[jboss-cvs] JBossAS SVN: r74553 - projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Fri Jun 13 17:33:18 EDT 2008 

Author: anil.saldhana at jboss.com
Date: 2008-06-13 17:33:18 -0400 (Fri, 13 Jun 2008)
New Revision: 74553

Modified:
   projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java
   projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/SubjectActions.java
Log:
SECURITY-235: relax the requirement on JACC subject

Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java	2008-06-13 21:22:47 UTC (rev 74552)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java	2008-06-13 21:33:18 UTC (rev 74553)
@@ -24,7 +24,6 @@
 import static org.jboss.security.SecurityConstants.ROLES_IDENTIFIER;
 
 import java.security.Principal;
-import java.security.PrivilegedActionException;
 import java.security.acl.Group;
 import java.util.Enumeration;
 import java.util.HashMap;
@@ -38,7 +37,7 @@
 
 import javax.security.auth.Subject;
 import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler; 
+import javax.security.auth.callback.CallbackHandler;
 
 import org.jboss.logging.Logger;
 import org.jboss.security.AnybodyPrincipal;
@@ -99,16 +98,7 @@
    public int authorize(Resource resource) throws AuthorizationException
    {
       validateResource(resource);
-      Subject subject;
-      try
-      {
-         subject = SubjectActions.getActiveSubject();
-      }
-      catch (PrivilegedActionException e)
-      {
-         log.trace("Exception ",e);         
-         throw new AuthorizationException(e.getLocalizedMessage()); 
-      }
+      Subject subject = SubjectActions.getActiveSubject();
       return internalAuthorization(resource,subject, null);
    }
    
@@ -360,15 +350,7 @@
    private RoleGroup getCurrentRoles(Principal principal)
    { 
       //Check that the caller is authenticated to the current thread
-      Subject subject = null;
-      try
-      {
-         subject = SubjectActions.getActiveSubject();
-      }
-      catch (PrivilegedActionException e)
-      {
-         throw new IllegalStateException(e);
-      } 
+      Subject subject = SubjectActions.getActiveSubject();  
       
       //Deal with the security context
       SecurityContext sc = SubjectActions.getSecurityContext(); 

Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/SubjectActions.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/SubjectActions.java	2008-06-13 21:22:47 UTC (rev 74552)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/SubjectActions.java	2008-06-13 21:33:18 UTC (rev 74553)
@@ -37,6 +37,7 @@
 import javax.security.jacc.PolicyContext;
 import javax.security.jacc.PolicyContextException;
 
+import org.jboss.logging.Logger;
 import org.jboss.security.SecurityAssociation;
 import org.jboss.security.SecurityConstants;
 import org.jboss.security.SecurityContext;
@@ -51,6 +52,8 @@
  */
 class SubjectActions
 {
+   private static Logger log = Logger.getLogger(SubjectActions.class);
+   
    private static class ToStringSubjectAction implements PrivilegedAction<String>
    {
       Subject subject;
@@ -80,12 +83,23 @@
       }
    }
 
-   private static class GetSubjectAction implements PrivilegedExceptionAction<Subject>
+   private static class GetSubjectAction implements PrivilegedAction<Subject>
    {
-      static PrivilegedExceptionAction<Subject> ACTION = new GetSubjectAction();
-      public Subject run() throws PolicyContextException
+      static PrivilegedAction<Subject> ACTION = new GetSubjectAction();
+      public Subject run()
       {
-         return (Subject) PolicyContext.getContext(SecurityConstants.SUBJECT_CONTEXT_KEY);  
+         Subject subject = null;
+         try
+         {
+            subject = (Subject) PolicyContext.getContext(SecurityConstants.SUBJECT_CONTEXT_KEY);
+         }
+         catch(PolicyContextException pce)
+         {
+            log.trace("Error obtaining subject:", pce);
+            SecurityContext sc = getSecurityContext();
+            subject = sc.getUtil().getSubject();
+         }
+         return subject;
       }
    }
 
@@ -286,7 +300,7 @@
       void pop();
    }
 
-   static Subject getActiveSubject() throws PrivilegedActionException
+   static Subject getActiveSubject()
    {
       Subject subject = (Subject) AccessController.doPrivileged(GetSubjectAction.ACTION);
       return subject;

More information about the jboss-cvs-commits mailing list