[jboss-cvs] JBossAS SVN: r65986 - trunk/server/src/main/org/jboss/ejb/plugins.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Oct 9 15:51:20 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-10-09 15:51:19 -0400 (Tue, 09 Oct 2007)
New Revision: 65986
Modified:
trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
Log:
move auditing to EJBAuthenticationHelper
Modified: trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java 2007-10-09 19:49:52 UTC (rev 65985)
+++ trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java 2007-10-09 19:51:19 UTC (rev 65986)
@@ -26,7 +26,6 @@
import java.lang.reflect.Method;
import java.security.CodeSource;
import java.security.Principal;
-import java.util.HashMap;
import java.util.Map;
import java.util.Set;
@@ -45,14 +44,10 @@
import org.jboss.security.RealmMapping;
import org.jboss.security.RunAs;
import org.jboss.security.RunAsIdentity;
-import org.jboss.security.SecurityConstants;
import org.jboss.security.SecurityContext;
import org.jboss.security.SecurityRolesAssociation;
import org.jboss.security.SecurityUtil;
-import org.jboss.security.audit.AuditEvent;
-import org.jboss.security.audit.AuditLevel;
-import org.jboss.security.identitytrust.IdentityTrustManager;
-import org.jboss.security.identitytrust.IdentityTrustManager.TrustDecision;
+import org.jboss.security.integration.ejb.EJBAuthenticationHelper;
import org.jboss.security.integration.ejb.EJBAuthorizationHelper;
import org.jboss.system.Registry;
@@ -79,9 +74,7 @@
/** The authentication manager plugin
*/
- protected AuthenticationManager securityManager;
-
- //protected AuthorizationManager authorizationManager;
+ protected AuthenticationManager securityManager;
/** The authorization manager plugin
*/
@@ -188,14 +181,15 @@
{
if(this.shouldBypassSecurity(mi))
return getNext().invokeHome(mi);
-
- RunAs callerRunAsIdentity = getCallerRunAsIdentity(mi);
-
- if(SecurityActions.getSecurityContext() == null)
+
+ SecurityContext sc = SecurityActions.getSecurityContext();
+ if( sc == null)
throw new IllegalStateException("Security Context is null");
+
+ RunAs callerRunAsIdentity = sc.getIncomingRunAs();
// Authenticate the subject and apply any declarative security checks
- checkSecurityAssociation(mi, callerRunAsIdentity);
+ checkSecurityContext(mi, callerRunAsIdentity);
/**
* Special case: if <use-caller-identity> configured and
@@ -229,12 +223,14 @@
if(this.shouldBypassSecurity(mi))
return getNext().invoke(mi);
- RunAs callerRunAsIdentity = getCallerRunAsIdentity(mi);
- if(SecurityActions.getSecurityContext() == null)
- throw new IllegalStateException("Security Context is null");
+ SecurityContext sc = SecurityActions.getSecurityContext();
+ if( sc == null)
+ throw new IllegalStateException("Security Context is null");
+
+ RunAs callerRunAsIdentity = sc.getIncomingRunAs();
// Authenticate the subject and apply any declarative security checks
- checkSecurityAssociation(mi, callerRunAsIdentity);
+ checkSecurityContext(mi, callerRunAsIdentity);
/**
* Special case: if <use-caller-identity> configured and
@@ -259,57 +255,14 @@
SecurityActions.popRunAsIdentity();
SecurityActions.popSubjectContext();
}
- }
-
- /**
- * Determine whether the caller is trusted such that the authentication checks
- * can be bypassed
- * TODO: Needs additional work wrt caller inter-vm run-as semantics,saml etc
- * @param inv invocation
- * @return
- */
- protected boolean isTrustedCaller(Invocation inv)
- {
- boolean trusted = false;
- SecurityContext callerSC = inv.getSecurityContext();
- if(callerSC != null)
- {
- //Trust In-VM RunAsIdentity
- if(callerSC.getIncomingRunAs() instanceof RunAsIdentity
- && !inv.isInterVM())
- return true;
-
- //Add additional data on the security context for use
- callerSC.getData().put("INVOCATION_SECURE", inv.isSecure());
- callerSC.getData().put("INVOCATION_INTERVM", inv.isInterVM());
- if(callerSC.getSecurityManagement() == null)
- callerSC.setSecurityManagement(securityManagement);
-
- //Use the container's securitymanagement
- IdentityTrustManager itm = callerSC.getIdentityTrustManager();
- TrustDecision td = itm.isTrusted(callerSC);
- if(td == TrustDecision.Deny)
- throw new SecurityException("Caller not trusted");
- trusted = td == TrustDecision.Permit;
- /**
- //authenticate the current principal
- RunAs callerRunAsIdentity = callerSC.getOutgoingRunAs();
- if(callerRunAsIdentity != null)
- {
- //Either has to be a in-vm call or the invocation has to be secure
- trusted = !inv.isInterVM() || inv.isSecure();
- }**/
- }
-
- return trusted;
- }
+ }
/** The EJB 2.0 declarative security algorithm:
1. Authenticate the caller using the principal and credentials in the MethodInfocation
2. Validate access to the method by checking the principal's roles against
those required to access the method.
*/
- private void checkSecurityAssociation(Invocation mi, RunAs callerRunAsIdentity)
+ private void checkSecurityContext(Invocation mi, RunAs callerRunAsIdentity)
throws Exception
{
Principal principal = mi.getPrincipal();
@@ -329,32 +282,28 @@
if (realmMapping == null)
{
throw new SecurityException("Role mapping manager has not been set");
- }
+ }
- if (!isTrustedCaller(mi))
+ SecurityContext sc = SecurityActions.getSecurityContext();
+ EJBAuthenticationHelper helper = new EJBAuthenticationHelper(sc);
+ boolean isTrusted = helper.isTrusted();
+
+ if (!isTrusted)
{
// Check the security info from the method invocation
Subject subject = new Subject();
- if (securityManager.isValid(principal, credential, subject) == false)
+ if(helper.isValid(subject, m.getName()) == false)
{
// Notify authentication observer
if (authenticationObserver != null)
- authenticationObserver.authenticationFailed();
- // Check for the security association exception
- Exception ex = SecurityActions.getContextException();
- audit(AuditLevel.ERROR,getContextMap(principal, m.getName()),ex);
- if( ex != null )
- throw ex;
+ authenticationObserver.authenticationFailed();
// Else throw a generic SecurityException
String msg = "Authentication exception, principal=" + principal;
- SecurityException e = new SecurityException(msg);
- audit(AuditLevel.FAILURE,getContextMap(principal, m.getName()),null);
- throw e;
+ throw new SecurityException(msg);
}
else
{
- SecurityActions.pushSubjectContext(principal, credential, subject);
- audit(AuditLevel.SUCCESS,getContextMap(principal, m.getName()),null);
+ SecurityActions.pushSubjectContext(principal, credential, subject);
if (trace)
{
log.trace("Authenticated principal=" + principal);
@@ -366,15 +315,6 @@
// Duplicate the current subject context on the stack since
//SecurityActions.dupSubjectContext();
SecurityActions.pushRunAsIdentity(callerRunAsIdentity);
-
- /**
- * Since the RunAsIdentity has been populated via the SecurityContext by the
- * proxy security interceptor, there is no need to duplicate it, as it will
- * be available on the threadlocal securitycontext association
- */
- /*SecurityContext sc= SecurityContextAssociation.getSecurityContext();
- if(sc != null)
- SecurityContextAssociation.push(sc);*/
}
Method ejbMethod = mi.getMethod();
@@ -421,47 +361,9 @@
{
// Allow for the progatation of caller info to other beans
SecurityActions.createAndSetSecurityContext(mi.getPrincipal(),
- mi.getCredential(), "BYPASSED-SECURITY");
- // Allow for the progatation of caller info to other beans
- //SecurityActions.pushSubjectContext(mi.getPrincipal(), mi.getCredential(), null);
+ mi.getCredential(), "BYPASSED-SECURITY");
return true;
}
return false;
- }
-
- private RunAs getCallerRunAsIdentity(Invocation inv)
- {
- RunAs callerRAI = null;
- SecurityContext callerSC = (SecurityContext) inv.getSecurityContext();
-
- if(callerSC != null)
- {
- callerRAI = callerSC.getIncomingRunAs();
- }
- return callerRAI;
- }
-
- //******************************************************
- // Audit Methods
- //******************************************************
- private void audit(String level,
- Map<String,Object> contextMap, Exception e)
- {
- contextMap.put("Source", getClass().getName());
- AuditEvent ae = new AuditEvent(level,contextMap,e);
-
- SecurityContext sc = SecurityActions.getSecurityContext();
- if(sc != null)
- {
- sc.getAuditManager().audit(ae);
- }
}
-
- private Map<String,Object> getContextMap(Principal principal, String methodName)
- {
- Map<String,Object> cmap = new HashMap<String,Object>();
- cmap.put("principal", principal);
- cmap.put("method", methodName);
- return cmap;
- }
-}
+}
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list