
+ static PrivilegedAction ACTION = new ClearSecurityContextAction();
+ public Object run()
+ {
+ SecurityAssociation.setSecurityContext(null);
+ return null;
+ }
+ }
+ static void clearSecurityContext()
+ {
+ ClearSecurityContextAction action = new ClearSecurityContextAction();
+ AccessController.doPrivileged(action);
+ }
+
+ static SecurityContext getSecurityContext()
+ {
+ GetSecurityContextAction action = new GetSecurityContextAction();
+ return (SecurityContext)AccessController.doPrivileged(action);
+ }
+
+ static void setSecurityContext(SecurityContext sc)
+ {
+ SetSecurityContextAction action = new SetSecurityContextAction(sc);
+ AccessController.doPrivileged(action);
+ }
+
static void setPrincipalInfo(Principal principal, Object credential, Subject subject)
{
SetPrincipalInfoAction action = new SetPrincipalInfoAction(principal, credential, subject);
Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationValve.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationValve.java 2006-08-28 20:51:27 UTC (rev 56360)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationValve.java 2006-08-28 20:52:11 UTC (rev 56361)
@@ -39,6 +39,7 @@
import org.jboss.metadata.WebMetaData;
import org.jboss.security.AuthenticationManager;
import org.jboss.security.RunAsIdentity;
+import org.jboss.security.SecurityContext;
import org.jboss.security.plugins.JaasSecurityManagerServiceMBean;
/**
@@ -63,6 +64,10 @@
/** The service used to flush authentication cache on session invalidation. */
private JaasSecurityManagerServiceMBean secMgrService;
private boolean trace;
+ /**
+ * Flag to indicate whether this valve set the SecurityContext
+ */
+ private boolean addedSecurityContext = false;
public SecurityAssociationValve(WebMetaData metaData,
JaasSecurityManagerServiceMBean secMgrService)
@@ -200,6 +205,15 @@
}
}
}
+ /**
+ * Create a new SecurityContext if not already available
+ */
+ SecurityContext sc = SecurityAssociationActions.getSecurityContext();
+ if(sc == null)
+ {
+ SecurityAssociationActions.setSecurityContext(new SecurityContext());
+ this.addedSecurityContext = true;
+ }
}
finally
{
@@ -207,6 +221,8 @@
log.trace("End invoke, caller"+caller);
activeWebMetaData.set(null);
userPrincipal.set(null);
+ if(addedSecurityContext)
+ SecurityAssociationActions.clearSecurityContext();
}
}
More information about the jboss-cvs-commits
mailing list