KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > ejb > plugins > SecurityProxyInterceptor


1 /*
2 * JBoss, Home of Professional Open Source
3 * Copyright 2005, JBoss Inc., and individual contributors as indicated
4 * by the @authors tag. See the copyright.txt in the distribution for a
5 * full listing of individual contributors.
6 *
7 * This is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU Lesser General Public License as
9 * published by the Free Software Foundation; either version 2.1 of
10 * the License, or (at your option) any later version.
11 *
12 * This software is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this software; if not, write to the Free
19 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21 */
22 package org.jboss.ejb.plugins;
23
24 import java.security.Principal JavaDoc;
25 import javax.ejb.EJBContext JavaDoc;
26 import javax.naming.InitialContext JavaDoc;
27
28 import org.jboss.ejb.Container;
29 import org.jboss.ejb.EJBProxyFactoryContainer;
30 import org.jboss.ejb.EnterpriseContext;
31 import org.jboss.invocation.Invocation;
32 import org.jboss.logging.Logger;
33
34 import org.jboss.security.AuthenticationManager;
35 import org.jboss.security.SecurityProxy;
36 import org.jboss.security.SecurityProxyFactory;
37
38 /**
39  * The SecurityProxyInterceptor is where the EJB custom security proxy
40  * integration is performed. This interceptor is dynamically added to container
41  * interceptors when the deployment descriptors specifies a security
42  * proxy. It is added just before the container interceptor so that the
43  * interceptor has access to the EJB instance and context.
44  *
45  * @author <a HREF="mailto:Scott.Stark@jboss.org">Scott Stark</a>.
46  * @version $Revision: 37459 $
47  */
48 public class SecurityProxyInterceptor
49    extends AbstractInterceptor
50 {
51    /**
52     * The JNDI name of the SecurityProxyFactory used to wrap security
53     * proxy objects that do not implement the SecurityProxy interface
54     */
55    public final String JavaDoc SECURITY_PROXY_FACTORY_NAME =
56       "java:/SecurityProxyFactory";
57
58    /** Instance logger. */
59    protected Logger log = Logger.getLogger(this.getClass());
60
61    protected AuthenticationManager securityManager;
62
63    /**
64     * @supplierCardinality 0..1
65     * @clientCardinality 1
66     * @supplierQualifier custom security
67     */
68    protected SecurityProxy securityProxy;
69
70    public SecurityProxyInterceptor()
71    {
72       super();
73    }
74
75    public void setContainer(Container container)
76    {
77       super.setContainer(container);
78       if( container != null )
79       {
80          securityManager = container.getSecurityManager();
81          Object JavaDoc secProxy = container.getSecurityProxy();
82          if( secProxy != null )
83          {
84             // If this is not a SecurityProxy instance then use the default
85 // SecurityProxy implementation
86 if( (secProxy instanceof SecurityProxy) == false )
87             {
88                try
89                {
90                   // Get default SecurityProxyFactory from JNDI at
91 InitialContext JavaDoc iniCtx = new InitialContext JavaDoc();
92                   SecurityProxyFactory proxyFactory =
93                      (SecurityProxyFactory)iniCtx.lookup(SECURITY_PROXY_FACTORY_NAME);
94                   securityProxy = proxyFactory.create(secProxy);
95                }
96                catch (Exception JavaDoc e)
97                {
98                   log.error("Failed to initialze DefaultSecurityProxy", e);
99                }
100             }
101             else
102             {
103                securityProxy = (SecurityProxy) secProxy;
104             }
105
106             // Initialize the securityProxy
107 try
108             {
109                EJBProxyFactoryContainer ic =
110                   (EJBProxyFactoryContainer)container;
111                Class JavaDoc beanHome = ic.getHomeClass();
112                Class JavaDoc beanRemote = ic.getRemoteClass();
113                Class JavaDoc beanLocalHome = ic.getLocalHomeClass();
114                Class JavaDoc beanLocal = ic.getLocalClass();
115                if( beanLocal == null )
116                {
117                   securityProxy.init(beanHome, beanRemote, securityManager);
118                }
119                else
120                {
121                   securityProxy.init(beanHome, beanRemote, beanLocalHome,
122                      beanLocal, securityManager);
123                }
124             }
125             catch(Exception JavaDoc e)
126             {
127                log.error("Failed to initialze SecurityProxy", e);
128             }
129             log.info("Initialized SecurityProxy=" + securityProxy);
130          }
131       }
132    }
133
134    // Container implementation --------------------------------------
135
136    public void start() throws Exception JavaDoc
137    {
138       super.start();
139    }
140
141    public Object JavaDoc invokeHome(Invocation mi) throws Exception JavaDoc
142    {
143       // Apply any custom security checks
144 if( securityProxy != null )
145       {
146          EJBContext JavaDoc ctx = null;
147          EnterpriseContext ectx = (EnterpriseContext)mi.getEnterpriseContext();
148          if( ectx != null )
149             ctx = ectx.getEJBContext();
150          Object JavaDoc[] args = mi.getArguments();
151          securityProxy.setEJBContext(ctx);
152          try
153          {
154             securityProxy.invokeHome(mi.getMethod(), args);
155          }
156          catch(SecurityException JavaDoc e)
157          {
158             Principal JavaDoc principal = mi.getPrincipal();
159             String JavaDoc msg = "SecurityProxy.invokeHome exception, principal=" + principal;
160             log.error(msg, e);
161             throw e;
162          }
163       }
164       return getNext().invokeHome(mi);
165    }
166    
167    public Object JavaDoc invoke(Invocation mi) throws Exception JavaDoc
168    {
169       // Apply any custom security checks
170 if( securityProxy != null )
171       {
172          EnterpriseContext ectx = (EnterpriseContext)mi.getEnterpriseContext();
173          Object JavaDoc bean = ectx.getInstance();
174          EJBContext JavaDoc ctx = ectx.getEJBContext();
175          Object JavaDoc[] args = mi.getArguments();
176          securityProxy.setEJBContext(ctx);
177          try
178          {
179             securityProxy.invoke(mi.getMethod(), args, bean);
180          }
181          catch(SecurityException JavaDoc e)
182          {
183             Principal JavaDoc principal = mi.getPrincipal();
184             String JavaDoc msg = "SecurityProxy.invoke exception, principal="+principal;
185             log.error(msg, e);
186             throw e;
187          }
188       }
189       return getNext().invoke(mi);
190    }
191 }
192
193
Popular Tags