User: stark
Date: 01/02/14 13:20:11
Modified: security/src/main/org/jboss/test/security/test/ejbs/project
ProjRepositoryBean.java
Added: security/src/main/org/jboss/test/security/test/ejbs/project
ProjRepositorySecurityProxy.java
ProjRepositorySecurityProxy2.java
Removed: security/src/main/org/jboss/test/security/test/ejbs/project
ProjRepositoryStatefulProxy.java
ProjRepositoryStatelessProxy.java
Log:
Updated SecurityInterceptor to be independent of any JAAS classes
and refactored security proxy layer to simplify the model.
Revision Changes Path
1.2 +12 -1
contrib/security/src/main/org/jboss/test/security/test/ejbs/project/ProjRepositoryBean.java
Index: ProjRepositoryBean.java
===================================================================
RCS file:
/products/cvs/ejboss/contrib/security/src/main/org/jboss/test/security/test/ejbs/project/ProjRepositoryBean.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- ProjRepositoryBean.java 2001/02/12 09:29:43 1.1
+++ ProjRepositoryBean.java 2001/02/14 21:20:10 1.2
@@ -18,6 +18,8 @@
import org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository;
import org.jboss.test.security.test.ejbs.project.support.HeirMemoryMap;
+import org.jboss.test.security.test.ejbs.project.interfaces.ProjRepositoryHome;
+import org.jboss.test.security.test.ejbs.project.interfaces.ProjRepository;
/** The ProjRepository session bean implementation. This is a trivial
implementation that always creates the same set of project data.
@@ -26,13 +28,22 @@
@see javax.naming.directory.Attributes
@author [EMAIL PROTECTED]
-@version $Revision: 1.1 $
+@version $Revision: 1.2 $
*/
public class ProjRepositoryBean implements SessionBean, IProjRepository
{
private SessionContext context;
private HeirMemoryMap projRepository;
+ /** @link dependency
+ * @clientRole implementation
+ * @supplierRole home*/
+ /*#ProjRepositoryHome lnkProjRepositoryHome;*/
+
+ /** @link dependency
+ * @supplierRole remote
+ * @clientRole implementation*/
+ /*#ProjRepository lnkProjRepository;*/
// --- Begin IProjRepository interface methods
public void createFolder(Name folderPath) throws NamingException,
RemoteException
{
1.1
contrib/security/src/main/org/jboss/test/security/test/ejbs/project/ProjRepositorySecurityProxy.java
Index: ProjRepositorySecurityProxy.java
===================================================================
/*
* JBoss, the OpenSource EJB server
*
* Distributable under LGPL license.
* See terms of license at gnu.org.
*/
package org.jboss.test.security.test.ejbs.project;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.rmi.RemoteException;
import java.security.Principal;
import java.security.PrivilegedExceptionAction;
import java.security.PrivilegedActionException;
import javax.ejb.EJBContext;
import javax.naming.Name;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import org.jboss.security.SecurityProxy;
import org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository;
/** An example implementation of SecurityProxy for the ProjRepository bean.
@see org.jboss.ejb.plugins.SecurityProxy
@see javax.naming.Name
@see javax.naming.directory.Attributes
@see org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class ProjRepositorySecurityProxy implements SecurityProxy, IProjRepository
{
/**
* @label bean
* @clientRole state sink
* @supplierRole state source
*/
private IProjRepository projRepository;
private EJBContext ctx;
// --- Begin SecurityProxy interface methods
public void init(Class beanHome,Class beanRemote,Object securityMgr) throws
InstantiationException
{
}
public void setEJBContext(EJBContext ctx)
{
this.ctx = ctx;
System.out.println("ProjRepositorySecurityProxy.setEJBContext, ctx="+ctx);
}
public void invokeHome(Method m,Object[] args) throws SecurityException
{
}
public void invoke(Method m,Object[] args,Object bean) throws SecurityException
{
projRepository = (IProjRepository) bean;
System.out.println("ProjRepositorySecurityProxy.invoke,
bean="+projRepository);
}
// --- End SecurityProxy interface methods
// --- Begin IProjRepository interface methods
public void createFolder(Name folderPath)
{
System.out.println("ProjRepositorySecurityProxy.createFolder,
folderPath="+folderPath);
}
public void deleteFolder(Name folderPath,boolean recursive)
{
System.out.println("ProjRepositorySecurityProxy.deleteFolder,
folderPath="+folderPath);
}
public void createItem(Name itemPath,Attributes attributes)
{
System.out.println("ProjRepositorySecurityProxy.createItem,
itemPath="+itemPath);
}
public void updateItem(Name itemPath,Attributes attributes)
{
System.out.println("ProjRepositorySecurityProxy.updateItem,
itemPath="+itemPath);
}
public void deleteItem(Name itemPath)
{
Principal user = ctx.getCallerPrincipal();
String userID = user.getName();
System.out.println("ProjRepositorySecurityProxy.deleteItem,
itemPath="+itemPath);
// Only the item owner can delete it
String owner = null;
try
{
Attributes attributes = projRepository.getItem(itemPath);
if( attributes != null )
{
Attribute attr = attributes.get("owner");
if( attr != null )
owner = (String) attr.get();
}
}
catch(Exception e)
{
e.printStackTrace();
throw new SecurityException("Failed to obtain owner for: "+itemPath);
}
if( owner == null )
throw new SecurityException("No owner assigned to: "+itemPath);
if( owner.equals(userID) == false )
throw new SecurityException("User: "+userID+" is not the owner of:
"+itemPath);
}
public Attributes getItem(Name itemPath)
{
System.out.println("ProjRepositorySecurityProxy.getItem,
itemPath="+itemPath);
return null;
}
// --- End IProjRepository interface methods
}
1.1
contrib/security/src/main/org/jboss/test/security/test/ejbs/project/ProjRepositorySecurityProxy2.java
Index: ProjRepositorySecurityProxy2.java
===================================================================
/*
* JBoss, the OpenSource EJB server
*
* Distributable under LGPL license.
* See terms of license at gnu.org.
*/
package org.jboss.test.security.test.ejbs.project;
import java.rmi.RemoteException;
import java.security.AccessController;
import java.security.Principal;
import javax.ejb.EJBContext;
import javax.naming.Name;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import org.jboss.test.security.test.NamespacePermission;
import org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository;
/** A simple stateful security proxy example for the ProjRepository bean.
@see javax.naming.Name
@see javax.naming.directory.Attributes
@see org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository
@author [EMAIL PROTECTED]
@version $Revision: 1.1 $
*/
public class ProjRepositorySecurityProxy2 implements IProjRepository
{
/**
* @label bean
* @clientRole state sink
* @supplierRole state source
*/
private IProjRepository projRepository;
private EJBContext ctx;
public void setEJBContext(EJBContext ctx)
{
this.ctx = ctx;
System.out.println("ProjRepositorySecurityProxy2.setEJBContext, ctx="+ctx);
}
public void setBean(Object bean)
{
projRepository = (IProjRepository) bean;
System.out.println("ProjRepositorySecurityProxy2.setBean,
bean="+projRepository);
}
public void ejbCreate(Name projectName)
{
Principal user = ctx.getCallerPrincipal();
String userID = user.getName();
System.out.println("ProjRepositorySecurityProxy2.ejbCreate,
projectName="+projectName);
// Only scott or starksm can create project sessions
if( userID.equals("scott") == false && userID.equals("starksm") == false )
throw new SecurityException("Invalid project userID: "+userID);
}
// --- Begin IProjRepository interface methods
public void createFolder(Name folderPath)
{
System.out.println("ProjRepositorySecurityProxy2.createFolder,
folderPath="+folderPath);
}
public void deleteFolder(Name folderPath,boolean recursive)
{
System.out.println("ProjRepositorySecurityProxy2.deleteFolder,
folderPath="+folderPath);
}
public void createItem(Name itemPath,Attributes attributes)
{
System.out.println("ProjRepositorySecurityProxy2.createItem,
itemPath="+itemPath);
}
public void updateItem(Name itemPath,Attributes attributes)
{
System.out.println("ProjRepositorySecurityProxy2.updateItem,
itemPath="+itemPath);
}
public void deleteItem(Name itemPath)
{
Principal user = ctx.getCallerPrincipal();
String userID = user.getName();
System.out.println("ProjRepositorySecurityProxy2.deleteItem,
itemPath="+itemPath);
// Only the item owner can delete it
String owner = null;
try
{
Attributes attributes = projRepository.getItem(itemPath);
if( attributes != null )
{
Attribute attr = attributes.get("owner");
if( attr != null )
owner = (String) attr.get();
}
}
catch(Exception e)
{
e.printStackTrace();
throw new SecurityException("Failed to obtain owner for: "+itemPath);
}
if( owner == null )
throw new SecurityException("No owner assigned to: "+itemPath);
if( owner.equals(userID) == false )
throw new SecurityException("User: "+userID+" is not the owner of:
"+itemPath);
}
public Attributes getItem(Name itemPath)
{
NamespacePermission p = new NamespacePermission(itemPath, "r---");
AccessController.checkPermission(p);
System.out.println("ProjRepositorySecurityProxy2.getItem,
itemPath="+itemPath);
return null;
}
// --- End IProjRepository interface methods
}
