[jboss-cvs] JBossAS SVN: r81577 - trunk/server/src/main/org/jboss/ejb/plugins.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Nov 25 16:45:00 EST 2008
Author: anil.saldhana at jboss.com
Date: 2008-11-25 16:44:59 -0500 (Tue, 25 Nov 2008)
New Revision: 81577
Modified:
trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
Log:
JBAS-6243: reintroduce explicit run-as check
Modified: trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
===================================================================
--- trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java 2008-11-25 21:20:31 UTC (rev 81576)
+++ trunk/server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java 2008-11-25 21:44:59 UTC (rev 81577)
@@ -305,7 +305,7 @@
SecurityContext sc = SecurityActions.getSecurityContext();
EJBAuthenticationHelper helper = SecurityHelperFactory.getEJBAuthenticationHelper(sc);
- boolean isTrusted = helper.isTrusted();
+ boolean isTrusted = containsTrustableRunAs(sc) || helper.isTrusted();
if (!isTrusted)
{
@@ -383,4 +383,10 @@
}
return false;
}
+
+ private boolean containsTrustableRunAs(SecurityContext sc)
+ {
+ RunAs incomingRunAs = sc.getIncomingRunAs();
+ return incomingRunAs != null && incomingRunAs instanceof RunAsIdentity;
+ }
}
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list