KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > hibernate > secure > JACCPermissions


1 //$Id: JACCPermissions.java,v 1.1 2005/07/21 04:56:17 oneovthafew Exp $
2
package org.hibernate.secure;
3
4 import java.lang.reflect.UndeclaredThrowableException JavaDoc;
5 import java.security.AccessController JavaDoc;
6 import java.security.CodeSource JavaDoc;
7 import java.security.Policy JavaDoc;
8 import java.security.Principal JavaDoc;
9 import java.security.PrivilegedActionException JavaDoc;
10 import java.security.PrivilegedExceptionAction JavaDoc;
11 import java.security.ProtectionDomain JavaDoc;
12 import java.util.Set JavaDoc;
13
14 import javax.security.auth.Subject JavaDoc;
15 import javax.security.jacc.EJBMethodPermission JavaDoc;
16 import javax.security.jacc.PolicyContext JavaDoc;
17 import javax.security.jacc.PolicyContextException JavaDoc;
18
19 /**
20  * Copied from JBoss org.jboss.ejb3.security.JaccHelper and org.jboss.ejb3.security.SecurityActions
21  *
22  * @author <a HREF="mailto:kabir.khan@jboss.org">Kabir Khan</a>
23  */

24 public class JACCPermissions {
25
26     public static void checkPermission(Class JavaDoc clazz, EJBMethodPermission JavaDoc methodPerm)
27             throws SecurityException JavaDoc {
28         CodeSource JavaDoc ejbCS = clazz.getProtectionDomain().getCodeSource();
29         
30         try {
31             Policy JavaDoc policy = Policy.getPolicy();
32             // Get the caller
33
Subject JavaDoc caller = getContextSubject();
34
35             Principal JavaDoc[] principals = null;
36             if ( caller != null ) {
37                 // Get the caller principals
38
Set JavaDoc principalsSet = caller.getPrincipals();
39                 principals = new Principal JavaDoc[ principalsSet.size() ];
40                 principalsSet.toArray( principals );
41             }
42
43             ProtectionDomain JavaDoc pd = new ProtectionDomain JavaDoc( ejbCS, null, null, principals );
44             if ( policy.implies( pd, methodPerm ) == false ) {
45                 String JavaDoc msg = "Denied: " + methodPerm + ", caller=" + caller;
46                 SecurityException JavaDoc e = new SecurityException JavaDoc( msg );
47                 throw e;
48             }
49         }
50         catch (PolicyContextException JavaDoc e) {
51             throw new RuntimeException JavaDoc( e );
52         }
53     }
54
55     interface PolicyContextActions {
56         /** The JACC PolicyContext key for the current Subject */
57         static final String JavaDoc SUBJECT_CONTEXT_KEY = "javax.security.auth.Subject.container";
58         PolicyContextActions PRIVILEGED = new PolicyContextActions() {
59             private final PrivilegedExceptionAction JavaDoc exAction = new PrivilegedExceptionAction JavaDoc() {
60                 public Object JavaDoc run() throws Exception JavaDoc {
61                     return (Subject JavaDoc) PolicyContext.getContext( SUBJECT_CONTEXT_KEY );
62                 }
63             };
64
65             public Subject JavaDoc getContextSubject() throws PolicyContextException JavaDoc {
66                 try {
67                     return (Subject JavaDoc) AccessController.doPrivileged( exAction );
68                 }
69                 catch (PrivilegedActionException JavaDoc e) {
70                     Exception JavaDoc ex = e.getException();
71                     if ( ex instanceof PolicyContextException JavaDoc ) {
72                         throw (PolicyContextException JavaDoc) ex;
73                     }
74                     else throw new UndeclaredThrowableException JavaDoc( ex );
75                 }
76             }
77         };
78
79         PolicyContextActions NON_PRIVILEGED = new PolicyContextActions() {
80             public Subject JavaDoc getContextSubject() throws PolicyContextException JavaDoc {
81                 return (Subject JavaDoc) PolicyContext.getContext( SUBJECT_CONTEXT_KEY );
82             }
83         };
84
85         Subject JavaDoc getContextSubject() throws PolicyContextException JavaDoc;
86     }
87
88     static Subject JavaDoc getContextSubject() throws PolicyContextException JavaDoc {
89         if ( System.getSecurityManager() == null ) {
90             return PolicyContextActions.NON_PRIVILEGED.getContextSubject();
91         }
92         else {
93             return PolicyContextActions.PRIVILEGED.getContextSubject();
94         }
95     }
96
97 }
98
Popular Tags