[jboss-cvs] JBossAS SVN: r101322 - in branches/JBPAPP_4_2_0_GA_CP: ejb3/src/resources and 1 other directories.

Tue Feb 23 03:47:20 EST 2010

Author: wolfc
Date: 2010-02-23 03:47:20 -0500 (Tue, 23 Feb 2010)
New Revision: 101322

Modified:
   branches/JBPAPP_4_2_0_GA_CP/ejb3/src/main/org/jboss/ejb3/security/RunAsSecurityInterceptor.java
   branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/ejb3-interceptors-aop.xml
   branches/JBPAPP_4_2_0_GA_CP/testsuite/src/main/org/jboss/test/ejb3/jbpapp2473/WhoAmIBean.java
Log:
JBPAPP-2500: always push a RunAsIdentity

Modified: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/main/org/jboss/ejb3/security/RunAsSecurityInterceptor.java
===================================================================

--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/main/org/jboss/ejb3/security/RunAsSecurityInterceptor.java	2010-02-23 08:42:47 UTC (rev 101321)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/main/org/jboss/ejb3/security/RunAsSecurityInterceptor.java	2010-02-23 08:47:20 UTC (rev 101322)
@@ -21,7 +21,7 @@
  */
 package org.jboss.ejb3.security;
  
-import org.jboss.aop.joinpoint.Invocation;  
+import org.jboss.aop.joinpoint.Invocation;
 import org.jboss.logging.Logger;
 import org.jboss.security.AuthenticationManager;
 import org.jboss.security.RealmMapping;
@@ -51,7 +51,16 @@
 
    public Object invoke(Invocation invocation) throws Throwable
    { 
-      return super.invoke(invocation); 
+      RunAsIdentity runAsRole = getRunAsIdentity(invocation);
+      // JBPAPP-2500: always push a runAsRole
+      SecurityActions.pushRunAsIdentity(runAsRole);
+      try
+      {
+         return invocation.invokeNext();
+      }
+      finally
+      {
+         SecurityActions.popRunAsIdentity();
+      }
    }
-
 }

Modified: branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/ejb3-interceptors-aop.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/ejb3-interceptors-aop.xml	2010-02-23 08:42:47 UTC (rev 101321)
+++ branches/JBPAPP_4_2_0_GA_CP/ejb3/src/resources/ejb3-interceptors-aop.xml	2010-02-23 08:47:20 UTC (rev 101322)
@@ -96,7 +96,7 @@
       <bind pointcut="execution(public * @org.jboss.annotation.security.SecurityDomain->*(..))">
          <interceptor-ref name="Basic Authorization"/>
       </bind>
-      <bind pointcut="execution(public * @javax.annotation.security.RunAs->*(..))">
+      <bind pointcut="execution(public * *->*(..))">
          <interceptor-ref name="org.jboss.ejb3.security.RunAsSecurityInterceptorFactory"/>
       </bind>
       <bind pointcut="execution(public * @org.jboss.annotation.ejb.Clustered->*(..))">
@@ -125,7 +125,7 @@
       <bind pointcut="execution(public * @org.jboss.annotation.security.SecurityDomain->*(..))">
          <interceptor-ref name="JACC Authorization"/>
       </bind>
-      <bind pointcut="execution(public * @javax.annotation.security.RunAs->*(..))">
+      <bind pointcut="execution(public * *->*(..))">
          <interceptor-ref name="org.jboss.ejb3.security.RunAsSecurityInterceptorFactory"/>
       </bind>
       <bind pointcut="execution(public * @org.jboss.annotation.ejb.Clustered->*(..))">
@@ -154,7 +154,7 @@
       <bind pointcut="execution(public * @org.jboss.annotation.security.SecurityDomain->*(..))">
          <interceptor-ref name="Basic Authorization"/>
       </bind>
-      <bind pointcut="execution(public * @javax.annotation.security.RunAs->*(..))">
+      <bind pointcut="execution(public * *->*(..))">
          <interceptor-ref name="org.jboss.ejb3.security.RunAsSecurityInterceptorFactory"/>
       </bind>
       <bind pointcut="execution(public * @org.jboss.annotation.ejb.Clustered->*(..))">
@@ -221,7 +221,7 @@
       <bind pointcut="execution(public * @org.jboss.annotation.security.SecurityDomain->*(..))">
          <interceptor-ref name="JACC Authorization"/>
       </bind>
-      <bind pointcut="execution(public * @javax.annotation.security.RunAs->*(..))">
+      <bind pointcut="execution(public * *->*(..))">
          <interceptor-ref name="org.jboss.ejb3.security.RunAsSecurityInterceptorFactory"/>
       </bind>
       <bind pointcut="execution(public * @org.jboss.annotation.ejb.Clustered->*(..))">
@@ -286,7 +286,7 @@
          <!-- JBPAPP-1951: establish a security context -->
          <interceptor-ref name="org.jboss.ejb3.security.AuthenticationInterceptorFactory"/>
       </bind>
-      <bind pointcut="execution(public * @javax.annotation.security.RunAs->*(..))">
+      <bind pointcut="execution(public * *->*(..))">
          <interceptor-ref name="org.jboss.ejb3.security.RunAsSecurityInterceptorFactory"/>
       </bind>
       <bind pointcut="execution(public * *->*(..))">
@@ -304,7 +304,7 @@
    </domain>
 
    <domain name="Consumer Bean">
-      <bind pointcut="execution(public * @javax.annotation.security.RunAs->*(..))">
+      <bind pointcut="execution(public * *->*(..))">
          <interceptor-ref name="org.jboss.ejb3.security.RunAsSecurityInterceptorFactory"/>
       </bind>
       <bind pointcut="execution(public * *->*(..))">
@@ -336,7 +336,7 @@
       <bind pointcut="execution(public * @org.jboss.annotation.security.SecurityDomain->*(..))">
          <interceptor-ref name="Basic Authorization"/>
       </bind>
-      <bind pointcut="execution(public * @javax.annotation.security.RunAs->*(..))">
+      <bind pointcut="execution(public * *->*(..))">
          <interceptor-ref name="org.jboss.ejb3.security.RunAsSecurityInterceptorFactory"/>
       </bind>
       <bind pointcut="execution(public * *->*(..))">
@@ -362,7 +362,7 @@
       <bind pointcut="execution(public * @org.jboss.annotation.security.SecurityDomain->*(..))">
          <interceptor-ref name="Basic Authorization"/>
       </bind>
-      <bind pointcut="execution(public * @javax.annotation.security.RunAs->*(..))">
+      <bind pointcut="execution(public * *->*(..))">
          <interceptor-ref name="org.jboss.ejb3.security.RunAsSecurityInterceptorFactory"/>
       </bind>
       <bind pointcut="execution(public * *->*(..))">

Modified: branches/JBPAPP_4_2_0_GA_CP/testsuite/src/main/org/jboss/test/ejb3/jbpapp2473/WhoAmIBean.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/testsuite/src/main/org/jboss/test/ejb3/jbpapp2473/WhoAmIBean.java	2010-02-23 08:42:47 UTC (rev 101321)
+++ branches/JBPAPP_4_2_0_GA_CP/testsuite/src/main/org/jboss/test/ejb3/jbpapp2473/WhoAmIBean.java	2010-02-23 08:47:20 UTC (rev 101322)
@@ -34,8 +34,6 @@
  */
 @Stateless
 @SecurityDomain(value="other", unauthenticatedPrincipal="nobody")
-// FIXME: this should not be needed (JBPAPP-1951)
- at RunAs("broken")
 public class WhoAmIBean implements WhoAmI
 {
    @Resource


