KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > security > SubjectSecurityProxy


1 /*
2  * JBoss, the OpenSource WebOS
3  *
4  * Distributable under LGPL license.
5  * See terms of license at gnu.org.
6  */
7 package org.jboss.security;
8
9 import java.lang.reflect.InvocationTargetException JavaDoc;
10 import java.lang.reflect.UndeclaredThrowableException JavaDoc;
11 import java.lang.reflect.Method JavaDoc;
12 import java.security.PrivilegedExceptionAction JavaDoc;
13 import java.security.PrivilegedActionException JavaDoc;
14 import javax.security.auth.Subject JavaDoc;
15
16 import org.jboss.security.SubjectSecurityManager;
17
18 /** A subclass of AbstractSecurityProxy that executes as the currently
19  authenticated subject within the invokeHomeOnDelegate and invokeOnDelegate
20  methods. The current subject is accessed via the security manager passed
21  to the init() method, which must be an instance of SubjectSecurityManager.
22  This results in AccessController.checkPermission() calls made from within the
23  security delegate methods to be based on the Subject's permissions.
24
25  This is just an experiment with the JAAS Subject based permissions.
26
27  @see javax.security.auth.Subject
28   @see org.jboss.security.SubjectSecurityManager
29
30  @author Scott.Stark@jboss.org
31  @version $Revision: 1.8 $
32  */
33 public class SubjectSecurityProxy extends AbstractSecurityProxy
34 {
35    private SubjectSecurityManager subjectSecurityManager;
36
37    SubjectSecurityProxy(Object JavaDoc delegate)
38    {
39       super(delegate);
40    }
41
42    public void init(Class JavaDoc beanHome, Class JavaDoc beanRemote, Object JavaDoc securityMgr)
43       throws InstantiationException JavaDoc
44    {
45       init(beanHome, beanRemote, null, null, securityMgr);
46    }
47
48    public void init(Class JavaDoc beanHome, Class JavaDoc beanRemote,
49       Class JavaDoc beanLocalHome, Class JavaDoc beanLocal, Object JavaDoc securityMgr)
50       throws InstantiationException JavaDoc
51    {
52       if ((securityMgr instanceof SubjectSecurityManager) == false)
53       {
54          String JavaDoc msg = "SubjectSecurityProxy requires a SubjectSecurityManager"
55             + " instance, securityMgr=" + securityMgr;
56          throw new InstantiationException JavaDoc(msg);
57       }
58       subjectSecurityManager = (SubjectSecurityManager) securityMgr;
59       super.init(beanHome, beanRemote, beanLocalHome, beanLocal, securityMgr);
60    }
61
62    protected void invokeHomeOnDelegate(final Method JavaDoc m, final Object JavaDoc[] args, final Object JavaDoc delegate)
63       throws SecurityException JavaDoc
64    { // Get authenticated subject and invoke invokeAsSubject in Subject.doAsPrivaledged() block...
65 final Subject JavaDoc subject = subjectSecurityManager.getActiveSubject();
66       if (subject == null)
67          throw new SecurityException JavaDoc("No subject associated with secure proxy");
68
69       try
70       {
71          Subject.doAsPrivileged(subject, new PrivilegedExceptionAction JavaDoc()
72          {
73             public Object JavaDoc run() throws Exception JavaDoc
74             {
75                m.invoke(delegate, args);
76                return null;
77             }
78          },
79             null
80          );
81       }
82       catch (PrivilegedActionException JavaDoc e)
83       {
84          Throwable JavaDoc t = e.getException();
85          if (t instanceof InvocationTargetException JavaDoc)
86          {
87             t = ((InvocationTargetException JavaDoc) t).getTargetException();
88          }
89          else if (t instanceof UndeclaredThrowableException JavaDoc)
90          {
91             t = ((UndeclaredThrowableException JavaDoc) t).getUndeclaredThrowable();
92          }
93          if (t instanceof SecurityException JavaDoc)
94             throw (SecurityException JavaDoc) t;
95          t.printStackTrace();
96          throw new SecurityException JavaDoc("Unexpected error during security proxy execution:" + t.getMessage());
97       }
98    }
99
100    protected void invokeOnDelegate(final Method JavaDoc m, final Object JavaDoc[] args, final Object JavaDoc delegate)
101       throws Exception JavaDoc
102    { // Get authenticated subject and invoke invokeAsSubject in Subject.doAsPrivaledged() block...
103 final Subject JavaDoc subject = subjectSecurityManager.getActiveSubject();
104       if (subject == null)
105          throw new SecurityException JavaDoc("No subject associated with secure proxy");
106
107       try
108       {
109          Subject.doAsPrivileged(subject, new PrivilegedExceptionAction JavaDoc()
110          {
111             public Object JavaDoc run() throws Exception JavaDoc
112             {
113                m.invoke(delegate, args);
114                return null;
115             }
116          },
117             null
118          );
119       }
120       catch (PrivilegedActionException JavaDoc e)
121       {
122          Throwable JavaDoc t = e.getException();
123          if (t instanceof InvocationTargetException JavaDoc)
124          {
125             // This is a declared exception, just throw it
126 InvocationTargetException JavaDoc ex = (InvocationTargetException JavaDoc) t;
127             t = ex.getTargetException();
128             throw (Exception JavaDoc) t;
129          }
130          else if (t instanceof UndeclaredThrowableException JavaDoc)
131          {
132             t = ((UndeclaredThrowableException JavaDoc) t).getUndeclaredThrowable();
133          }
134          if (t instanceof SecurityException JavaDoc)
135             throw (SecurityException JavaDoc) t;
136          throw new SecurityException JavaDoc("Unexpected error during security proxy execution:" + t.getMessage());
137       }
138    }
139
140 }
141
Popular Tags