RunAsSecurityInterceptorFactory


1   /*
2     * JBoss, Home of Professional Open Source
3     * Copyright 2005, JBoss Inc., and individual contributors as indicated
4     * by the @authors tag. See the copyright.txt in the distribution for a
5     * full listing of individual contributors.
6     *
7     * This is free software; you can redistribute it and/or modify it
8     * under the terms of the GNU Lesser General Public License as
9     * published by the Free Software Foundation; either version 2.1 of
10    * the License, or (at your option) any later version.
11    *
12    * This software is distributed in the hope that it will be useful,
13    * but WITHOUT ANY WARRANTY; without even the implied warranty of
14    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15    * Lesser General Public License for more details.
16    *
17    * You should have received a copy of the GNU Lesser General Public
18    * License along with this software; if not, write to the Free
19    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21    */
22  package org.jboss.ejb3.security;
23  
24  import javax.naming.InitialContext  ;
25  import javax.naming.NamingException  ;
26  import javax.annotation.security.RunAs;
27  
28  import org.jboss.aop.Advisor;
29  import org.jboss.aop.InstanceAdvisor;
30  import org.jboss.aop.advice.AspectFactory;
31  import org.jboss.aop.joinpoint.Joinpoint;
32  import org.jboss.aop.joinpoint.Invocation;
33  import org.jboss.logging.Logger;
34  import org.jboss.security.AuthenticationManager;
35  import org.jboss.security.RealmMapping;
36  import org.jboss.security.RunAsIdentity;
37  import org.jboss.security.SecurityAssociation;
38  import org.jboss.ejb3.Container;
39  import org.jboss.ejb3.EJBContainer;
40  import org.jboss.ejb3.tx.NullInterceptor;
41  import org.jboss.annotation.security.RunAsPrincipal;
42  
43  import java.security.Principal  ;
44  import java.util.Set  ;
45  import java.util.Iterator  ;
46  import java.util.HashSet  ;
47  
48  public class RunAsSecurityInterceptorFactory implements AspectFactory
49  {
50     private static final Logger log = Logger.getLogger(RunAsSecurityInterceptorFactory.class);
51  
52     public Object   createPerVM()
53     {
54        throw new RuntimeException  ("PER_VM not supported for this interceptor factory, only PER_CLASS");
55     }
56  
57  
58     protected RunAsIdentity getRunAsIdentity(EJBContainer container)
59     {
60        RunAs runAs = (RunAs) container.resolveAnnotation(RunAs.class);
61        if (runAs == null) return null;
62        if (container.getXml() != null && container.getXml().getSecurityIdentity() != null)
63        {
64           if (container.getXml().getSecurityIdentity().isUseCallerIdentity()) return null;
65        }
66        RunAsPrincipal rap = (RunAsPrincipal) container.resolveAnnotation(RunAsPrincipal.class);
67        String   runAsPrincipal = null;
68        if (rap != null) runAsPrincipal = rap.value();
69  
70        HashSet   extraRoles = new HashSet  (); // todo get extra mapped roles.
71  
72        return new RunAsIdentity(runAs.value(), runAsPrincipal, extraRoles);
73     }
74  
75  
76     public Object   createPerClass(Advisor advisor)
77     {
78        Object   domain = null;
79        EJBContainer container = (EJBContainer)advisor;
80        RunAsIdentity runAsIdentity = getRunAsIdentity(container);
81        if (runAsIdentity == null)
82        {
83           return new NullInterceptor();
84        }
85        try
86        {
87           InitialContext   ctx = container.getInitialContext();
88           org.jboss.annotation.security.SecurityDomain securityAnnotation = (org.jboss.annotation.security.SecurityDomain) advisor.resolveAnnotation(org.jboss.annotation.security.SecurityDomain.class);
89           domain = ctx.lookup("java:/jaas/" + securityAnnotation.value());
90        }
91        catch (NamingException   e)
92        {
93           throw new RuntimeException  (e);
94        }
95        AuthenticationManager manager = (AuthenticationManager) domain;
96        RealmMapping mapping = (RealmMapping) domain;
97        if (manager == null) throw new RuntimeException  ("Unable to find Security Domain");
98        return new RunAsSecurityInterceptor(manager, mapping, getRunAsIdentity(container));
99     }
100 
101    public Object   createPerInstance(Advisor advisor, InstanceAdvisor instanceAdvisor)
102    {
103       throw new RuntimeException  ("PER_VM not supported for this interceptor factory, only PER_CLASS");
104    }
105 
106    public Object   createPerJoinpoint(Advisor advisor, Joinpoint jp)
107    {
108       throw new RuntimeException  ("PER_VM not supported for this interceptor factory, only PER_CLASS");
109    }
110 
111    public Object   createPerJoinpoint(Advisor advisor, InstanceAdvisor instanceAdvisor, Joinpoint jp)
112    {
113       throw new RuntimeException  ("PER_VM not supported for this interceptor factory, only PER_CLASS");
114    }
115 
116    public String   getName()
117    {
118       return getClass().getName();
119    }
120 }
121 
122
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags