[jboss-cvs] JBossAS SVN: r64976 - trunk/ejb3/src/main/org/jboss/ejb3/security.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Aug 30 16:38:35 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-08-30 16:38:35 -0400 (Thu, 30 Aug 2007)
New Revision: 64976
Modified:
trunk/ejb3/src/main/org/jboss/ejb3/security/Ejb3AuthenticationInterceptorv2.java
Log:
add deployment principal role mapping customization
Modified: trunk/ejb3/src/main/org/jboss/ejb3/security/Ejb3AuthenticationInterceptorv2.java
===================================================================
--- trunk/ejb3/src/main/org/jboss/ejb3/security/Ejb3AuthenticationInterceptorv2.java 2007-08-30 20:33:37 UTC (rev 64975)
+++ trunk/ejb3/src/main/org/jboss/ejb3/security/Ejb3AuthenticationInterceptorv2.java 2007-08-30 20:38:35 UTC (rev 64976)
@@ -36,6 +36,8 @@
import org.jboss.logging.Logger;
import org.jboss.security.SecurityContext;
import org.jboss.security.SecurityIdentity;
+import org.jboss.security.SecurityRolesAssociation;
+import org.jboss.security.SecurityUtil;
import org.jboss.security.SimplePrincipal;
import org.jboss.security.integration.ejb.EJBAuthenticationHelper;
@@ -108,8 +110,9 @@
sc = invSC;
p = sc.getUtil().getUserPrincipal();
cred = sc.getUtil().getCredential();
+ String unprefixed = SecurityUtil.unprefixSecurityDomain(domain.value());
sc = SecurityActions.createSecurityContext(p,
- cred, null, domain.value());
+ cred, null, unprefixed);
//Set the security context
SecurityActions.setSecurityContext(sc);
sc.getUtil().setSecurityIdentity(invSC.getUtil().getSecurityIdentity());
@@ -168,6 +171,11 @@
if(sc != null)
SecurityActions.pushCallerRunAsIdentity(sc.getOutgoingRunAs());
+ //Set a map of principal-roles that may be configured at deployment level
+ if(container.getAssemblyDescriptor() != null)
+ {
+ SecurityRolesAssociation.setSecurityRoles(container.getAssemblyDescriptor().getPrincipalVersusRolesMap());
+ }
return invocation.invokeNext();
}
finally
More information about the jboss-cvs-commits
mailing list