[jboss-cvs] JBossAS SVN: r70250 - projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/authorization/modules/web.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Feb 29 02:07:52 EST 2008
Author: anil.saldhana at jboss.com
Date: 2008-02-29 02:07:52 -0500 (Fri, 29 Feb 2008)
New Revision: 70250
Modified:
projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/authorization/modules/web/WebJACCPolicyModuleDelegate.java
Log:
rename method and remove commented out code
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/authorization/modules/web/WebJACCPolicyModuleDelegate.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/authorization/modules/web/WebJACCPolicyModuleDelegate.java 2008-02-29 07:07:18 UTC (rev 70249)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/authorization/modules/web/WebJACCPolicyModuleDelegate.java 2008-02-29 07:07:52 UTC (rev 70250)
@@ -74,6 +74,7 @@
/**
* @see AuthorizationModuleDelegate#authorize(Resource)
*/
+ @SuppressWarnings("unchecked")
public int authorize(Resource resource, Subject callerSubject, RoleGroup role)
{
if(resource instanceof WebResource == false)
@@ -147,22 +148,13 @@
* @param caller the authenticated subject obtained by establishSubjectContext
* @return true if the permission is allowed, false otherwise
*/
- private boolean checkSecurityAssociation(Permission perm, Principal requestPrincpal,
+ private boolean checkPolicy(Permission perm, Principal requestPrincpal,
Subject caller, Role role)
{
// Get the caller principals, its null if there is no caller
- Principal[] principals = getPrincipals(caller,role);
+ Principal[] principals = getPrincipals(caller,role);
- /*//Previously we relied on principals in the subject. Now we use
- //the security context roles
- if(authorizationManager != null)
- {
- Set<Principal> roleset = authorizationManager.getUserRoles(requestPrincpal);
- principals = new Principal[roleset.size()];
- roleset.toArray(principals);
- }*/
-
- return checkSecurityAssociation(perm, principals);
+ return checkPolicy(perm, principals);
}
@@ -175,7 +167,7 @@
* @param principals - the possibly null set of principals for the caller
* @return true if the permission is allowed, false otherwise
*/
- private boolean checkSecurityAssociation(Permission perm, Principal[] principals)
+ private boolean checkPolicy(Permission perm, Principal[] principals)
{
ProtectionDomain pd = new ProtectionDomain(webCS, null, null, principals);
boolean allowed = policy.implies(pd, perm);
@@ -216,7 +208,7 @@
Principal requestPrincipal = request.getUserPrincipal();
WebResourcePermission perm = new WebResourcePermission(this.canonicalRequestURI,
request.getMethod());
- boolean allowed = checkSecurityAssociation(perm, requestPrincipal, caller, role );
+ boolean allowed = checkPolicy(perm, requestPrincipal, caller, role );
if( trace )
log.trace("hasResourcePermission, perm="+perm+", allowed="+allowed);
return allowed;
@@ -242,7 +234,7 @@
principals = new Principal[roles.size()];
roles.toArray(principals);
}
- boolean allowed = checkSecurityAssociation(perm, principals);
+ boolean allowed = checkPolicy(perm, principals);
if( trace )
log.trace("hasRole, perm="+perm+", allowed="+allowed);
return allowed;
@@ -269,7 +261,7 @@
try
{
Principal[] principals = null;
- ok = checkSecurityAssociation(perm, principals);
+ ok = checkPolicy(perm, principals);
}
catch(Exception e)
{
More information about the jboss-cvs-commits
mailing list