[jboss-cvs] JBossAS SVN: r62895 - projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/authorization/modules/ejb.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Tue May 8 17:10:35 EDT 2007 

Author: anil.saldhana at jboss.com
Date: 2007-05-08 17:10:34 -0400 (Tue, 08 May 2007)
New Revision: 62895

Modified:
   projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/authorization/modules/ejb/EJBXACMLUtil.java
Log:
PolicyRegistration has no relationship with the AuthorizationManager interface

Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/authorization/modules/ejb/EJBXACMLUtil.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/authorization/modules/ejb/EJBXACMLUtil.java	2007-05-08 21:10:19 UTC (rev 62894)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/authorization/modules/ejb/EJBXACMLUtil.java	2007-05-08 21:10:34 UTC (rev 62895)
@@ -24,17 +24,14 @@
 import java.io.ByteArrayOutputStream;
 import java.net.URI;
 import java.security.Principal;
-import java.security.acl.Group; 
 import java.util.HashSet;
 import java.util.Iterator;
 import java.util.Set;
 
-import javax.security.jacc.PolicyContext; 
-import org.jboss.logging.Logger;
-import org.jboss.security.AuthorizationManager;
-import org.jboss.security.SimplePrincipal; 
+import org.jboss.logging.Logger; 
+import org.jboss.security.authorization.XACMLConstants;
 
-import com.sun.xacml.Indenter; 
+import com.sun.xacml.Indenter;
 import com.sun.xacml.attr.StringAttribute;
 import com.sun.xacml.attr.TimeAttribute;
 import com.sun.xacml.ctx.Attribute;
@@ -59,17 +56,18 @@
    }
    
    public RequestCtx createXACMLRequest(String ejbName, String methodName,
-         Principal principal, 
-         AuthorizationManager authzManager) throws Exception
+         Principal principal, Set<Principal> roles) throws Exception
    { 
+      if(principal == null)
+         throw new IllegalArgumentException("principal is null");
+      
       String action = methodName; 
       
-      RequestCtx requestCtx = null; 
-      String username = getUserName(); 
-      //Get the roles from the authorization manager
-      Set roles = authzManager.getUserRoles(principal);
+      RequestCtx requestCtx = null;  
+      String username = principal.getName();
+      
       //Create the subject set
-      URI subjectAttrUri = new URI("urn:oasis:names:tc:xacml:1.0:subject:subject-id");
+      URI subjectAttrUri = new URI(XACMLConstants.SUBJECT_IDENTIFIER);
       Attribute subjectAttr = new Attribute(subjectAttrUri,null,null,
             new StringAttribute(username));
       Set subjectAttrSet = new HashSet();
@@ -80,7 +78,7 @@
       subjectSet.add(new Subject(subjectAttrSet));
       
       //Create the resource set
-      URI resourceUri = new URI("urn:oasis:names:tc:xacml:1.0:resource:resource-id");
+      URI resourceUri = new URI(XACMLConstants.RESOURCE_IDENTIFIER);
       Attribute resourceAttr = new Attribute(resourceUri,null,null,
             new StringAttribute(ejbName));
       Set resourceSet = new HashSet();
@@ -88,7 +86,7 @@
       
       //Create the action set
       Set actionSet = new HashSet();
-      actionSet.add(new Attribute(new URI("urn:oasis:names:tc:xacml:1.0:action:action-id"),
+      actionSet.add(new Attribute(new URI(XACMLConstants.ACTION_IDENTIFIER),
              null,null, new StringAttribute(action)));
       
       
@@ -97,7 +95,7 @@
       //Create the Environment set
       Set environSet = new HashSet();
       //Current time
-      URI currentTimeUri = new URI("urn:oasis:names:tc:xacml:1.0:environment:current-time");
+      URI currentTimeUri = new URI(XACMLConstants.CURRENT_TIME_IDENTIFIER);
       Attribute currentTimeAttr = new Attribute(currentTimeUri,null,null,
             new TimeAttribute());
       environSet.add(currentTimeAttr);
@@ -115,41 +113,19 @@
       return requestCtx;
    } 
    
-   private Set getXACMLRoleSet(Set roles) throws Exception
+   private Set getXACMLRoleSet(Set<Principal> roles) throws Exception
    {
-      URI roleURI = new URI("urn:oasis:names:tc:xacml:2.0:example:attribute:role");
+      URI roleURI = new URI(XACMLConstants.SUBJECT_ROLE_IDENTIFIER);
    
       Set roleset = new HashSet();
-      Iterator iter = roles != null ? roles.iterator(): null;
+      Iterator<Principal> iter = roles != null ? roles.iterator(): null;
       while(iter != null && iter.hasNext())
       {
          Principal role = (Principal)iter.next();
-         if(role instanceof SimplePrincipal)
-         {
-            SimplePrincipal sp = (SimplePrincipal)role;
-            Attribute roleAttr = new Attribute(roleURI,null,null,
-                new StringAttribute(sp.getName()));
-            roleset.add(roleAttr); 
-         }
+         Attribute roleAttr = new Attribute(roleURI,null,null,
+               new StringAttribute(role.getName()));
+           roleset.add(roleAttr);  
       }
       return roleset;
    } 
-   
-   private String getUserName() throws Exception
-   {
-      String user = "";
-      String key = "javax.security.auth.Subject.container";
-      javax.security.auth.Subject caller = (javax.security.auth.Subject) PolicyContext.getContext(key);
-      Iterator iter = caller.getPrincipals().iterator();
-      while(iter.hasNext())
-      {
-         Principal p = (Principal)iter.next();
-         if(p instanceof SimplePrincipal && !(p instanceof Group))
-         {
-            SimplePrincipal sp = (SimplePrincipal)p;
-            user= sp.getName();
-         }
-      }
-      return user;
-   } 
 }

More information about the jboss-cvs-commits mailing list