[jboss-cvs] JBossAS SVN: r62894 - projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/authorization/modules/ejb.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue May 8 17:10:19 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-05-08 17:10:19 -0400 (Tue, 08 May 2007)
New Revision: 62894
Modified:
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/authorization/modules/ejb/EJBXACMLPolicyModuleDelegate.java
Log:
PolicyRegistration has no relationship with the AuthorizationManager interface
Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/authorization/modules/ejb/EJBXACMLPolicyModuleDelegate.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/authorization/modules/ejb/EJBXACMLPolicyModuleDelegate.java 2007-05-08 21:07:56 UTC (rev 62893)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/authorization/modules/ejb/EJBXACMLPolicyModuleDelegate.java 2007-05-08 21:10:19 UTC (rev 62894)
@@ -27,9 +27,11 @@
import javax.security.jacc.PolicyContext;
import org.jboss.logging.Logger;
+import org.jboss.security.AuthorizationManager;
import org.jboss.security.authorization.AuthorizationContext;
import org.jboss.security.authorization.PolicyRegistration;
import org.jboss.security.authorization.Resource;
+import org.jboss.security.authorization.ResourceKeys;
import org.jboss.security.authorization.modules.AuthorizationModuleDelegate;
import org.jboss.security.authorization.sunxacml.JBossXACMLUtil;
@@ -49,7 +51,7 @@
{
private String ejbName = null;
private Method ejbMethod = null;
- private Principal principal = null;
+ private Principal principal = null;
public EJBXACMLPolicyModuleDelegate()
{
@@ -68,15 +70,21 @@
throw new IllegalStateException("Map from the Resource is null");
if(map.size() == 0)
- throw new IllegalStateException("Map from the Resource is size zero");
- PolicyRegistration pr = (PolicyRegistration)map.get("authorizationManager");
- if(pr != null)
- this.authzManager = pr;
+ throw new IllegalStateException("Map from the Resource is size zero");
+ AuthorizationManager am = (AuthorizationManager) map.get("authorizationManager");
+ if(am == null)
+ throw new IllegalStateException("Authorization Manager is null");
+ if(am instanceof PolicyRegistration)
+ this.policyRegistration = (PolicyRegistration) am;
//Populate local variables from the resource
- this.ejbName = (String)map.get("ejb.name");
- this.ejbMethod = (Method)map.get("ejb.method");
- this.principal = (Principal)map.get("ejb.principal");
- return process();
+ this.ejbName = (String)map.get(ResourceKeys.EJB_NAME);
+ this.ejbMethod = (Method)map.get(ResourceKeys.EJB_METHOD);
+ this.principal = (Principal)map.get(ResourceKeys.EJB_PRINCIPAL);
+ Boolean roleRefCheck = checkBooleanValue((Boolean)map.get(ResourceKeys.ROLEREF_PERM_CHECK));
+ if(roleRefCheck)
+ throw new IllegalStateException("SECURIY-50:Role Ref checks not implemented");
+
+ return process(am);
}
/**
@@ -84,7 +92,7 @@
*/
public void setPolicyRegistrationManager(PolicyRegistration authzM)
{
- this.authzManager = authzM;
+ this.policyRegistration = authzM;
}
//Private Methods
@@ -94,16 +102,19 @@
* @param sc
* @return
*/
- private int process()
+ private int process(AuthorizationManager am)
{
int result = AuthorizationContext.DENY;
EJBXACMLUtil util = new EJBXACMLUtil();
try
{
RequestCtx requestCtx = util.createXACMLRequest(this.ejbName,
- this.ejbMethod.getName(),this.principal, this.authzManager);
+ this.ejbMethod.getName(),this.principal,
+ am.getUserRoles(principal));
String contextID = PolicyContext.getContextID();
- Policy policy = (Policy)authzManager.getPolicy(contextID,null);
+ if(contextID == null)
+ throw new IllegalStateException("Context ID is null");
+ Policy policy = (Policy)policyRegistration.getPolicy(contextID,null);
if(policy == null)
{
if(trace)
@@ -120,4 +131,16 @@
}
return result;
}
+
+ /**
+ * Ensure that the bool is a valid value
+ * @param bool
+ * @return bool or Boolean.FALSE (when bool is null)
+ */
+ private Boolean checkBooleanValue(Boolean bool)
+ {
+ if(bool == null)
+ return Boolean.FALSE;
+ return bool;
+ }
}
More information about the jboss-cvs-commits
mailing list