[jboss-cvs] JBossAS SVN: r111583 - in projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core: spi/security and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Jun 10 18:04:24 EDT 2011
Author: jesper.pedersen
Date: 2011-06-10 18:04:24 -0400 (Fri, 10 Jun 2011)
New Revision: 111583
Added:
projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/workmanager/SecurityActions.java
Modified:
projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/security/UsersRoles.java
projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/spi/security/Callback.java
projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/workmanager/WorkManagerImpl.java
projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/workmanager/WorkWrapper.java
Log:
[JBJCA-597] Incorrect verification of WorkContexts
Modified: projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/security/UsersRoles.java
===================================================================
--- projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/security/UsersRoles.java 2011-06-10 14:18:11 UTC (rev 111582)
+++ projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/security/UsersRoles.java 2011-06-10 22:04:24 UTC (rev 111583)
@@ -75,6 +75,9 @@
/** roles.properties name */
private String rolesProperties;
+ /** The domain */
+ private String domain;
+
/**
* Constructor
*/
@@ -84,6 +87,7 @@
roles = new HashMap<String, Set<String>>();
usersProperties = null;
rolesProperties = null;
+ domain = "work";
}
/**
@@ -123,6 +127,24 @@
}
/**
+ * Get the domain
+ * @return The value
+ */
+ public String getDomain()
+ {
+ return domain;
+ }
+
+ /**
+ * Set the domain
+ * @param v The value
+ */
+ public void setDomain(String v)
+ {
+ this.domain = v;
+ }
+
+ /**
* Get the users
* @return A set of user names
*/
Modified: projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/spi/security/Callback.java
===================================================================
--- projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/spi/security/Callback.java 2011-06-10 14:18:11 UTC (rev 111582)
+++ projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/spi/security/Callback.java 2011-06-10 22:04:24 UTC (rev 111583)
@@ -35,6 +35,12 @@
public interface Callback extends Serializable
{
/**
+ * Get the domain
+ * @return The domain
+ */
+ public String getDomain();
+
+ /**
* Get the users
* @return A set of user names
*/
Added: projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/workmanager/SecurityActions.java
===================================================================
--- projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/workmanager/SecurityActions.java (rev 0)
+++ projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/workmanager/SecurityActions.java 2011-06-10 22:04:24 UTC (rev 111583)
@@ -0,0 +1,73 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2010, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.jboss.jca.core.workmanager;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+/**
+ * Privileged Blocks
+ * @author <a href="mailto:jesper.pedersen at jboss.org">Jesper Pedersen</a>
+ */
+class SecurityActions
+{
+ /**
+ * Constructor
+ */
+ private SecurityActions()
+ {
+ }
+
+ /**
+ * Get the thread context class loader
+ * @return The class loader
+ */
+ static ClassLoader getThreadContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ @Override
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+ /**
+ * Set the thread context class loader
+ * @param cl The class loader
+ */
+ static void setThreadContextClassLoader(final ClassLoader cl)
+ {
+ AccessController.doPrivileged(new PrivilegedAction<Object>()
+ {
+ @Override
+ public Object run()
+ {
+ Thread.currentThread().setContextClassLoader(cl);
+ return null;
+ }
+ });
+ }
+}
Modified: projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/workmanager/WorkManagerImpl.java
===================================================================
--- projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/workmanager/WorkManagerImpl.java 2011-06-10 14:18:11 UTC (rev 111582)
+++ projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/workmanager/WorkManagerImpl.java 2011-06-10 22:04:24 UTC (rev 111583)
@@ -316,6 +316,9 @@
workListener.workRejected(event);
}
+ if (trace)
+ log.tracef("Exception %s for %s", exception, this);
+
throw exception;
}
@@ -417,6 +420,9 @@
workListener.workRejected(event);
}
+ if (trace)
+ log.tracef("Exception %s for %s", exception, this);
+
throw exception;
}
@@ -512,6 +518,9 @@
workListener.workRejected(event);
}
+ if (trace)
+ log.tracef("Exception %s for %s", exception, this);
+
throw exception;
}
@@ -643,8 +652,11 @@
{
if (wrapper.getWorkException() != null)
{
+ if (trace)
+ log.tracef("Exception %s for %s", wrapper.getWorkException(), this);
+
throw wrapper.getWorkException();
- }
+ }
}
/**
@@ -856,18 +868,20 @@
for (Class<? extends WorkContext> supportedWorkContext : SUPPORTED_WORK_CONTEXT_CLASSES)
{
// Assignable or not
- if (adaptorWorkContext.isAssignableFrom(supportedWorkContext))
+ if (supportedWorkContext.isAssignableFrom(adaptorWorkContext))
{
- // Supported by the server
- if (adaptorWorkContext.equals(supportedWorkContext))
+ Class clz = adaptorWorkContext;
+
+ while (clz != null)
{
- return adaptorWorkContext;
+ // Supported by the server
+ if (clz.equals(supportedWorkContext))
+ {
+ return clz;
+ }
+
+ clz = clz.getSuperclass();
}
- else
- {
- // Fallback to super class
- return (Class<T>) adaptorWorkContext.getSuperclass();
- }
}
}
Modified: projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/workmanager/WorkWrapper.java
===================================================================
--- projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/workmanager/WorkWrapper.java 2011-06-10 14:18:11 UTC (rev 111582)
+++ projects/jboss-jca/branches/Branch_1_0/core/src/main/java/org/jboss/jca/core/workmanager/WorkWrapper.java 2011-06-10 22:04:24 UTC (rev 111583)
@@ -196,6 +196,9 @@
if (trace)
log.trace("Starting work " + this);
+ ClassLoader oldCL = SecurityActions.getThreadContextClassLoader();
+ SecurityActions.setThreadContextClassLoader(work.getClass().getClassLoader());
+
org.jboss.security.SecurityContext oldSC = SecurityContextAssociation.getSecurityContext();
try
@@ -226,6 +229,7 @@
}
SecurityContextAssociation.setSecurityContext(oldSC);
+ SecurityActions.setThreadContextClassLoader(oldCL);
if (startedLatch != null)
{
@@ -237,7 +241,7 @@
completedLatch.countDown();
if (trace)
- log.trace("Executed work " + this);
+ log.trace("Executed work " + this);
}
}
@@ -277,7 +281,8 @@
{
try
{
- org.jboss.security.SecurityContext sc = SecurityContextFactory.createSecurityContext("work");
+ org.jboss.security.SecurityContext sc =
+ SecurityContextFactory.createSecurityContext(workManager.getCallbackSecurity().getDomain());
SecurityContextAssociation.setSecurityContext(sc);
// Setup callbacks
@@ -461,6 +466,9 @@
workContexts = new HashMap<Class<? extends WorkContext>, WorkContext>(1);
}
+ if (trace)
+ log.tracef("Adding work context %s for %s", workContextClass, this);
+
workContexts.put(workContextClass, workContext);
}
@@ -472,6 +480,9 @@
{
if (workContext != null && workContext instanceof WorkContextLifecycleListener)
{
+ if (trace)
+ log.tracef("WorkContextSetupComplete(%s) for %s", workContext, this);
+
WorkContextLifecycleListener listener = (WorkContextLifecycleListener)workContext;
listener.contextSetupComplete();
}
@@ -485,6 +496,9 @@
{
if (workContext != null && workContext instanceof WorkContextLifecycleListener)
{
+ if (trace)
+ log.tracef("WorkContextSetupFailed(%s) for %s", workContext, this);
+
WorkContextLifecycleListener listener = (WorkContextLifecycleListener)workContext;
listener.contextSetupFailed(WorkContextErrorCodes.CONTEXT_SETUP_FAILED);
}
@@ -507,11 +521,14 @@
buffer.append(" txTimeout=").append(executionContext.getTransactionTimeout());
}
- if (workListener != null)
- buffer.append(" workListener=").append(workListener);
- if (exception != null)
- buffer.append(" exception=").append(exception);
+ buffer.append(" workListener=").append(workListener);
+
+ buffer.append(" workContexts=").append(workContexts);
+
+ buffer.append(" exception=").append(exception);
+
buffer.append("]");
+
return buffer.toString();
}
}
More information about the jboss-cvs-commits
mailing list