[jboss-cvs] JBossAS SVN: r112684 - in branches/JBPAPP_4_3_0_GA_CP10_JBPAPP-7791/cluster/src/main/org/jboss/ha: jndi and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Feb 23 06:42:36 EST 2012
Author: pskopek at redhat.com
Date: 2012-02-23 06:42:35 -0500 (Thu, 23 Feb 2012)
New Revision: 112684
Added:
branches/JBPAPP_4_3_0_GA_CP10_JBPAPP-7791/cluster/src/main/org/jboss/ha/jndi/HARMIServerGuard.java
Modified:
branches/JBPAPP_4_3_0_GA_CP10_JBPAPP-7791/cluster/src/main/org/jboss/ha/framework/server/HARMIServerImpl.java
branches/JBPAPP_4_3_0_GA_CP10_JBPAPP-7791/cluster/src/main/org/jboss/ha/jndi/DetachedHANamingService.java
Log:
[JBPAPP-7791] - fix for HA JNDI server
Modified: branches/JBPAPP_4_3_0_GA_CP10_JBPAPP-7791/cluster/src/main/org/jboss/ha/framework/server/HARMIServerImpl.java
===================================================================
--- branches/JBPAPP_4_3_0_GA_CP10_JBPAPP-7791/cluster/src/main/org/jboss/ha/framework/server/HARMIServerImpl.java 2012-02-23 11:39:46 UTC (rev 112683)
+++ branches/JBPAPP_4_3_0_GA_CP10_JBPAPP-7791/cluster/src/main/org/jboss/ha/framework/server/HARMIServerImpl.java 2012-02-23 11:42:35 UTC (rev 112684)
@@ -34,16 +34,21 @@
import java.util.List;
import java.util.Map;
+import javax.naming.NoPermissionException;
+
import org.jboss.ha.framework.interfaces.HAPartition;
import org.jboss.ha.framework.interfaces.HARMIClient;
import org.jboss.ha.framework.interfaces.HARMIProxy;
import org.jboss.ha.framework.interfaces.HARMIResponse;
import org.jboss.ha.framework.interfaces.HARMIServer;
import org.jboss.ha.framework.interfaces.LoadBalancePolicy;
+import org.jboss.ha.jndi.HARMIServerGuard;
import org.jboss.invocation.MarshalledInvocation;
import org.jboss.logging.Logger;
import org.jboss.net.sockets.DefaultSocketFactory;
+import org.jnp.server.NamingServerGuard;
+
/**
* This class is a <em>server-side</em> proxy for replicated RMI objects.
*
@@ -197,6 +202,12 @@
mi.setMethodMap(invokerMap);
Method method = mi.getMethod();
+ log.info("RMI local invocation =" + mi.isLocal());
+ if (NamingServerGuard.GUARDED_JNDI_METHOD_NAMES.indexOf(method.getName()) != -1) {
+ throw new NoPermissionException(method.getName() +
+ " JNDI operation not allowed when on non-local invocation.");
+ }
+
try
{
HARMIResponse rsp = new HARMIResponse();
Modified: branches/JBPAPP_4_3_0_GA_CP10_JBPAPP-7791/cluster/src/main/org/jboss/ha/jndi/DetachedHANamingService.java
===================================================================
--- branches/JBPAPP_4_3_0_GA_CP10_JBPAPP-7791/cluster/src/main/org/jboss/ha/jndi/DetachedHANamingService.java 2012-02-23 11:39:46 UTC (rev 112683)
+++ branches/JBPAPP_4_3_0_GA_CP10_JBPAPP-7791/cluster/src/main/org/jboss/ha/jndi/DetachedHANamingService.java 2012-02-23 11:42:35 UTC (rev 112684)
@@ -43,6 +43,7 @@
import javax.management.ObjectName;
import javax.management.Query;
import javax.management.QueryExp;
+import javax.naming.NoPermissionException;
import javax.net.ServerSocketFactory;
import org.jboss.ha.framework.interfaces.HAPartition;
@@ -59,6 +60,7 @@
import org.jboss.util.threadpool.ThreadPool;
import org.jnp.interfaces.Naming;
import org.jnp.interfaces.NamingContext;
+import org.jnp.server.NamingServerGuard;
/**
* Management Bean for the protocol independent HA-JNDI service. This allows the
@@ -429,6 +431,15 @@
Method method = invocation.getMethod();
Object[] args = invocation.getArguments();
Object value = null;
+
+ log.info("DETACHED local invocation =" + invocation.isLocal());
+ if (!invocation.isLocal()
+ && NamingServerGuard.GUARDED_JNDI_METHOD_NAMES.indexOf(method.getName()) != -1) {
+ throw new NoPermissionException(method.getName() +
+ " JNDI operation not allowed when on non-local invocation.");
+ }
+
+
try
{
value = method.invoke(theServer, args);
Added: branches/JBPAPP_4_3_0_GA_CP10_JBPAPP-7791/cluster/src/main/org/jboss/ha/jndi/HARMIServerGuard.java
===================================================================
--- branches/JBPAPP_4_3_0_GA_CP10_JBPAPP-7791/cluster/src/main/org/jboss/ha/jndi/HARMIServerGuard.java (rev 0)
+++ branches/JBPAPP_4_3_0_GA_CP10_JBPAPP-7791/cluster/src/main/org/jboss/ha/jndi/HARMIServerGuard.java 2012-02-23 11:42:35 UTC (rev 112684)
@@ -0,0 +1,90 @@
+ /*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.jboss.ha.jndi;
+
+import java.io.Serializable;
+import java.lang.reflect.Method;
+import java.rmi.server.RemoteStub;
+import java.util.List;
+
+import javax.naming.NoPermissionException;
+
+import org.jboss.ha.framework.interfaces.HARMIResponse;
+import org.jboss.ha.framework.interfaces.HARMIServer;
+import org.jboss.invocation.MarshalledInvocation;
+import org.jboss.logging.Logger;
+import org.jnp.server.NamingServerGuard;
+
+
+/**
+ * Object to register instead of original object.
+ * It will guard certain invocations see invoke method.
+ *
+ * @author <a href="mailto:pskopek at redhat.com">Peter Skopek</a>
+ *
+ */
+public class HARMIServerGuard implements HARMIServer, Serializable
+{
+
+ private static Logger log = Logger.getLogger(HARMIServerGuard.class);
+
+ private HARMIServer guardedHARMIServer;
+
+ public HARMIServerGuard(HARMIServer guardedHARMIServer)
+ {
+ this.guardedHARMIServer = guardedHARMIServer;
+ }
+
+ /* (non-Javadoc)
+ * @see org.jboss.ha.framework.interfaces.HARMIServer#invoke(long, org.jboss.invocation.MarshalledInvocation)
+ */
+ public HARMIResponse invoke(long tag, MarshalledInvocation mi)
+ throws Exception
+ {
+ log.info("RMI local invocation =" + mi.isLocal());
+ Method method = mi.getMethod();
+ if (NamingServerGuard.GUARDED_JNDI_METHOD_NAMES.indexOf(method.getName()) != -1) {
+ throw new NoPermissionException(method.getName() +
+ " JNDI operation not allowed when on non-local invocation.");
+ }
+
+ return guardedHARMIServer.invoke(tag, mi);
+ }
+
+ /* (non-Javadoc)
+ * @see org.jboss.ha.framework.interfaces.HARMIServer#getReplicants()
+ */
+ public List getReplicants() throws Exception
+ {
+ return guardedHARMIServer.getReplicants();
+ }
+
+ /* (non-Javadoc)
+ * @see org.jboss.ha.framework.interfaces.HARMIServer#getLocal()
+ */
+ public Object getLocal() throws Exception
+ {
+ return guardedHARMIServer.getLocal();
+ }
+
+}
More information about the jboss-cvs-commits
mailing list