[jboss-cvs] jboss/src/main/org/jboss/ejb/plugins ...
Anil Saldhana
anil.saldhana at jboss.com
Wed Jul 19 14:22:41 EDT 2006
User: asaldhana
Date: 06/07/19 14:22:41
Modified: src/main/org/jboss/ejb/plugins
SecurityAuthorizationInterceptor.java
Log:
JBAS-3374: Fallback to default security domain for the ejb layer
Revision Changes Path
1.3 +20 -6 jboss/src/main/org/jboss/ejb/plugins/SecurityAuthorizationInterceptor.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: SecurityAuthorizationInterceptor.java
===================================================================
RCS file: /cvsroot/jboss/jboss/src/main/org/jboss/ejb/plugins/SecurityAuthorizationInterceptor.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -b -r1.2 -r1.3
--- SecurityAuthorizationInterceptor.java 17 Jul 2006 17:18:45 -0000 1.2
+++ SecurityAuthorizationInterceptor.java 19 Jul 2006 18:22:41 -0000 1.3
@@ -29,32 +29,37 @@
import org.jboss.ejb.Container;
import org.jboss.invocation.Invocation;
+import org.jboss.logging.Logger;
import org.jboss.metadata.BeanMetaData;
import org.jboss.mx.util.MBeanProxyExt;
import org.jboss.mx.util.MBeanServerLocator;
import org.jboss.security.AuthorizationManager;
import org.jboss.security.SecurityConstants;
+import org.jboss.security.Util;
import org.jboss.security.authorization.AuthorizationContext;
import org.jboss.security.authorization.EJBResource;
import org.jboss.security.authorization.ResourceKeys;
import org.jboss.security.plugins.AuthorizationManagerServiceMBean;
-//$Id: SecurityAuthorizationInterceptor.java,v 1.2 2006/07/17 17:18:45 asaldhana Exp $
+//$Id: SecurityAuthorizationInterceptor.java,v 1.3 2006/07/19 18:22:41 asaldhana Exp $
/**
* Authorization Interceptor that makes use of the Authorization
* Framework for access control decisions
* @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
* @since Jul 6, 2006
- * @version $Revision: 1.2 $
+ * @version $Revision: 1.3 $
*/
public class SecurityAuthorizationInterceptor extends AbstractInterceptor
{
+ protected static Logger log = Logger.getLogger(SecurityAuthorizationInterceptor.class);
+ protected boolean trace = log.isTraceEnabled();
protected String ejbName = null;
protected CodeSource ejbCS = null;
protected AuthorizationManagerServiceMBean authorizationManagerService = null;
-
- protected String authorizationSecurityDomain = SecurityConstants.DEFAULT_EJB_APPLICATION_POLICY;
+ protected String appSecurityDomain = null;
+ //Fallback Security Domain
+ protected String defaultAuthorizationSecurityDomain = SecurityConstants.DEFAULT_EJB_APPLICATION_POLICY;
public SecurityAuthorizationInterceptor()
@@ -74,6 +79,7 @@
if (container != null)
{
BeanMetaData beanMetaData = container.getBeanMetaData();
+ appSecurityDomain = container.getBeanMetaData().getApplicationMetaData().getSecurityDomain();
ejbName = beanMetaData.getEjbName();
ejbCS = container.getBeanClass().getProtectionDomain().getCodeSource();
}
@@ -132,7 +138,10 @@
catch (Exception e)
{
isAuthorized = false;
- log.error("Error in authorization:",e);
+ if(trace)
+ log.trace("Error in authorization:",e);
+ else
+ log.error("Error in authorization:"+e.getLocalizedMessage());
}
String msg = "Denied: caller=" + caller;
if(!isAuthorized)
@@ -147,6 +156,11 @@
*/
private AuthorizationManager getAuthorizationManager() throws Exception
{
- return authorizationManagerService.getAuthorizationManager(authorizationSecurityDomain);
+ String tempSecurityDomain = appSecurityDomain != null ? Util.unprefixSecurityDomain(appSecurityDomain) :
+ defaultAuthorizationSecurityDomain;
+ AuthorizationManager am = authorizationManagerService.getAuthorizationManager(tempSecurityDomain);
+ if(trace)
+ log.trace(am.toString());
+ return am;
}
}
More information about the jboss-cvs-commits
mailing list