[jboss-cvs] JBossAS SVN: r109767 - branches/JBPAPP_4_3_0_GA_CP08_JBPAPP-5513/server/src/main/org/jboss/jmx/connector/invoker.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Dec 7 17:08:26 EST 2010
Author: loleary
Date: 2010-12-07 17:08:25 -0500 (Tue, 07 Dec 2010)
New Revision: 109767
Modified:
branches/JBPAPP_4_3_0_GA_CP08_JBPAPP-5513/server/src/main/org/jboss/jmx/connector/invoker/AuthorizationInterceptor.java
Log:
JBPAPP-5513: AuthorizationInterceptor blocks incorrect invocations
Backport of JBPAPP-4225 from 4.3 CP09 to 4.3 CP08. AuthorizationInterceptor now only blocks invoke operations that don't pass authorization check and let go other invocations.
Modified: branches/JBPAPP_4_3_0_GA_CP08_JBPAPP-5513/server/src/main/org/jboss/jmx/connector/invoker/AuthorizationInterceptor.java
===================================================================
--- branches/JBPAPP_4_3_0_GA_CP08_JBPAPP-5513/server/src/main/org/jboss/jmx/connector/invoker/AuthorizationInterceptor.java 2010-12-07 21:15:39 UTC (rev 109766)
+++ branches/JBPAPP_4_3_0_GA_CP08_JBPAPP-5513/server/src/main/org/jboss/jmx/connector/invoker/AuthorizationInterceptor.java 2010-12-07 22:08:25 UTC (rev 109767)
@@ -29,7 +29,7 @@
import javax.management.Attribute;
import javax.management.ObjectName;
import javax.security.auth.Subject;
-
+
import org.jboss.mx.interceptor.AbstractInterceptor;
import org.jboss.mx.interceptor.Interceptor;
import org.jboss.mx.server.Invocation;
@@ -118,24 +118,26 @@
opname = (String)ob;
else if(ob instanceof Attribute)
opname = ATTRIBUTE_SET;
- else throw new IllegalArgumentException("Opname type not recognized");
- try
- {
- checkAuthorization(caller, objname.getCanonicalName(), opname);
+ if (opname != null)
+ {
+ try
+ {
+ checkAuthorization(caller, objname.getCanonicalName(), opname);
+ }
+ catch(SecurityException e)
+ {
+ throw e;
+ }
+ catch(Exception e)
+ {
+ String msg = "Failed to authorize principal=" + caller
+ + ",MBean=" + objname + ", Operation=" + opname;
+ SecurityException ex = new SecurityException(msg);
+ ex.initCause(e);
+ throw ex;
+ }
}
- catch(SecurityException e)
- {
- throw e;
- }
- catch(Exception e)
- {
- String msg = "Failed to authorize principal=" + caller
- + ",MBean=" + objname + ", Operation=" + opname;
- SecurityException ex = new SecurityException(msg);
- ex.initCause(e);
- throw ex;
- }
}
}
}
More information about the jboss-cvs-commits
mailing list