[jboss-cvs] JBossAS SVN: r81958 - trunk/server/src/main/org/jboss/proxy/ejb.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Tue Dec 2 07:28:03 EST 2008 

Author: anil.saldhana at jboss.com
Date: 2008-12-02 07:28:02 -0500 (Tue, 02 Dec 2008)
New Revision: 81958

Modified:
   trunk/server/src/main/org/jboss/proxy/ejb/SecurityContextInterceptor.java
Log:
JBAS-6275: check compability of AS version

Modified: trunk/server/src/main/org/jboss/proxy/ejb/SecurityContextInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/proxy/ejb/SecurityContextInterceptor.java	2008-12-02 12:04:42 UTC (rev 81957)
+++ trunk/server/src/main/org/jboss/proxy/ejb/SecurityContextInterceptor.java	2008-12-02 12:28:02 UTC (rev 81958)
@@ -40,27 +40,32 @@
    @Override
    public Object invoke(Invocation invocation) throws Throwable
    {
-      SecurityContext sc  = SecurityActions.getSecurityContext();
-      RunAs callerRAI =  SecurityActions.getCallerRunAsIdentity();
-      SecurityContext newSc = createSecurityContext(invocation);
-      //Push the caller run-as identity onto the security context 
-      if(callerRAI != null)
+      SecurityContext sc  = null;
+      boolean compatib = validateASVersionCompatibility(invocation); 
+      
+      if(compatib)
       {
-         SecurityActions.setOutgoingRunAs(newSc, callerRAI);
-         SecurityActions.setIncomingRunAs(newSc, callerRAI);
+         sc  = SecurityActions.getSecurityContext();
+         RunAs callerRAI =  SecurityActions.getCallerRunAsIdentity();
+         SecurityContext newSc = createSecurityContext(invocation);
+         //Push the caller run-as identity onto the security context 
+         if(callerRAI != null)
+         {
+            SecurityActions.setOutgoingRunAs(newSc, callerRAI);
+            SecurityActions.setIncomingRunAs(newSc, callerRAI);
+         }
+         /**
+          * Push the security context on the invocation
+          */
+         invocation.setSecurityContext(newSc); 
       }
-      /**
-       * Push the security context on the invocation
-       */
-      invocation.setSecurityContext(newSc);
-      
       try
       { 
          return getNext().invoke(invocation); 
       }
       finally
       { 
-         if(sc != null)
+         if(compatib && sc != null)
             SecurityActions.setSecurityContext(sc); 
       }
    }
@@ -82,4 +87,25 @@
          domain = "CLIENT_PROXY";
       return SecurityActions.createSecurityContext(p,cred, domain);
    } 
+   
+   /**
+    * JBAS-6275: Validates that the server is AS5+ such that we can send the security context
+    * over the invocation
+    * @param invocation
+    * @return
+    */
+   private boolean validateASVersionCompatibility(Invocation invocation)
+   {
+      try
+      {
+         invocation.getInvocationContext().getValue(InvocationKey.SECURITY_DOMAIN);
+         //So the field exists. We are in AS5+         
+      }
+      catch(NoSuchFieldError nsfe)
+      {
+         //Probably we are in 4.2.x
+         return false;
+      }
+      return true;
+   }
 }
\ No newline at end of file

More information about the jboss-cvs-commits mailing list