[jboss-cvs] JBossAS SVN: r68455 - projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Thu Dec 20 10:33:53 EST 2007 

Author: anil.saldhana at jboss.com
Date: 2007-12-20 10:33:53 -0500 (Thu, 20 Dec 2007)
New Revision: 68455

Modified:
   projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java
Log:
SECURITY-100: threadsafe JBossAuthzMgr

Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java	2007-12-20 15:32:05 UTC (rev 68454)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java	2007-12-20 15:33:53 UTC (rev 68455)
@@ -32,6 +32,8 @@
 import java.util.Iterator;
 import java.util.Map;
 import java.util.Set;
+import java.util.concurrent.locks.Lock;
+import java.util.concurrent.locks.ReentrantLock;
  
 import javax.security.auth.Subject;
 import javax.security.auth.callback.CallbackHandler;
@@ -85,6 +87,9 @@
    
    private AuthorizationContext authorizationContext = null;
    
+   //Lock deals with synchronization of authorizationContext usage
+   private Lock lock = new ReentrantLock();
+   
    public JBossAuthorizationManager(String securityDomainName)
    {
       this.securityDomain = securityDomainName;
@@ -111,10 +116,18 @@
       {
          log.error("Error obtaining AuthenticatedSubject:",e);
       }
-      if(this.authorizationContext == null)
-         this.authorizationContext = new JBossAuthorizationContext(this.securityDomain,subject,
-                                          this.callbackHandler ); 
-      return this.authorizationContext.authorize(resource);
+      lock.lock();
+      try
+      {
+         if(this.authorizationContext == null)
+            this.authorizationContext = new JBossAuthorizationContext(this.securityDomain,subject,
+                                             this.callbackHandler ); 
+         return this.authorizationContext.authorize(resource); 
+      }
+      finally
+      {
+         lock.unlock();
+      }
    }  
    
    /** Does the current Subject have a role(a Principal) that equates to one
@@ -288,7 +301,15 @@
    {
       if(ac == null)
          throw new IllegalArgumentException("AuthorizationContext is null");
-      this.authorizationContext = ac;
+      lock.lock();
+      try
+      { 
+         this.authorizationContext = ac;  
+      }
+      finally
+      {
+         lock.unlock();
+      }
    }
    
    public String getSecurityDomain()

More information about the jboss-cvs-commits mailing list