[jboss-cvs] jboss/src/main/org/jboss/ejb/plugins ...
Anil Saldhana
anil.saldhana at jboss.com
Mon Jul 17 13:18:45 EDT 2006
User: asaldhana
Date: 06/07/17 13:18:45
Modified: src/main/org/jboss/ejb/plugins
SecurityAuthorizationInterceptor.java
Log:
JBAS-3374: Use the Resource keys
Revision Changes Path
1.2 +22 -13 jboss/src/main/org/jboss/ejb/plugins/SecurityAuthorizationInterceptor.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: SecurityAuthorizationInterceptor.java
===================================================================
RCS file: /cvsroot/jboss/jboss/src/main/org/jboss/ejb/plugins/SecurityAuthorizationInterceptor.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -r1.1 -r1.2
--- SecurityAuthorizationInterceptor.java 7 Jul 2006 16:33:35 -0000 1.1
+++ SecurityAuthorizationInterceptor.java 17 Jul 2006 17:18:45 -0000 1.2
@@ -22,6 +22,7 @@
package org.jboss.ejb.plugins;
import java.lang.reflect.Method;
+import java.security.CodeSource;
import java.util.HashMap;
import javax.security.auth.Subject;
@@ -32,25 +33,29 @@
import org.jboss.mx.util.MBeanProxyExt;
import org.jboss.mx.util.MBeanServerLocator;
import org.jboss.security.AuthorizationManager;
+import org.jboss.security.SecurityConstants;
import org.jboss.security.authorization.AuthorizationContext;
import org.jboss.security.authorization.EJBResource;
+import org.jboss.security.authorization.ResourceKeys;
import org.jboss.security.plugins.AuthorizationManagerServiceMBean;
-//$Id: SecurityAuthorizationInterceptor.java,v 1.1 2006/07/07 16:33:35 asaldhana Exp $
+//$Id: SecurityAuthorizationInterceptor.java,v 1.2 2006/07/17 17:18:45 asaldhana Exp $
/**
* Authorization Interceptor that makes use of the Authorization
* Framework for access control decisions
* @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
* @since Jul 6, 2006
- * @version $Revision: 1.1 $
+ * @version $Revision: 1.2 $
*/
public class SecurityAuthorizationInterceptor extends AbstractInterceptor
{
protected String ejbName = null;
- protected String securityDomain = null;
+ protected CodeSource ejbCS = null;
protected AuthorizationManagerServiceMBean authorizationManagerService = null;
+ protected String authorizationSecurityDomain = SecurityConstants.DEFAULT_EJB_APPLICATION_POLICY;
+
public SecurityAuthorizationInterceptor()
{
@@ -70,7 +75,7 @@
{
BeanMetaData beanMetaData = container.getBeanMetaData();
ejbName = beanMetaData.getEjbName();
- securityDomain = container.getSecurityManager().getSecurityDomain();
+ ejbCS = container.getBeanClass().getProtectionDomain().getCodeSource();
}
}
@@ -101,19 +106,22 @@
private void checkAuthorization(Invocation mi)
throws Exception
{
- Method m = mi.getMethod();
+ Method ejbMethod = mi.getMethod();
// Ignore internal container calls
- if( m == null )
+ if( ejbMethod== null )
return;
// Get the caller
Subject caller = SecurityActions.getContextSubject();
AuthorizationManager authzManager = this.getAuthorizationManager();
final HashMap map = new HashMap();
- map.put("ejb.name",this.ejbName);
- map.put("ejb.method",mi.getMethod());
- map.put("ejb.principal", mi.getPrincipal());
- map.put("authorizationManager",authzManager);
+ map.put(ResourceKeys.EJB_NAME ,this.ejbName);
+ map.put(ResourceKeys.EJB_METHOD,ejbMethod);
+ map.put(ResourceKeys.EJB_PRINCIPAL, mi.getPrincipal());
+ map.put(ResourceKeys.EJB_METHODINTERFACE, mi.getType().toInterfaceString());
+ map.put(ResourceKeys.EJB_CODESOURCE, ejbCS);
+ map.put(ResourceKeys.CALLER_SUBJECT, caller);
+ map.put(ResourceKeys.AUTHORIZATION_MANAGER,authzManager);
EJBResource ejbResource = new EJBResource(map);
boolean isAuthorized = false;
try
@@ -133,11 +141,12 @@
/**
* Get the Authorization Manager for the security domain
+ * @see SecurityConstants#DEFAULT_EJB_APPLICATION_POLICY
* @return authorization manager
* @throws Exception
*/
private AuthorizationManager getAuthorizationManager() throws Exception
{
- return authorizationManagerService.getAuthorizationManager(securityDomain);
+ return authorizationManagerService.getAuthorizationManager(authorizationSecurityDomain);
}
}
More information about the jboss-cvs-commits
mailing list