[jboss-cvs] JBossAS SVN: r57450 - branches/JEE5_TCK/server/src/main/org/jboss/web

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Thu Oct 5 12:02:34 EDT 2006 

Author: anil.saldhana at jboss.com
Date: 2006-10-05 12:02:34 -0400 (Thu, 05 Oct 2006)
New Revision: 57450

Modified:
   branches/JEE5_TCK/server/src/main/org/jboss/web/WebPermissionMapping.java
Log:
JBAS-3326:JACC 1.1: Additional WebRoleRefPermission processing

Modified: branches/JEE5_TCK/server/src/main/org/jboss/web/WebPermissionMapping.java
===================================================================
--- branches/JEE5_TCK/server/src/main/org/jboss/web/WebPermissionMapping.java	2006-10-05 15:23:22 UTC (rev 57449)
+++ branches/JEE5_TCK/server/src/main/org/jboss/web/WebPermissionMapping.java	2006-10-05 16:02:34 UTC (rev 57450)
@@ -236,14 +236,15 @@
       with all the cross product of servlets and security-role elements that
       are not referenced via a security-role-ref as described in JACC section
       3.1.3.2
-      */
-      Set unreferencedRoles = metaData.getSecurityRoleNames();
+      */ 
       Map servletRoleRefs = metaData.getSecurityRoleRefs();
       Iterator roleRefsIter = servletRoleRefs.keySet().iterator();
       while( roleRefsIter.hasNext() )
       {
          String servletName = (String) roleRefsIter.next();
          ArrayList roleRefs = (ArrayList) servletRoleRefs.get(servletName);
+         //Perform the unreferenced roles processing for every servlet name
+         Set unreferencedRoles = metaData.getSecurityRoleNames();
          for(int n = 0; n < roleRefs.size(); n ++)
          {
             SecurityRoleRefMetaData roleRef = (SecurityRoleRefMetaData) roleRefs.get(n);
@@ -259,7 +260,33 @@
             // Remove the role from the unreferencedRoles
             unreferencedRoles.remove(roleName);
          }
+         
+         //Spec 3.1.3.2: For each servlet element in the deployment descriptor 
+         //a WebRoleRefPermission must be added to each security-role of the 
+         //application whose name does not appear as the rolename 
+         //in a security-role-ref within the servlet element.  
+         Iterator unref = unreferencedRoles.iterator();
+         while(unref.hasNext())
+         {
+            String unrefRole = (String)unref.next();
+            WebRoleRefPermission unrefP = new WebRoleRefPermission(servletName,unrefRole);
+            pc.addToRole(unrefRole, unrefP);
+         }
       }
+
+      Set unreferencedRoles = metaData.getSecurityRoleNames();
+      //JACC 1.1:Spec 3.1.3.2: For each security-role defined in the deployment descriptor, an
+      //additional WebRoleRefPermission must be added to the corresponding role by
+      //calling the addToRole method on the PolicyConfiguration object. The
+      //name of all such permissions must be the empty string, and the actions of each
+      //such permission must be the role-name of the corresponding role.
+      Iterator unreferencedRolesIter = unreferencedRoles.iterator();
+      while(unreferencedRolesIter.hasNext())
+      {
+        String unreferencedRole = (String)unreferencedRolesIter.next();
+        WebRoleRefPermission wrrep = new WebRoleRefPermission("", unreferencedRole);
+        pc.addToRole(unreferencedRole, wrrep); 
+      }
       
       // Now build the cross product of the unreferencedRoles and servlets
       Set servletNames = metaData.getServletNames();

More information about the jboss-cvs-commits mailing list