KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > ejb > plugins > SecurityActions


1 /*
2 * JBoss, Home of Professional Open Source
3 * Copyright 2005, JBoss Inc., and individual contributors as indicated
4 * by the @authors tag. See the copyright.txt in the distribution for a
5 * full listing of individual contributors.
6 *
7 * This is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU Lesser General Public License as
9 * published by the Free Software Foundation; either version 2.1 of
10 * the License, or (at your option) any later version.
11 *
12 * This software is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this software; if not, write to the Free
19 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21 */
22 package org.jboss.ejb.plugins;
23
24 import java.security.PrivilegedAction JavaDoc;
25 import java.security.PrivilegedExceptionAction JavaDoc;
26 import java.security.Principal JavaDoc;
27 import java.security.AccessController JavaDoc;
28 import java.security.PrivilegedActionException JavaDoc;
29 import java.util.HashMap JavaDoc;
30 import java.lang.reflect.UndeclaredThrowableException JavaDoc;
31
32 import javax.security.auth.Subject JavaDoc;
33 import javax.security.jacc.PolicyContext JavaDoc;
34 import javax.security.jacc.PolicyContextException JavaDoc;
35
36 import org.jboss.security.SecurityAssociation;
37 import org.jboss.security.RunAsIdentity;
38 import org.jboss.security.SecurityConstants;
39 import org.jboss.security.SecurityContext;
40
41 /** A collection of privileged actions for this package
42  * @author Scott.Stark@jboss.org
43  * @author <a HREF="mailto:alex@jboss.org">Alexey Loubyansky</a>
44  * @version $Revison: $
45  */
46 class SecurityActions
47 {
48    interface PrincipalInfoAction
49    {
50       PrincipalInfoAction PRIVILEGED = new PrincipalInfoAction()
51       {
52          public void push(final Principal JavaDoc principal, final Object JavaDoc credential,
53             final Subject JavaDoc subject)
54          {
55             AccessController.doPrivileged(
56                new PrivilegedAction JavaDoc()
57                {
58                   public Object JavaDoc run()
59                   {
60                      SecurityAssociation.pushSubjectContext(subject, principal, credential);
61                      return null;
62                   }
63                }
64             );
65          }
66          public void dup()
67          {
68             AccessController.doPrivileged(
69                new PrivilegedAction JavaDoc()
70                {
71                   public Object JavaDoc run()
72                   {
73                      SecurityAssociation.dupSubjectContext();
74                      return null;
75                   }
76                }
77             );
78          }
79          public void pop()
80          {
81             AccessController.doPrivileged(
82                new PrivilegedAction JavaDoc()
83                {
84                   public Object JavaDoc run()
85                   {
86                      SecurityAssociation.popSubjectContext();
87                      return null;
88                   }
89                }
90             );
91          }
92       };
93
94       PrincipalInfoAction NON_PRIVILEGED = new PrincipalInfoAction()
95       {
96          public void push(Principal JavaDoc principal, Object JavaDoc credential, Subject JavaDoc subject)
97          {
98             SecurityAssociation.pushSubjectContext(subject, principal, credential);
99          }
100          public void dup()
101          {
102             SecurityAssociation.dupSubjectContext();
103          }
104          public void pop()
105          {
106             SecurityAssociation.popSubjectContext();
107          }
108       };
109
110       void push(Principal JavaDoc principal, Object JavaDoc credential, Subject JavaDoc subject);
111       void dup();
112       void pop();
113    }
114
115    interface RunAsIdentityActions
116    {
117       RunAsIdentityActions PRIVILEGED = new RunAsIdentityActions()
118       {
119          private final PrivilegedAction JavaDoc peekAction = new PrivilegedAction JavaDoc()
120          {
121             public Object JavaDoc run()
122             {
123                return SecurityAssociation.peekRunAsIdentity();
124             }
125          };
126
127          private final PrivilegedAction JavaDoc popAction = new PrivilegedAction JavaDoc()
128          {
129             public Object JavaDoc run()
130             {
131                return SecurityAssociation.popRunAsIdentity();
132             }
133          };
134
135          public RunAsIdentity peek()
136          {
137             return (RunAsIdentity)AccessController.doPrivileged(peekAction);
138          }
139
140          public void push(final RunAsIdentity id)
141          {
142             AccessController.doPrivileged(
143                new PrivilegedAction JavaDoc()
144                {
145                   public Object JavaDoc run()
146                   {
147                      SecurityAssociation.pushRunAsIdentity(id);
148                      return null;
149                   }
150                }
151             );
152          }
153
154          public RunAsIdentity pop()
155          {
156             return (RunAsIdentity)AccessController.doPrivileged(popAction);
157          }
158       };
159
160       RunAsIdentityActions NON_PRIVILEGED = new RunAsIdentityActions()
161       {
162          public RunAsIdentity peek()
163          {
164             return SecurityAssociation.peekRunAsIdentity();
165          }
166
167          public void push(RunAsIdentity id)
168          {
169             SecurityAssociation.pushRunAsIdentity(id);
170          }
171
172          public RunAsIdentity pop()
173          {
174             return SecurityAssociation.popRunAsIdentity();
175          }
176       };
177
178       RunAsIdentity peek();
179
180       void push(RunAsIdentity id);
181
182       RunAsIdentity pop();
183    }
184
185    interface ContextInfoActions
186    {
187       static final String JavaDoc EX_KEY = "org.jboss.security.exception";
188       ContextInfoActions PRIVILEGED = new ContextInfoActions()
189       {
190          private final PrivilegedAction JavaDoc exAction = new PrivilegedAction JavaDoc()
191          {
192             public Object JavaDoc run()
193             {
194                return SecurityAssociation.getContextInfo(EX_KEY);
195             }
196          };
197          public Exception JavaDoc getContextException()
198          {
199             return (Exception JavaDoc)AccessController.doPrivileged(exAction);
200          }
201       };
202
203       ContextInfoActions NON_PRIVILEGED = new ContextInfoActions()
204       {
205          public Exception JavaDoc getContextException()
206          {
207             return (Exception JavaDoc)SecurityAssociation.getContextInfo(EX_KEY);
208          }
209       };
210
211       Exception JavaDoc getContextException();
212    }
213
214    interface PolicyContextActions
215    {
216       /** The JACC PolicyContext key for the current Subject */
217       static final String JavaDoc SUBJECT_CONTEXT_KEY = "javax.security.auth.Subject.container";
218       PolicyContextActions PRIVILEGED = new PolicyContextActions()
219       {
220          private final PrivilegedExceptionAction JavaDoc exAction = new PrivilegedExceptionAction JavaDoc()
221          {
222             public Object JavaDoc run() throws Exception JavaDoc
223             {
224                return (Subject JavaDoc) PolicyContext.getContext(SUBJECT_CONTEXT_KEY);
225             }
226          };
227          public Subject JavaDoc getContextSubject()
228             throws PolicyContextException JavaDoc
229          {
230             try
231             {
232                return (Subject JavaDoc) AccessController.doPrivileged(exAction);
233             }
234             catch(PrivilegedActionException JavaDoc e)
235             {
236                Exception JavaDoc ex = e.getException();
237                if( ex instanceof PolicyContextException JavaDoc )
238                   throw (PolicyContextException JavaDoc) ex;
239                else
240                   throw new UndeclaredThrowableException JavaDoc(ex);
241             }
242          }
243       };
244
245       PolicyContextActions NON_PRIVILEGED = new PolicyContextActions()
246       {
247          public Subject JavaDoc getContextSubject()
248             throws PolicyContextException JavaDoc
249          {
250             return (Subject JavaDoc) PolicyContext.getContext(SUBJECT_CONTEXT_KEY);
251          }
252       };
253
254       Subject JavaDoc getContextSubject()
255          throws PolicyContextException JavaDoc;
256    }
257    
258    static ClassLoader JavaDoc getContextClassLoader()
259    {
260       return TCLAction.UTIL.getContextClassLoader();
261    }
262
263    static void setContextClassLoader(ClassLoader JavaDoc loader)
264    {
265       TCLAction.UTIL.setContextClassLoader(loader);
266    }
267
268    static void pushSubjectContext(Principal JavaDoc principal, Object JavaDoc credential,
269       Subject JavaDoc subject)
270    {
271       if(System.getSecurityManager() == null)
272       {
273          PrincipalInfoAction.NON_PRIVILEGED.push(principal, credential, subject);
274       }
275       else
276       {
277          PrincipalInfoAction.PRIVILEGED.push(principal, credential, subject);
278       }
279    }
280    static void dupSubjectContext()
281    {
282       if(System.getSecurityManager() == null)
283       {
284          PrincipalInfoAction.NON_PRIVILEGED.dup();
285       }
286       else
287       {
288          PrincipalInfoAction.PRIVILEGED.dup();
289       }
290    }
291    static void popSubjectContext()
292    {
293       if(System.getSecurityManager() == null)
294       {
295          PrincipalInfoAction.NON_PRIVILEGED.pop();
296       }
297       else
298       {
299          PrincipalInfoAction.PRIVILEGED.pop();
300       }
301    }
302
303    static RunAsIdentity peekRunAsIdentity()
304    {
305       if(System.getSecurityManager() == null)
306       {
307          return RunAsIdentityActions.NON_PRIVILEGED.peek();
308       }
309       else
310       {
311          return RunAsIdentityActions.PRIVILEGED.peek();
312       }
313    }
314
315    static void pushRunAsIdentity(RunAsIdentity principal)
316    {
317       if(System.getSecurityManager() == null)
318       {
319          RunAsIdentityActions.NON_PRIVILEGED.push(principal);
320       }
321       else
322       {
323          RunAsIdentityActions.PRIVILEGED.push(principal);
324       }
325    }
326
327    static RunAsIdentity popRunAsIdentity()
328    {
329       if(System.getSecurityManager() == null)
330       {
331          return RunAsIdentityActions.NON_PRIVILEGED.pop();
332       }
333       else
334       {
335          return RunAsIdentityActions.PRIVILEGED.pop();
336       }
337    }
338
339    static Exception JavaDoc getContextException()
340    {
341       if(System.getSecurityManager() == null)
342       {
343          return ContextInfoActions.NON_PRIVILEGED.getContextException();
344       }
345       else
346       {
347          return ContextInfoActions.PRIVILEGED.getContextException();
348       }
349    }
350
351    static Subject JavaDoc getContextSubject()
352       throws PolicyContextException JavaDoc
353    {
354       if(System.getSecurityManager() == null)
355       {
356          return PolicyContextActions.NON_PRIVILEGED.getContextSubject();
357       }
358       else
359       {
360          return PolicyContextActions.PRIVILEGED.getContextSubject();
361       }
362    }
363
364    interface TCLAction
365    {
366       class UTIL
367       {
368          static TCLAction getTCLAction()
369          {
370             return System.getSecurityManager() == null ? NON_PRIVILEGED : PRIVILEGED;
371          }
372
373          static ClassLoader JavaDoc getContextClassLoader()
374          {
375             return getTCLAction().getContextClassLoader();
376          }
377
378          static ClassLoader JavaDoc getContextClassLoader(Thread JavaDoc thread)
379          {
380             return getTCLAction().getContextClassLoader(thread);
381          }
382
383          static void setContextClassLoader(ClassLoader JavaDoc cl)
384          {
385             getTCLAction().setContextClassLoader(cl);
386          }
387
388          static void setContextClassLoader(Thread JavaDoc thread, ClassLoader JavaDoc cl)
389          {
390             getTCLAction().setContextClassLoader(thread, cl);
391          }
392       }
393
394       TCLAction NON_PRIVILEGED = new TCLAction()
395       {
396          public ClassLoader JavaDoc getContextClassLoader()
397          {
398             return Thread.currentThread().getContextClassLoader();
399          }
400
401          public ClassLoader JavaDoc getContextClassLoader(Thread JavaDoc thread)
402          {
403             return thread.getContextClassLoader();
404          }
405
406          public void setContextClassLoader(ClassLoader JavaDoc cl)
407          {
408             Thread.currentThread().setContextClassLoader(cl);
409          }
410
411          public void setContextClassLoader(Thread JavaDoc thread, ClassLoader JavaDoc cl)
412          {
413             thread.setContextClassLoader(cl);
414          }
415       };
416
417       TCLAction PRIVILEGED = new TCLAction()
418       {
419          private final PrivilegedAction JavaDoc getTCLPrivilegedAction = new PrivilegedAction JavaDoc()
420          {
421             public Object JavaDoc run()
422             {
423                return Thread.currentThread().getContextClassLoader();
424             }
425          };
426
427          public ClassLoader JavaDoc getContextClassLoader()
428          {
429             return (ClassLoader JavaDoc)AccessController.doPrivileged(getTCLPrivilegedAction);
430          }
431
432          public ClassLoader JavaDoc getContextClassLoader(final Thread JavaDoc thread)
433          {
434             return (ClassLoader JavaDoc)AccessController.doPrivileged(new PrivilegedAction JavaDoc()
435             {
436                public Object JavaDoc run()
437                {
438                   return thread.getContextClassLoader();
439                }
440             });
441          }
442
443          public void setContextClassLoader(final ClassLoader JavaDoc cl)
444          {
445             AccessController.doPrivileged(
446                new PrivilegedAction JavaDoc()
447                {
448                   public Object JavaDoc run()
449                   {
450                      Thread.currentThread().setContextClassLoader(cl);
451                      return null;
452                   }
453                }
454             );
455          }
456
457          public void setContextClassLoader(final Thread JavaDoc thread, final ClassLoader JavaDoc cl)
458          {
459             AccessController.doPrivileged(
460                new PrivilegedAction JavaDoc()
461                {
462                   public Object JavaDoc run()
463                   {
464                      thread.setContextClassLoader(cl);
465                      return null;
466                   }
467                }
468             );
469          }
470       };
471
472       ClassLoader JavaDoc getContextClassLoader();
473
474       ClassLoader JavaDoc getContextClassLoader(Thread JavaDoc thread);
475
476       void setContextClassLoader(ClassLoader JavaDoc cl);
477
478       void setContextClassLoader(Thread JavaDoc thread, ClassLoader JavaDoc cl);
479    }
480    
481    private static class GetSecurityContextAction implements PrivilegedAction JavaDoc
482    {
483       private String JavaDoc securityDomain;
484       GetSecurityContextAction(String JavaDoc sd)
485       {
486          this.securityDomain = sd;
487       }
488       public Object JavaDoc run()
489       {
490          String JavaDoc sc = SecurityConstants.SECURITY_CONTEXT;
491          HashMap JavaDoc map = (HashMap JavaDoc)SecurityAssociation.getContextInfo(sc);
492          if(map == null)
493          {
494             map = new HashMap JavaDoc();
495             SecurityAssociation.setContextInfo(sc, map);
496          }
497          SecurityAssociation.setContextInfo(sc, map);
498          return map.get(this.securityDomain);
499       }
500    }
501    
502    private static class SetSecurityContextAction implements PrivilegedAction JavaDoc
503    {
504       private SecurityContext securityContext;
505       private String JavaDoc securityDomain;
506       SetSecurityContextAction(SecurityContext sc, String JavaDoc sd)
507       {
508          this.securityContext = sc;
509          this.securityDomain = sd;
510       }
511       
512       public Object JavaDoc run()
513       {
514          String JavaDoc sc = SecurityConstants.SECURITY_CONTEXT;
515          HashMap JavaDoc map = (HashMap JavaDoc)SecurityAssociation.getContextInfo(sc);
516          if(map == null)
517          {
518             map = new HashMap JavaDoc();
519             SecurityAssociation.setContextInfo(sc, map);
520          }
521          map.put(securityDomain, securityContext);
522          SecurityAssociation.setContextInfo(sc, map);
523          return null;
524       }
525    }
526    
527    private static class ClearSecurityContextAction implements PrivilegedAction JavaDoc
528    {
529       private String JavaDoc securityDomain;
530       ClearSecurityContextAction(String JavaDoc sd)
531       {
532          this.securityDomain = sd;
533       }
534       public Object JavaDoc run()
535       {
536          String JavaDoc sc = SecurityConstants.SECURITY_CONTEXT;
537          HashMap JavaDoc map = (HashMap JavaDoc)SecurityAssociation.getContextInfo(sc);
538          if(map == null)
539          {
540             map = new HashMap JavaDoc();
541             SecurityAssociation.setContextInfo(sc, map);
542          }
543          if(map.containsKey(securityDomain))
544             map.remove(securityDomain);
545          
546          SecurityAssociation.setContextInfo(sc, map);
547          return null;
548       }
549    }
550
551    static void clearSecurityContext(String JavaDoc securityDomain)
552    {
553       ClearSecurityContextAction action = new ClearSecurityContextAction(securityDomain);
554       AccessController.doPrivileged(action);
555    }
556    
557    static SecurityContext getSecurityContext(String JavaDoc securityDomain)
558    {
559       GetSecurityContextAction action = new GetSecurityContextAction(securityDomain);
560       return (SecurityContext)AccessController.doPrivileged(action);
561    }
562    
563    static void setSecurityContext(SecurityContext sc, String JavaDoc securityDomain)
564    {
565       SetSecurityContextAction action = new SetSecurityContextAction(sc,securityDomain);
566       AccessController.doPrivileged(action);
567    }
568 }
569
Popular Tags