maguro 2005/02/26 23:38:41
Modified: modules/core/src/java/org/openejb/security
EJBSecurityInterceptor.java PermissionManager.java
Log:
The permission matrix is sparse. The interceptor and manager should be able
to deal with that fact.
Revision Changes Path
1.6 +2 -2
openejb/modules/core/src/java/org/openejb/security/EJBSecurityInterceptor.java
Index: EJBSecurityInterceptor.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/security/EJBSecurityInterceptor.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- EJBSecurityInterceptor.java 13 Jan 2005 17:00:24 -0000 1.5
+++ EJBSecurityInterceptor.java 27 Feb 2005 04:38:41 -0000 1.6
@@ -89,7 +89,7 @@
AccessControlContext accessContext =
ContextManager.getCurrentContext();
if (accessContext != null) {
Permission permission =
permissionManager.getPermission(ejbInvocation.getType(),
ejbInvocation.getMethodIndex());
- accessContext.checkPermission(permission);
+ if (permission != null)
accessContext.checkPermission(permission);
}
ContextManager.setCurrentCaller(ContextManager.getNextCaller());
1.4 +20 -3
openejb/modules/core/src/java/org/openejb/security/PermissionManager.java
Index: PermissionManager.java
===================================================================
RCS file:
/home/projects/openejb/scm/openejb/modules/core/src/java/org/openejb/security/PermissionManager.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- PermissionManager.java 3 Apr 2004 22:20:11 -0000 1.3
+++ PermissionManager.java 27 Feb 2005 04:38:41 -0000 1.4
@@ -47,14 +47,19 @@
*/
package org.openejb.security;
-import java.security.Permission;
import java.io.Serializable;
+import java.security.Permission;
import javax.security.jacc.EJBMethodPermission;
import org.openejb.EJBInterfaceType;
import org.openejb.dispatch.InterfaceMethodSignature;
+
/**
+ * Create a sparse matrix of pre-created EJB permissions.
+ * <p/>
+ * TODO: This matrix isn't sparse enough for the likes of certain
cheeseheads.
+ *
* @version $Revision$ $Date$
*/
public final class PermissionManager implements Serializable {
@@ -68,8 +73,20 @@
permissions[EJBInterfaceType.WEB_SERVICE.getOrdinal()] =
mapPermissions(ejbName, "ServiceEndpoint", signatures);
}
+ /**
+ * Return the permission for that invocation type and operation index.
+ * Note that the permissions matrix is sparse and it may return null.
+ *
+ * @param invocationType the invocation type
+ * @param operationIndex the operation index
+ * @return
+ */
public Permission getPermission(EJBInterfaceType invocationType, int
operationIndex) {
- return permissions[invocationType.getOrdinal()][operationIndex];
+ Permission[] pArray = permissions[invocationType.getOrdinal()];
+
+ if (pArray == null) return null;
+
+ return pArray[operationIndex];
}
private static Permission[] mapPermissions(String ejbName, String
intfName, InterfaceMethodSignature[] signatures) {
