[jboss-cvs] JBossAS SVN: r59065 - trunk/ejb3/src/main/org/jboss/ejb3
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Dec 15 16:14:52 EST 2006
Author: anil.saldhana at jboss.com
Date: 2006-12-15 16:14:51 -0500 (Fri, 15 Dec 2006)
New Revision: 59065
Modified:
trunk/ejb3/src/main/org/jboss/ejb3/BaseSessionContext.java
Log:
EJBTHREE-808: isCallerInRoleChecks should include security role references
Modified: trunk/ejb3/src/main/org/jboss/ejb3/BaseSessionContext.java
===================================================================
--- trunk/ejb3/src/main/org/jboss/ejb3/BaseSessionContext.java 2006-12-15 21:13:34 UTC (rev 59064)
+++ trunk/ejb3/src/main/org/jboss/ejb3/BaseSessionContext.java 2006-12-15 21:14:51 UTC (rev 59065)
@@ -27,7 +27,8 @@
import java.io.ObjectOutput;
import java.security.Identity;
import java.security.Principal;
-import java.util.HashSet;
+import java.util.HashSet;
+import java.util.List;
import java.util.Properties;
import javax.ejb.EJBException;
import javax.ejb.EJBHome;
@@ -46,11 +47,12 @@
import javax.transaction.UserTransaction;
import javax.xml.rpc.handler.MessageContext;
import org.jboss.annotation.security.SecurityDomain;
-import org.jboss.aop.Advisor;
+import org.jboss.aop.Advisor;
import org.jboss.ejb3.security.SecurityDomainManager;
import org.jboss.ejb3.tx.TxUtil;
import org.jboss.ejb3.tx.UserTransactionImpl;
-import org.jboss.logging.Logger;
+import org.jboss.logging.Logger;
+import org.jboss.metadata.SecurityRoleRefMetaData;
import org.jboss.security.RealmMapping;
import org.jboss.security.RunAsIdentity;
import org.jboss.security.SecurityAssociation;
@@ -205,6 +207,19 @@
+ "Check that a security-domain has been set for the application.";
throw new IllegalStateException(msg);
}
+
+ //Ensure that you go through the security role references that may be configured
+ EJBContainer ejbc = (EJBContainer)container;
+ if(ejbc.getXml() != null)
+ {
+ List<SecurityRoleRefMetaData> securityRoleRefs = ejbc.getXml().getSecurityRoleReferences();
+ for(SecurityRoleRefMetaData srmd: securityRoleRefs)
+ {
+ String rname = srmd.getName();
+ if(roleName.equals(rname))
+ roleName = srmd.getLink();
+ }
+ }
HashSet set = new HashSet();
set.add(new SimplePrincipal(roleName));
More information about the jboss-cvs-commits
mailing list