[jboss-cvs] JBossAS SVN: r57532 - branches/JEE5_TCK/ejb3/src/main/org/jboss/ejb3/security
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Oct 10 10:40:04 EDT 2006
Author: anil.saldhana at jboss.com
Date: 2006-10-10 10:40:03 -0400 (Tue, 10 Oct 2006)
New Revision: 57532
Modified:
branches/JEE5_TCK/ejb3/src/main/org/jboss/ejb3/security/RunAsSecurityInterceptor.java
Log:
EJBTHREE-735:Push the RunAsIdentity on the SecurityAssociation stack
Modified: branches/JEE5_TCK/ejb3/src/main/org/jboss/ejb3/security/RunAsSecurityInterceptor.java
===================================================================
--- branches/JEE5_TCK/ejb3/src/main/org/jboss/ejb3/security/RunAsSecurityInterceptor.java 2006-10-10 10:19:25 UTC (rev 57531)
+++ branches/JEE5_TCK/ejb3/src/main/org/jboss/ejb3/security/RunAsSecurityInterceptor.java 2006-10-10 14:40:03 UTC (rev 57532)
@@ -20,21 +20,12 @@
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
package org.jboss.ejb3.security;
-
-import java.util.Set;
-import java.util.HashSet;
-import java.util.Iterator;
-
-import java.security.Principal;
-
-import javax.annotation.security.RunAs;
-import org.jboss.aop.joinpoint.Invocation;
+
+import org.jboss.aop.joinpoint.Invocation;
import org.jboss.logging.Logger;
import org.jboss.security.AuthenticationManager;
import org.jboss.security.RealmMapping;
-import org.jboss.security.RunAsIdentity;
-import org.jboss.security.SecurityAssociation;
-import org.jboss.security.SimplePrincipal;
+import org.jboss.security.RunAsIdentity;
/**
* An interceptor that enforces the run-as identity declared by a bean.
@@ -50,7 +41,7 @@
public RunAsSecurityInterceptor(AuthenticationManager manager, RealmMapping realmMapping, RunAsIdentity id)
{
super(manager, realmMapping);
- this.runAsIdentity = id;
+ this.runAsIdentity = id;
}
protected RunAsIdentity getRunAsIdentity(Invocation invocation)
@@ -60,7 +51,19 @@
public Object invoke(Invocation invocation) throws Throwable
{
- return super.invoke(invocation);
+ try
+ {
+ /* If a run-as role was specified, push it so that any calls made
+ by this bean will have the runAsRole available for declarative
+ security checks.
+ */
+ SecurityActions.pushRunAsIdentity(runAsIdentity);
+ return super.invoke(invocation);
+ }
+ finally
+ {
+ SecurityActions.popRunAsIdentity();
+ }
}
}
More information about the jboss-cvs-commits
mailing list