[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security ...

Gavin King gavin.king at jboss.com
Mon Jun 25 19:59:31 EDT 2007 

  User: gavin   
  Date: 07/06/25 19:59:31

  Modified:    src/main/org/jboss/seam/security    Identity.java
                        RuleBasedIdentity.java
  Added:       src/main/org/jboss/seam/security    SecurityInterceptor.java
  Log:
  move builtin interceptors to the packages they relate to
  
  Revision  Changes    Path
  1.94      +10 -0     jboss-seam/src/main/org/jboss/seam/security/Identity.java
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: Identity.java
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/Identity.java,v
  retrieving revision 1.93
  retrieving revision 1.94
  diff -u -b -r1.93 -r1.94
  --- Identity.java	20 Jun 2007 22:11:31 -0000	1.93
  +++ Identity.java	25 Jun 2007 23:59:31 -0000	1.94
  @@ -45,6 +45,16 @@
   import org.jboss.seam.util.Strings;
   import org.jboss.seam.web.Session;
   
  +/**
  + * API for authorization and authentication via
  + * Seam security. This base implementation 
  + * supports role-based authorization only.
  + * Subclasses may add more sophisticated 
  + * permissioning mechanisms.
  + * 
  + * @author Shane Bryzak
  + *
  + */
   @Name("org.jboss.seam.security.identity")
   @Scope(SESSION)
   @Install(precedence = BUILT_IN)
  
  
  
  1.14      +7 -0      jboss-seam/src/main/org/jboss/seam/security/RuleBasedIdentity.java
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: RuleBasedIdentity.java
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/RuleBasedIdentity.java,v
  retrieving revision 1.13
  retrieving revision 1.14
  diff -u -b -r1.13 -r1.14
  --- RuleBasedIdentity.java	20 Jun 2007 17:45:57 -0000	1.13
  +++ RuleBasedIdentity.java	25 Jun 2007 23:59:31 -0000	1.14
  @@ -24,6 +24,13 @@
   import org.jboss.seam.log.LogProvider;
   import org.jboss.seam.log.Logging;
   
  +/**
  + * Identity implementation that supports permission
  + * checking via a Drools rulebase.
  + * 
  + * @author Shane Bryzak
  + *
  + */
   @Name("org.jboss.seam.security.identity")
   @Scope(SESSION)
   @BypassInterceptors
  
  
  
  1.1      date: 2007/06/25 23:59:31;  author: gavin;  state: Exp;jboss-seam/src/main/org/jboss/seam/security/SecurityInterceptor.java
  
  Index: SecurityInterceptor.java
  ===================================================================
  package org.jboss.seam.security;
  
  import java.lang.reflect.Method;
  
  import org.jboss.seam.annotations.intercept.AroundInvoke;
  import org.jboss.seam.annotations.intercept.Interceptor;
  import org.jboss.seam.annotations.intercept.InterceptorType;
  import org.jboss.seam.annotations.security.Restrict;
  import org.jboss.seam.async.AsynchronousInterceptor;
  import org.jboss.seam.intercept.AbstractInterceptor;
  import org.jboss.seam.intercept.InvocationContext;
  import org.jboss.seam.util.Strings;
  
  /**
   * Provides authorization services for component invocations.
   * 
   * @author Shane Bryzak
   */
  @Interceptor(stateless = true, type=InterceptorType.CLIENT, 
           around=AsynchronousInterceptor.class)
  public class SecurityInterceptor extends AbstractInterceptor
  {
     private static final long serialVersionUID = -6567750187000766925L;
  
     @AroundInvoke
     public Object aroundInvoke(InvocationContext invocation) throws Exception
     {
        Method interfaceMethod = invocation.getMethod();
        //TODO: optimize this:
        Method method = getComponent().getBeanClass()
                 .getMethod( interfaceMethod.getName(), interfaceMethod.getParameterTypes() );
        Restrict restrict = getRestriction(method);
        
        if ( restrict!=null && Identity.isSecurityEnabled() )
        {
           String expr = !Strings.isEmpty( restrict.value() ) ? 
                    restrict.value() : createDefaultExpr(method);
           Identity.instance().checkRestriction(expr);
        }
        return invocation.proceed();
     }
  
     private Restrict getRestriction(Method method)
     {
        if ( method.isAnnotationPresent(Restrict.class) )
        {
           return method.getAnnotation(Restrict.class);
        }
        else if ( getComponent().getBeanClass().isAnnotationPresent(Restrict.class) )
        {
           if ( !getComponent().isLifecycleMethod(method) )
           {
              return getComponent().getBeanClass().getAnnotation(Restrict.class);
           }
        }
        return null;
     }
     
     /**
      * Creates a default security expression for a specified method.  The method must
      * be a method of a Seam component.
      * 
      * @param method The method for which to create a default permission expression 
      * @return The generated security expression.
      */
     private String createDefaultExpr(Method method)
     {
        return String.format( "#{s:hasPermission('%s','%s', null)}", getComponent().getName(), method.getName() );
     }
  }

More information about the jboss-cvs-commits mailing list