[jboss-cvs] JBossAS SVN: r62895 - projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/authorization/modules/ejb.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue May 8 17:10:35 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-05-08 17:10:34 -0400 (Tue, 08 May 2007)
New Revision: 62895
Modified:
projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/authorization/modules/ejb/EJBXACMLUtil.java
Log:
PolicyRegistration has no relationship with the AuthorizationManager interface
Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/authorization/modules/ejb/EJBXACMLUtil.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/authorization/modules/ejb/EJBXACMLUtil.java 2007-05-08 21:10:19 UTC (rev 62894)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/authorization/modules/ejb/EJBXACMLUtil.java 2007-05-08 21:10:34 UTC (rev 62895)
@@ -24,17 +24,14 @@
import java.io.ByteArrayOutputStream;
import java.net.URI;
import java.security.Principal;
-import java.security.acl.Group;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
-import javax.security.jacc.PolicyContext;
-import org.jboss.logging.Logger;
-import org.jboss.security.AuthorizationManager;
-import org.jboss.security.SimplePrincipal;
+import org.jboss.logging.Logger;
+import org.jboss.security.authorization.XACMLConstants;
-import com.sun.xacml.Indenter;
+import com.sun.xacml.Indenter;
import com.sun.xacml.attr.StringAttribute;
import com.sun.xacml.attr.TimeAttribute;
import com.sun.xacml.ctx.Attribute;
@@ -59,17 +56,18 @@
}
public RequestCtx createXACMLRequest(String ejbName, String methodName,
- Principal principal,
- AuthorizationManager authzManager) throws Exception
+ Principal principal, Set<Principal> roles) throws Exception
{
+ if(principal == null)
+ throw new IllegalArgumentException("principal is null");
+
String action = methodName;
- RequestCtx requestCtx = null;
- String username = getUserName();
- //Get the roles from the authorization manager
- Set roles = authzManager.getUserRoles(principal);
+ RequestCtx requestCtx = null;
+ String username = principal.getName();
+
//Create the subject set
- URI subjectAttrUri = new URI("urn:oasis:names:tc:xacml:1.0:subject:subject-id");
+ URI subjectAttrUri = new URI(XACMLConstants.SUBJECT_IDENTIFIER);
Attribute subjectAttr = new Attribute(subjectAttrUri,null,null,
new StringAttribute(username));
Set subjectAttrSet = new HashSet();
@@ -80,7 +78,7 @@
subjectSet.add(new Subject(subjectAttrSet));
//Create the resource set
- URI resourceUri = new URI("urn:oasis:names:tc:xacml:1.0:resource:resource-id");
+ URI resourceUri = new URI(XACMLConstants.RESOURCE_IDENTIFIER);
Attribute resourceAttr = new Attribute(resourceUri,null,null,
new StringAttribute(ejbName));
Set resourceSet = new HashSet();
@@ -88,7 +86,7 @@
//Create the action set
Set actionSet = new HashSet();
- actionSet.add(new Attribute(new URI("urn:oasis:names:tc:xacml:1.0:action:action-id"),
+ actionSet.add(new Attribute(new URI(XACMLConstants.ACTION_IDENTIFIER),
null,null, new StringAttribute(action)));
@@ -97,7 +95,7 @@
//Create the Environment set
Set environSet = new HashSet();
//Current time
- URI currentTimeUri = new URI("urn:oasis:names:tc:xacml:1.0:environment:current-time");
+ URI currentTimeUri = new URI(XACMLConstants.CURRENT_TIME_IDENTIFIER);
Attribute currentTimeAttr = new Attribute(currentTimeUri,null,null,
new TimeAttribute());
environSet.add(currentTimeAttr);
@@ -115,41 +113,19 @@
return requestCtx;
}
- private Set getXACMLRoleSet(Set roles) throws Exception
+ private Set getXACMLRoleSet(Set<Principal> roles) throws Exception
{
- URI roleURI = new URI("urn:oasis:names:tc:xacml:2.0:example:attribute:role");
+ URI roleURI = new URI(XACMLConstants.SUBJECT_ROLE_IDENTIFIER);
Set roleset = new HashSet();
- Iterator iter = roles != null ? roles.iterator(): null;
+ Iterator<Principal> iter = roles != null ? roles.iterator(): null;
while(iter != null && iter.hasNext())
{
Principal role = (Principal)iter.next();
- if(role instanceof SimplePrincipal)
- {
- SimplePrincipal sp = (SimplePrincipal)role;
- Attribute roleAttr = new Attribute(roleURI,null,null,
- new StringAttribute(sp.getName()));
- roleset.add(roleAttr);
- }
+ Attribute roleAttr = new Attribute(roleURI,null,null,
+ new StringAttribute(role.getName()));
+ roleset.add(roleAttr);
}
return roleset;
}
-
- private String getUserName() throws Exception
- {
- String user = "";
- String key = "javax.security.auth.Subject.container";
- javax.security.auth.Subject caller = (javax.security.auth.Subject) PolicyContext.getContext(key);
- Iterator iter = caller.getPrincipals().iterator();
- while(iter.hasNext())
- {
- Principal p = (Principal)iter.next();
- if(p instanceof SimplePrincipal && !(p instanceof Group))
- {
- SimplePrincipal sp = (SimplePrincipal)p;
- user= sp.getName();
- }
- }
- return user;
- }
}
More information about the jboss-cvs-commits
mailing list