[jboss-cvs] JBossAS SVN: r62557 - in trunk/server/src/main/org/jboss/ejb: plugins and 4 other directories.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Wed Apr 25 11:08:18 EDT 2007


Author: anil.saldhana at jboss.com
Date: 2007-04-25 11:08:18 -0400 (Wed, 25 Apr 2007)
New Revision: 62557

Added:
   trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions.java
Modified:
   trunk/server/src/main/org/jboss/ejb/EnterpriseContext.java
   trunk/server/src/main/org/jboss/ejb/EntityContainer.java
   trunk/server/src/main/org/jboss/ejb/MessageDrivenContainer.java
   trunk/server/src/main/org/jboss/ejb/SecurityActions.java
   trunk/server/src/main/org/jboss/ejb/SessionContainer.java
   trunk/server/src/main/org/jboss/ejb/plugins/EntityInstanceInterceptor.java
   trunk/server/src/main/org/jboss/ejb/plugins/ProxyFactoryFinderInterceptor.java
   trunk/server/src/main/org/jboss/ejb/plugins/RunAsSecurityInterceptor.java
   trunk/server/src/main/org/jboss/ejb/plugins/SecurityActions.java
   trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
   trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionInstanceInterceptor.java
   trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionSecurityInterceptor.java
   trunk/server/src/main/org/jboss/ejb/plugins/StatelessSessionInstanceInterceptor.java
   trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/JDBCCMRFieldBridge.java
   trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc2/bridge/JDBCCMRFieldBridge2.java
   trunk/server/src/main/org/jboss/ejb/plugins/local/BaseLocalProxyFactory.java
   trunk/server/src/main/org/jboss/ejb/txtimer/SecurityActions.java
   trunk/server/src/main/org/jboss/ejb/txtimer/TimedObjectInvokerImpl.java
Log:
JBAS-4317: security context over the invocation

Modified: trunk/server/src/main/org/jboss/ejb/EnterpriseContext.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/EnterpriseContext.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/EnterpriseContext.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -56,9 +56,12 @@
 import org.jboss.metadata.SecurityRoleRefMetaData;
 import org.jboss.security.AuthorizationManager;
 import org.jboss.security.RealmMapping;
-import org.jboss.security.RunAsIdentity;
+import org.jboss.security.RunAs;  
+import org.jboss.security.SecurityContext;
 import org.jboss.security.SecurityRoleRef;
 import org.jboss.security.SimplePrincipal;
+import org.jboss.security.audit.AuditEvent;
+import org.jboss.security.audit.AuditLevel;
 import org.jboss.security.authorization.AuthorizationContext;
 import org.jboss.security.authorization.EJBResource;
 import org.jboss.security.authorization.ResourceKeys;
@@ -114,6 +117,9 @@
 
    /** The principal for the bean associated with the call */
    private Principal beanPrincipal;
+   
+   /** SecurityContext associated with the invocation */
+   private SecurityContext securityContext;
 
    /** Only StatelessSession beans have no Id, stateful and entity do */
    Object id;
@@ -215,6 +221,11 @@
       this.beanPrincipal = null;
       if( con.getSecurityManager() != null )
          this.beanPrincipal = getCallerPrincipal();
+   } 
+
+   public void setSecurityContext(SecurityContext securityContext)
+   {
+      this.securityContext = securityContext;
    }
 
    public void lock()
@@ -365,7 +376,9 @@
             /* Get the run-as user or authenticated user. The run-as user is
             returned before any authenticated user.
             */
-            Principal caller = SecurityActions.getCallerPrincipal();
+            Principal caller = SecurityActions.getCallerPrincipal(securityContext); 
+            
+            //Principal caller = SecurityActions.getCallerPrincipal();
             RealmMapping rm = con.getRealmMapping();
             /* Apply any domain caller mapping. This should really only be
             done for non-run-as callers.
@@ -515,7 +528,12 @@
                throw new IllegalStateException(msg);
          }
          //Check the caller of this beans run-as identity
-         RunAsIdentity runAsIdentity = SecurityActions.peekRunAsIdentity(1);
+         RunAs runAsIdentity = null;
+         if(securityContext != null )
+         {
+            runAsIdentity = securityContext.getUtil().getCallerRunAs();
+         }
+         //RunAsIdentity runAsIdentity = SecurityActions.peekRunAsIdentity(1);
          if (principal == null && runAsIdentity == null)
             return false;
          
@@ -531,7 +549,7 @@
          map.put(ResourceKeys.EJB_NAME ,getContainer().getBeanMetaData().getEjbName()); 
          map.put(ResourceKeys.EJB_PRINCIPAL, principal); 
          map.put(ResourceKeys.AUTHORIZATION_MANAGER,authzManager); 
-         map.put(ResourceKeys.RUNASIDENTITY, SecurityActions.peekRunAsIdentity(1));
+         map.put(ResourceKeys.RUNASIDENTITY, runAsIdentity);
          map.put(ResourceKeys.SECURITY_ROLE_REFERENCES, securityRoleRefs);
          map.put(ResourceKeys.ROLENAME, roleName);
          map.put(ResourceKeys.ROLEREF_PERM_CHECK, Boolean.TRUE);
@@ -554,10 +572,12 @@
          catch (Exception e)
          {
             isAuthorized = false;
-            if(log.isTraceEnabled())
-               log.trace("Error in authorization:",e);
-            else
-               log.error("isCallerInRole check failed:"+e.getLocalizedMessage());
+            if(log.isTraceEnabled()) 
+               log.trace(roleName + "::isCallerInRole check failed:"+e.getLocalizedMessage());
+            if(securityContext != null )
+            { 
+               securityContext.getAuditManager().audit(new AuditEvent(AuditLevel.FAILURE, map, e));
+            }
          }
          return isAuthorized;
       }

Modified: trunk/server/src/main/org/jboss/ejb/EntityContainer.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/EntityContainer.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/EntityContainer.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -50,6 +50,7 @@
 import org.jboss.metadata.ConfigurationMetaData;
 import org.jboss.metadata.EntityMetaData;
 import org.jboss.monitor.StatisticsProvider;
+import org.jboss.security.SecurityConstants;
 import org.jboss.util.collection.SerializableEnumeration;
 
 /**
@@ -65,6 +66,7 @@
  * @author <a href="mailto:bill at burkecentral.com">Bill Burke</a>
  * @author <a href="mailto:andreas.schaefer at madplanet.com">Andreas Schaefer</a>
  * @author <a href="mailto:dain at daingroup.com">Dain Sundstrom</a>
+ * @author <a href="mailto:anil.saldhana at redhat.com">Anil Saldhana</a>
  * @version $Revision$
  *
  * @jmx.mbean extends="org.jboss.ejb.ContainerMBean"
@@ -494,6 +496,23 @@
 
    public Object internalInvokeHome(Invocation mi) throws Exception
    {
+      //Validate that there is a security context on the invocation 
+      if(mi.getSecurityContext() == null)
+         throw new IllegalStateException("Security Context in invocation is null");
+       
+      String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+      if(sm != null)
+         securityDomain = sm.getSecurityDomain();
+      if(mi.isLocal() == false)
+      { 
+         SecurityActions.createAndSetSecurityContext(mi.getPrincipal(), 
+                 mi.getCredential(), securityDomain, null); 
+      }
+      SecurityActions.pushCallerRunAsIdentity(mi.getSecurityContext().getRunAs());
+      //Place on the invocation
+      if(mi.getSecurityContext() == null)
+         mi.setSecurityContext(SecurityActions.getSecurityContext());
+      
       Method method = mi.getMethod();
       if (method != null && method.getName().equals("remove"))
       {
@@ -521,13 +540,45 @@
          mi.setArguments(new Object[0]);
          return getInterceptor().invoke(mi);
       }
-      return getInterceptor().invokeHome(mi);
+      try
+      { 
+         // Invoke through interceptors
+         return getInterceptor().invokeHome(mi);
+      }
+      finally
+      {
+         SecurityActions.popCallerRunAsIdentity();
+      }
    }
 
    public Object internalInvoke(Invocation mi) throws Exception
    {
-      // Invoke through interceptors
-      return getInterceptor().invoke(mi);
+      //Validate that there is a security context on the invocation 
+      if(mi.getSecurityContext() == null)
+         throw new IllegalStateException("Security Context in invocation is null");
+       
+      String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+      if(sm != null)
+         securityDomain = sm.getSecurityDomain();
+      if(mi.isLocal() == false)
+      { 
+         SecurityActions.createAndSetSecurityContext(mi.getPrincipal(), 
+                 mi.getCredential(), securityDomain, null); 
+      }
+      SecurityActions.pushCallerRunAsIdentity(mi.getSecurityContext().getRunAs());
+      //Place on the invocation
+      if(mi.getSecurityContext() == null)
+         mi.setSecurityContext(SecurityActions.getSecurityContext());
+      
+      try
+      { 
+         // Invoke through interceptors
+         return getInterceptor().invoke(mi);
+      }
+      finally
+      {
+         SecurityActions.popCallerRunAsIdentity();
+      }
    }
 
    // EJBObject implementation --------------------------------------

Modified: trunk/server/src/main/org/jboss/ejb/MessageDrivenContainer.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/MessageDrivenContainer.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/MessageDrivenContainer.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -40,6 +40,8 @@
 
 import org.jboss.invocation.Invocation;
 import org.jboss.metadata.MessageDrivenMetaData;
+import org.jboss.security.SecurityConstants;
+import org.jboss.security.SecurityContext;
 import org.jboss.util.NullArgumentException;
 
 /**
@@ -403,7 +405,15 @@
    public Object internalInvoke(Invocation mi) throws Exception
    {
       // Invoke through interceptors
-      return getInterceptor().invoke(mi);
+      String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+      if(sm != null)
+         securityDomain = sm.getSecurityDomain();
+      SecurityActions.createAndSetSecurityContext(mi.getPrincipal(), 
+                 mi.getCredential(), securityDomain, null);
+      //Place on the invocation
+      if(mi.getSecurityContext() == null)
+         mi.setSecurityContext(SecurityActions.getSecurityContext());
+      return getInterceptor().invoke(mi); 
    }
 
 

Modified: trunk/server/src/main/org/jboss/ejb/SecurityActions.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/SecurityActions.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/SecurityActions.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -38,8 +38,13 @@
 import javax.security.jacc.PolicyContextException;
 
 import org.jboss.mx.util.MBeanProxy; 
+import org.jboss.security.RunAs;
 import org.jboss.security.RunAsIdentity;
-import org.jboss.security.SecurityAssociation;
+import org.jboss.security.SecurityAssociation; 
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SimplePrincipal;
+import org.jboss.security.plugins.SecurityContextAssociation;
+import org.jboss.security.plugins.SecurityContextFactory;
 
 /** A collection of privileged actions for this package
  * 
@@ -183,11 +188,11 @@
       PrivilegedAction action = new PeekRunAsRoleAction(depth);
       RunAsIdentity principal = (RunAsIdentity) AccessController.doPrivileged(action);
       return principal;
-   }
-
-   static Principal getCallerPrincipal()
+   } 
+   
+   static Principal getCallerPrincipal(SecurityContext sc)
    {
-      return IdentityAction.UTIL.getIdentityAction().getCallerPrincipal();
+      return IdentityAction.UTIL.getIdentityAction().getCallerPrincipal(sc);
    }
 
    interface IdentityAction
@@ -200,11 +205,21 @@
          }
       }
       IdentityAction NON_PRIVILEGED = new IdentityAction()
-      {
-         public Principal getCallerPrincipal()
+      {  
+         public Principal getCallerPrincipal(SecurityContext securityContext)
          {
-            return SecurityAssociation.getCallerPrincipal();
+            Principal caller = null;
+            
+            if(securityContext != null)
+            {
+               caller = securityContext.getUtil().getCallerRunAs(); 
+               //If there is no caller run as, use the call principal
+               if(caller == null)
+                  caller = securityContext.getUtil().getUserPrincipal();
+            }
+            return caller;
          }
+         
       };
       IdentityAction PRIVILEGED = new IdentityAction()
       {
@@ -214,14 +229,28 @@
             {
                return SecurityAssociation.getCallerPrincipal();
             }
-         };
-         public Principal getCallerPrincipal()
+         }; 
+         
+         public Principal getCallerPrincipal(final SecurityContext securityContext)
          {
-            return (Principal)AccessController.doPrivileged(getCallerPrincipalAction);
+            return (Principal)AccessController.doPrivileged(new PrivilegedAction(){
+        
+               public Object run()
+               { 
+                  Principal caller = null;
+                  
+                  if(securityContext != null)
+                  {
+                     caller = securityContext.getUtil().getCallerRunAs(); 
+                     //If there is no caller run as, use the call principal
+                     if(caller == null)
+                        caller = securityContext.getUtil().getUserPrincipal();
+                  }
+                  return caller;
+               }});
          }
-      };
-
-      Principal getCallerPrincipal();
+      }; 
+      Principal getCallerPrincipal(SecurityContext sc);
    }
 
    interface TCLAction
@@ -385,8 +414,7 @@
       throws PolicyContextException; 
    } 
 
-   static Subject getContextSubject() 
-   
+   static Subject getContextSubject()  
    throws PolicyContextException 
    { 
       if(System.getSecurityManager() == null) 
@@ -398,4 +426,74 @@
          return PolicyContextActions.PRIVILEGED.getContextSubject(); 
       }    
    } 
+   
+   static SecurityContext getSecurityContext()
+   {
+      return (SecurityContext)AccessController.doPrivileged(
+            new PrivilegedAction()
+            {
+               public Object run()
+               {
+                  return SecurityContextAssociation.getSecurityContext();
+               }
+            }
+         );
+   }
+   
+   static SecurityContext createSecurityContext(final String domain)
+   {
+      return (SecurityContext)AccessController.doPrivileged(
+            new PrivilegedAction()
+            {
+               public Object run()
+               {
+                  return SecurityContextFactory.createSecurityContext(domain);
+               }
+            }
+         );
+   }
+   
+
+   static void createAndSetSecurityContext(final Principal p, final Object cred, final String domain,
+         final Subject subject)
+   {
+      AccessController.doPrivileged(new PrivilegedAction(){
+
+         public Object run()
+         {
+            SecurityContext sc = SecurityContextFactory.createSecurityContext(domain); 
+            sc.getUtil().createSubjectInfo(p, cred, subject);
+            SecurityContextAssociation.setSecurityContext(sc);
+            return null;
+         }});
+   } 
+   
+
+   static void pushCallerRunAsIdentity(final RunAs ra)
+   {
+      AccessController.doPrivileged(new PrivilegedAction(){ 
+         public Object run()
+         {
+            SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            sc.getUtil().setCallerRunAs(ra);
+            return null;
+         } 
+      }); 
+   }
+   
+   static void popCallerRunAsIdentity()
+   {
+      AccessController.doPrivileged(new PrivilegedAction(){ 
+         public Object run()
+         {
+            SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            sc.getUtil().setCallerRunAs(null);
+            return null;
+         } 
+      }); 
+   }
 }

Modified: trunk/server/src/main/org/jboss/ejb/SessionContainer.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/SessionContainer.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/SessionContainer.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -40,10 +40,11 @@
 import javax.ejb.TimedObject;
 import javax.ejb.Timer;
 import javax.management.ObjectName;
-
+ 
 import org.jboss.invocation.Invocation;
 import org.jboss.invocation.MarshalledInvocation;
-import org.jboss.metadata.SessionMetaData;
+import org.jboss.metadata.SessionMetaData; 
+import org.jboss.security.SecurityConstants;
 
 /**
  * <p>
@@ -619,6 +620,23 @@
 
    public Object internalInvokeHome(Invocation mi) throws Exception
    {
+      //Validate that there is a security context on the invocation 
+      if(mi.getSecurityContext() == null)
+         throw new IllegalStateException("Security Context in invocation is null");
+       
+      String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+      if(sm != null)
+         securityDomain = sm.getSecurityDomain();
+      if(mi.isLocal() == false)
+      { 
+         SecurityActions.createAndSetSecurityContext(mi.getPrincipal(), 
+                 mi.getCredential(), securityDomain, null); 
+      }
+      SecurityActions.pushCallerRunAsIdentity(mi.getSecurityContext().getRunAs());
+      //Place on the invocation
+      if(mi.getSecurityContext() == null)
+         mi.setSecurityContext(SecurityActions.getSecurityContext());
+      
       Method method = mi.getMethod();
       if (method != null && method.getName().equals("remove"))
       {
@@ -635,8 +653,16 @@
          }
          else
             throw new RemoveException("EJBHome.remove(Object) not allowed for session beans");
+      } 
+      try
+      { 
+         // Invoke through interceptors
+         return getInterceptor().invokeHome(mi);
       }
-      return getInterceptor().invokeHome(mi);
+      finally
+      {
+         SecurityActions.popCallerRunAsIdentity();
+      }
    }
 
    /**
@@ -645,9 +671,33 @@
     * on the particular instance
     */
    public Object internalInvoke(Invocation mi) throws Exception
-   {
-      // Invoke through interceptors
-      return getInterceptor().invoke(mi);
+   { 
+      //Validate that there is a security context on the invocation 
+      if(mi.getSecurityContext() == null)
+         throw new IllegalStateException("Security Context in invocation is null");
+       
+      String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+      if(sm != null)
+         securityDomain = sm.getSecurityDomain();
+      if(mi.isLocal() == false)
+      { 
+         SecurityActions.createAndSetSecurityContext(mi.getPrincipal(), 
+                 mi.getCredential(), securityDomain, null); 
+      }
+      SecurityActions.pushCallerRunAsIdentity(mi.getSecurityContext().getRunAs());
+      //Place on the invocation
+      if(mi.getSecurityContext() == null)
+         mi.setSecurityContext(SecurityActions.getSecurityContext());
+       
+      try
+      { 
+         // Invoke through interceptors
+         return getInterceptor().invoke(mi);
+      }
+      finally
+      {
+         SecurityActions.popCallerRunAsIdentity();
+      }
    }
 
    // EJBObject implementation --------------------------------------

Modified: trunk/server/src/main/org/jboss/ejb/plugins/EntityInstanceInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/EntityInstanceInterceptor.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/EntityInstanceInterceptor.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -121,6 +121,7 @@
       // Give it the transaction
       ctx.setTransaction(mi.getTransaction());
    
+      ctx.setSecurityContext(mi.getSecurityContext());
       // Set the current security information
       ctx.setPrincipal(mi.getPrincipal());
 
@@ -256,8 +257,9 @@
          {
             ctx.setTransaction(tx);
          }
-      }
+      } 
 
+      ctx.setSecurityContext(mi.getSecurityContext());
       // Set the current security information
       ctx.setPrincipal(mi.getPrincipal());
       // Set the JACC EnterpriseBean PolicyContextHandler data

Modified: trunk/server/src/main/org/jboss/ejb/plugins/ProxyFactoryFinderInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/ProxyFactoryFinderInterceptor.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/ProxyFactoryFinderInterceptor.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -26,13 +26,13 @@
 import org.jboss.ejb.Interceptor;
 import org.jboss.invocation.Invocation;
 import org.jboss.invocation.InvocationKey;
-import org.jboss.naming.ENCThreadLocalKey;
+import org.jboss.naming.ENCThreadLocalKey; 
 
 /** 
  * This interceptor injects the ProxyFactory into the ThreadLocal container variable
  * 
  * @author <a href="mailto:rickard.oberg at telkel.com">Rickard Öberg</a>
- * @author <a href="mailto:Scott.Stark at jboss.org">Scott Stark</a>
+ * @author <a href="mailto:Scott.Stark at jboss.org">Scott Stark</a> 
  * @version $Revision$
  */
 public class ProxyFactoryFinderInterceptor
@@ -98,7 +98,7 @@
       if (invokerBinding != null || oldInvokerBinding == null)
       {
          ENCThreadLocalKey.setKey(invokerBinding);
-      }
+      } 
 
       Interceptor next = getNext();
       Object value = null;
@@ -129,8 +129,8 @@
       if (invokerBinding != null || oldInvokerBinding == null)
       {
          ENCThreadLocalKey.setKey(invokerBinding);
-      }
-
+      } 
+      
       Interceptor next = getNext();
       Object value = null;
       try
@@ -141,7 +141,7 @@
       {
          ENCThreadLocalKey.setKey(oldInvokerBinding);
          // TODO: we should probably clear the thread local, i.e.
-         //container.setProxyFactory(null);
+         //container.setProxyFactory(null); 
       }
 
       return value;

Modified: trunk/server/src/main/org/jboss/ejb/plugins/RunAsSecurityInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/RunAsSecurityInterceptor.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/RunAsSecurityInterceptor.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -21,14 +21,16 @@
 */
 package org.jboss.ejb.plugins;
  
-import org.jboss.ejb.Container;
+import org.jboss.ejb.Container; 
 import org.jboss.invocation.Invocation;
 import org.jboss.metadata.ApplicationMetaData;
 import org.jboss.metadata.AssemblyDescriptorMetaData;
 import org.jboss.metadata.BeanMetaData;
 import org.jboss.metadata.SecurityIdentityMetaData;
 import org.jboss.security.AuthenticationManager;
+import org.jboss.security.RunAs;
 import org.jboss.security.RunAsIdentity; 
+import org.jboss.security.SecurityConstants;
 
 import java.util.Set;
 
@@ -44,7 +46,7 @@
  */
 public class RunAsSecurityInterceptor extends AbstractInterceptor
 {
-   protected RunAsIdentity runAsIdentity; 
+   protected RunAs runAsIdentity; 
    
    /** The authentication manager plugin
     */
@@ -91,8 +93,12 @@
 
    public Object invokeHome(Invocation mi) throws Exception
    {
-      String securityDomain = securityManager != null ? securityManager.getSecurityDomain()
-                                                                                      :"EMPTY";
+      String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+      if(securityManager != null)
+      {
+         securityDomain = securityManager.getSecurityDomain();
+      } 
+      
       //Establish a security context if one is missing for Run-As push
       if(SecurityActions.getSecurityContext() == null)
       {
@@ -104,7 +110,8 @@
        by this bean will have the runAsRole available for declarative
        security checks.
       */
-      SecurityActions.pushRunAsIdentity(runAsIdentity); 
+      SecurityActions.pushRunAsIdentity(runAsIdentity);  
+      SecurityActions.pushCallerRunAsIdentity(runAsIdentity); 
       
       try
       {
@@ -114,13 +121,17 @@
       finally
       {
          SecurityActions.popRunAsIdentity();
+         SecurityActions.popCallerRunAsIdentity();
       }
    }
 
    public Object invoke(Invocation mi) throws Exception
    {
-      String securityDomain = securityManager != null ? securityManager.getSecurityDomain()
-            :"EMPTY";
+      String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+      if(securityManager != null)
+      {
+         securityDomain = securityManager.getSecurityDomain();
+      } 
       //Establish a security context if one is missing for Run-As push
       if(SecurityActions.getSecurityContext() == null)
       {

Modified: trunk/server/src/main/org/jboss/ejb/plugins/SecurityActions.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/SecurityActions.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/SecurityActions.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -25,98 +25,29 @@
 import java.security.PrivilegedExceptionAction;
 import java.security.Principal;
 import java.security.AccessController;
-import java.security.PrivilegedActionException;
-import java.util.HashMap;
+import java.security.PrivilegedActionException; 
 import java.lang.reflect.UndeclaredThrowableException;
 
 import javax.security.auth.Subject;
 import javax.security.jacc.PolicyContext;
 import javax.security.jacc.PolicyContextException;
 
-import org.jboss.security.SecurityAssociation;
-import org.jboss.security.RunAsIdentity;
-import org.jboss.security.SecurityConstants;
+import org.jboss.security.RunAs; 
 import org.jboss.security.SecurityContext;  
 import org.jboss.security.SubjectInfo;
 import org.jboss.security.plugins.SecurityContextAssociation;
 import org.jboss.security.plugins.SecurityContextFactory;
+ 
 
-import static org.jboss.security.SecurityConstants.RUNAS_IDENTITY_IDENTIFIER;
-
 /** A collection of privileged actions for this package
  * @author Scott.Stark at jboss.org
  * @author <a href="mailto:alex at jboss.org">Alexey Loubyansky</a>
+ * @author Anil.Saldhana at redhat.com
  * @version $Revison: $
  */
 class SecurityActions
 {
-   interface PrincipalInfoAction
-   {
-      PrincipalInfoAction PRIVILEGED = new PrincipalInfoAction()
-      {
-         public void push(final Principal principal, final Object credential,
-            final Subject subject)
-         {
-            AccessController.doPrivileged(
-               new PrivilegedAction()
-               {
-                  public Object run()
-                  {
-                     SecurityAssociation.pushSubjectContext(subject, principal, credential);
-                     return null;
-                  }
-               }
-            );
-         }
-         public void dup()
-         {
-            AccessController.doPrivileged(
-               new PrivilegedAction()
-               {
-                  public Object run()
-                  {
-                     SecurityAssociation.dupSubjectContext();
-                     return null;
-                  }
-               }
-            );
-         }
-         public void pop()
-         {
-            AccessController.doPrivileged(
-               new PrivilegedAction()
-               {
-                  public Object run()
-                  {
-                     SecurityAssociation.popSubjectContext();
-                     return null;
-                  }
-               }
-            );
-         }
-      };
-
-      PrincipalInfoAction NON_PRIVILEGED = new PrincipalInfoAction()
-      {
-         public void push(Principal principal, Object credential, Subject subject)
-         {
-            SecurityAssociation.pushSubjectContext(subject, principal, credential);
-         }
-         public void dup()
-         {
-            SecurityAssociation.dupSubjectContext();
-         }
-         public void pop()
-         {
-            SecurityAssociation.popSubjectContext();
-         }
-      };
-
-      void push(Principal principal, Object credential, Subject subject);
-      void dup();
-      void pop();
-   }
-
+    
    interface RunAsIdentityActions
    {
       RunAsIdentityActions PRIVILEGED = new RunAsIdentityActions()
@@ -125,7 +56,11 @@
          {
             public Object run()
             {
-               return SecurityAssociation.peekRunAsIdentity();
+               //return SecurityAssociation.peekRunAsIdentity();
+               SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+               if(sc == null)
+                  throw new IllegalStateException("Security Context is null");
+               return sc.getRunAs();
             }
          };
 
@@ -134,97 +69,87 @@
             public Object run()
             {
                //return SecurityAssociation.popRunAsIdentity();
-               SecurityContext sc = SecurityContextAssociation.getSecurityContext(); 
-               return sc.getUtil().remove(sc,RUNAS_IDENTITY_IDENTIFIER);
+               SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+               if(sc == null)
+                  throw new IllegalStateException("Security Context is null"); 
+               RunAs ra = sc.getRunAs();
+               sc.setRunAs(null); 
+               return ra;
             }
          };
 
-         public RunAsIdentity peek()
+         public RunAs peek()
          {
-            return (RunAsIdentity)AccessController.doPrivileged(peekAction);
+            return (RunAs)AccessController.doPrivileged(peekAction);
          }
 
-         public void push(final RunAsIdentity id)
+         public void push(final RunAs id)
          {
             AccessController.doPrivileged(
                new PrivilegedAction()
                {
                   public Object run()
                   {
-                     SecurityAssociation.pushRunAsIdentity(id);
+                     //SecurityAssociation.pushRunAsIdentity((RunAsIdentity)id);
+                     SecurityContext sa = SecurityContextAssociation.getSecurityContext(); 
+                     if(sa == null)
+                        throw new IllegalStateException("Security Context is null to push runas"); 
+                     sa.setRunAs(id);
                      return null;
                   }
                }
             );
          }
 
-         public RunAsIdentity pop()
+         public RunAs pop()
          { 
-            return (RunAsIdentity)AccessController.doPrivileged(popAction);
+            return (RunAs)AccessController.doPrivileged(popAction);
          }
       };
 
       RunAsIdentityActions NON_PRIVILEGED = new RunAsIdentityActions()
       {
-         public RunAsIdentity peek()
+         public RunAs peek()
          {
-            return SecurityAssociation.peekRunAsIdentity();
+            //return SecurityAssociation.peekRunAsIdentity();
+            SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            return sc.getRunAs();
          }
 
-         public void push(RunAsIdentity id)
+         public void push(RunAs id)
          {
             //SecurityAssociation.pushRunAsIdentity(id); 
             SecurityContext sc = SecurityContextAssociation.getSecurityContext();
             if(sc == null)
-               throw new IllegalStateException("Security Context is null to push runas"); 
-            sc.getUtil().set(sc, RUNAS_IDENTITY_IDENTIFIER, id);
+               throw new IllegalStateException("Security Context is null to push runas");  
+            sc.setRunAs(id);
          }
 
-         public RunAsIdentity pop()
+         public RunAs pop()
          { 
             //Pop the RAI 
             // return SecurityAssociation.popRunAsIdentity(); 
-            SecurityContext sc = SecurityContextAssociation.getSecurityContext(); 
-            return sc.getUtil().remove(sc,RUNAS_IDENTITY_IDENTIFIER);
+            SecurityContext sc = SecurityContextAssociation.getSecurityContext();  
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            RunAs ra = null; 
+            ra = sc.getRunAs();
+            sc.setRunAs(null); 
+            return ra;
          }
       };
 
-      RunAsIdentity peek();
+      RunAs peek();
 
-      void push(RunAsIdentity id);
+      void push(RunAs id);
 
-      RunAsIdentity pop();
+      RunAs pop();
    }
 
-   interface ContextInfoActions
-   {
-      static final String EX_KEY = "org.jboss.security.exception";
-      ContextInfoActions PRIVILEGED = new ContextInfoActions()
-      {
-         private final PrivilegedAction exAction = new PrivilegedAction()
-         {
-            public Object run()
-            {
-               return SecurityAssociation.getContextInfo(EX_KEY);
-            }
-         };
-         public Exception getContextException()
-         {
-            return (Exception)AccessController.doPrivileged(exAction);
-         }
-      };
+    
 
-      ContextInfoActions NON_PRIVILEGED = new ContextInfoActions()
-      {
-         public Exception getContextException()
-         {
-            return (Exception)SecurityAssociation.getContextInfo(EX_KEY);
-         }
-      };
-
-      Exception getContextException();
-   }
-
    interface PolicyContextActions
    {
       /** The JACC PolicyContext key for the current Subject */
@@ -279,42 +204,9 @@
       TCLAction.UTIL.setContextClassLoader(loader);
    }
 
-   static void pushSubjectContext(Principal principal, Object credential,
-      Subject subject)
-   {
-      if(System.getSecurityManager() == null)
-      {
-         PrincipalInfoAction.NON_PRIVILEGED.push(principal, credential, subject);
-      }
-      else
-      {
-         PrincipalInfoAction.PRIVILEGED.push(principal, credential, subject);
-      }
-   }
-   static void dupSubjectContext()
-   {
-      if(System.getSecurityManager() == null)
-      {
-         PrincipalInfoAction.NON_PRIVILEGED.dup();
-      }
-      else
-      {
-         PrincipalInfoAction.PRIVILEGED.dup();
-      }
-   }
-   static void popSubjectContext()
-   {
-      if(System.getSecurityManager() == null)
-      {
-         PrincipalInfoAction.NON_PRIVILEGED.pop();
-      }
-      else
-      {
-         PrincipalInfoAction.PRIVILEGED.pop();
-      }
-   }
+    
 
-   static RunAsIdentity peekRunAsIdentity()
+   static RunAs peekRunAsIdentity()
    {
       if(System.getSecurityManager() == null)
       {
@@ -326,7 +218,7 @@
       }
    }
 
-   static void pushRunAsIdentity(RunAsIdentity principal)
+   static void pushRunAsIdentity(RunAs principal)
    {
       if(System.getSecurityManager() == null)
       {
@@ -338,7 +230,7 @@
       }
    }
 
-   static RunAsIdentity popRunAsIdentity()
+   static RunAs popRunAsIdentity()
    {
       if(System.getSecurityManager() == null)
       {
@@ -348,20 +240,9 @@
       {
          return RunAsIdentityActions.PRIVILEGED.pop();
       }
-   }
+   } 
+    
 
-   static Exception getContextException()
-   {
-      if(System.getSecurityManager() == null)
-      {
-         return ContextInfoActions.NON_PRIVILEGED.getContextException();
-      }
-      else
-      {
-         return ContextInfoActions.PRIVILEGED.getContextException();
-      }
-   }
-
    static Subject getContextSubject()
       throws PolicyContextException
    {
@@ -492,79 +373,8 @@
       void setContextClassLoader(Thread thread, ClassLoader cl);
    }
    
-   private static class GetSecurityContextAction implements PrivilegedAction
-   { 
-      private String securityDomain;
-      GetSecurityContextAction(String sd)
-      {
-         this.securityDomain = sd;
-      }
-      public Object run()
-      {
-         String sc = SecurityConstants.SECURITY_CONTEXT;
-         HashMap map = (HashMap)SecurityAssociation.getContextInfo(sc);
-         if(map == null)
-         {
-            map = new HashMap();
-            SecurityAssociation.setContextInfo(sc, map);
-         }
-         SecurityAssociation.setContextInfo(sc, map);  
-         //return map.get(this.securityDomain); 
-         return SecurityContextAssociation.getSecurityContext();
-      }
-   }
    
-   private static class SetSecurityContextAction implements PrivilegedAction
-   { 
-      private SecurityContext securityContext;
-      private String securityDomain;
-      SetSecurityContextAction(SecurityContext sc, String sd)
-      {
-         this.securityContext = sc;
-         this.securityDomain = sd;
-      }
-      
-      public Object run()
-      {
-         String sc = SecurityConstants.SECURITY_CONTEXT;
-         HashMap map = (HashMap)SecurityAssociation.getContextInfo(sc);
-         if(map == null)
-         {
-            map = new HashMap();
-            SecurityAssociation.setContextInfo(sc, map);
-         }
-         map.put(securityDomain, securityContext); 
-         SecurityAssociation.setContextInfo(sc, map); 
-         
-         SecurityContextAssociation.setSecurityContext(securityContext);
-         return null;
-      }
-   }
    
-   private static class ClearSecurityContextAction implements PrivilegedAction
-   { 
-      private String securityDomain;
-      ClearSecurityContextAction(String sd)
-      {
-         this.securityDomain = sd;
-      }
-      public Object run()
-      {
-         String sc = SecurityConstants.SECURITY_CONTEXT;
-         HashMap map = (HashMap)SecurityAssociation.getContextInfo(sc);
-         if(map == null)
-         {
-            map = new HashMap();
-            SecurityAssociation.setContextInfo(sc, map);
-         }
-         if(map.containsKey(securityDomain))
-            map.remove(securityDomain);
-         
-         SecurityAssociation.setContextInfo(sc, map);
-         return null;
-      }
-   }
-   
    static void createAndSetSecurityContext(final Principal p, final Object cred, final String domain)
    {
       AccessController.doPrivileged(new PrivilegedAction(){
@@ -584,18 +394,22 @@
 
          public Object run()
          {
-            SecurityContext sc = SecurityContextFactory.createSecurityContext(domain);
-            SubjectInfo si = SecurityContextFactory.createSubjectInfo(p, cred, subject);  
-            sc.setSubjectInfo(si);
+            SecurityContext sc = SecurityContextFactory.createSecurityContext(domain); 
+            sc.getUtil().createSubjectInfo(p, cred, subject);
             SecurityContextAssociation.setSecurityContext(sc);
             return null;
          }});
-   }
+   } 
+   
+   static void clearSecurityContext()
+   { 
+      AccessController.doPrivileged(new PrivilegedAction(){
 
-   static void clearSecurityContext(String securityDomain)
-   {
-      ClearSecurityContextAction action = new ClearSecurityContextAction(securityDomain);
-      AccessController.doPrivileged(action);
+         public Object run()
+         { 
+            SecurityContextAssociation.setSecurityContext(null);
+            return null;
+         }});
    }
    
    static SecurityContext getSecurityContext()
@@ -608,15 +422,76 @@
       });
    }
    
-   static SecurityContext getSecurityContext(String securityDomain)
+   static Exception getContextException()
    {
-      GetSecurityContextAction action = new GetSecurityContextAction(securityDomain);
-      return (SecurityContext)AccessController.doPrivileged(action);
+      return (Exception)AccessController.doPrivileged(new PrivilegedAction()
+      {
+         static final String EX_KEY = "org.jboss.security.exception";
+         public Object run()
+         { 
+            SecurityContext sc = getSecurityContext();
+            return sc.getData().get(EX_KEY); 
+         }
+      });
    }
    
-   static void setSecurityContext(SecurityContext sc, String securityDomain)
+   static void pushSubjectContext(final Principal p, final Object cred, final Subject s)
    {
-      SetSecurityContextAction action = new SetSecurityContextAction(sc,securityDomain);
-      AccessController.doPrivileged(action);
+      AccessController.doPrivileged(new PrivilegedAction(){
+
+         public Object run()
+         {
+            SecurityContext sc = getSecurityContext(); 
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            sc.getUtil().createSubjectInfo(p, cred, s); 
+            return null;
+         }}
+      );
+   } 
+   
+   static void popSubjectContext()
+   {
+      AccessController.doPrivileged(new PrivilegedAction(){
+
+         public Object run()
+         {
+            SecurityContext sc = getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            SubjectInfo si = sc.getSubjectInfo();
+            if(si != null)
+              si.setAuthenticatedSubject(null);
+            return null;
+         }}
+      );
+   } 
+   
+   static void pushCallerRunAsIdentity(final RunAs ra)
+   {
+      AccessController.doPrivileged(new PrivilegedAction(){ 
+         public Object run()
+         {
+            SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            sc.getUtil().setCallerRunAs(ra);
+            return null;
+         } 
+      }); 
+   } 
+
+   static void popCallerRunAsIdentity()
+   {
+      AccessController.doPrivileged(new PrivilegedAction(){ 
+         public Object run()
+         {
+            SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            sc.getUtil().setCallerRunAs(null);
+            return null;
+         } 
+      }); 
    }
 }

Modified: trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -21,12 +21,10 @@
 */
 package org.jboss.ejb.plugins;
 
-import static org.jboss.security.SecurityConstants.DEFAULT_EJB_APPLICATION_POLICY;
-import static org.jboss.security.SecurityConstants.RUNAS_IDENTITY_IDENTIFIER;
+import static org.jboss.security.SecurityConstants.DEFAULT_EJB_APPLICATION_POLICY; 
 
 import org.jboss.ejb.Container;
-import org.jboss.invocation.Invocation; 
-import org.jboss.invocation.InvocationKey; 
+import org.jboss.invocation.Invocation;  
 import org.jboss.metadata.ApplicationMetaData;
 import org.jboss.metadata.AssemblyDescriptorMetaData;
 import org.jboss.metadata.BeanMetaData;
@@ -34,14 +32,14 @@
 import org.jboss.security.AuthenticationManager;
 import org.jboss.security.AuthorizationManager;
 import org.jboss.security.RealmMapping;
-import org.jboss.security.RunAsIdentity;  
+import org.jboss.security.RunAs;
+import org.jboss.security.RunAsIdentity;   
 import org.jboss.security.SecurityContext; 
 import org.jboss.security.SecurityRolesAssociation; 
 import org.jboss.security.Util;
 import org.jboss.security.audit.AuditEvent;
 import org.jboss.security.audit.AuditLevel; 
-import org.jboss.security.audit.AuditManager;
-import org.jboss.security.audit.SecurityAuditManager;
+import org.jboss.security.audit.AuditManager; 
 import org.jboss.security.authorization.AuthorizationContext;
 import org.jboss.security.authorization.EJBResource;
 import org.jboss.security.authorization.ResourceKeys;  
@@ -53,8 +51,7 @@
 import java.util.Map;
 import java.util.Set;
 import java.lang.reflect.Method;
-import javax.security.auth.Subject;
-import javax.security.jacc.PolicyContextException;
+import javax.security.auth.Subject; 
 import javax.ejb.TimedObject;
 import javax.ejb.Timer;
 
@@ -90,7 +87,7 @@
    protected RealmMapping realmMapping;
 
    // The bean uses this run-as identity to call out
-   protected RunAsIdentity runAsIdentity;
+   protected RunAs runAsIdentity;
 
    // A map of SecurityRolesMetaData from jboss.xml
    protected Map securityRoles;
@@ -181,17 +178,14 @@
 
    public Object invokeHome(Invocation mi) throws Exception
    {  
-      // Authenticate the subject and apply any declarative security checks
-      checkSecurityAssociation(mi); 
+      RunAs callerRunAsIdentity = getCallerRunAsIdentity(mi); 
       
-      //Establish a security context if one is missing for Run-As push
       if(SecurityActions.getSecurityContext() == null)
-      {
-         SecurityActions.createAndSetSecurityContext(mi.getPrincipal(),
-               mi.getCredential(), this.appSecurityDomain);
-      }
+         throw new IllegalStateException("Security Context is null"); 
       
-      RunAsIdentity callerRunAsIdentity = getCallerRunAsIdentity(mi);  
+      // Authenticate the subject and apply any declarative security checks
+      checkSecurityAssociation(mi, callerRunAsIdentity);  
+       
       /**
        * Special case: if <use-caller-identity> configured and
        * the caller is arriving with a run-as, we need to push that run-as
@@ -212,28 +206,22 @@
          return returnValue;
       }
       finally
-      { 
-         SecurityActions.popRunAsIdentity(); 
-         SecurityActions.popSubjectContext();
-         //Clear the SecurityContext
-         SecurityActions.clearSecurityContext(appSecurityDomain); 
+      {  
+            SecurityActions.popRunAsIdentity(); 
+            SecurityActions.popSubjectContext();   
       }
    }
 
 
    public Object invoke(Invocation mi) throws Exception
-   {   
-      // Authenticate the subject and apply any declarative security checks
-      checkSecurityAssociation(mi);
-
-      //Establish a security context if one is missing for Run-As push
+   {     
+      RunAs callerRunAsIdentity = getCallerRunAsIdentity(mi); 
       if(SecurityActions.getSecurityContext() == null)
-      {
-         SecurityActions.createAndSetSecurityContext(mi.getPrincipal(),
-               mi.getCredential(), this.appSecurityDomain);
-      }
+         throw new IllegalStateException("Security Context is null");
       
-      RunAsIdentity callerRunAsIdentity = getCallerRunAsIdentity(mi);  
+      // Authenticate the subject and apply any declarative security checks
+      checkSecurityAssociation(mi, callerRunAsIdentity);  
+      
       /**
        * Special case: if <use-caller-identity> configured and
        * the caller is arriving with a run-as, we need to push that run-as
@@ -254,10 +242,8 @@
       }
       finally
       {  
-         SecurityActions.popRunAsIdentity(); 
-         SecurityActions.popSubjectContext();
-         //Clear the SecurityContext
-         SecurityActions.clearSecurityContext(appSecurityDomain); 
+            SecurityActions.popRunAsIdentity(); 
+            SecurityActions.popSubjectContext();  
       }
    }
   
@@ -271,33 +257,27 @@
    protected boolean isTrustedCaller(Invocation inv)
    {
       boolean trusted = false;
-      SecurityContext callerSC = getInvocationSecurityContext(inv);  
+      SecurityContext callerSC = inv.getSecurityContext();  
       if(callerSC != null)
       {
          //authenticate the current principal
-         RunAsIdentity callerRunAsIdentity = getCallerRunAsIdentity(inv);
+         RunAs callerRunAsIdentity = callerSC.getRunAs();
          if(callerRunAsIdentity != null)
          {
-            //Either has to be a in-vm call or the invocation has to be secure
-            Boolean intervm = (Boolean) inv.getAsIsPayload().get(InvocationKey.INTERVM);
-            trusted = intervm == null || intervm == Boolean.FALSE || inv.isSecure();
+            //Either has to be a in-vm call or the invocation has to be secure 
+            trusted = !inv.isInterVM() || inv.isSecure();
          }
       }
       
       return trusted;
    }
    
-   private SecurityContext getInvocationSecurityContext(Invocation inv)
-   {
-      return (SecurityContext) inv.getAsIsPayload().get(InvocationKey.SECURITY_CONTEXT);
-   }
-   
    /** The EJB 2.0 declarative security algorithm:
    1. Authenticate the caller using the principal and credentials in the MethodInfocation
    2. Validate access to the method by checking the principal's roles against
    those required to access the method.
    */
-  private void checkSecurityAssociation(Invocation mi)
+  private void checkSecurityAssociation(Invocation mi, RunAs callerRunAsIdentity)
      throws Exception
   {
      Principal principal = mi.getPrincipal();
@@ -310,14 +290,14 @@
      if ( containerMethod == true || securityManager == null || container == null )
      {
         // Allow for the progatation of caller info to other beans
-        SecurityActions.pushSubjectContext(principal, credential, null);
+        SecurityActions.pushSubjectContext(principal, credential, null); 
         return;
      } 
      
      if (realmMapping == null)
      {
         throw new SecurityException("Role mapping manager has not been set");
-     }
+     } 
      
      if (!isTrustedCaller(mi))
      {
@@ -329,7 +309,7 @@
            if (authenticationObserver != null)
               authenticationObserver.authenticationFailed();
            // Check for the security association exception
-           Exception ex = SecurityActions.getContextException();
+           Exception ex = SecurityActions.getContextException(); 
            audit(AuditLevel.ERROR,getContextMap(principal, m.getName()),ex); 
            if( ex != null )
               throw ex;
@@ -341,8 +321,7 @@
         }
         else
         {
-           SecurityActions.pushSubjectContext(principal, credential, subject);
-           establishSecurityContext(securityManager.getSecurityDomain(),principal, credential, subject);
+           SecurityActions.pushSubjectContext(principal, credential, subject);  
            audit(AuditLevel.SUCCESS,getContextMap(principal, m.getName()),null); 
            if (trace)
            {
@@ -353,8 +332,8 @@
      else
      {
         // Duplicate the current subject context on the stack since
-        SecurityActions.dupSubjectContext(); 
-        establishSecurityContext(securityManager.getSecurityDomain(),principal, credential, null);
+        //SecurityActions.dupSubjectContext();  
+        SecurityActions.pushRunAsIdentity(callerRunAsIdentity);
         
         /**
          * Since the RunAsIdentity has been populated via the SecurityContext by the
@@ -371,7 +350,7 @@
      if( ejbMethod== null  )
         return; 
      // Get the caller
-     Subject caller = getContextCallerSubject(); 
+     Subject caller = SecurityActions.getContextSubject(); 
      
      //Establish the deployment rolename-principalset custom mapping(if available)
      SecurityRolesAssociation.setSecurityRoles(this.deploymentRoles);
@@ -384,7 +363,7 @@
      map.put(ResourceKeys.EJB_CODESOURCE, ejbCS);
      map.put(ResourceKeys.CALLER_SUBJECT, caller);
      map.put(ResourceKeys.AUTHORIZATION_MANAGER,authorizationManager); 
-     map.put(ResourceKeys.RUNASIDENTITY, getCallerRunAsIdentity(mi));
+     map.put(ResourceKeys.RUNASIDENTITY, callerRunAsIdentity);
      map.put(ResourceKeys.EJB_METHODROLES, container.getMethodPermissions(ejbMethod, mi.getType()));  
      
      EJBResource ejbResource = new EJBResource(map); 
@@ -407,46 +386,15 @@
      if(!isAuthorized)
         throw new SecurityException(msg); 
   } 
-  
-  /**
-   * Context caller subject is used by the Jacc layer. Since the 
-   * PolicyContext.getContext(Subject_Key) checks the RunAs threadlocal
-   * stack in the Security Association at a depth of 1, there is a need to
-   * push/pop the current runAsIdentity surrounding the getContextSubject
-   * call on SecurityActions
-   * 
-   * @return
-   * @throws PolicyContextException
-   */
-  private Subject getContextCallerSubject() throws PolicyContextException
+   
+  private RunAs getCallerRunAsIdentity(Invocation inv)
   {
-     /**
-      * There is a need for current RunAsIdentity on the stack due to 
-      * PolicyContext.getContext(Subject_Key) check at a depth of 1
-      * (Get the same behavior as split JaasAuthenticationInterceptor
-      * and JaccAuthorizationInterceptor)
-      */
-     Subject caller = null;
-     try
-     { 
-       // SecurityActions.pushRunAsIdentity(runAsIdentity);
-        caller = SecurityActions.getContextSubject();
-     }
-     finally
-     { 
-        //SecurityActions.popRunAsIdentity();
-     }   
-     return caller;
-  }
-  
-  private RunAsIdentity getCallerRunAsIdentity(Invocation inv)
-  {
-     RunAsIdentity callerRAI = null;
-     SecurityContext callerSC = (SecurityContext) inv.getAsIsPayload().get(InvocationKey.SECURITY_CONTEXT); 
+     RunAs callerRAI = null;
+     SecurityContext callerSC = (SecurityContext) inv.getSecurityContext(); 
      
      if(callerSC != null)
      { 
-        callerRAI = callerSC.getUtil().get(callerSC, RUNAS_IDENTITY_IDENTIFIER); 
+        callerRAI = callerSC.getRunAs(); 
      }
      return callerRAI;
   }
@@ -460,16 +408,13 @@
         Map<String,Object> contextMap, Exception e)
   { 
      contextMap.put("Source", getClass().getName());
-     AuditEvent ae = new AuditEvent(level);
-     ae.setContextMap(contextMap);
-     ae.setUnderlyingException(e);
+     AuditEvent ae = new AuditEvent(level,contextMap,e);
      
      String secDomain = securityManager.getSecurityDomain();
-     SecurityContext sc = SecurityActions.getSecurityContext(secDomain);
+     SecurityContext sc = SecurityActions.getSecurityContext(); 
      if(sc != null)
      {
-        SecurityAuditManager sam = sc.getAuditManager();
-        sam.audit(ae);
+        sc.getAuditManager().audit(ae);
      }
      else
         AuditManager.getAuditContext(secDomain).audit(ae);   
@@ -492,12 +437,5 @@
      cmap.put("principal", principal);
      cmap.put("method", methodName);
      return cmap;
-  }  
-  
-  //Security Context
-  private void establishSecurityContext(String domain, Principal p, Object cred,
-        Subject subject)
-  {
-     SecurityActions.createAndSetSecurityContext(p, cred, domain,subject); 
-  }  
+  } 
 }

Modified: trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionInstanceInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionInstanceInterceptor.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionInstanceInterceptor.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -32,6 +32,8 @@
 import org.jboss.invocation.InvocationType;
 import org.jboss.logging.Logger;
 import org.jboss.metadata.SessionMetaData;
+import org.jboss.security.AuthenticationManager;
+import org.jboss.security.SecurityConstants;
 
 import javax.ejb.EJBException;
 import javax.ejb.EJBObject;
@@ -215,6 +217,7 @@
       
       BeanLock lock = container.getLockManager().getLock(methodID);
       boolean callerRunAsIdentityPresent = SecurityActions.peekRunAsIdentity() != null;
+      boolean pushSecurityContext = SecurityActions.getSecurityContext() == null;
       try
       {
          /* The security context must be established before the cache
@@ -228,8 +231,16 @@
          of the ejb spec requirement that runtime exceptions should invalidate
          the session.
           */
-         if(!callerRunAsIdentityPresent)
-            SecurityActions.pushSubjectContext(mi.getPrincipal(), mi.getCredential(), null);
+         if(!callerRunAsIdentityPresent && pushSecurityContext)
+         {
+            AuthenticationManager am = container.getSecurityManager();
+            String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+            if(am != null)
+               securityDomain = am.getSecurityDomain();
+            SecurityActions.createAndSetSecurityContext(mi.getPrincipal(), mi.getCredential(), 
+                  securityDomain , null);
+            //SecurityActions.pushSubjectContext(mi.getPrincipal(), mi.getCredential(), null);
+         }
 
          lock.sync();
          try
@@ -395,8 +406,8 @@
       finally
       {
          container.getLockManager().removeLockRef(lock.getId());
-         if(!callerRunAsIdentityPresent)
-           SecurityActions.popSubjectContext();
+         if(!callerRunAsIdentityPresent && pushSecurityContext)
+           SecurityActions.clearSecurityContext();
          EnterpriseBeanPolicyContextHandler.setEnterpriseBean(null);
       }
    }

Modified: trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionSecurityInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionSecurityInterceptor.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/StatefulSessionSecurityInterceptor.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -76,6 +76,8 @@
       if(ctx == null)
          throw new IllegalStateException("EJBContext is null");
       
+      ctx.setSecurityContext(mi.getSecurityContext());
+      
       //Set the current security information
       ctx.setPrincipal(mi.getPrincipal());
       
@@ -100,6 +102,8 @@
       EnterpriseContext ctx = (EnterpriseContext) mi.getEnterpriseContext();
       if(ctx == null)
          throw new IllegalStateException("EJBContext is null");
+      
+      ctx.setSecurityContext(mi.getSecurityContext());
       //Set the current security information
       ctx.setPrincipal(mi.getPrincipal());
        

Modified: trunk/server/src/main/org/jboss/ejb/plugins/StatelessSessionInstanceInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/StatelessSessionInstanceInterceptor.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/StatelessSessionInstanceInterceptor.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -133,6 +133,8 @@
             throw new RemoteException("Unable to get an intance from the pool", e);
       }
 
+
+      ctx.setSecurityContext(mi.getSecurityContext());
       // Set the current security information
       ctx.setPrincipal(mi.getPrincipal());
       // Set the JACC EnterpriseBean PolicyContextHandler data

Modified: trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/JDBCCMRFieldBridge.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/JDBCCMRFieldBridge.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/JDBCCMRFieldBridge.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -35,10 +35,7 @@
 import java.util.Map;
 import java.util.Set;
 import java.util.HashMap;
-import java.util.Arrays;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.Principal;
+import java.util.Arrays; 
 import java.rmi.RemoteException;
 import javax.ejb.EJBException;
 import javax.ejb.EJBLocalObject;
@@ -76,8 +73,8 @@
 import org.jboss.ejb.plugins.cmp.ejbql.Catalog;
 import org.jboss.ejb.plugins.lock.Entrancy;
 import org.jboss.invocation.InvocationType;
-import org.jboss.logging.Logger;
-import org.jboss.security.SecurityAssociation;
+import org.jboss.logging.Logger; 
+import org.jboss.security.SecurityContext;
 
 /**
  * JDBCCMRFieldBridge a bean relationship. This class only supports
@@ -1085,17 +1082,19 @@
       try
       {
          EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
-         SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
-
+         //SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
+         SecurityContext sc = SecurityActions.getSecurityContext(); 
+         
          CMRInvocation invocation = new CMRInvocation();
          invocation.setCmrMessage(CMRMessage.SCHEDULE_FOR_CASCADE_DELETE);
          invocation.setEntrancy(Entrancy.NON_ENTRANT);
          invocation.setId(instanceCache.createCacheKey(myId));
          invocation.setArguments(new Object[]{this});
          invocation.setTransaction(tx);
-         invocation.setPrincipal(actions.getPrincipal());
-         invocation.setCredential(actions.getCredential());
+         invocation.setPrincipal(sc.getUtil().getUserPrincipal());
+         invocation.setCredential(sc.getUtil().getCredential());
          invocation.setType(InvocationType.LOCAL);
+         invocation.setSecurityContext(sc);
          return manager.getContainer().invoke(invocation);
       }
       catch(EJBException e)
@@ -1116,16 +1115,18 @@
       try
       {
          EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
-         SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
-
+         //SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
+         SecurityContext sc = SecurityActions.getSecurityContext(); 
+         
          CMRInvocation invocation = new CMRInvocation();
          invocation.setCmrMessage(CMRMessage.SCHEDULE_FOR_BATCH_CASCADE_DELETE);
          invocation.setEntrancy(Entrancy.NON_ENTRANT);
          invocation.setId(instanceCache.createCacheKey(myId));
          invocation.setArguments(new Object[]{this});
          invocation.setTransaction(tx);
-         invocation.setPrincipal(actions.getPrincipal());
-         invocation.setCredential(actions.getCredential());
+         invocation.setPrincipal(sc.getUtil().getUserPrincipal());
+         invocation.setCredential(sc.getUtil().getCredential());
+         invocation.setSecurityContext(sc);
          invocation.setType(InvocationType.LOCAL);
          return manager.getContainer().invoke(invocation);
       }
@@ -1148,16 +1149,18 @@
       try
       {
          EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
-         SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
-
+         //SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
+         SecurityContext sc = SecurityActions.getSecurityContext(); 
+         
          CMRInvocation invocation = new CMRInvocation();
          invocation.setCmrMessage(CMRMessage.GET_RELATED_ID);
          invocation.setEntrancy(Entrancy.NON_ENTRANT);
          invocation.setId(instanceCache.createCacheKey(myId));
          invocation.setArguments(new Object[]{this});
          invocation.setTransaction(tx);
-         invocation.setPrincipal(actions.getPrincipal());
-         invocation.setCredential(actions.getCredential());
+         invocation.setPrincipal(sc.getUtil().getUserPrincipal());
+         invocation.setCredential(sc.getUtil().getCredential());
+         invocation.setSecurityContext(sc);
          invocation.setType(InvocationType.LOCAL);
          return manager.getContainer().invoke(invocation);
       }
@@ -1179,8 +1182,9 @@
    {
       try
       {
+         SecurityContext sc = SecurityActions.getSecurityContext(); 
          EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
-         SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
+         //SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
 
          CMRInvocation invocation = new CMRInvocation();
          invocation.setCmrMessage(CMRMessage.ADD_RELATION);
@@ -1188,9 +1192,10 @@
          invocation.setId(instanceCache.createCacheKey(myId));
          invocation.setArguments(new Object[]{this, relatedId});
          invocation.setTransaction(tx);
-         invocation.setPrincipal(actions.getPrincipal());
-         invocation.setCredential(actions.getCredential());
+         invocation.setPrincipal(sc.getUtil().getUserPrincipal());
+         invocation.setCredential(sc.getUtil().getCredential());
          invocation.setType(InvocationType.LOCAL);
+         invocation.setSecurityContext(sc);
          manager.getContainer().invoke(invocation);
       }
       catch(EJBException e)
@@ -1212,16 +1217,18 @@
       try
       {
          EntityCache instanceCache = (EntityCache) manager.getContainer().getInstanceCache();
-         SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
-
+         //SecurityActions actions = SecurityActions.UTIL.getSecurityActions();
+         SecurityContext sc = SecurityActions.getSecurityContext(); 
+         
          CMRInvocation invocation = new CMRInvocation();
          invocation.setCmrMessage(CMRMessage.REMOVE_RELATION);
          invocation.setEntrancy(Entrancy.NON_ENTRANT);
          invocation.setId(instanceCache.createCacheKey(myId));
          invocation.setArguments(new Object[]{this, relatedId});
          invocation.setTransaction(tx);
-         invocation.setPrincipal(actions.getPrincipal());
-         invocation.setCredential(actions.getCredential());
+         invocation.setPrincipal(sc.getUtil().getUserPrincipal());
+         invocation.setCredential(sc.getUtil().getCredential());
+         invocation.setSecurityContext(sc);
          invocation.setType(InvocationType.LOCAL);
          manager.getContainer().invoke(invocation);
       }
@@ -2332,7 +2339,7 @@
       }
    }
 
-   interface SecurityActions
+   /*interface SecurityActions
    {
       class UTIL
       {
@@ -2387,5 +2394,5 @@
       Principal getPrincipal();
 
       Object getCredential();
-   }
+   }*/
 }

Added: trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions.java	                        (rev 0)
+++ trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc/bridge/SecurityActions.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -0,0 +1,497 @@
+/*
+* JBoss, Home of Professional Open Source
+* Copyright 2005, JBoss Inc., and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+package org.jboss.ejb.plugins.cmp.jdbc.bridge;
+
+import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
+import java.security.Principal;
+import java.security.AccessController;
+import java.security.PrivilegedActionException; 
+import java.lang.reflect.UndeclaredThrowableException;
+
+import javax.security.auth.Subject;
+import javax.security.jacc.PolicyContext;
+import javax.security.jacc.PolicyContextException;
+
+import org.jboss.security.RunAs; 
+import org.jboss.security.SecurityContext;  
+import org.jboss.security.SubjectInfo;
+import org.jboss.security.plugins.SecurityContextAssociation;
+import org.jboss.security.plugins.SecurityContextFactory;
+ 
+
+/** A collection of privileged actions for this package
+ * @author Scott.Stark at jboss.org
+ * @author <a href="mailto:alex at jboss.org">Alexey Loubyansky</a>
+ * @author Anil.Saldhana at redhat.com
+ * @version $Revison: $
+ */
+class SecurityActions
+{
+    
+   interface RunAsIdentityActions
+   {
+      RunAsIdentityActions PRIVILEGED = new RunAsIdentityActions()
+      {
+         private final PrivilegedAction peekAction = new PrivilegedAction()
+         {
+            public Object run()
+            {
+               //return SecurityAssociation.peekRunAsIdentity();
+               SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+               if(sc == null)
+                  throw new IllegalStateException("Security Context is null");
+               return sc.getRunAs();
+            }
+         };
+
+         private final PrivilegedAction popAction = new PrivilegedAction()
+         {
+            public Object run()
+            {
+               //return SecurityAssociation.popRunAsIdentity();
+               SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+               if(sc == null)
+                  throw new IllegalStateException("Security Context is null"); 
+               RunAs ra = sc.getRunAs();
+               sc.setRunAs(null); 
+               return ra;
+            }
+         };
+
+         public RunAs peek()
+         {
+            return (RunAs)AccessController.doPrivileged(peekAction);
+         }
+
+         public void push(final RunAs id)
+         {
+            AccessController.doPrivileged(
+               new PrivilegedAction()
+               {
+                  public Object run()
+                  {
+                     //SecurityAssociation.pushRunAsIdentity((RunAsIdentity)id);
+                     SecurityContext sa = SecurityContextAssociation.getSecurityContext(); 
+                     if(sa == null)
+                        throw new IllegalStateException("Security Context is null to push runas"); 
+                     sa.setRunAs(id);
+                     return null;
+                  }
+               }
+            );
+         }
+
+         public RunAs pop()
+         { 
+            return (RunAs)AccessController.doPrivileged(popAction);
+         }
+      };
+
+      RunAsIdentityActions NON_PRIVILEGED = new RunAsIdentityActions()
+      {
+         public RunAs peek()
+         {
+            //return SecurityAssociation.peekRunAsIdentity();
+            SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            return sc.getRunAs();
+         }
+
+         public void push(RunAs id)
+         {
+            //SecurityAssociation.pushRunAsIdentity(id); 
+            SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null to push runas");  
+            sc.setRunAs(id);
+         }
+
+         public RunAs pop()
+         { 
+            //Pop the RAI 
+            // return SecurityAssociation.popRunAsIdentity(); 
+            SecurityContext sc = SecurityContextAssociation.getSecurityContext();  
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            RunAs ra = null; 
+            ra = sc.getRunAs();
+            sc.setRunAs(null); 
+            return ra;
+         }
+      };
+
+      RunAs peek();
+
+      void push(RunAs id);
+
+      RunAs pop();
+   }
+
+    
+
+   interface PolicyContextActions
+   {
+      /** The JACC PolicyContext key for the current Subject */
+      static final String SUBJECT_CONTEXT_KEY = "javax.security.auth.Subject.container";
+      PolicyContextActions PRIVILEGED = new PolicyContextActions()
+      {
+         private final PrivilegedExceptionAction exAction = new PrivilegedExceptionAction()
+         {
+            public Object run() throws Exception
+            {
+               return (Subject) PolicyContext.getContext(SUBJECT_CONTEXT_KEY);
+            }
+         };
+         public Subject getContextSubject()
+            throws PolicyContextException
+         {
+            try
+            {
+               return (Subject) AccessController.doPrivileged(exAction);
+            }
+            catch(PrivilegedActionException e)
+            {
+               Exception ex = e.getException();
+               if( ex instanceof PolicyContextException )
+                  throw (PolicyContextException) ex;
+               else
+                  throw new UndeclaredThrowableException(ex);
+            }
+         }
+      };
+
+      PolicyContextActions NON_PRIVILEGED = new PolicyContextActions()
+      {
+         public Subject getContextSubject()
+            throws PolicyContextException
+         {
+            return (Subject) PolicyContext.getContext(SUBJECT_CONTEXT_KEY);
+         }
+      };
+
+      Subject getContextSubject()
+         throws PolicyContextException;
+   }
+   
+   static ClassLoader getContextClassLoader()
+   {
+      return TCLAction.UTIL.getContextClassLoader();
+   }
+
+   static void setContextClassLoader(ClassLoader loader)
+   {
+      TCLAction.UTIL.setContextClassLoader(loader);
+   }
+
+    
+
+   static RunAs peekRunAsIdentity()
+   {
+      if(System.getSecurityManager() == null)
+      {
+         return RunAsIdentityActions.NON_PRIVILEGED.peek();
+      }
+      else
+      {
+         return RunAsIdentityActions.PRIVILEGED.peek();
+      }
+   }
+
+   static void pushRunAsIdentity(RunAs principal)
+   {
+      if(System.getSecurityManager() == null)
+      {
+         RunAsIdentityActions.NON_PRIVILEGED.push(principal);
+      }
+      else
+      {
+         RunAsIdentityActions.PRIVILEGED.push(principal);
+      }
+   }
+
+   static RunAs popRunAsIdentity()
+   {
+      if(System.getSecurityManager() == null)
+      {
+         return RunAsIdentityActions.NON_PRIVILEGED.pop();
+      }
+      else
+      {
+         return RunAsIdentityActions.PRIVILEGED.pop();
+      }
+   } 
+    
+
+   static Subject getContextSubject()
+      throws PolicyContextException
+   {
+      if(System.getSecurityManager() == null)
+      {
+         return PolicyContextActions.NON_PRIVILEGED.getContextSubject();
+      }
+      else
+      {
+         return PolicyContextActions.PRIVILEGED.getContextSubject();
+      }      
+   }
+
+   interface TCLAction
+   {
+      class UTIL
+      {
+         static TCLAction getTCLAction()
+         {
+            return System.getSecurityManager() == null ? NON_PRIVILEGED : PRIVILEGED;
+         }
+
+         static ClassLoader getContextClassLoader()
+         {
+            return getTCLAction().getContextClassLoader();
+         }
+
+         static ClassLoader getContextClassLoader(Thread thread)
+         {
+            return getTCLAction().getContextClassLoader(thread);
+         }
+
+         static void setContextClassLoader(ClassLoader cl)
+         {
+            getTCLAction().setContextClassLoader(cl);
+         }
+
+         static void setContextClassLoader(Thread thread, ClassLoader cl)
+         {
+            getTCLAction().setContextClassLoader(thread, cl);
+         }
+      }
+
+      TCLAction NON_PRIVILEGED = new TCLAction()
+      {
+         public ClassLoader getContextClassLoader()
+         {
+            return Thread.currentThread().getContextClassLoader();
+         }
+
+         public ClassLoader getContextClassLoader(Thread thread)
+         {
+            return thread.getContextClassLoader();
+         }
+
+         public void setContextClassLoader(ClassLoader cl)
+         {
+            Thread.currentThread().setContextClassLoader(cl);
+         }
+
+         public void setContextClassLoader(Thread thread, ClassLoader cl)
+         {
+            thread.setContextClassLoader(cl);
+         }
+      };
+
+      TCLAction PRIVILEGED = new TCLAction()
+      {
+         private final PrivilegedAction getTCLPrivilegedAction = new PrivilegedAction()
+         {
+            public Object run()
+            {
+               return Thread.currentThread().getContextClassLoader();
+            }
+         };
+
+         public ClassLoader getContextClassLoader()
+         {
+            return (ClassLoader)AccessController.doPrivileged(getTCLPrivilegedAction);
+         }
+
+         public ClassLoader getContextClassLoader(final Thread thread)
+         {
+            return (ClassLoader)AccessController.doPrivileged(new PrivilegedAction()
+            {
+               public Object run()
+               {
+                  return thread.getContextClassLoader();
+               }
+            });
+         }
+
+         public void setContextClassLoader(final ClassLoader cl)
+         {
+            AccessController.doPrivileged(
+               new PrivilegedAction()
+               {
+                  public Object run()
+                  {
+                     Thread.currentThread().setContextClassLoader(cl);
+                     return null;
+                  }
+               }
+            );
+         }
+
+         public void setContextClassLoader(final Thread thread, final ClassLoader cl)
+         {
+            AccessController.doPrivileged(
+               new PrivilegedAction()
+               {
+                  public Object run()
+                  {
+                     thread.setContextClassLoader(cl);
+                     return null;
+                  }
+               }
+            );
+         }
+      };
+
+      ClassLoader getContextClassLoader();
+
+      ClassLoader getContextClassLoader(Thread thread);
+
+      void setContextClassLoader(ClassLoader cl);
+
+      void setContextClassLoader(Thread thread, ClassLoader cl);
+   }
+   
+   
+   
+   static void createAndSetSecurityContext(final Principal p, final Object cred, final String domain)
+   {
+      AccessController.doPrivileged(new PrivilegedAction(){
+
+         public Object run()
+         {
+            SecurityContext sc = SecurityContextFactory.createSecurityContext(p, cred, null, domain);
+            SecurityContextAssociation.setSecurityContext(sc);
+            return null;
+         }});
+   }
+   
+   static void createAndSetSecurityContext(final Principal p, final Object cred, final String domain,
+         final Subject subject)
+   {
+      AccessController.doPrivileged(new PrivilegedAction(){
+
+         public Object run()
+         {
+            SecurityContext sc = SecurityContextFactory.createSecurityContext(domain); 
+            sc.getUtil().createSubjectInfo(p, cred, subject);
+            SecurityContextAssociation.setSecurityContext(sc);
+            return null;
+         }});
+   } 
+   
+   static void clearSecurityContext()
+   { 
+      AccessController.doPrivileged(new PrivilegedAction(){
+
+         public Object run()
+         { 
+            SecurityContextAssociation.setSecurityContext(null);
+            return null;
+         }});
+   }
+   
+   static SecurityContext getSecurityContext()
+   { 
+      return (SecurityContext)AccessController.doPrivileged(new PrivilegedAction(){
+         public Object run()
+         {
+            return SecurityContextAssociation.getSecurityContext();
+         }
+      });
+   }
+   
+   static Exception getContextException()
+   {
+      return (Exception)AccessController.doPrivileged(new PrivilegedAction()
+      {
+         static final String EX_KEY = "org.jboss.security.exception";
+         public Object run()
+         { 
+            SecurityContext sc = getSecurityContext();
+            return sc.getData().get(EX_KEY); 
+         }
+      });
+   }
+   
+   static void pushSubjectContext(final Principal p, final Object cred, final Subject s)
+   {
+      AccessController.doPrivileged(new PrivilegedAction(){
+
+         public Object run()
+         {
+            SecurityContext sc = getSecurityContext(); 
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            sc.getUtil().createSubjectInfo(p, cred, s); 
+            return null;
+         }}
+      );
+   } 
+   
+   static void popSubjectContext()
+   {
+      AccessController.doPrivileged(new PrivilegedAction(){
+
+         public Object run()
+         {
+            SecurityContext sc = getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            SubjectInfo si = sc.getSubjectInfo();
+            if(si != null)
+              si.setAuthenticatedSubject(null);
+            return null;
+         }}
+      );
+   } 
+   
+   static void pushCallerRunAsIdentity(final RunAs ra)
+   {
+      AccessController.doPrivileged(new PrivilegedAction(){ 
+         public Object run()
+         {
+            SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            sc.getUtil().setCallerRunAs(ra);
+            return null;
+         } 
+      }); 
+   } 
+
+   static void popCallerRunAsIdentity()
+   {
+      AccessController.doPrivileged(new PrivilegedAction(){ 
+         public Object run()
+         {
+            SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            sc.getUtil().setCallerRunAs(null);
+            return null;
+         } 
+      }); 
+   }
+}

Modified: trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc2/bridge/JDBCCMRFieldBridge2.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc2/bridge/JDBCCMRFieldBridge2.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/cmp/jdbc2/bridge/JDBCCMRFieldBridge2.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -46,7 +46,8 @@
 import org.jboss.ejb.LocalProxyFactory;
 import org.jboss.deployment.DeploymentException;
 import org.jboss.logging.Logger;
-import org.jboss.security.SecurityAssociation;
+import org.jboss.security.SecurityContext;
+import org.jboss.security.plugins.SecurityContextAssociation;
 import org.jboss.invocation.InvocationType;
 
 import javax.ejb.EJBException;
@@ -1740,13 +1741,32 @@
       {
          public Principal getPrincipal()
          {
-            return SecurityAssociation.getPrincipal();
+            //return SecurityAssociation.getPrincipal();
+            Principal p = null;
+            SecurityContext sc = getSecurityContext();
+            if(sc != null)
+            {
+               p = sc.getUtil().getUserPrincipal();
+            }
+            return p;
          }
 
          public Object getCredential()
          {
-            return SecurityAssociation.getCredential();
+            //return SecurityAssociation.getCredential();
+            Object credential = null;
+            SecurityContext sc = getSecurityContext();
+            if(sc != null)
+            {
+               credential = sc.getUtil().getCredential();
+            }
+            return credential;
          }
+         
+         public SecurityContext getSecurityContext()
+         {
+            return SecurityContextAssociation.getSecurityContext();
+         }
       };
 
       SecurityActions PRIVILEGED = new SecurityActions()
@@ -1755,7 +1775,14 @@
          {
             public Object run()
             {
-               return SecurityAssociation.getPrincipal();
+             //return SecurityAssociation.getPrincipal();
+               Principal p = null;
+               SecurityContext sc = getSecurityContext();
+               if(sc != null)
+               {
+                  p = sc.getUtil().getUserPrincipal();
+               }
+               return p;
             }
          };
 
@@ -1763,7 +1790,14 @@
          {
             public Object run()
             {
-               return SecurityAssociation.getCredential();
+             //return SecurityAssociation.getCredential();
+               Object credential = null;
+               SecurityContext sc = getSecurityContext();
+               if(sc != null)
+               {
+                  credential = sc.getUtil().getCredential();
+               }
+               return credential;
             }
          };
 
@@ -1776,10 +1810,22 @@
          {
             return AccessController.doPrivileged(getCredentialAction);
          }
+         
+         public SecurityContext getSecurityContext()
+         {
+            return (SecurityContext) AccessController.doPrivileged(new PrivilegedAction(){
+
+               public Object run()
+               {
+                  return SecurityContextAssociation.getSecurityContext();
+               }});
+         }
       };
 
       Principal getPrincipal();
 
       Object getCredential();
+      
+      SecurityContext getSecurityContext();
    }
 }

Modified: trunk/server/src/main/org/jboss/ejb/plugins/local/BaseLocalProxyFactory.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/local/BaseLocalProxyFactory.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/plugins/local/BaseLocalProxyFactory.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -44,6 +44,7 @@
 import javax.ejb.TransactionRolledbackLocalException;
 import javax.naming.Context;
 import javax.naming.InitialContext;
+import javax.security.auth.Subject;
 import javax.transaction.Transaction;
 import javax.transaction.TransactionManager;
 import javax.transaction.TransactionRequiredException;
@@ -51,24 +52,21 @@
 
 import org.jboss.ejb.Container;
 import org.jboss.ejb.EJBProxyFactoryContainer;
-import org.jboss.ejb.LocalProxyFactory;
-import org.jboss.invocation.InvocationKey;
+import org.jboss.ejb.LocalProxyFactory; 
 import org.jboss.invocation.InvocationType;
 import org.jboss.invocation.MarshalledInvocation;
 import org.jboss.invocation.LocalEJBInvocation;
 import org.jboss.logging.Logger;
 import org.jboss.metadata.BeanMetaData;
-import org.jboss.naming.Util;
-import org.jboss.security.RunAsIdentity;
-import org.jboss.security.SecurityAssociation;
+import org.jboss.naming.Util; 
+import org.jboss.security.RunAs; 
 import org.jboss.security.SecurityContext; 
+import org.jboss.security.SecurityContextUtil;
+import org.jboss.security.SecurityIdentity;
 import org.jboss.security.plugins.SecurityContextAssociation; 
 import org.jboss.util.NestedRuntimeException;
-import org.jboss.tm.TransactionLocal;
+import org.jboss.tm.TransactionLocal; 
 
-import static org.jboss.security.SecurityConstants.RUNAS_IDENTITY_IDENTIFIER;
-
-
 /**
  * The LocalProxyFactory implementation that handles local ejb interface
  * proxies.
@@ -354,8 +352,9 @@
       container.pushENC();
 
       SecurityActions sa = SecurityActions.UTIL.getSecurityActions(); 
-      SecurityContext existingSC = sa.getSecurityContext();
-      RunAsIdentity cachedRAI = existingSC.getUtil().get(existingSC, RUNAS_IDENTITY_IDENTIFIER);
+      //Cache the security identity
+      SecurityContext sc = sa.getSecurityContext();
+      SecurityIdentity sidentity = sc.getUtil().getSecurityIdentity(); 
       
       try
       {
@@ -365,11 +364,9 @@
             getTransaction(),
             sa.getPrincipal(),
             sa.getCredential());
-         invocation.setType(InvocationType.LOCALHOME);
-
-         //Just place the current security context on the invocation 
-         if(existingSC != null)
-           invocation.getAsIsPayload().put(InvocationKey.SECURITY_CONTEXT, existingSC);
+         invocation.setType(InvocationType.LOCALHOME); 
+         invocation.setSecurityContext(sc); 
+ 
          return container.invoke(invocation);
       }
       catch(AccessException ae)
@@ -394,12 +391,9 @@
          if(setCl)
          {
             TCLAction.UTIL.setContextClassLoader(oldCl);
-         }
-         if(cachedRAI != null)
-         {
-            existingSC = sa.getSecurityContext();
-            existingSC.getUtil().set(existingSC, RUNAS_IDENTITY_IDENTIFIER, cachedRAI);
-         }
+         } 
+         //Restore the previous security identity 
+         sc.getUtil().setSecurityIdentity(sidentity); 
       }
    }
 
@@ -437,10 +431,13 @@
       }
       container.pushENC();
 
-      SecurityActions sa = SecurityActions.UTIL.getSecurityActions(); 
-      SecurityContext existingSC = sa.getSecurityContext();
-      RunAsIdentity cachedRAI = existingSC.getUtil().get(existingSC, RUNAS_IDENTITY_IDENTIFIER);
+      SecurityActions sa = SecurityActions.UTIL.getSecurityActions();  
+      SecurityContext sc = sa.getSecurityContext();  
       
+      //Cache the subject
+      Subject subj = sc.getUtil().getSubject();
+      RunAs ra = sc.getRunAs();
+      RunAs callerRunAs = sc.getUtil().getCallerRunAs();
       try
       {
          LocalEJBInvocation invocation = new LocalEJBInvocation(id,
@@ -449,12 +446,9 @@
             getTransaction(),
             sa.getPrincipal(),
             sa.getCredential());
-         invocation.setType(InvocationType.LOCAL);
+         invocation.setType(InvocationType.LOCAL);  
+         invocation.setSecurityContext(sa.getSecurityContext());
          
-         //Just place the current security context on the invocation 
-         if(existingSC != null)
-           invocation.getAsIsPayload().put(InvocationKey.SECURITY_CONTEXT, existingSC);
-         
          return container.invoke(invocation);
       }
       catch(AccessException ae)
@@ -479,12 +473,12 @@
          if(setCl)
          {
             TCLAction.UTIL.setContextClassLoader(oldCl);
-         }
-         if(cachedRAI != null)
-         {
-            existingSC = sa.getSecurityContext();
-            existingSC.getUtil().set(existingSC, RUNAS_IDENTITY_IDENTIFIER, cachedRAI);
-         }
+         } 
+         //Restore the previous subject and runas
+         SecurityContextUtil util = sc.getUtil(); 
+         util.createSubjectInfo(util.getUserPrincipal(), util.getCredential(), subj);
+         sc.setRunAs(ra);
+         sc.getUtil().setCallerRunAs(callerRunAs);
       }
    }
 
@@ -500,6 +494,7 @@
          throw new NestedRuntimeException(ex);
       }
    }
+    
 
    interface ClassLoaderAction
    {
@@ -557,18 +552,27 @@
       {
          public Principal getPrincipal()
          {
-            return SecurityAssociation.getPrincipal();
+            SecurityContext sc = getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("No security context for getPrincipal");
+            return sc.getUtil().getUserPrincipal();
+            //return SecurityAssociation.getPrincipal();
          }
 
          public Object getCredential()
          {
-            return SecurityAssociation.getCredential();
+            SecurityContext sc = getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("No security context for getCredential");
+            return sc.getUtil().getCredential();
+            //return SecurityAssociation.getCredential();
          }
          
          public SecurityContext getSecurityContext()
          {
             return SecurityContextAssociation.getSecurityContext(); 
          }
+          
       };
 
       SecurityActions PRIVILEGED = new SecurityActions()
@@ -577,7 +581,11 @@
          {
             public Object run()
             {
-               return SecurityAssociation.getPrincipal();
+               SecurityContext sc = getSecurityContext();
+               if(sc == null)
+                  throw new IllegalStateException("No security context for getPrincipal");
+               return sc.getUtil().getUserPrincipal();
+               //return SecurityAssociation.getPrincipal();
             }
          };
 
@@ -585,7 +593,11 @@
          {
             public Object run()
             {
-               return SecurityAssociation.getCredential();
+               SecurityContext sc = getSecurityContext();
+               if(sc == null)
+                  throw new IllegalStateException("No security context for getCredential");
+               return sc.getUtil().getCredential();
+               //return SecurityAssociation.getCredential();
             }
          };
 
@@ -608,13 +620,13 @@
                      { 
                         return SecurityContextAssociation.getSecurityContext();
                      }});
-         }
+         } 
       };
 
       Principal getPrincipal();
 
       Object getCredential();
-      SecurityContext getSecurityContext(); 
+      SecurityContext getSecurityContext();  
    }
 
    interface TCLAction

Modified: trunk/server/src/main/org/jboss/ejb/txtimer/SecurityActions.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/txtimer/SecurityActions.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/txtimer/SecurityActions.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -24,13 +24,16 @@
 import java.security.PrivilegedAction;
 import java.security.AccessController;
 
-import org.jboss.security.RunAsIdentity;
-import org.jboss.security.SecurityAssociation;
+import org.jboss.security.RunAs; 
+import org.jboss.security.SecurityContext;
+import org.jboss.security.plugins.SecurityContextAssociation;
+import org.jboss.security.plugins.SecurityContextFactory;
 
 /** 
  * A collection of privileged actions for this package
  * 
  * @author Scott.Stark at jboss.org
+ * @author Anil.Saldhana at redhat.com
  * @version $Revision$
  */
 public class SecurityActions
@@ -43,7 +46,11 @@
          {
             public Object run()
             {
-               return SecurityAssociation.peekRunAsIdentity();
+               SecurityContext sc = getSecurityContext();
+               if(sc == null)
+                  throw new IllegalStateException("Security Context is null");
+               return sc.getRunAs();
+               //return SecurityAssociation.peekRunAsIdentity();
             }
          };
 
@@ -51,58 +58,82 @@
          {
             public Object run()
             {
-               return SecurityAssociation.popRunAsIdentity();
+               //return SecurityAssociation.popRunAsIdentity();
+               SecurityContext sc = getSecurityContext();
+               if(sc == null)
+                  throw new IllegalStateException("Security Context is null");
+               RunAs ra = sc.getRunAs();
+               sc.setRunAs(null);
+               return ra;
             }
          };
 
-         public RunAsIdentity peek()
+         public RunAs peek()
          {
-            return (RunAsIdentity)AccessController.doPrivileged(peekAction);
+            return (RunAs)AccessController.doPrivileged(peekAction);
          }
 
-         public void push(final RunAsIdentity id)
+         public void push(final RunAs id)
          {
             AccessController.doPrivileged(
                new PrivilegedAction()
                {
                   public Object run()
                   {
-                     SecurityAssociation.pushRunAsIdentity(id);
+                     //SecurityAssociation.pushRunAsIdentity(id);
+                     SecurityContext sc = getSecurityContext();
+                     if(sc == null)
+                        throw new IllegalStateException("Security Context is null"); 
+                     sc.setRunAs(id);
                      return null;
                   }
                }
             );
          }
 
-         public RunAsIdentity pop()
+         public RunAs pop()
          {
-            return (RunAsIdentity)AccessController.doPrivileged(popAction);
+            return (RunAs)AccessController.doPrivileged(popAction);
          }
       };
 
       RunAsIdentityActions NON_PRIVILEGED = new RunAsIdentityActions()
       {
-         public RunAsIdentity peek()
+         public RunAs peek()
          {
-            return SecurityAssociation.peekRunAsIdentity();
+            SecurityContext sc = getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            return sc.getRunAs();
+            //return SecurityAssociation.peekRunAsIdentity();
          }
 
-         public void push(RunAsIdentity id)
+         public void push(RunAs id)
          {
-            SecurityAssociation.pushRunAsIdentity(id);
+          //SecurityAssociation.pushRunAsIdentity(id);
+            SecurityContext sc = getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null"); 
+            sc.setRunAs(id); 
          }
 
-         public RunAsIdentity pop()
+         public RunAs pop()
          {
-            return SecurityAssociation.popRunAsIdentity();
+          //return SecurityAssociation.popRunAsIdentity();
+            SecurityContext sc = getSecurityContext();
+            if(sc == null)
+               throw new IllegalStateException("Security Context is null");
+            RunAs ra = sc.getRunAs();
+            sc.setRunAs(null);
+            return ra;
          }
       };
 
-      RunAsIdentity peek();
+      RunAs peek();
 
-      void push(RunAsIdentity id);
+      void push(RunAs id);
 
-      RunAsIdentity pop();
+      RunAs pop();
    }
 
    static ClassLoader getContextClassLoader()
@@ -114,7 +145,43 @@
    {
       return TCLAction.UTIL.getContextClassLoader(thread);
    }
+   
+   static SecurityContext createSecurityContext(final String securityDomain)
+   {
+      return (SecurityContext)AccessController.doPrivileged(new PrivilegedAction()
+      { 
+         public Object run()
+         {
+            SecurityContext sc = SecurityContextFactory.createSecurityContext(securityDomain); 
+            SecurityContextAssociation.setSecurityContext(sc);
+            return sc;
+         }
+      }); 
+   } 
+   
+   static SecurityContext getSecurityContext()
+   {
+     return (SecurityContext) AccessController.doPrivileged(new PrivilegedAction()
+     {
 
+      public Object run()
+      {
+         return SecurityContextAssociation.getSecurityContext();
+      }}); 
+   }
+   
+   static void setSecurityContext(final SecurityContext sc)
+   {
+      AccessController.doPrivileged(new PrivilegedAction()
+     {
+
+      public Object run()
+      {
+         SecurityContextAssociation.setSecurityContext(sc);
+         return null;
+      }}); 
+   }
+
    static void setContextClassLoader(ClassLoader loader)
    {
       TCLAction.UTIL.setContextClassLoader(loader);
@@ -125,7 +192,7 @@
       TCLAction.UTIL.setContextClassLoader(thread, loader);
    }
 
-   static void pushRunAsIdentity(RunAsIdentity principal)
+   static void pushRunAsIdentity(RunAs principal)
    {
       if(System.getSecurityManager() == null)
       {
@@ -137,7 +204,7 @@
       }
    }
 
-   static RunAsIdentity popRunAsIdentity()
+   static RunAs popRunAsIdentity()
    {
       if(System.getSecurityManager() == null)
       {

Modified: trunk/server/src/main/org/jboss/ejb/txtimer/TimedObjectInvokerImpl.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/txtimer/TimedObjectInvokerImpl.java	2007-04-25 15:07:35 UTC (rev 62556)
+++ trunk/server/src/main/org/jboss/ejb/txtimer/TimedObjectInvokerImpl.java	2007-04-25 15:08:18 UTC (rev 62557)
@@ -28,7 +28,10 @@
 import org.jboss.invocation.InvocationKey;
 import org.jboss.invocation.InvocationType;
 import org.jboss.invocation.PayloadKey;
+import org.jboss.security.RunAs;
 import org.jboss.security.RunAsIdentity;
+import org.jboss.security.SecurityConstants;
+import org.jboss.security.SecurityContext;
 import org.jboss.metadata.BeanMetaData;
 import org.jboss.metadata.SecurityIdentityMetaData;
 import org.jboss.metadata.AssemblyDescriptorMetaData;
@@ -53,6 +56,7 @@
    private Container container;
    private TimedObjectId timedObjectId;
    private Method method;
+   boolean pushedRunAs = false;
 
    public TimedObjectInvokerImpl(TimedObjectId timedObjectId, Container container)
    {
@@ -84,6 +88,8 @@
          Invocation inv = new Invocation(timedObjectId.getInstancePk(), method, new Object[]{timer}, null, null, null);
          inv.setValue(InvocationKey.INVOKER_PROXY_BINDING, null, PayloadKey.AS_IS);
          inv.setType(InvocationType.LOCAL);
+         this.establishSecurityContext(inv);
+         
          BeanMetaData bmd = container.getBeanMetaData();
          SecurityIdentityMetaData ejbTimeoutIdentity = bmd.getEjbTimeoutIdentity();
          if( ejbTimeoutIdentity != null && ejbTimeoutIdentity.getUseCallerIdentity() == false )
@@ -94,16 +100,35 @@
             String principalName = ejbTimeoutIdentity.getRunAsPrincipalName();
             // the run-as principal might have extra roles mapped in the assembly-descriptor
             Set extraRoleNames = assemblyDescriptor.getSecurityRoleNamesByPrincipal(principalName);
-            RunAsIdentity runAsIdentity = new RunAsIdentity(roleName, principalName, extraRoleNames);
+            RunAs runAsIdentity = new RunAsIdentity(roleName, principalName, extraRoleNames);
             SecurityActions.pushRunAsIdentity(runAsIdentity);
+            pushedRunAs = true;
          }
          container.invoke(inv);
       }
       finally
       {
          container.popENC();
-         SecurityActions.popRunAsIdentity();
+         if(pushedRunAs)
+            SecurityActions.popRunAsIdentity();
          SecurityActions.setContextClassLoader(callerClassLoader);
       }
    }
+   
+   private void establishSecurityContext(Invocation inv)
+   {
+      SecurityContext sc = SecurityActions.getSecurityContext();
+      if( sc == null)
+      {
+         String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
+         if(container != null)
+         {
+            if(container.getSecurityManager() != null)
+               securityDomain = container.getSecurityManager().getSecurityDomain();
+         }
+         sc = SecurityActions.createSecurityContext(securityDomain);
+         SecurityActions.setSecurityContext(sc);
+      }
+      inv.setSecurityContext(sc);
+   }
 }




More information about the jboss-cvs-commits mailing list