User: oleg
Date: 01/01/09 17:24:00
Modified: src/main/org/jboss/ejb/plugins SecurityInterceptor.java
Log:
Package structure for security stuff improved.
Classes from "system" package moved to "security" package.
Added "security/plugins" and "security/plugins/samples" packages.
Added JaasServerLoginModule and AbstractServerLoginModule classes
by Edward Kenworthy <[EMAIL PROTECTED]>
(file based implementation for JAAS security).
Revision Changes Path
1.8 +19 -20 jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
Index: SecurityInterceptor.java
===================================================================
RCS file:
/products/cvs/ejboss/jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- SecurityInterceptor.java 2000/12/07 15:44:24 1.7
+++ SecurityInterceptor.java 2001/01/10 01:24:00 1.8
@@ -32,9 +32,9 @@
import org.jboss.logging.Log;
-import org.jboss.system.EJBSecurityManager;
-import org.jboss.system.RealmMapping;
-import org.jboss.system.SecurityAssociation;
+import org.jboss.security.EJBSecurityManager;
+import org.jboss.security.RealmMapping;
+import org.jboss.security.SecurityAssociation;
import com.dreambean.ejx.ejb.AssemblyDescriptor;
@@ -45,7 +45,7 @@
* @see <related>
* @author Rickard �berg ([EMAIL PROTECTED])
* @author <a href="mailto:[EMAIL PROTECTED]">Daniel O'Connor</a>.
- * @version $Revision: 1.7 $
+ * @version $Revision: 1.8 $
*/
public class SecurityInterceptor
extends AbstractInterceptor
@@ -85,34 +85,33 @@
throws Exception
{
// if this isn't ok, bean shouldn't deploy
- if ((securityManager == null) || (realmMapping == null))
- return;
+ if (securityManager == null) {
+ return;
+ }
+ if (realmMapping == null) {
+ throw new java.rmi.RemoteException("Role mapping manager has not been
set");
+ }
Principal principal = SecurityAssociation.getPrincipal();
Object credential = SecurityAssociation.getCredential();
if (principal == null)
{
- principal = mi.getPrincipal();
- credential = mi.getCredential();
- if (!(principal == null)) // for now, security is optional
- {
- if (!securityManager.isValid( principal, credential ))
- {
+ principal = mi.getPrincipal();
+ credential = mi.getCredential();
+ if (principal == null || !securityManager.isValid( principal, credential ))
+ {
// should log illegal access
throw new java.rmi.RemoteException("Authentication exception");
- }
- else
- {
+ }
+ else
+ {
SecurityAssociation.setPrincipal( principal );
SecurityAssociation.setCredential( credential );
- }
- }
- else
- return; // security not enabled
+ }
}
Set methodPermissions = container.getMethodPermissions( mi.getMethod(), home
);
- if (!realmMapping.doesUserHaveRole( principal, methodPermissions ))
+ if (methodPermissions != null && !realmMapping.doesUserHaveRole( principal,
methodPermissions ))
{
// should log illegal access
throw new java.rmi.RemoteException("Illegal access exception");
