[jboss-cvs] JBossAS SVN: r70623 - in projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/authorization/modules: ejb and 1 other directory.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Mon Mar 10 10:49:32 EDT 2008


Author: anil.saldhana at jboss.com
Date: 2008-03-10 10:49:31 -0400 (Mon, 10 Mar 2008)
New Revision: 70623

Modified:
   projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/authorization/modules/AbstractJACCModuleDelegate.java
   projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/authorization/modules/ejb/EJBJACCPolicyModuleDelegate.java
Log:
remove commented out code

Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/authorization/modules/AbstractJACCModuleDelegate.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/authorization/modules/AbstractJACCModuleDelegate.java	2008-03-10 14:48:25 UTC (rev 70622)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/authorization/modules/AbstractJACCModuleDelegate.java	2008-03-10 14:49:31 UTC (rev 70623)
@@ -42,36 +42,18 @@
  *  @version $Revision$
  */
 public abstract class AbstractJACCModuleDelegate extends AuthorizationModuleDelegate
-{
+{   
    public abstract int authorize(Resource resource, Subject subject, RoleGroup role); 
    
    protected Principal[] getPrincipals(Subject subject, Role role)
    {
       Set<Principal> principalsSet = null;
-      //Ignore the subject principals as the role principals are the mapped ones
-      /*
-      if(subject != null)
-      {
-         principalsSet = new HashSet<Principal>();
-         principalsSet.addAll(subject.getPrincipals()); 
-      }
-      */
+      
       if(role != null)
       {
-         if(principalsSet == null)
-           principalsSet = new HashSet<Principal>();
-         if(role instanceof RoleGroup)
-         {
-            RoleGroup rg = (RoleGroup) role;
-            List<Role> rolesList = rg.getRoles();
-            for(Role r: rolesList)
-            {
-              principalsSet.add(new SimplePrincipal(r.getRoleName()));      
-            }
-         }
-         else
-            principalsSet.add(new SimplePrincipal(role.getRoleName()));
+         principalsSet = getPrincipalSetFromRole(role); 
       }
+      
       Principal[] arr = null;
       if(principalsSet != null)
       {
@@ -80,4 +62,21 @@
       }
       return arr;
    } 
+   
+   private Set<Principal> getPrincipalSetFromRole(Role role)
+   {
+      Set<Principal> principalsSet = new HashSet<Principal>();
+      if(role instanceof RoleGroup)
+      {
+         RoleGroup rg = (RoleGroup) role;
+         List<Role> rolesList = rg.getRoles();
+         for(Role r: rolesList)
+         {
+           principalsSet.add(new SimplePrincipal(r.getRoleName()));      
+         }
+      }
+      else
+         principalsSet.add(new SimplePrincipal(role.getRoleName()));
+      return principalsSet;
+   }
 }
\ No newline at end of file

Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/authorization/modules/ejb/EJBJACCPolicyModuleDelegate.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/authorization/modules/ejb/EJBJACCPolicyModuleDelegate.java	2008-03-10 14:48:25 UTC (rev 70622)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/authorization/modules/ejb/EJBJACCPolicyModuleDelegate.java	2008-03-10 14:49:31 UTC (rev 70623)
@@ -62,7 +62,7 @@
    private CodeSource ejbCS = null;
    private String roleName = null;  
    private Boolean roleRefCheck = Boolean.FALSE;
-   //private Group securityContextRoles = null; 
+   //private Group securityContextRoles = null;  
    
    public EJBJACCPolicyModuleDelegate()
    {
@@ -84,13 +84,7 @@
       Map<String,Object> map = resource.getMap();
       if(map == null)
          throw new IllegalStateException("Map from the Resource is null");
-    
-      /*AuthorizationManager am = (AuthorizationManager) map.get("authorizationManager");
-      if(am == null)
-         throw new IllegalStateException("Authorization Manager is null");
-      if(am instanceof PolicyRegistration)
-         this.policyRegistration = (PolicyRegistration) am; 
-      */
+
       this.policyRegistration = (PolicyRegistration) map.get(ResourceKeys.POLICY_REGISTRATION);
       
       this.ejbCS = ejbResource.getCodeSource();
@@ -98,14 +92,8 @@
       this.ejbName = ejbResource.getEjbName();
       this.methodInterface = ejbResource.getEjbMethodInterface();
       
-      this.roleName = (String)map.get(ResourceKeys.ROLENAME);
-      //Get the Security Context Roles 
-      /*if(am != null)
-      {
-         Principal ejbPrincipal = (Principal)map.get(ResourceKeys.EJB_PRINCIPAL);
-         Set<Principal> roleset = am.getUserRoles(ejbPrincipal);
-         this.securityContextRoles = getGroupFromRoleSet(roleset);
-      } */
+      this.roleName = (String)map.get(ResourceKeys.ROLENAME); 
+      
       this.roleRefCheck = (Boolean)map.get(ResourceKeys.ROLEREF_PERM_CHECK);
       if(this.roleRefCheck == Boolean.TRUE)
          return checkRoleRef(callerSubject, role);
@@ -148,41 +136,10 @@
       return policyDecision ? AuthorizationContext.PERMIT : AuthorizationContext.DENY; 
    }
    
-   /*private Principal[] getPrincipalSet(Subject callerSubject, Role role)
-   {
-      Principal[] principals = null; 
-      *//**
-       * Previously, we relied on the principals in the Subject that contained
-       * the roles. Now we just rely on the roles from the Security Context
-       *//*
-      if(trace)
-         log.trace("Roles used for checking from the context:" + securityContextRoles);
-      if(securityContextRoles != null )
-      {
-         Set<Principal> principalsSet = new HashSet<Principal>();
-         Enumeration<? extends Principal> en = securityContextRoles.members();
-         while(en.hasMoreElements()) 
-            principalsSet.add(en.nextElement());
-         principals = new Principal[principalsSet.size()];
-         principalsSet.toArray(principals); 
-      }
-      return principals;
-   }*/
-   
    private boolean checkWithPolicy(Permission ejbPerm, Subject subject, Role role)
    {
       Principal[] principals = this.getPrincipals(subject, role);  
       ProtectionDomain pd = new ProtectionDomain (ejbCS, null, null, principals);
       return Policy.getPolicy().implies(pd, ejbPerm); 
    }
-   
-   /*private Group getGroupFromRoleSet(Set<Principal> roleset)
-   {
-      Group gp = new SimpleGroup(SecurityConstants.ROLES_IDENTIFIER); 
-      for(Principal p: roleset)
-      {
-         gp.addMember(p);
-      } 
-      return gp;
-   }*/
 }
\ No newline at end of file




More information about the jboss-cvs-commits mailing list