[jboss-cvs] JBossAS SVN: r68058 - in trunk/security/src/main/org/jboss/security/integration: ejb and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Dec 7 18:33:17 EST 2007
Author: anil.saldhana at jboss.com
Date: 2007-12-07 18:33:17 -0500 (Fri, 07 Dec 2007)
New Revision: 68058
Modified:
trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityManagement.java
trunk/security/src/main/org/jboss/security/integration/SecurityDomainObjectFactory.java
trunk/security/src/main/org/jboss/security/integration/ejb/EJBAuthenticationHelper.java
trunk/security/src/main/org/jboss/security/integration/ejb/SecurityHelper.java
Log:
JBAS-5061: IdentityTrustManager on demand, JBAS-5062: AuditManager on demand
Modified: trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityManagement.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityManagement.java 2007-12-07 23:27:16 UTC (rev 68057)
+++ trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityManagement.java 2007-12-07 23:33:17 UTC (rev 68058)
@@ -58,7 +58,7 @@
protected static Logger log = Logger.getLogger(JNDIBasedSecurityManagement.class);
- static ConcurrentHashMap securityMgrMap = new ConcurrentHashMap();
+ static ConcurrentHashMap<String,SecurityDomainContext> securityMgrMap = new ConcurrentHashMap<String,SecurityDomainContext>();
protected String BASE_CTX = SecurityConstants.JAAS_CONTEXT_ROOT;
@@ -76,6 +76,12 @@
protected String cachePolicyName = TimedCachePolicy.class.getName();
+ /** Enable the IdentityTrust feature */
+ protected boolean enableIdentity = false;
+
+ /** Enable the Audit feature */
+ protected boolean enableAudit = true;
+
public JNDIBasedSecurityManagement()
{
}
@@ -85,7 +91,8 @@
AuditManager auditManager = null;
try
{
- auditManager = (AuditManager) lookUpJNDI(securityDomain + "/auditMgr");
+ if(this.enableAudit)
+ auditManager = (AuditManager) lookUpJNDI(securityDomain + "/auditMgr");
}
catch(Exception e)
{
@@ -127,7 +134,8 @@
IdentityTrustManager am = null;
try
{
- am = (IdentityTrustManager) lookUpJNDI(securityDomain + "/identityTrustMgr");
+ if(this.enableIdentity)
+ am = (IdentityTrustManager) lookUpJNDI(securityDomain + "/identityTrustMgr");
}
catch(Exception e)
{
@@ -163,7 +171,17 @@
public void setAuditMgrClass(String auditMgrClass)
{
this.auditMgrClass = auditMgrClass;
+ }
+
+ public void setEnableAudit(boolean enableAudit)
+ {
+ this.enableAudit = enableAudit;
}
+
+ public void setEnableIdentity(boolean enableIdentity)
+ {
+ this.enableIdentity = enableIdentity;
+ }
public void setIdentityTrustMgrClass(String identityTrustMgrClass)
{
@@ -253,42 +271,42 @@
private AuthenticationManager createAuthenticationManager(String securityDomain) throws Exception
{
- Class clazz = SecurityActions.getContextClassLoader().loadClass(authenticationMgrClass);
- Constructor ctr = clazz.getConstructor(new Class[] { String.class, CallbackHandler.class});
+ Class<?> clazz = SecurityActions.getContextClassLoader().loadClass(authenticationMgrClass);
+ Constructor<?> ctr = clazz.getConstructor(new Class[] { String.class, CallbackHandler.class});
return (AuthenticationManager) ctr.newInstance(new Object[]{ securityDomain, callBackHandler});
}
private AuthorizationManager createAuthorizationManager(String securityDomain) throws Exception
{
- Class clazz = SecurityActions.getContextClassLoader().loadClass(authorizationMgrClass);
- Constructor ctr = clazz.getConstructor(new Class[] { String.class});
+ Class<?> clazz = SecurityActions.getContextClassLoader().loadClass(authorizationMgrClass);
+ Constructor<?> ctr = clazz.getConstructor(new Class[] { String.class});
return (AuthorizationManager) ctr.newInstance(new Object[]{ securityDomain});
}
private AuditManager createAuditManager(String securityDomain) throws Exception
{
- Class clazz = SecurityActions.getContextClassLoader().loadClass(auditMgrClass);
- Constructor ctr = clazz.getConstructor(new Class[] { String.class});
+ Class<?> clazz = SecurityActions.getContextClassLoader().loadClass(auditMgrClass);
+ Constructor<?> ctr = clazz.getConstructor(new Class[] { String.class});
return (AuditManager) ctr.newInstance(new Object[]{ securityDomain});
}
private MappingManager createMappingManager(String securityDomain) throws Exception
{
- Class clazz = SecurityActions.getContextClassLoader().loadClass(mappingMgrClass);
- Constructor ctr = clazz.getConstructor(new Class[] { String.class});
+ Class<?> clazz = SecurityActions.getContextClassLoader().loadClass(mappingMgrClass);
+ Constructor<?> ctr = clazz.getConstructor(new Class[] { String.class});
return (MappingManager) ctr.newInstance(new Object[]{ securityDomain});
}
private IdentityTrustManager createIdentityTrustManager(String securityDomain) throws Exception
{
- Class clazz = SecurityActions.getContextClassLoader().loadClass(identityTrustMgrClass);
- Constructor ctr = clazz.getConstructor(new Class[] { String.class});
+ Class<?> clazz = SecurityActions.getContextClassLoader().loadClass(identityTrustMgrClass);
+ Constructor<?> ctr = clazz.getConstructor(new Class[] { String.class});
return (IdentityTrustManager) ctr.newInstance(new Object[]{ securityDomain});
}
private Object createObject(String fqn) throws Exception
{
- Class clazz = SecurityActions.getContextClassLoader().loadClass(fqn);
+ Class<?> clazz = SecurityActions.getContextClassLoader().loadClass(fqn);
return clazz.newInstance();
}
@@ -302,7 +320,7 @@
{
try
{
- Class[] setCachePolicyTypes = {CachePolicy.class};
+ Class<?>[] setCachePolicyTypes = {CachePolicy.class};
Method m = securityMgr.getClass().getMethod("setCachePolicy", setCachePolicyTypes);
Object[] setCachePolicyArgs = {cachePolicy};
m.invoke(securityMgr, setCachePolicyArgs);
@@ -324,7 +342,7 @@
{
try
{
- Class[] argsType = {Boolean.class};
+ Class<?>[] argsType = {Boolean.class};
Method m = securityMgr.getClass().getMethod("setDeepCopySubjectOption", argsType);
Object[] deepCopyArgs = {Boolean.TRUE};
m.invoke(securityMgr, deepCopyArgs);
Modified: trunk/security/src/main/org/jboss/security/integration/SecurityDomainObjectFactory.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/SecurityDomainObjectFactory.java 2007-12-07 23:27:16 UTC (rev 68057)
+++ trunk/security/src/main/org/jboss/security/integration/SecurityDomainObjectFactory.java 2007-12-07 23:33:17 UTC (rev 68058)
@@ -64,11 +64,11 @@
a security domain.
*/
public Object getObjectInstance(Object obj, Name name, Context nameCtx,
- Hashtable environment)
+ Hashtable<?,?> environment)
throws Exception
{
ClassLoader loader = SecurityActions.getContextClassLoader();
- Class[] interfaces = {Context.class};
+ Class<?>[] interfaces = {Context.class};
Context ctx = (Context) Proxy.newProxyInstance(loader, interfaces, this);
return ctx;
}
@@ -101,7 +101,7 @@
else
name = (Name)args[0];
securityDomain = name.get(0);
- Object val = (SecurityDomainContext)args[1];
+ SecurityDomainContext val = (SecurityDomainContext)args[1];
JNDIBasedSecurityManagement.securityMgrMap.put(securityDomain, val);
return obj;
}
@@ -136,11 +136,11 @@
return sdc;
}
- class DomainEnumeration implements NamingEnumeration
+ class DomainEnumeration implements NamingEnumeration<NameClassPair>
{
- Enumeration domains;
- Map ctxMap;
- DomainEnumeration(Enumeration domains, Map ctxMap)
+ Enumeration<String> domains;
+ Map<String,SecurityDomainContext> ctxMap;
+ DomainEnumeration(Enumeration<String> domains, Map<String,SecurityDomainContext> ctxMap)
{
this.domains = domains;
this.ctxMap = ctxMap;
@@ -157,7 +157,7 @@
{
return domains.hasMoreElements();
}
- public Object next()
+ public NameClassPair next()
{
String name = (String) domains.nextElement();
Object value = ctxMap.get(name);
@@ -165,9 +165,10 @@
NameClassPair pair = new NameClassPair(name, className);
return pair;
}
- public Object nextElement()
+ public NameClassPair nextElement()
{
- return domains.nextElement();
+ return next();
+ //return domains.nextElement();
}
}
}
\ No newline at end of file
Modified: trunk/security/src/main/org/jboss/security/integration/ejb/EJBAuthenticationHelper.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/ejb/EJBAuthenticationHelper.java 2007-12-07 23:27:16 UTC (rev 68057)
+++ trunk/security/src/main/org/jboss/security/integration/ejb/EJBAuthenticationHelper.java 2007-12-07 23:33:17 UTC (rev 68058)
@@ -49,10 +49,14 @@
public boolean isTrusted() throws IdentityTrustException
{
+ TrustDecision td = TrustDecision.NotApplicable;
IdentityTrustManager itm = securityContext.getIdentityTrustManager();
- TrustDecision td = itm.isTrusted(securityContext);
- if(td == TrustDecision.Deny)
- throw new IdentityTrustException("Caller denied by identity trust framework");
+ if(itm != null)
+ {
+ td = itm.isTrusted(securityContext);
+ if(td == TrustDecision.Deny)
+ throw new IdentityTrustException("Caller denied by identity trust framework");
+ }
return td == TrustDecision.Permit;
}
Modified: trunk/security/src/main/org/jboss/security/integration/ejb/SecurityHelper.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/ejb/SecurityHelper.java 2007-12-07 23:27:16 UTC (rev 68057)
+++ trunk/security/src/main/org/jboss/security/integration/ejb/SecurityHelper.java 2007-12-07 23:33:17 UTC (rev 68058)
@@ -28,6 +28,7 @@
import org.jboss.logging.Logger;
import org.jboss.security.SecurityContext;
import org.jboss.security.audit.AuditEvent;
+import org.jboss.security.audit.AuditManager;
import org.jboss.security.authorization.Resource;
//$Id$
@@ -59,6 +60,8 @@
//******************************************************
protected void authorizationAudit(String level, Resource resource, Exception e)
{
+ if(securityContext.getAuditManager() == null)
+ return;
//Authorization Exception stacktrace is huge. Scale it down
//as the original stack trace can be seen in server.log (if needed)
String exceptionMessage = e != null ? e.getLocalizedMessage() : "";
@@ -72,9 +75,12 @@
protected void audit(String level,
Map<String,Object> contextMap, Exception e)
{
+ AuditManager am = securityContext.getAuditManager();
+ if(am == null)
+ return;
contextMap.put("Source", getClass().getName());
AuditEvent ae = new AuditEvent(level,contextMap,e);
- securityContext.getAuditManager().audit(ae);
+ am.audit(ae);
}
protected Map<String,Object> getContextMap(Principal principal, String methodName)
More information about the jboss-cvs-commits
mailing list