[jboss-cvs] JBossAS SVN: r62557 - in trunk/server/src/main/org/jboss/ejb: plugins and 4 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Apr 25 11:08:18 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-04-25 11:08:18 -0400 (Wed, 25 Apr 2007)
New Revision: 62557
Added:
trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions.java
Modified:
trunk/server/src/main/org/jboss/ejb/EnterpriseContext.java
trunk/server/src/main/org/jboss/ejb/EntityContainer.java
trunk/server/src/main/org/jboss/ejb/MessageDrivenContainer.java
trunk/server/src/main/org/jboss/ejb/SecurityActions.java
trunk/server/src/main/org/jboss/ejb/SessionContainer.java
trunk/server/src/main/org/jboss/ejb/plugins/EntityInstanceInterceptor.java
trunk/server/src/main/org/jboss/ejb/plugins/ProxyFactoryFinderInterceptor.java
trunk/server/src/main/org/jboss/ejb/plugins/RunAsSecurityInterceptor.java
trunk/server/src/main/org/jboss/ejb/plugins/SecurityActions.java
trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionInstanceInterceptor.java
trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionSecurityInterceptor.java
trunk/server/src/main/org/jboss/ejb/plugins/StatelessSessionInstanceInterceptor.java
trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/JDBCCMRFieldBridge.java
trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc2/bridge/JDBCCMRFieldBridge2.java
trunk/server/src/main/org/jboss/ejb/plugins/local/BaseLocalProxyFactory.java
trunk/server/src/main/org/jboss/ejb/txtimer/SecurityActions.java
trunk/server/src/main/org/jboss/ejb/txtimer/TimedObjectInvokerImpl.java
Log:
JBAS-4317: security context over the invocation
Modified: trunk/server/src/main/org/jboss/ejb/EnterpriseContext.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/EnterpriseContext.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/EnterpriseContext.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -56,9 +56,12 @@
import org.jboss.metadata.SecurityRoleRefMetaData;
import org.jboss.security.AuthorizationManager;
import org.jboss.security.RealmMapping;
-import org.jboss.security.RunAsIdentity;
+import org.jboss.security.RunAs;
+import org.jboss.security.SecurityContext;
import org.jboss.security.SecurityRoleRef;
import org.jboss.security.SimplePrincipal;
+import org.jboss.security.audit.AuditEvent;
+import org.jboss.security.audit.AuditLevel;
import org.jboss.security.authorization.AuthorizationContext;
import org.jboss.security.authorization.EJBResource;
import org.jboss.security.authorization.ResourceKeys;
@@ -114,6 +117,9 @@
/** The principal for the bean associated with the call */
private Principal beanPrincipal;
+
+ /** SecurityContext associated with the invocation */
+ private SecurityContext securityContext;
/** Only StatelessSession beans have no Id, stateful and entity do */
Object id;
@@ -215,6 +221,11 @@
this.beanPrincipal = null;
if( con.getSecurityManager() != null )
this.beanPrincipal = getCallerPrincipal();
+ }
+
+ public void setSecurityContext(SecurityContext securityContext)
+ {
+ this.securityContext = securityContext;
}
public void lock()
@@ -365,7 +376,9 @@
/* Get the run-as user or authenticated user. The run-as user is
returned before any authenticated user.
*/
- Principal caller = SecurityActions.getCallerPrincipal();
+ Principal caller = SecurityActions.getCallerPrincipal(securityContext);
+
+ //Principal caller = SecurityActions.getCallerPrincipal();
RealmMapping rm = con.getRealmMapping();
/* Apply any domain caller mapping. This should really only be
done for non-run-as callers.
@@ -515,7 +528,12 @@
throw new IllegalStateException(msg);
}
//Check the caller of this beans run-as identity
- RunAsIdentity runAsIdentity = SecurityActions.peekRunAsIdentity(1);
+ RunAs runAsIdentity = null;
+ if(securityContext != null )
+ {
+ runAsIdentity = securityContext.getUtil().getCallerRunAs();
+ }
+ //RunAsIdentity runAsIdentity = SecurityActions.peekRunAsIdentity(1);
if (principal == null && runAsIdentity == null)
return false;
@@ -531,7 +549,7 @@
map.put(ResourceKeys.EJB_NAME ,getContainer().getBeanMetaData().getEjbName());
map.put(ResourceKeys.EJB_PRINCIPAL, principal);
map.put(ResourceKeys.AUTHORIZATION_MANAGER,authzManager);
- map.put(ResourceKeys.RUNASIDENTITY, SecurityActions.peekRunAsIdentity(1));
+ map.put(ResourceKeys.RUNASIDENTITY, runAsIdentity);
map.put(ResourceKeys.SECURITY_ROLE_REFERENCES, securityRoleRefs);
map.put(ResourceKeys.ROLENAME, roleName);
map.put(ResourceKeys.ROLEREF_PERM_CHECK, Boolean.TRUE);
@@ -554,10 +572,12 @@
catch (Exception e)
{
isAuthorized = false;
- if(log.isTraceEnabled())
- log.trace("Error in authorization:",e);
- else
- log.error("isCallerInRole check failed:"+e.getLocalizedMessage());
+ if(log.isTraceEnabled())
+ log.trace(roleName + "::isCallerInRole check failed:"+e.getLocalizedMessage());
+ if(securityContext != null )
+ {
+ securityContext.getAuditManager().audit(new AuditEvent(AuditLevel.FAILURE, map, e));
+ }
}
return isAuthorized;
}
Modified: trunk/server/src/main/org/jboss/ejb/EntityContainer.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/EntityContainer.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/EntityContainer.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -50,6 +50,7 @@
import org.jboss.metadata.ConfigurationMetaData;
import org.jboss.metadata.EntityMetaData;
import org.jboss.monitor.StatisticsProvider;
+import org.jboss.security.SecurityConstants;
import org.jboss.util.collection.SerializableEnumeration;
/**
@@ -65,6 +66,7 @@
* @author <a href="mailto:bill at burkecentral.com">Bill Burke</a>
* @author <a href="mailto:andreas.schaefer at madplanet.com">Andreas Schaefer</a>
* @author <a href="mailto:dain at daingroup.com">Dain Sundstrom</a>
+ * @author <a href="mailto:anil.saldhana at redhat.com">Anil Saldhana</a>
* @version $Revision$
*
* @jmx.mbean extends="org.jboss.ejb.ContainerMBean"
@@ -494,6 +496,23 @@
public Object internalInvokeHome(Invocation mi) throws Exception
{
+ //Validate that there is a security context on the invocation
+ if(mi.getSecurityContext() == null)
+ throw new IllegalStateException("Security Context in invocation is null");
+
+ String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+ if(sm != null)
+ securityDomain = sm.getSecurityDomain();
+ if(mi.isLocal() == false)
+ {
+ SecurityActions.createAndSetSecurityContext(mi.getPrincipal(),
+ mi.getCredential(), securityDomain, null);
+ }
+ SecurityActions.pushCallerRunAsIdentity(mi.getSecurityContext().getRunAs());
+ //Place on the invocation
+ if(mi.getSecurityContext() == null)
+ mi.setSecurityContext(SecurityActions.getSecurityContext());
+
Method method = mi.getMethod();
if (method != null && method.getName().equals("remove"))
{
@@ -521,13 +540,45 @@
mi.setArguments(new Object[0]);
return getInterceptor().invoke(mi);
}
- return getInterceptor().invokeHome(mi);
+ try
+ {
+ // Invoke through interceptors
+ return getInterceptor().invokeHome(mi);
+ }
+ finally
+ {
+ SecurityActions.popCallerRunAsIdentity();
+ }
}
public Object internalInvoke(Invocation mi) throws Exception
{
- // Invoke through interceptors
- return getInterceptor().invoke(mi);
+ //Validate that there is a security context on the invocation
+ if(mi.getSecurityContext() == null)
+ throw new IllegalStateException("Security Context in invocation is null");
+
+ String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+ if(sm != null)
+ securityDomain = sm.getSecurityDomain();
+ if(mi.isLocal() == false)
+ {
+ SecurityActions.createAndSetSecurityContext(mi.getPrincipal(),
+ mi.getCredential(), securityDomain, null);
+ }
+ SecurityActions.pushCallerRunAsIdentity(mi.getSecurityContext().getRunAs());
+ //Place on the invocation
+ if(mi.getSecurityContext() == null)
+ mi.setSecurityContext(SecurityActions.getSecurityContext());
+
+ try
+ {
+ // Invoke through interceptors
+ return getInterceptor().invoke(mi);
+ }
+ finally
+ {
+ SecurityActions.popCallerRunAsIdentity();
+ }
}
// EJBObject implementation --------------------------------------
Modified: trunk/server/src/main/org/jboss/ejb/MessageDrivenContainer.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/MessageDrivenContainer.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/MessageDrivenContainer.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -40,6 +40,8 @@
import org.jboss.invocation.Invocation;
import org.jboss.metadata.MessageDrivenMetaData;
+import org.jboss.security.SecurityConstants;
+import org.jboss.security.SecurityContext;
import org.jboss.util.NullArgumentException;
/**
@@ -403,7 +405,15 @@
public Object internalInvoke(Invocation mi) throws Exception
{
// Invoke through interceptors
- return getInterceptor().invoke(mi);
+ String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+ if(sm != null)
+ securityDomain = sm.getSecurityDomain();
+ SecurityActions.createAndSetSecurityContext(mi.getPrincipal(),
+ mi.getCredential(), securityDomain, null);
+ //Place on the invocation
+ if(mi.getSecurityContext() == null)
+ mi.setSecurityContext(SecurityActions.getSecurityContext());
+ return getInterceptor().invoke(mi);
}
Modified: trunk/server/src/main/org/jboss/ejb/SecurityActions.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/SecurityActions.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/SecurityActions.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -38,8 +38,13 @@
import javax.security.jacc.PolicyContextException;
import org.jboss.mx.util.MBeanProxy;
+import org.jboss.security.RunAs;
import org.jboss.security.RunAsIdentity;
-import org.jboss.security.SecurityAssociation;
+import org.jboss.security.SecurityAssociation;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SimplePrincipal;
+import org.jboss.security.plugins.SecurityContextAssociation;
+import org.jboss.security.plugins.SecurityContextFactory;
/** A collection of privileged actions for this package
*
@@ -183,11 +188,11 @@
PrivilegedAction action = new PeekRunAsRoleAction(depth);
RunAsIdentity principal = (RunAsIdentity) AccessController.doPrivileged(action);
return principal;
- }
-
- static Principal getCallerPrincipal()
+ }
+
+ static Principal getCallerPrincipal(SecurityContext sc)
{
- return IdentityAction.UTIL.getIdentityAction().getCallerPrincipal();
+ return IdentityAction.UTIL.getIdentityAction().getCallerPrincipal(sc);
}
interface IdentityAction
@@ -200,11 +205,21 @@
}
}
IdentityAction NON_PRIVILEGED = new IdentityAction()
- {
- public Principal getCallerPrincipal()
+ {
+ public Principal getCallerPrincipal(SecurityContext securityContext)
{
- return SecurityAssociation.getCallerPrincipal();
+ Principal caller = null;
+
+ if(securityContext != null)
+ {
+ caller = securityContext.getUtil().getCallerRunAs();
+ //If there is no caller run as, use the call principal
+ if(caller == null)
+ caller = securityContext.getUtil().getUserPrincipal();
+ }
+ return caller;
}
+
};
IdentityAction PRIVILEGED = new IdentityAction()
{
@@ -214,14 +229,28 @@
{
return SecurityAssociation.getCallerPrincipal();
}
- };
- public Principal getCallerPrincipal()
+ };
+
+ public Principal getCallerPrincipal(final SecurityContext securityContext)
{
- return (Principal)AccessController.doPrivileged(getCallerPrincipalAction);
+ return (Principal)AccessController.doPrivileged(new PrivilegedAction(){
+
+ public Object run()
+ {
+ Principal caller = null;
+
+ if(securityContext != null)
+ {
+ caller = securityContext.getUtil().getCallerRunAs();
+ //If there is no caller run as, use the call principal
+ if(caller == null)
+ caller = securityContext.getUtil().getUserPrincipal();
+ }
+ return caller;
+ }});
}
- };
-
- Principal getCallerPrincipal();
+ };
+ Principal getCallerPrincipal(SecurityContext sc);
}
interface TCLAction
@@ -385,8 +414,7 @@
throws PolicyContextException;
}
- static Subject getContextSubject()
-
+ static Subject getContextSubject()
throws PolicyContextException
{
if(System.getSecurityManager() == null)
@@ -398,4 +426,74 @@
return PolicyContextActions.PRIVILEGED.getContextSubject();
}
}
+
+ static SecurityContext getSecurityContext()
+ {
+ return (SecurityContext)AccessController.doPrivileged(
+ new PrivilegedAction()
+ {
+ public Object run()
+ {
+ return SecurityContextAssociation.getSecurityContext();
+ }
+ }
+ );
+ }
+
+ static SecurityContext createSecurityContext(final String domain)
+ {
+ return (SecurityContext)AccessController.doPrivileged(
+ new PrivilegedAction()
+ {
+ public Object run()
+ {
+ return SecurityContextFactory.createSecurityContext(domain);
+ }
+ }
+ );
+ }
+
+
+ static void createAndSetSecurityContext(final Principal p, final Object cred, final String domain,
+ final Subject subject)
+ {
+ AccessController.doPrivileged(new PrivilegedAction(){
+
+ public Object run()
+ {
+ SecurityContext sc = SecurityContextFactory.createSecurityContext(domain);
+ sc.getUtil().createSubjectInfo(p, cred, subject);
+ SecurityContextAssociation.setSecurityContext(sc);
+ return null;
+ }});
+ }
+
+
+ static void pushCallerRunAsIdentity(final RunAs ra)
+ {
+ AccessController.doPrivileged(new PrivilegedAction(){
+ public Object run()
+ {
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ sc.getUtil().setCallerRunAs(ra);
+ return null;
+ }
+ });
+ }
+
+ static void popCallerRunAsIdentity()
+ {
+ AccessController.doPrivileged(new PrivilegedAction(){
+ public Object run()
+ {
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ sc.getUtil().setCallerRunAs(null);
+ return null;
+ }
+ });
+ }
}
Modified: trunk/server/src/main/org/jboss/ejb/SessionContainer.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/SessionContainer.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/SessionContainer.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -40,10 +40,11 @@
import javax.ejb.TimedObject;
import javax.ejb.Timer;
import javax.management.ObjectName;
-
+
import org.jboss.invocation.Invocation;
import org.jboss.invocation.MarshalledInvocation;
-import org.jboss.metadata.SessionMetaData;
+import org.jboss.metadata.SessionMetaData;
+import org.jboss.security.SecurityConstants;
/**
* <p>
@@ -619,6 +620,23 @@
public Object internalInvokeHome(Invocation mi) throws Exception
{
+ //Validate that there is a security context on the invocation
+ if(mi.getSecurityContext() == null)
+ throw new IllegalStateException("Security Context in invocation is null");
+
+ String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+ if(sm != null)
+ securityDomain = sm.getSecurityDomain();
+ if(mi.isLocal() == false)
+ {
+ SecurityActions.createAndSetSecurityContext(mi.getPrincipal(),
+ mi.getCredential(), securityDomain, null);
+ }
+ SecurityActions.pushCallerRunAsIdentity(mi.getSecurityContext().getRunAs());
+ //Place on the invocation
+ if(mi.getSecurityContext() == null)
+ mi.setSecurityContext(SecurityActions.getSecurityContext());
+
Method method = mi.getMethod();
if (method != null && method.getName().equals("remove"))
{
@@ -635,8 +653,16 @@
}
else
throw new RemoveException("EJBHome.remove(Object) not allowed for session beans");
+ }
+ try
+ {
+ // Invoke through interceptors
+ return getInterceptor().invokeHome(mi);
}
- return getInterceptor().invokeHome(mi);
+ finally
+ {
+ SecurityActions.popCallerRunAsIdentity();
+ }
}
/**
@@ -645,9 +671,33 @@
* on the particular instance
*/
public Object internalInvoke(Invocation mi) throws Exception
- {
- // Invoke through interceptors
- return getInterceptor().invoke(mi);
+ {
+ //Validate that there is a security context on the invocation
+ if(mi.getSecurityContext() == null)
+ throw new IllegalStateException("Security Context in invocation is null");
+
+ String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+ if(sm != null)
+ securityDomain = sm.getSecurityDomain();
+ if(mi.isLocal() == false)
+ {
+ SecurityActions.createAndSetSecurityContext(mi.getPrincipal(),
+ mi.getCredential(), securityDomain, null);
+ }
+ SecurityActions.pushCallerRunAsIdentity(mi.getSecurityContext().getRunAs());
+ //Place on the invocation
+ if(mi.getSecurityContext() == null)
+ mi.setSecurityContext(SecurityActions.getSecurityContext());
+
+ try
+ {
+ // Invoke through interceptors
+ return getInterceptor().invoke(mi);
+ }
+ finally
+ {
+ SecurityActions.popCallerRunAsIdentity();
+ }
}
// EJBObject implementation --------------------------------------
Modified: trunk/server/src/main/org/jboss/ejb/plugins/EntityInstanceInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/EntityInstanceInterceptor.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/EntityInstanceInterceptor.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -121,6 +121,7 @@
// Give it the transaction
ctx.setTransaction(mi.getTransaction());
+ ctx.setSecurityContext(mi.getSecurityContext());
// Set the current security information
ctx.setPrincipal(mi.getPrincipal());
@@ -256,8 +257,9 @@
{
ctx.setTransaction(tx);
}
- }
+ }
+ ctx.setSecurityContext(mi.getSecurityContext());
// Set the current security information
ctx.setPrincipal(mi.getPrincipal());
// Set the JACC EnterpriseBean PolicyContextHandler data
Modified: trunk/server/src/main/org/jboss/ejb/plugins/ProxyFactoryFinderInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/ProxyFactoryFinderInterceptor.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/ProxyFactoryFinderInterceptor.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -26,13 +26,13 @@
import org.jboss.ejb.Interceptor;
import org.jboss.invocation.Invocation;
import org.jboss.invocation.InvocationKey;
-import org.jboss.naming.ENCThreadLocalKey;
+import org.jboss.naming.ENCThreadLocalKey;
/**
* This interceptor injects the ProxyFactory into the ThreadLocal container variable
*
* @author <a href="mailto:rickard.oberg at telkel.com">Rickard Öberg</a>
- * @author <a href="mailto:Scott.Stark at jboss.org">Scott Stark</a>
+ * @author <a href="mailto:Scott.Stark at jboss.org">Scott Stark</a>
* @version $Revision$
*/
public class ProxyFactoryFinderInterceptor
@@ -98,7 +98,7 @@
if (invokerBinding != null || oldInvokerBinding == null)
{
ENCThreadLocalKey.setKey(invokerBinding);
- }
+ }
Interceptor next = getNext();
Object value = null;
@@ -129,8 +129,8 @@
if (invokerBinding != null || oldInvokerBinding == null)
{
ENCThreadLocalKey.setKey(invokerBinding);
- }
-
+ }
+
Interceptor next = getNext();
Object value = null;
try
@@ -141,7 +141,7 @@
{
ENCThreadLocalKey.setKey(oldInvokerBinding);
// TODO: we should probably clear the thread local, i.e.
- //container.setProxyFactory(null);
+ //container.setProxyFactory(null);
}
return value;
Modified: trunk/server/src/main/org/jboss/ejb/plugins/RunAsSecurityInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/RunAsSecurityInterceptor.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/RunAsSecurityInterceptor.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -21,14 +21,16 @@
*/
package org.jboss.ejb.plugins;
-import org.jboss.ejb.Container;
+import org.jboss.ejb.Container;
import org.jboss.invocation.Invocation;
import org.jboss.metadata.ApplicationMetaData;
import org.jboss.metadata.AssemblyDescriptorMetaData;
import org.jboss.metadata.BeanMetaData;
import org.jboss.metadata.SecurityIdentityMetaData;
import org.jboss.security.AuthenticationManager;
+import org.jboss.security.RunAs;
import org.jboss.security.RunAsIdentity;
+import org.jboss.security.SecurityConstants;
import java.util.Set;
@@ -44,7 +46,7 @@
*/
public class RunAsSecurityInterceptor extends AbstractInterceptor
{
- protected RunAsIdentity runAsIdentity;
+ protected RunAs runAsIdentity;
/** The authentication manager plugin
*/
@@ -91,8 +93,12 @@
public Object invokeHome(Invocation mi) throws Exception
{
- String securityDomain = securityManager != null ? securityManager.getSecurityDomain()
- :"EMPTY";
+ String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+ if(securityManager != null)
+ {
+ securityDomain = securityManager.getSecurityDomain();
+ }
+
//Establish a security context if one is missing for Run-As push
if(SecurityActions.getSecurityContext() == null)
{
@@ -104,7 +110,8 @@
by this bean will have the runAsRole available for declarative
security checks.
*/
- SecurityActions.pushRunAsIdentity(runAsIdentity);
+ SecurityActions.pushRunAsIdentity(runAsIdentity);
+ SecurityActions.pushCallerRunAsIdentity(runAsIdentity);
try
{
@@ -114,13 +121,17 @@
finally
{
SecurityActions.popRunAsIdentity();
+ SecurityActions.popCallerRunAsIdentity();
}
}
public Object invoke(Invocation mi) throws Exception
{
- String securityDomain = securityManager != null ? securityManager.getSecurityDomain()
- :"EMPTY";
+ String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+ if(securityManager != null)
+ {
+ securityDomain = securityManager.getSecurityDomain();
+ }
//Establish a security context if one is missing for Run-As push
if(SecurityActions.getSecurityContext() == null)
{
Modified: trunk/server/src/main/org/jboss/ejb/plugins/SecurityActions.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/SecurityActions.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/SecurityActions.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -25,98 +25,29 @@
import java.security.PrivilegedExceptionAction;
import java.security.Principal;
import java.security.AccessController;
-import java.security.PrivilegedActionException;
-import java.util.HashMap;
+import java.security.PrivilegedActionException;
import java.lang.reflect.UndeclaredThrowableException;
import javax.security.auth.Subject;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
-import org.jboss.security.SecurityAssociation;
-import org.jboss.security.RunAsIdentity;
-import org.jboss.security.SecurityConstants;
+import org.jboss.security.RunAs;
import org.jboss.security.SecurityContext;
import org.jboss.security.SubjectInfo;
import org.jboss.security.plugins.SecurityContextAssociation;
import org.jboss.security.plugins.SecurityContextFactory;
+
-import static org.jboss.security.SecurityConstants.RUNAS_IDENTITY_IDENTIFIER;
-
/** A collection of privileged actions for this package
* @author Scott.Stark at jboss.org
* @author <a href="mailto:alex at jboss.org">Alexey Loubyansky</a>
+ * @author Anil.Saldhana at redhat.com
* @version $Revison: $
*/
class SecurityActions
{
- interface PrincipalInfoAction
- {
- PrincipalInfoAction PRIVILEGED = new PrincipalInfoAction()
- {
- public void push(final Principal principal, final Object credential,
- final Subject subject)
- {
- AccessController.doPrivileged(
- new PrivilegedAction()
- {
- public Object run()
- {
- SecurityAssociation.pushSubjectContext(subject, principal, credential);
- return null;
- }
- }
- );
- }
- public void dup()
- {
- AccessController.doPrivileged(
- new PrivilegedAction()
- {
- public Object run()
- {
- SecurityAssociation.dupSubjectContext();
- return null;
- }
- }
- );
- }
- public void pop()
- {
- AccessController.doPrivileged(
- new PrivilegedAction()
- {
- public Object run()
- {
- SecurityAssociation.popSubjectContext();
- return null;
- }
- }
- );
- }
- };
-
- PrincipalInfoAction NON_PRIVILEGED = new PrincipalInfoAction()
- {
- public void push(Principal principal, Object credential, Subject subject)
- {
- SecurityAssociation.pushSubjectContext(subject, principal, credential);
- }
- public void dup()
- {
- SecurityAssociation.dupSubjectContext();
- }
- public void pop()
- {
- SecurityAssociation.popSubjectContext();
- }
- };
-
- void push(Principal principal, Object credential, Subject subject);
- void dup();
- void pop();
- }
-
+
interface RunAsIdentityActions
{
RunAsIdentityActions PRIVILEGED = new RunAsIdentityActions()
@@ -125,7 +56,11 @@
{
public Object run()
{
- return SecurityAssociation.peekRunAsIdentity();
+ //return SecurityAssociation.peekRunAsIdentity();
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ return sc.getRunAs();
}
};
@@ -134,97 +69,87 @@
public Object run()
{
//return SecurityAssociation.popRunAsIdentity();
- SecurityContext sc = SecurityContextAssociation.getSecurityContext();
- return sc.getUtil().remove(sc,RUNAS_IDENTITY_IDENTIFIER);
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ RunAs ra = sc.getRunAs();
+ sc.setRunAs(null);
+ return ra;
}
};
- public RunAsIdentity peek()
+ public RunAs peek()
{
- return (RunAsIdentity)AccessController.doPrivileged(peekAction);
+ return (RunAs)AccessController.doPrivileged(peekAction);
}
- public void push(final RunAsIdentity id)
+ public void push(final RunAs id)
{
AccessController.doPrivileged(
new PrivilegedAction()
{
public Object run()
{
- SecurityAssociation.pushRunAsIdentity(id);
+ //SecurityAssociation.pushRunAsIdentity((RunAsIdentity)id);
+ SecurityContext sa = SecurityContextAssociation.getSecurityContext();
+ if(sa == null)
+ throw new IllegalStateException("Security Context is null to push runas");
+ sa.setRunAs(id);
return null;
}
}
);
}
- public RunAsIdentity pop()
+ public RunAs pop()
{
- return (RunAsIdentity)AccessController.doPrivileged(popAction);
+ return (RunAs)AccessController.doPrivileged(popAction);
}
};
RunAsIdentityActions NON_PRIVILEGED = new RunAsIdentityActions()
{
- public RunAsIdentity peek()
+ public RunAs peek()
{
- return SecurityAssociation.peekRunAsIdentity();
+ //return SecurityAssociation.peekRunAsIdentity();
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ return sc.getRunAs();
}
- public void push(RunAsIdentity id)
+ public void push(RunAs id)
{
//SecurityAssociation.pushRunAsIdentity(id);
SecurityContext sc = SecurityContextAssociation.getSecurityContext();
if(sc == null)
- throw new IllegalStateException("Security Context is null to push runas");
- sc.getUtil().set(sc, RUNAS_IDENTITY_IDENTIFIER, id);
+ throw new IllegalStateException("Security Context is null to push runas");
+ sc.setRunAs(id);
}
- public RunAsIdentity pop()
+ public RunAs pop()
{
//Pop the RAI
// return SecurityAssociation.popRunAsIdentity();
- SecurityContext sc = SecurityContextAssociation.getSecurityContext();
- return sc.getUtil().remove(sc,RUNAS_IDENTITY_IDENTIFIER);
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ RunAs ra = null;
+ ra = sc.getRunAs();
+ sc.setRunAs(null);
+ return ra;
}
};
- RunAsIdentity peek();
+ RunAs peek();
- void push(RunAsIdentity id);
+ void push(RunAs id);
- RunAsIdentity pop();
+ RunAs pop();
}
- interface ContextInfoActions
- {
- static final String EX_KEY = "org.jboss.security.exception";
- ContextInfoActions PRIVILEGED = new ContextInfoActions()
- {
- private final PrivilegedAction exAction = new PrivilegedAction()
- {
- public Object run()
- {
- return SecurityAssociation.getContextInfo(EX_KEY);
- }
- };
- public Exception getContextException()
- {
- return (Exception)AccessController.doPrivileged(exAction);
- }
- };
+
- ContextInfoActions NON_PRIVILEGED = new ContextInfoActions()
- {
- public Exception getContextException()
- {
- return (Exception)SecurityAssociation.getContextInfo(EX_KEY);
- }
- };
-
- Exception getContextException();
- }
-
interface PolicyContextActions
{
/** The JACC PolicyContext key for the current Subject */
@@ -279,42 +204,9 @@
TCLAction.UTIL.setContextClassLoader(loader);
}
- static void pushSubjectContext(Principal principal, Object credential,
- Subject subject)
- {
- if(System.getSecurityManager() == null)
- {
- PrincipalInfoAction.NON_PRIVILEGED.push(principal, credential, subject);
- }
- else
- {
- PrincipalInfoAction.PRIVILEGED.push(principal, credential, subject);
- }
- }
- static void dupSubjectContext()
- {
- if(System.getSecurityManager() == null)
- {
- PrincipalInfoAction.NON_PRIVILEGED.dup();
- }
- else
- {
- PrincipalInfoAction.PRIVILEGED.dup();
- }
- }
- static void popSubjectContext()
- {
- if(System.getSecurityManager() == null)
- {
- PrincipalInfoAction.NON_PRIVILEGED.pop();
- }
- else
- {
- PrincipalInfoAction.PRIVILEGED.pop();
- }
- }
+
- static RunAsIdentity peekRunAsIdentity()
+ static RunAs peekRunAsIdentity()
{
if(System.getSecurityManager() == null)
{
@@ -326,7 +218,7 @@
}
}
- static void pushRunAsIdentity(RunAsIdentity principal)
+ static void pushRunAsIdentity(RunAs principal)
{
if(System.getSecurityManager() == null)
{
@@ -338,7 +230,7 @@
}
}
- static RunAsIdentity popRunAsIdentity()
+ static RunAs popRunAsIdentity()
{
if(System.getSecurityManager() == null)
{
@@ -348,20 +240,9 @@
{
return RunAsIdentityActions.PRIVILEGED.pop();
}
- }
+ }
+
- static Exception getContextException()
- {
- if(System.getSecurityManager() == null)
- {
- return ContextInfoActions.NON_PRIVILEGED.getContextException();
- }
- else
- {
- return ContextInfoActions.PRIVILEGED.getContextException();
- }
- }
-
static Subject getContextSubject()
throws PolicyContextException
{
@@ -492,79 +373,8 @@
void setContextClassLoader(Thread thread, ClassLoader cl);
}
- private static class GetSecurityContextAction implements PrivilegedAction
- {
- private String securityDomain;
- GetSecurityContextAction(String sd)
- {
- this.securityDomain = sd;
- }
- public Object run()
- {
- String sc = SecurityConstants.SECURITY_CONTEXT;
- HashMap map = (HashMap)SecurityAssociation.getContextInfo(sc);
- if(map == null)
- {
- map = new HashMap();
- SecurityAssociation.setContextInfo(sc, map);
- }
- SecurityAssociation.setContextInfo(sc, map);
- //return map.get(this.securityDomain);
- return SecurityContextAssociation.getSecurityContext();
- }
- }
- private static class SetSecurityContextAction implements PrivilegedAction
- {
- private SecurityContext securityContext;
- private String securityDomain;
- SetSecurityContextAction(SecurityContext sc, String sd)
- {
- this.securityContext = sc;
- this.securityDomain = sd;
- }
-
- public Object run()
- {
- String sc = SecurityConstants.SECURITY_CONTEXT;
- HashMap map = (HashMap)SecurityAssociation.getContextInfo(sc);
- if(map == null)
- {
- map = new HashMap();
- SecurityAssociation.setContextInfo(sc, map);
- }
- map.put(securityDomain, securityContext);
- SecurityAssociation.setContextInfo(sc, map);
-
- SecurityContextAssociation.setSecurityContext(securityContext);
- return null;
- }
- }
- private static class ClearSecurityContextAction implements PrivilegedAction
- {
- private String securityDomain;
- ClearSecurityContextAction(String sd)
- {
- this.securityDomain = sd;
- }
- public Object run()
- {
- String sc = SecurityConstants.SECURITY_CONTEXT;
- HashMap map = (HashMap)SecurityAssociation.getContextInfo(sc);
- if(map == null)
- {
- map = new HashMap();
- SecurityAssociation.setContextInfo(sc, map);
- }
- if(map.containsKey(securityDomain))
- map.remove(securityDomain);
-
- SecurityAssociation.setContextInfo(sc, map);
- return null;
- }
- }
-
static void createAndSetSecurityContext(final Principal p, final Object cred, final String domain)
{
AccessController.doPrivileged(new PrivilegedAction(){
@@ -584,18 +394,22 @@
public Object run()
{
- SecurityContext sc = SecurityContextFactory.createSecurityContext(domain);
- SubjectInfo si = SecurityContextFactory.createSubjectInfo(p, cred, subject);
- sc.setSubjectInfo(si);
+ SecurityContext sc = SecurityContextFactory.createSecurityContext(domain);
+ sc.getUtil().createSubjectInfo(p, cred, subject);
SecurityContextAssociation.setSecurityContext(sc);
return null;
}});
- }
+ }
+
+ static void clearSecurityContext()
+ {
+ AccessController.doPrivileged(new PrivilegedAction(){
- static void clearSecurityContext(String securityDomain)
- {
- ClearSecurityContextAction action = new ClearSecurityContextAction(securityDomain);
- AccessController.doPrivileged(action);
+ public Object run()
+ {
+ SecurityContextAssociation.setSecurityContext(null);
+ return null;
+ }});
}
static SecurityContext getSecurityContext()
@@ -608,15 +422,76 @@
});
}
- static SecurityContext getSecurityContext(String securityDomain)
+ static Exception getContextException()
{
- GetSecurityContextAction action = new GetSecurityContextAction(securityDomain);
- return (SecurityContext)AccessController.doPrivileged(action);
+ return (Exception)AccessController.doPrivileged(new PrivilegedAction()
+ {
+ static final String EX_KEY = "org.jboss.security.exception";
+ public Object run()
+ {
+ SecurityContext sc = getSecurityContext();
+ return sc.getData().get(EX_KEY);
+ }
+ });
}
- static void setSecurityContext(SecurityContext sc, String securityDomain)
+ static void pushSubjectContext(final Principal p, final Object cred, final Subject s)
{
- SetSecurityContextAction action = new SetSecurityContextAction(sc,securityDomain);
- AccessController.doPrivileged(action);
+ AccessController.doPrivileged(new PrivilegedAction(){
+
+ public Object run()
+ {
+ SecurityContext sc = getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ sc.getUtil().createSubjectInfo(p, cred, s);
+ return null;
+ }}
+ );
+ }
+
+ static void popSubjectContext()
+ {
+ AccessController.doPrivileged(new PrivilegedAction(){
+
+ public Object run()
+ {
+ SecurityContext sc = getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ SubjectInfo si = sc.getSubjectInfo();
+ if(si != null)
+ si.setAuthenticatedSubject(null);
+ return null;
+ }}
+ );
+ }
+
+ static void pushCallerRunAsIdentity(final RunAs ra)
+ {
+ AccessController.doPrivileged(new PrivilegedAction(){
+ public Object run()
+ {
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ sc.getUtil().setCallerRunAs(ra);
+ return null;
+ }
+ });
+ }
+
+ static void popCallerRunAsIdentity()
+ {
+ AccessController.doPrivileged(new PrivilegedAction(){
+ public Object run()
+ {
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ sc.getUtil().setCallerRunAs(null);
+ return null;
+ }
+ });
}
}
Modified: trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -21,12 +21,10 @@
*/
package org.jboss.ejb.plugins;
-import static org.jboss.security.SecurityConstants.DEFAULT_EJB_APPLICATION_POLICY;
-import static org.jboss.security.SecurityConstants.RUNAS_IDENTITY_IDENTIFIER;
+import static org.jboss.security.SecurityConstants.DEFAULT_EJB_APPLICATION_POLICY;
import org.jboss.ejb.Container;
-import org.jboss.invocation.Invocation;
-import org.jboss.invocation.InvocationKey;
+import org.jboss.invocation.Invocation;
import org.jboss.metadata.ApplicationMetaData;
import org.jboss.metadata.AssemblyDescriptorMetaData;
import org.jboss.metadata.BeanMetaData;
@@ -34,14 +32,14 @@
import org.jboss.security.AuthenticationManager;
import org.jboss.security.AuthorizationManager;
import org.jboss.security.RealmMapping;
-import org.jboss.security.RunAsIdentity;
+import org.jboss.security.RunAs;
+import org.jboss.security.RunAsIdentity;
import org.jboss.security.SecurityContext;
import org.jboss.security.SecurityRolesAssociation;
import org.jboss.security.Util;
import org.jboss.security.audit.AuditEvent;
import org.jboss.security.audit.AuditLevel;
-import org.jboss.security.audit.AuditManager;
-import org.jboss.security.audit.SecurityAuditManager;
+import org.jboss.security.audit.AuditManager;
import org.jboss.security.authorization.AuthorizationContext;
import org.jboss.security.authorization.EJBResource;
import org.jboss.security.authorization.ResourceKeys;
@@ -53,8 +51,7 @@
import java.util.Map;
import java.util.Set;
import java.lang.reflect.Method;
-import javax.security.auth.Subject;
-import javax.security.jacc.PolicyContextException;
+import javax.security.auth.Subject;
import javax.ejb.TimedObject;
import javax.ejb.Timer;
@@ -90,7 +87,7 @@
protected RealmMapping realmMapping;
// The bean uses this run-as identity to call out
- protected RunAsIdentity runAsIdentity;
+ protected RunAs runAsIdentity;
// A map of SecurityRolesMetaData from jboss.xml
protected Map securityRoles;
@@ -181,17 +178,14 @@
public Object invokeHome(Invocation mi) throws Exception
{
- // Authenticate the subject and apply any declarative security checks
- checkSecurityAssociation(mi);
+ RunAs callerRunAsIdentity = getCallerRunAsIdentity(mi);
- //Establish a security context if one is missing for Run-As push
if(SecurityActions.getSecurityContext() == null)
- {
- SecurityActions.createAndSetSecurityContext(mi.getPrincipal(),
- mi.getCredential(), this.appSecurityDomain);
- }
+ throw new IllegalStateException("Security Context is null");
- RunAsIdentity callerRunAsIdentity = getCallerRunAsIdentity(mi);
+ // Authenticate the subject and apply any declarative security checks
+ checkSecurityAssociation(mi, callerRunAsIdentity);
+
/**
* Special case: if <use-caller-identity> configured and
* the caller is arriving with a run-as, we need to push that run-as
@@ -212,28 +206,22 @@
return returnValue;
}
finally
- {
- SecurityActions.popRunAsIdentity();
- SecurityActions.popSubjectContext();
- //Clear the SecurityContext
- SecurityActions.clearSecurityContext(appSecurityDomain);
+ {
+ SecurityActions.popRunAsIdentity();
+ SecurityActions.popSubjectContext();
}
}
public Object invoke(Invocation mi) throws Exception
- {
- // Authenticate the subject and apply any declarative security checks
- checkSecurityAssociation(mi);
-
- //Establish a security context if one is missing for Run-As push
+ {
+ RunAs callerRunAsIdentity = getCallerRunAsIdentity(mi);
if(SecurityActions.getSecurityContext() == null)
- {
- SecurityActions.createAndSetSecurityContext(mi.getPrincipal(),
- mi.getCredential(), this.appSecurityDomain);
- }
+ throw new IllegalStateException("Security Context is null");
- RunAsIdentity callerRunAsIdentity = getCallerRunAsIdentity(mi);
+ // Authenticate the subject and apply any declarative security checks
+ checkSecurityAssociation(mi, callerRunAsIdentity);
+
/**
* Special case: if <use-caller-identity> configured and
* the caller is arriving with a run-as, we need to push that run-as
@@ -254,10 +242,8 @@
}
finally
{
- SecurityActions.popRunAsIdentity();
- SecurityActions.popSubjectContext();
- //Clear the SecurityContext
- SecurityActions.clearSecurityContext(appSecurityDomain);
+ SecurityActions.popRunAsIdentity();
+ SecurityActions.popSubjectContext();
}
}
@@ -271,33 +257,27 @@
protected boolean isTrustedCaller(Invocation inv)
{
boolean trusted = false;
- SecurityContext callerSC = getInvocationSecurityContext(inv);
+ SecurityContext callerSC = inv.getSecurityContext();
if(callerSC != null)
{
//authenticate the current principal
- RunAsIdentity callerRunAsIdentity = getCallerRunAsIdentity(inv);
+ RunAs callerRunAsIdentity = callerSC.getRunAs();
if(callerRunAsIdentity != null)
{
- //Either has to be a in-vm call or the invocation has to be secure
- Boolean intervm = (Boolean) inv.getAsIsPayload().get(InvocationKey.INTERVM);
- trusted = intervm == null || intervm == Boolean.FALSE || inv.isSecure();
+ //Either has to be a in-vm call or the invocation has to be secure
+ trusted = !inv.isInterVM() || inv.isSecure();
}
}
return trusted;
}
- private SecurityContext getInvocationSecurityContext(Invocation inv)
- {
- return (SecurityContext) inv.getAsIsPayload().get(InvocationKey.SECURITY_CONTEXT);
- }
-
/** The EJB 2.0 declarative security algorithm:
1. Authenticate the caller using the principal and credentials in the MethodInfocation
2. Validate access to the method by checking the principal's roles against
those required to access the method.
*/
- private void checkSecurityAssociation(Invocation mi)
+ private void checkSecurityAssociation(Invocation mi, RunAs callerRunAsIdentity)
throws Exception
{
Principal principal = mi.getPrincipal();
@@ -310,14 +290,14 @@
if ( containerMethod == true || securityManager == null || container == null )
{
// Allow for the progatation of caller info to other beans
- SecurityActions.pushSubjectContext(principal, credential, null);
+ SecurityActions.pushSubjectContext(principal, credential, null);
return;
}
if (realmMapping == null)
{
throw new SecurityException("Role mapping manager has not been set");
- }
+ }
if (!isTrustedCaller(mi))
{
@@ -329,7 +309,7 @@
if (authenticationObserver != null)
authenticationObserver.authenticationFailed();
// Check for the security association exception
- Exception ex = SecurityActions.getContextException();
+ Exception ex = SecurityActions.getContextException();
audit(AuditLevel.ERROR,getContextMap(principal, m.getName()),ex);
if( ex != null )
throw ex;
@@ -341,8 +321,7 @@
}
else
{
- SecurityActions.pushSubjectContext(principal, credential, subject);
- establishSecurityContext(securityManager.getSecurityDomain(),principal, credential, subject);
+ SecurityActions.pushSubjectContext(principal, credential, subject);
audit(AuditLevel.SUCCESS,getContextMap(principal, m.getName()),null);
if (trace)
{
@@ -353,8 +332,8 @@
else
{
// Duplicate the current subject context on the stack since
- SecurityActions.dupSubjectContext();
- establishSecurityContext(securityManager.getSecurityDomain(),principal, credential, null);
+ //SecurityActions.dupSubjectContext();
+ SecurityActions.pushRunAsIdentity(callerRunAsIdentity);
/**
* Since the RunAsIdentity has been populated via the SecurityContext by the
@@ -371,7 +350,7 @@
if( ejbMethod== null )
return;
// Get the caller
- Subject caller = getContextCallerSubject();
+ Subject caller = SecurityActions.getContextSubject();
//Establish the deployment rolename-principalset custom mapping(if available)
SecurityRolesAssociation.setSecurityRoles(this.deploymentRoles);
@@ -384,7 +363,7 @@
map.put(ResourceKeys.EJB_CODESOURCE, ejbCS);
map.put(ResourceKeys.CALLER_SUBJECT, caller);
map.put(ResourceKeys.AUTHORIZATION_MANAGER,authorizationManager);
- map.put(ResourceKeys.RUNASIDENTITY, getCallerRunAsIdentity(mi));
+ map.put(ResourceKeys.RUNASIDENTITY, callerRunAsIdentity);
map.put(ResourceKeys.EJB_METHODROLES, container.getMethodPermissions(ejbMethod, mi.getType()));
EJBResource ejbResource = new EJBResource(map);
@@ -407,46 +386,15 @@
if(!isAuthorized)
throw new SecurityException(msg);
}
-
- /**
- * Context caller subject is used by the Jacc layer. Since the
- * PolicyContext.getContext(Subject_Key) checks the RunAs threadlocal
- * stack in the Security Association at a depth of 1, there is a need to
- * push/pop the current runAsIdentity surrounding the getContextSubject
- * call on SecurityActions
- *
- * @return
- * @throws PolicyContextException
- */
- private Subject getContextCallerSubject() throws PolicyContextException
+
+ private RunAs getCallerRunAsIdentity(Invocation inv)
{
- /**
- * There is a need for current RunAsIdentity on the stack due to
- * PolicyContext.getContext(Subject_Key) check at a depth of 1
- * (Get the same behavior as split JaasAuthenticationInterceptor
- * and JaccAuthorizationInterceptor)
- */
- Subject caller = null;
- try
- {
- // SecurityActions.pushRunAsIdentity(runAsIdentity);
- caller = SecurityActions.getContextSubject();
- }
- finally
- {
- //SecurityActions.popRunAsIdentity();
- }
- return caller;
- }
-
- private RunAsIdentity getCallerRunAsIdentity(Invocation inv)
- {
- RunAsIdentity callerRAI = null;
- SecurityContext callerSC = (SecurityContext) inv.getAsIsPayload().get(InvocationKey.SECURITY_CONTEXT);
+ RunAs callerRAI = null;
+ SecurityContext callerSC = (SecurityContext) inv.getSecurityContext();
if(callerSC != null)
{
- callerRAI = callerSC.getUtil().get(callerSC, RUNAS_IDENTITY_IDENTIFIER);
+ callerRAI = callerSC.getRunAs();
}
return callerRAI;
}
@@ -460,16 +408,13 @@
Map<String,Object> contextMap, Exception e)
{
contextMap.put("Source", getClass().getName());
- AuditEvent ae = new AuditEvent(level);
- ae.setContextMap(contextMap);
- ae.setUnderlyingException(e);
+ AuditEvent ae = new AuditEvent(level,contextMap,e);
String secDomain = securityManager.getSecurityDomain();
- SecurityContext sc = SecurityActions.getSecurityContext(secDomain);
+ SecurityContext sc = SecurityActions.getSecurityContext();
if(sc != null)
{
- SecurityAuditManager sam = sc.getAuditManager();
- sam.audit(ae);
+ sc.getAuditManager().audit(ae);
}
else
AuditManager.getAuditContext(secDomain).audit(ae);
@@ -492,12 +437,5 @@
cmap.put("principal", principal);
cmap.put("method", methodName);
return cmap;
- }
-
- //Security Context
- private void establishSecurityContext(String domain, Principal p, Object cred,
- Subject subject)
- {
- SecurityActions.createAndSetSecurityContext(p, cred, domain,subject);
- }
+ }
}
Modified: trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionInstanceInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionInstanceInterceptor.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionInstanceInterceptor.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -32,6 +32,8 @@
import org.jboss.invocation.InvocationType;
import org.jboss.logging.Logger;
import org.jboss.metadata.SessionMetaData;
+import org.jboss.security.AuthenticationManager;
+import org.jboss.security.SecurityConstants;
import javax.ejb.EJBException;
import javax.ejb.EJBObject;
@@ -215,6 +217,7 @@
BeanLock lock = container.getLockManager().getLock(methodID);
boolean callerRunAsIdentityPresent = SecurityActions.peekRunAsIdentity() != null;
+ boolean pushSecurityContext = SecurityActions.getSecurityContext() == null;
try
{
/* The security context must be established before the cache
@@ -228,8 +231,16 @@
of the ejb spec requirement that runtime exceptions should invalidate
the session.
*/
- if(!callerRunAsIdentityPresent)
- SecurityActions.pushSubjectContext(mi.getPrincipal(), mi.getCredential(), null);
+ if(!callerRunAsIdentityPresent && pushSecurityContext)
+ {
+ AuthenticationManager am = container.getSecurityManager();
+ String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+ if(am != null)
+ securityDomain = am.getSecurityDomain();
+ SecurityActions.createAndSetSecurityContext(mi.getPrincipal(), mi.getCredential(),
+ securityDomain , null);
+ //SecurityActions.pushSubjectContext(mi.getPrincipal(), mi.getCredential(), null);
+ }
lock.sync();
try
@@ -395,8 +406,8 @@
finally
{
container.getLockManager().removeLockRef(lock.getId());
- if(!callerRunAsIdentityPresent)
- SecurityActions.popSubjectContext();
+ if(!callerRunAsIdentityPresent && pushSecurityContext)
+ SecurityActions.clearSecurityContext();
EnterpriseBeanPolicyContextHandler.setEnterpriseBean(null);
}
}
Modified: trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionSecurityInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionSecurityInterceptor.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionSecurityInterceptor.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -76,6 +76,8 @@
if(ctx == null)
throw new IllegalStateException("EJBContext is null");
+ ctx.setSecurityContext(mi.getSecurityContext());
+
//Set the current security information
ctx.setPrincipal(mi.getPrincipal());
@@ -100,6 +102,8 @@
EnterpriseContext ctx = (EnterpriseContext) mi.getEnterpriseContext();
if(ctx == null)
throw new IllegalStateException("EJBContext is null");
+
+ ctx.setSecurityContext(mi.getSecurityContext());
//Set the current security information
ctx.setPrincipal(mi.getPrincipal());
Modified: trunk/server/src/main/org/jboss/ejb/plugins/StatelessSessionInstanceInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/StatelessSessionInstanceInterceptor.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/StatelessSessionInstanceInterceptor.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -133,6 +133,8 @@
throw new RemoteException("Unable to get an intance from the pool", e);
}
+
+ ctx.setSecurityContext(mi.getSecurityContext());
// Set the current security information
ctx.setPrincipal(mi.getPrincipal());
// Set the JACC EnterpriseBean PolicyContextHandler data
Modified: trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/JDBCCMRFieldBridge.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/JDBCCMRFieldBridge.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/JDBCCMRFieldBridge.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -35,10 +35,7 @@
import java.util.Map;
import java.util.Set;
import java.util.HashMap;
-import java.util.Arrays;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.Principal;
+import java.util.Arrays;
import java.rmi.RemoteException;
import javax.ejb.EJBException;
import javax.ejb.EJBLocalObject;
@@ -76,8 +73,8 @@
import org.jboss.ejb.plugins.cmp.ejbql.Catalog;
import org.jboss.ejb.plugins.lock.Entrancy;
import org.jboss.invocation.InvocationType;
-import org.jboss.logging.Logger;
-import org.jboss.security.SecurityAssociation;
+import org.jboss.logging.Logger;
+import org.jboss.security.SecurityContext;
/**
* JDBCCMRFieldBridge a bean relationship. This class only supports
@@ -1085,17 +1082,19 @@
try
{
EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
- SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
-
+ //SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
+ SecurityContext sc = SecurityActions.getSecurityContext();
+
CMRInvocation invocation = new CMRInvocation();
invocation.setCmrMessage(CMRMessage.SCHEDULE_FOR_CASCADE_DELETE);
invocation.setEntrancy(Entrancy.NON_ENTRANT);
invocation.setId(instanceCache.createCacheKey(myId));
invocation.setArguments(new Object[]{this});
invocation.setTransaction(tx);
- invocation.setPrincipal(actions.getPrincipal());
- invocation.setCredential(actions.getCredential());
+ invocation.setPrincipal(sc.getUtil().getUserPrincipal());
+ invocation.setCredential(sc.getUtil().getCredential());
invocation.setType(InvocationType.LOCAL);
+ invocation.setSecurityContext(sc);
return manager.getContainer().invoke(invocation);
}
catch(EJBException e)
@@ -1116,16 +1115,18 @@
try
{
EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
- SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
-
+ //SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
+ SecurityContext sc = SecurityActions.getSecurityContext();
+
CMRInvocation invocation = new CMRInvocation();
invocation.setCmrMessage(CMRMessage.SCHEDULE_FOR_BATCH_CASCADE_DELETE);
invocation.setEntrancy(Entrancy.NON_ENTRANT);
invocation.setId(instanceCache.createCacheKey(myId));
invocation.setArguments(new Object[]{this});
invocation.setTransaction(tx);
- invocation.setPrincipal(actions.getPrincipal());
- invocation.setCredential(actions.getCredential());
+ invocation.setPrincipal(sc.getUtil().getUserPrincipal());
+ invocation.setCredential(sc.getUtil().getCredential());
+ invocation.setSecurityContext(sc);
invocation.setType(InvocationType.LOCAL);
return manager.getContainer().invoke(invocation);
}
@@ -1148,16 +1149,18 @@
try
{
EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
- SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
-
+ //SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
+ SecurityContext sc = SecurityActions.getSecurityContext();
+
CMRInvocation invocation = new CMRInvocation();
invocation.setCmrMessage(CMRMessage.GET_RELATED_ID);
invocation.setEntrancy(Entrancy.NON_ENTRANT);
invocation.setId(instanceCache.createCacheKey(myId));
invocation.setArguments(new Object[]{this});
invocation.setTransaction(tx);
- invocation.setPrincipal(actions.getPrincipal());
- invocation.setCredential(actions.getCredential());
+ invocation.setPrincipal(sc.getUtil().getUserPrincipal());
+ invocation.setCredential(sc.getUtil().getCredential());
+ invocation.setSecurityContext(sc);
invocation.setType(InvocationType.LOCAL);
return manager.getContainer().invoke(invocation);
}
@@ -1179,8 +1182,9 @@
{
try
{
+ SecurityContext sc = SecurityActions.getSecurityContext();
EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
- SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
+ //SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
CMRInvocation invocation = new CMRInvocation();
invocation.setCmrMessage(CMRMessage.ADD_RELATION);
@@ -1188,9 +1192,10 @@
invocation.setId(instanceCache.createCacheKey(myId));
invocation.setArguments(new Object[]{this, relatedId});
invocation.setTransaction(tx);
- invocation.setPrincipal(actions.getPrincipal());
- invocation.setCredential(actions.getCredential());
+ invocation.setPrincipal(sc.getUtil().getUserPrincipal());
+ invocation.setCredential(sc.getUtil().getCredential());
invocation.setType(InvocationType.LOCAL);
+ invocation.setSecurityContext(sc);
manager.getContainer().invoke(invocation);
}
catch(EJBException e)
@@ -1212,16 +1217,18 @@
try
{
EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
- SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
-
+ //SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
+ SecurityContext sc = SecurityActions.getSecurityContext();
+
CMRInvocation invocation = new CMRInvocation();
invocation.setCmrMessage(CMRMessage.REMOVE_RELATION);
invocation.setEntrancy(Entrancy.NON_ENTRANT);
invocation.setId(instanceCache.createCacheKey(myId));
invocation.setArguments(new Object[]{this, relatedId});
invocation.setTransaction(tx);
- invocation.setPrincipal(actions.getPrincipal());
- invocation.setCredential(actions.getCredential());
+ invocation.setPrincipal(sc.getUtil().getUserPrincipal());
+ invocation.setCredential(sc.getUtil().getCredential());
+ invocation.setSecurityContext(sc);
invocation.setType(InvocationType.LOCAL);
manager.getContainer().invoke(invocation);
}
@@ -2332,7 +2339,7 @@
}
}
- interface SecurityActions
+ /*interface SecurityActions
{
class UTIL
{
@@ -2387,5 +2394,5 @@
Principal getPrincipal();
Object getCredential();
- }
+ }*/
}
Added: trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions.java (rev 0)
+++ trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -0,0 +1,497 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.ejb.plugins.cmp.jdbc.bridge;
+
+import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
+import java.security.Principal;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.lang.reflect.UndeclaredThrowableException;
+
+import javax.security.auth.Subject;
+import javax.security.jacc.PolicyContext;
+import javax.security.jacc.PolicyContextException;
+
+import org.jboss.security.RunAs;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SubjectInfo;
+import org.jboss.security.plugins.SecurityContextAssociation;
+import org.jboss.security.plugins.SecurityContextFactory;
+
+
+/** A collection of privileged actions for this package
+ * @author Scott.Stark at jboss.org
+ * @author <a href="mailto:alex at jboss.org">Alexey Loubyansky</a>
+ * @author Anil.Saldhana at redhat.com
+ * @version $Revison: $
+ */
+class SecurityActions
+{
+
+ interface RunAsIdentityActions
+ {
+ RunAsIdentityActions PRIVILEGED = new RunAsIdentityActions()
+ {
+ private final PrivilegedAction peekAction = new PrivilegedAction()
+ {
+ public Object run()
+ {
+ //return SecurityAssociation.peekRunAsIdentity();
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ return sc.getRunAs();
+ }
+ };
+
+ private final PrivilegedAction popAction = new PrivilegedAction()
+ {
+ public Object run()
+ {
+ //return SecurityAssociation.popRunAsIdentity();
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ RunAs ra = sc.getRunAs();
+ sc.setRunAs(null);
+ return ra;
+ }
+ };
+
+ public RunAs peek()
+ {
+ return (RunAs)AccessController.doPrivileged(peekAction);
+ }
+
+ public void push(final RunAs id)
+ {
+ AccessController.doPrivileged(
+ new PrivilegedAction()
+ {
+ public Object run()
+ {
+ //SecurityAssociation.pushRunAsIdentity((RunAsIdentity)id);
+ SecurityContext sa = SecurityContextAssociation.getSecurityContext();
+ if(sa == null)
+ throw new IllegalStateException("Security Context is null to push runas");
+ sa.setRunAs(id);
+ return null;
+ }
+ }
+ );
+ }
+
+ public RunAs pop()
+ {
+ return (RunAs)AccessController.doPrivileged(popAction);
+ }
+ };
+
+ RunAsIdentityActions NON_PRIVILEGED = new RunAsIdentityActions()
+ {
+ public RunAs peek()
+ {
+ //return SecurityAssociation.peekRunAsIdentity();
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ return sc.getRunAs();
+ }
+
+ public void push(RunAs id)
+ {
+ //SecurityAssociation.pushRunAsIdentity(id);
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null to push runas");
+ sc.setRunAs(id);
+ }
+
+ public RunAs pop()
+ {
+ //Pop the RAI
+ // return SecurityAssociation.popRunAsIdentity();
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ RunAs ra = null;
+ ra = sc.getRunAs();
+ sc.setRunAs(null);
+ return ra;
+ }
+ };
+
+ RunAs peek();
+
+ void push(RunAs id);
+
+ RunAs pop();
+ }
+
+
+
+ interface PolicyContextActions
+ {
+ /** The JACC PolicyContext key for the current Subject */
+ static final String SUBJECT_CONTEXT_KEY = "javax.security.auth.Subject.container";
+ PolicyContextActions PRIVILEGED = new PolicyContextActions()
+ {
+ private final PrivilegedExceptionAction exAction = new PrivilegedExceptionAction()
+ {
+ public Object run() throws Exception
+ {
+ return (Subject) PolicyContext.getContext(SUBJECT_CONTEXT_KEY);
+ }
+ };
+ public Subject getContextSubject()
+ throws PolicyContextException
+ {
+ try
+ {
+ return (Subject) AccessController.doPrivileged(exAction);
+ }
+ catch(PrivilegedActionException e)
+ {
+ Exception ex = e.getException();
+ if( ex instanceof PolicyContextException )
+ throw (PolicyContextException) ex;
+ else
+ throw new UndeclaredThrowableException(ex);
+ }
+ }
+ };
+
+ PolicyContextActions NON_PRIVILEGED = new PolicyContextActions()
+ {
+ public Subject getContextSubject()
+ throws PolicyContextException
+ {
+ return (Subject) PolicyContext.getContext(SUBJECT_CONTEXT_KEY);
+ }
+ };
+
+ Subject getContextSubject()
+ throws PolicyContextException;
+ }
+
+ static ClassLoader getContextClassLoader()
+ {
+ return TCLAction.UTIL.getContextClassLoader();
+ }
+
+ static void setContextClassLoader(ClassLoader loader)
+ {
+ TCLAction.UTIL.setContextClassLoader(loader);
+ }
+
+
+
+ static RunAs peekRunAsIdentity()
+ {
+ if(System.getSecurityManager() == null)
+ {
+ return RunAsIdentityActions.NON_PRIVILEGED.peek();
+ }
+ else
+ {
+ return RunAsIdentityActions.PRIVILEGED.peek();
+ }
+ }
+
+ static void pushRunAsIdentity(RunAs principal)
+ {
+ if(System.getSecurityManager() == null)
+ {
+ RunAsIdentityActions.NON_PRIVILEGED.push(principal);
+ }
+ else
+ {
+ RunAsIdentityActions.PRIVILEGED.push(principal);
+ }
+ }
+
+ static RunAs popRunAsIdentity()
+ {
+ if(System.getSecurityManager() == null)
+ {
+ return RunAsIdentityActions.NON_PRIVILEGED.pop();
+ }
+ else
+ {
+ return RunAsIdentityActions.PRIVILEGED.pop();
+ }
+ }
+
+
+ static Subject getContextSubject()
+ throws PolicyContextException
+ {
+ if(System.getSecurityManager() == null)
+ {
+ return PolicyContextActions.NON_PRIVILEGED.getContextSubject();
+ }
+ else
+ {
+ return PolicyContextActions.PRIVILEGED.getContextSubject();
+ }
+ }
+
+ interface TCLAction
+ {
+ class UTIL
+ {
+ static TCLAction getTCLAction()
+ {
+ return System.getSecurityManager() == null ? NON_PRIVILEGED : PRIVILEGED;
+ }
+
+ static ClassLoader getContextClassLoader()
+ {
+ return getTCLAction().getContextClassLoader();
+ }
+
+ static ClassLoader getContextClassLoader(Thread thread)
+ {
+ return getTCLAction().getContextClassLoader(thread);
+ }
+
+ static void setContextClassLoader(ClassLoader cl)
+ {
+ getTCLAction().setContextClassLoader(cl);
+ }
+
+ static void setContextClassLoader(Thread thread, ClassLoader cl)
+ {
+ getTCLAction().setContextClassLoader(thread, cl);
+ }
+ }
+
+ TCLAction NON_PRIVILEGED = new TCLAction()
+ {
+ public ClassLoader getContextClassLoader()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+
+ public ClassLoader getContextClassLoader(Thread thread)
+ {
+ return thread.getContextClassLoader();
+ }
+
+ public void setContextClassLoader(ClassLoader cl)
+ {
+ Thread.currentThread().setContextClassLoader(cl);
+ }
+
+ public void setContextClassLoader(Thread thread, ClassLoader cl)
+ {
+ thread.setContextClassLoader(cl);
+ }
+ };
+
+ TCLAction PRIVILEGED = new TCLAction()
+ {
+ private final PrivilegedAction getTCLPrivilegedAction = new PrivilegedAction()
+ {
+ public Object run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ };
+
+ public ClassLoader getContextClassLoader()
+ {
+ return (ClassLoader)AccessController.doPrivileged(getTCLPrivilegedAction);
+ }
+
+ public ClassLoader getContextClassLoader(final Thread thread)
+ {
+ return (ClassLoader)AccessController.doPrivileged(new PrivilegedAction()
+ {
+ public Object run()
+ {
+ return thread.getContextClassLoader();
+ }
+ });
+ }
+
+ public void setContextClassLoader(final ClassLoader cl)
+ {
+ AccessController.doPrivileged(
+ new PrivilegedAction()
+ {
+ public Object run()
+ {
+ Thread.currentThread().setContextClassLoader(cl);
+ return null;
+ }
+ }
+ );
+ }
+
+ public void setContextClassLoader(final Thread thread, final ClassLoader cl)
+ {
+ AccessController.doPrivileged(
+ new PrivilegedAction()
+ {
+ public Object run()
+ {
+ thread.setContextClassLoader(cl);
+ return null;
+ }
+ }
+ );
+ }
+ };
+
+ ClassLoader getContextClassLoader();
+
+ ClassLoader getContextClassLoader(Thread thread);
+
+ void setContextClassLoader(ClassLoader cl);
+
+ void setContextClassLoader(Thread thread, ClassLoader cl);
+ }
+
+
+
+ static void createAndSetSecurityContext(final Principal p, final Object cred, final String domain)
+ {
+ AccessController.doPrivileged(new PrivilegedAction(){
+
+ public Object run()
+ {
+ SecurityContext sc = SecurityContextFactory.createSecurityContext(p, cred, null, domain);
+ SecurityContextAssociation.setSecurityContext(sc);
+ return null;
+ }});
+ }
+
+ static void createAndSetSecurityContext(final Principal p, final Object cred, final String domain,
+ final Subject subject)
+ {
+ AccessController.doPrivileged(new PrivilegedAction(){
+
+ public Object run()
+ {
+ SecurityContext sc = SecurityContextFactory.createSecurityContext(domain);
+ sc.getUtil().createSubjectInfo(p, cred, subject);
+ SecurityContextAssociation.setSecurityContext(sc);
+ return null;
+ }});
+ }
+
+ static void clearSecurityContext()
+ {
+ AccessController.doPrivileged(new PrivilegedAction(){
+
+ public Object run()
+ {
+ SecurityContextAssociation.setSecurityContext(null);
+ return null;
+ }});
+ }
+
+ static SecurityContext getSecurityContext()
+ {
+ return (SecurityContext)AccessController.doPrivileged(new PrivilegedAction(){
+ public Object run()
+ {
+ return SecurityContextAssociation.getSecurityContext();
+ }
+ });
+ }
+
+ static Exception getContextException()
+ {
+ return (Exception)AccessController.doPrivileged(new PrivilegedAction()
+ {
+ static final String EX_KEY = "org.jboss.security.exception";
+ public Object run()
+ {
+ SecurityContext sc = getSecurityContext();
+ return sc.getData().get(EX_KEY);
+ }
+ });
+ }
+
+ static void pushSubjectContext(final Principal p, final Object cred, final Subject s)
+ {
+ AccessController.doPrivileged(new PrivilegedAction(){
+
+ public Object run()
+ {
+ SecurityContext sc = getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ sc.getUtil().createSubjectInfo(p, cred, s);
+ return null;
+ }}
+ );
+ }
+
+ static void popSubjectContext()
+ {
+ AccessController.doPrivileged(new PrivilegedAction(){
+
+ public Object run()
+ {
+ SecurityContext sc = getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ SubjectInfo si = sc.getSubjectInfo();
+ if(si != null)
+ si.setAuthenticatedSubject(null);
+ return null;
+ }}
+ );
+ }
+
+ static void pushCallerRunAsIdentity(final RunAs ra)
+ {
+ AccessController.doPrivileged(new PrivilegedAction(){
+ public Object run()
+ {
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ sc.getUtil().setCallerRunAs(ra);
+ return null;
+ }
+ });
+ }
+
+ static void popCallerRunAsIdentity()
+ {
+ AccessController.doPrivileged(new PrivilegedAction(){
+ public Object run()
+ {
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ sc.getUtil().setCallerRunAs(null);
+ return null;
+ }
+ });
+ }
+}
Modified: trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc2/bridge/JDBCCMRFieldBridge2.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc2/bridge/JDBCCMRFieldBridge2.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc2/bridge/JDBCCMRFieldBridge2.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -46,7 +46,8 @@
import org.jboss.ejb.LocalProxyFactory;
import org.jboss.deployment.DeploymentException;
import org.jboss.logging.Logger;
-import org.jboss.security.SecurityAssociation;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.plugins.SecurityContextAssociation;
import org.jboss.invocation.InvocationType;
import javax.ejb.EJBException;
@@ -1740,13 +1741,32 @@
{
public Principal getPrincipal()
{
- return SecurityAssociation.getPrincipal();
+ //return SecurityAssociation.getPrincipal();
+ Principal p = null;
+ SecurityContext sc = getSecurityContext();
+ if(sc != null)
+ {
+ p = sc.getUtil().getUserPrincipal();
+ }
+ return p;
}
public Object getCredential()
{
- return SecurityAssociation.getCredential();
+ //return SecurityAssociation.getCredential();
+ Object credential = null;
+ SecurityContext sc = getSecurityContext();
+ if(sc != null)
+ {
+ credential = sc.getUtil().getCredential();
+ }
+ return credential;
}
+
+ public SecurityContext getSecurityContext()
+ {
+ return SecurityContextAssociation.getSecurityContext();
+ }
};
SecurityActions PRIVILEGED = new SecurityActions()
@@ -1755,7 +1775,14 @@
{
public Object run()
{
- return SecurityAssociation.getPrincipal();
+ //return SecurityAssociation.getPrincipal();
+ Principal p = null;
+ SecurityContext sc = getSecurityContext();
+ if(sc != null)
+ {
+ p = sc.getUtil().getUserPrincipal();
+ }
+ return p;
}
};
@@ -1763,7 +1790,14 @@
{
public Object run()
{
- return SecurityAssociation.getCredential();
+ //return SecurityAssociation.getCredential();
+ Object credential = null;
+ SecurityContext sc = getSecurityContext();
+ if(sc != null)
+ {
+ credential = sc.getUtil().getCredential();
+ }
+ return credential;
}
};
@@ -1776,10 +1810,22 @@
{
return AccessController.doPrivileged(getCredentialAction);
}
+
+ public SecurityContext getSecurityContext()
+ {
+ return (SecurityContext) AccessController.doPrivileged(new PrivilegedAction(){
+
+ public Object run()
+ {
+ return SecurityContextAssociation.getSecurityContext();
+ }});
+ }
};
Principal getPrincipal();
Object getCredential();
+
+ SecurityContext getSecurityContext();
}
}
Modified: trunk/server/src/main/org/jboss/ejb/plugins/local/BaseLocalProxyFactory.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/local/BaseLocalProxyFactory.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/local/BaseLocalProxyFactory.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -44,6 +44,7 @@
import javax.ejb.TransactionRolledbackLocalException;
import javax.naming.Context;
import javax.naming.InitialContext;
+import javax.security.auth.Subject;
import javax.transaction.Transaction;
import javax.transaction.TransactionManager;
import javax.transaction.TransactionRequiredException;
@@ -51,24 +52,21 @@
import org.jboss.ejb.Container;
import org.jboss.ejb.EJBProxyFactoryContainer;
-import org.jboss.ejb.LocalProxyFactory;
-import org.jboss.invocation.InvocationKey;
+import org.jboss.ejb.LocalProxyFactory;
import org.jboss.invocation.InvocationType;
import org.jboss.invocation.MarshalledInvocation;
import org.jboss.invocation.LocalEJBInvocation;
import org.jboss.logging.Logger;
import org.jboss.metadata.BeanMetaData;
-import org.jboss.naming.Util;
-import org.jboss.security.RunAsIdentity;
-import org.jboss.security.SecurityAssociation;
+import org.jboss.naming.Util;
+import org.jboss.security.RunAs;
import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextUtil;
+import org.jboss.security.SecurityIdentity;
import org.jboss.security.plugins.SecurityContextAssociation;
import org.jboss.util.NestedRuntimeException;
-import org.jboss.tm.TransactionLocal;
+import org.jboss.tm.TransactionLocal;
-import static org.jboss.security.SecurityConstants.RUNAS_IDENTITY_IDENTIFIER;
-
-
/**
* The LocalProxyFactory implementation that handles local ejb interface
* proxies.
@@ -354,8 +352,9 @@
container.pushENC();
SecurityActions sa = SecurityActions.UTIL.getSecurityActions();
- SecurityContext existingSC = sa.getSecurityContext();
- RunAsIdentity cachedRAI = existingSC.getUtil().get(existingSC, RUNAS_IDENTITY_IDENTIFIER);
+ //Cache the security identity
+ SecurityContext sc = sa.getSecurityContext();
+ SecurityIdentity sidentity = sc.getUtil().getSecurityIdentity();
try
{
@@ -365,11 +364,9 @@
getTransaction(),
sa.getPrincipal(),
sa.getCredential());
- invocation.setType(InvocationType.LOCALHOME);
-
- //Just place the current security context on the invocation
- if(existingSC != null)
- invocation.getAsIsPayload().put(InvocationKey.SECURITY_CONTEXT, existingSC);
+ invocation.setType(InvocationType.LOCALHOME);
+ invocation.setSecurityContext(sc);
+
return container.invoke(invocation);
}
catch(AccessException ae)
@@ -394,12 +391,9 @@
if(setCl)
{
TCLAction.UTIL.setContextClassLoader(oldCl);
- }
- if(cachedRAI != null)
- {
- existingSC = sa.getSecurityContext();
- existingSC.getUtil().set(existingSC, RUNAS_IDENTITY_IDENTIFIER, cachedRAI);
- }
+ }
+ //Restore the previous security identity
+ sc.getUtil().setSecurityIdentity(sidentity);
}
}
@@ -437,10 +431,13 @@
}
container.pushENC();
- SecurityActions sa = SecurityActions.UTIL.getSecurityActions();
- SecurityContext existingSC = sa.getSecurityContext();
- RunAsIdentity cachedRAI = existingSC.getUtil().get(existingSC, RUNAS_IDENTITY_IDENTIFIER);
+ SecurityActions sa = SecurityActions.UTIL.getSecurityActions();
+ SecurityContext sc = sa.getSecurityContext();
+ //Cache the subject
+ Subject subj = sc.getUtil().getSubject();
+ RunAs ra = sc.getRunAs();
+ RunAs callerRunAs = sc.getUtil().getCallerRunAs();
try
{
LocalEJBInvocation invocation = new LocalEJBInvocation(id,
@@ -449,12 +446,9 @@
getTransaction(),
sa.getPrincipal(),
sa.getCredential());
- invocation.setType(InvocationType.LOCAL);
+ invocation.setType(InvocationType.LOCAL);
+ invocation.setSecurityContext(sa.getSecurityContext());
- //Just place the current security context on the invocation
- if(existingSC != null)
- invocation.getAsIsPayload().put(InvocationKey.SECURITY_CONTEXT, existingSC);
-
return container.invoke(invocation);
}
catch(AccessException ae)
@@ -479,12 +473,12 @@
if(setCl)
{
TCLAction.UTIL.setContextClassLoader(oldCl);
- }
- if(cachedRAI != null)
- {
- existingSC = sa.getSecurityContext();
- existingSC.getUtil().set(existingSC, RUNAS_IDENTITY_IDENTIFIER, cachedRAI);
- }
+ }
+ //Restore the previous subject and runas
+ SecurityContextUtil util = sc.getUtil();
+ util.createSubjectInfo(util.getUserPrincipal(), util.getCredential(), subj);
+ sc.setRunAs(ra);
+ sc.getUtil().setCallerRunAs(callerRunAs);
}
}
@@ -500,6 +494,7 @@
throw new NestedRuntimeException(ex);
}
}
+
interface ClassLoaderAction
{
@@ -557,18 +552,27 @@
{
public Principal getPrincipal()
{
- return SecurityAssociation.getPrincipal();
+ SecurityContext sc = getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("No security context for getPrincipal");
+ return sc.getUtil().getUserPrincipal();
+ //return SecurityAssociation.getPrincipal();
}
public Object getCredential()
{
- return SecurityAssociation.getCredential();
+ SecurityContext sc = getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("No security context for getCredential");
+ return sc.getUtil().getCredential();
+ //return SecurityAssociation.getCredential();
}
public SecurityContext getSecurityContext()
{
return SecurityContextAssociation.getSecurityContext();
}
+
};
SecurityActions PRIVILEGED = new SecurityActions()
@@ -577,7 +581,11 @@
{
public Object run()
{
- return SecurityAssociation.getPrincipal();
+ SecurityContext sc = getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("No security context for getPrincipal");
+ return sc.getUtil().getUserPrincipal();
+ //return SecurityAssociation.getPrincipal();
}
};
@@ -585,7 +593,11 @@
{
public Object run()
{
- return SecurityAssociation.getCredential();
+ SecurityContext sc = getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("No security context for getCredential");
+ return sc.getUtil().getCredential();
+ //return SecurityAssociation.getCredential();
}
};
@@ -608,13 +620,13 @@
{
return SecurityContextAssociation.getSecurityContext();
}});
- }
+ }
};
Principal getPrincipal();
Object getCredential();
- SecurityContext getSecurityContext();
+ SecurityContext getSecurityContext();
}
interface TCLAction
Modified: trunk/server/src/main/org/jboss/ejb/txtimer/SecurityActions.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/txtimer/SecurityActions.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/txtimer/SecurityActions.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -24,13 +24,16 @@
import java.security.PrivilegedAction;
import java.security.AccessController;
-import org.jboss.security.RunAsIdentity;
-import org.jboss.security.SecurityAssociation;
+import org.jboss.security.RunAs;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.plugins.SecurityContextAssociation;
+import org.jboss.security.plugins.SecurityContextFactory;
/**
* A collection of privileged actions for this package
*
* @author Scott.Stark at jboss.org
+ * @author Anil.Saldhana at redhat.com
* @version $Revision$
*/
public class SecurityActions
@@ -43,7 +46,11 @@
{
public Object run()
{
- return SecurityAssociation.peekRunAsIdentity();
+ SecurityContext sc = getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ return sc.getRunAs();
+ //return SecurityAssociation.peekRunAsIdentity();
}
};
@@ -51,58 +58,82 @@
{
public Object run()
{
- return SecurityAssociation.popRunAsIdentity();
+ //return SecurityAssociation.popRunAsIdentity();
+ SecurityContext sc = getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ RunAs ra = sc.getRunAs();
+ sc.setRunAs(null);
+ return ra;
}
};
- public RunAsIdentity peek()
+ public RunAs peek()
{
- return (RunAsIdentity)AccessController.doPrivileged(peekAction);
+ return (RunAs)AccessController.doPrivileged(peekAction);
}
- public void push(final RunAsIdentity id)
+ public void push(final RunAs id)
{
AccessController.doPrivileged(
new PrivilegedAction()
{
public Object run()
{
- SecurityAssociation.pushRunAsIdentity(id);
+ //SecurityAssociation.pushRunAsIdentity(id);
+ SecurityContext sc = getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ sc.setRunAs(id);
return null;
}
}
);
}
- public RunAsIdentity pop()
+ public RunAs pop()
{
- return (RunAsIdentity)AccessController.doPrivileged(popAction);
+ return (RunAs)AccessController.doPrivileged(popAction);
}
};
RunAsIdentityActions NON_PRIVILEGED = new RunAsIdentityActions()
{
- public RunAsIdentity peek()
+ public RunAs peek()
{
- return SecurityAssociation.peekRunAsIdentity();
+ SecurityContext sc = getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ return sc.getRunAs();
+ //return SecurityAssociation.peekRunAsIdentity();
}
- public void push(RunAsIdentity id)
+ public void push(RunAs id)
{
- SecurityAssociation.pushRunAsIdentity(id);
+ //SecurityAssociation.pushRunAsIdentity(id);
+ SecurityContext sc = getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ sc.setRunAs(id);
}
- public RunAsIdentity pop()
+ public RunAs pop()
{
- return SecurityAssociation.popRunAsIdentity();
+ //return SecurityAssociation.popRunAsIdentity();
+ SecurityContext sc = getSecurityContext();
+ if(sc == null)
+ throw new IllegalStateException("Security Context is null");
+ RunAs ra = sc.getRunAs();
+ sc.setRunAs(null);
+ return ra;
}
};
- RunAsIdentity peek();
+ RunAs peek();
- void push(RunAsIdentity id);
+ void push(RunAs id);
- RunAsIdentity pop();
+ RunAs pop();
}
static ClassLoader getContextClassLoader()
@@ -114,7 +145,43 @@
{
return TCLAction.UTIL.getContextClassLoader(thread);
}
+
+ static SecurityContext createSecurityContext(final String securityDomain)
+ {
+ return (SecurityContext)AccessController.doPrivileged(new PrivilegedAction()
+ {
+ public Object run()
+ {
+ SecurityContext sc = SecurityContextFactory.createSecurityContext(securityDomain);
+ SecurityContextAssociation.setSecurityContext(sc);
+ return sc;
+ }
+ });
+ }
+
+ static SecurityContext getSecurityContext()
+ {
+ return (SecurityContext) AccessController.doPrivileged(new PrivilegedAction()
+ {
+ public Object run()
+ {
+ return SecurityContextAssociation.getSecurityContext();
+ }});
+ }
+
+ static void setSecurityContext(final SecurityContext sc)
+ {
+ AccessController.doPrivileged(new PrivilegedAction()
+ {
+
+ public Object run()
+ {
+ SecurityContextAssociation.setSecurityContext(sc);
+ return null;
+ }});
+ }
+
static void setContextClassLoader(ClassLoader loader)
{
TCLAction.UTIL.setContextClassLoader(loader);
@@ -125,7 +192,7 @@
TCLAction.UTIL.setContextClassLoader(thread, loader);
}
- static void pushRunAsIdentity(RunAsIdentity principal)
+ static void pushRunAsIdentity(RunAs principal)
{
if(System.getSecurityManager() == null)
{
@@ -137,7 +204,7 @@
}
}
- static RunAsIdentity popRunAsIdentity()
+ static RunAs popRunAsIdentity()
{
if(System.getSecurityManager() == null)
{
Modified: trunk/server/src/main/org/jboss/ejb/txtimer/TimedObjectInvokerImpl.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/txtimer/TimedObjectInvokerImpl.java 2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/txtimer/TimedObjectInvokerImpl.java 2007-04-25 15:08:18 UTC (rev 62557)
@@ -28,7 +28,10 @@
import org.jboss.invocation.InvocationKey;
import org.jboss.invocation.InvocationType;
import org.jboss.invocation.PayloadKey;
+import org.jboss.security.RunAs;
import org.jboss.security.RunAsIdentity;
+import org.jboss.security.SecurityConstants;
+import org.jboss.security.SecurityContext;
import org.jboss.metadata.BeanMetaData;
import org.jboss.metadata.SecurityIdentityMetaData;
import org.jboss.metadata.AssemblyDescriptorMetaData;
@@ -53,6 +56,7 @@
private Container container;
private TimedObjectId timedObjectId;
private Method method;
+ boolean pushedRunAs = false;
public TimedObjectInvokerImpl(TimedObjectId timedObjectId, Container container)
{
@@ -84,6 +88,8 @@
Invocation inv = new Invocation(timedObjectId.getInstancePk(), method, new Object[]{timer}, null, null, null);
inv.setValue(InvocationKey.INVOKER_PROXY_BINDING, null, PayloadKey.AS_IS);
inv.setType(InvocationType.LOCAL);
+ this.establishSecurityContext(inv);
+
BeanMetaData bmd = container.getBeanMetaData();
SecurityIdentityMetaData ejbTimeoutIdentity = bmd.getEjbTimeoutIdentity();
if( ejbTimeoutIdentity != null && ejbTimeoutIdentity.getUseCallerIdentity() == false )
@@ -94,16 +100,35 @@
String principalName = ejbTimeoutIdentity.getRunAsPrincipalName();
// the run-as principal might have extra roles mapped in the assembly-descriptor
Set extraRoleNames = assemblyDescriptor.getSecurityRoleNamesByPrincipal(principalName);
- RunAsIdentity runAsIdentity = new RunAsIdentity(roleName, principalName, extraRoleNames);
+ RunAs runAsIdentity = new RunAsIdentity(roleName, principalName, extraRoleNames);
SecurityActions.pushRunAsIdentity(runAsIdentity);
+ pushedRunAs = true;
}
container.invoke(inv);
}
finally
{
container.popENC();
- SecurityActions.popRunAsIdentity();
+ if(pushedRunAs)
+ SecurityActions.popRunAsIdentity();
SecurityActions.setContextClassLoader(callerClassLoader);
}
}
+
+ private void establishSecurityContext(Invocation inv)
+ {
+ SecurityContext sc = SecurityActions.getSecurityContext();
+ if( sc == null)
+ {
+ String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+ if(container != null)
+ {
+ if(container.getSecurityManager() != null)
+ securityDomain = container.getSecurityManager().getSecurityDomain();
+ }
+ sc = SecurityActions.createSecurityContext(securityDomain);
+ SecurityActions.setSecurityContext(sc);
+ }
+ inv.setSecurityContext(sc);
+ }
}
More information about the jboss-cvs-commits
mailing list