[jboss-cvs] JBossAS SVN: r61955 - projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Sun Apr 1 00:42:00 EDT 2007


Author: anil.saldhana at jboss.com
Date: 2007-04-01 00:41:59 -0400 (Sun, 01 Apr 2007)
New Revision: 61955

Modified:
   projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContextUtil.java
Log:
update runas semantics

Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContextUtil.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContextUtil.java	2007-04-01 04:41:15 UTC (rev 61954)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/plugins/JBossSecurityContextUtil.java	2007-04-01 04:41:59 UTC (rev 61955)
@@ -23,7 +23,9 @@
 
 import java.security.Principal;
 import java.security.acl.Group;
+import java.util.Map;
 
+import org.jboss.security.RunAs;
 import org.jboss.security.RunAsIdentity; 
 import org.jboss.security.SecurityContext;
 import org.jboss.security.SecurityContextUtil;
@@ -44,7 +46,10 @@
    @Override
    public <T> T get(SecurityContext sc, String key)
    { 
-      return (T) sc.getData().get(key);
+      if(RUNAS_IDENTITY_IDENTIFIER.equals(key))
+         return (T)sc.getRunAs();
+      else
+         return (T) sc.getData().get(key);
    }
 
    @Override
@@ -67,10 +72,50 @@
          throw new IllegalArgumentException("Not JBoss security context:"+sc);
       if(key == null)
          throw new IllegalArgumentException("Key is null");
-      if(RUNAS_IDENTITY_IDENTIFIER.equals(key) && obj instanceof RunAsIdentity == false)
+      if(obj != null)
+      {
+         if(RUNAS_IDENTITY_IDENTIFIER.equals(key) && obj instanceof RunAsIdentity == false)
             throw new IllegalArgumentException("Not RunAsIdentity:"+obj); 
-      if(ROLES_IDENTIFIER.equals(key) &&  obj instanceof Group == false)
-            throw new IllegalArgumentException("Not Group:"+obj);  
-      sc.getData().put(key, obj);
+         if(ROLES_IDENTIFIER.equals(key) &&  obj instanceof Group == false)
+            throw new IllegalArgumentException("Not Group:"+obj); 
+      }
+      if(RUNAS_IDENTITY_IDENTIFIER.equals(key))
+         setRunAsIdentity(sc,(RunAsIdentity) obj);
+      else
+         sc.getData().put(key, obj);
    } 
+
+   @Override
+   public <T> T remove(SecurityContext sc, String key)
+   {
+      if(sc instanceof JBossSecurityContext  == false)
+         throw new IllegalArgumentException("Not JBoss security context:"+sc);
+      if(key == null)
+         throw new IllegalArgumentException("Key is null");
+      Map<String,Object> contextMap = sc.getData();
+      if(RUNAS_IDENTITY_IDENTIFIER.equals(key))
+      {
+         RunAs runAs = sc.getRunAs();
+         //Move the caller RAI to current RAI 
+         sc.setRunAs((RunAs) contextMap.get(CALLER_RAI_IDENTIFIER));
+         
+         //Clear the Caller RAI
+         contextMap.remove(CALLER_RAI_IDENTIFIER); 
+         return (T) runAs;
+      }
+      return (T) contextMap.remove(key);
+   }
+   
+   //PRIVATE METHODS 
+   private void setRunAsIdentity(SecurityContext sc,RunAsIdentity rai)
+   {
+      Map<String,Object> contextMap = sc.getData();
+      
+      //Move the current RAI on the sc into the caller rai
+      RunAs currentRA = sc.getRunAs(); 
+      contextMap.put(CALLER_RAI_IDENTIFIER, currentRA);
+      
+      sc.setRunAs(rai);
+      //contextMap.put(RUNAS_IDENTITY_IDENTIFIER, rai); 
+   }
 }




More information about the jboss-cvs-commits mailing list