[JBoss-dev] CVS update: jboss/src/main/org/jboss/ejb/plugins SecurityInterceptor.java SecurityProxyInterceptor.java
User: starksm
Date: 01/12/02 19:43:42
Modified:src/main/org/jboss/ejb/plugins SecurityInterceptor.java
SecurityProxyInterceptor.java
Log:
Rename EJBSecurityManager to AuthenticationManager
Revision ChangesPath
1.27 +3 -3 jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
Index: SecurityInterceptor.java
===
RCS file:
/cvsroot/jboss/jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- SecurityInterceptor.java 2001/11/26 03:12:25 1.26
+++ SecurityInterceptor.java 2001/12/03 03:43:42 1.27
@@ -17,7 +17,7 @@
import org.jboss.metadata.BeanMetaData;
import org.jboss.metadata.SecurityIdentityMetaData;
import org.jboss.security.AnybodyPrincipal;
-import org.jboss.security.EJBSecurityManager;
+import org.jboss.security.AuthenticationManager;
import org.jboss.security.RealmMapping;
import org.jboss.security.SecurityAssociation;
import org.jboss.security.SimplePrincipal;
@@ -27,7 +27,7 @@
@author a href=[EMAIL PROTECTED]Oleg Nitz/a
@author a href=mailto:[EMAIL PROTECTED];Scott Stark/a.
-@version $Revision: 1.26 $
+@version $Revision: 1.27 $
*/
public class SecurityInterceptor extends AbstractInterceptor
{
@@ -42,7 +42,7 @@
* @supplierQualifier authentication
* @clientCardinality 1..*
*/
-protected EJBSecurityManager securityManager;
+protected AuthenticationManager securityManager;
/**
* @supplierCardinality 0..1
1.8 +3 -3
jboss/src/main/org/jboss/ejb/plugins/SecurityProxyInterceptor.java
Index: SecurityProxyInterceptor.java
===
RCS file:
/cvsroot/jboss/jboss/src/main/org/jboss/ejb/plugins/SecurityProxyInterceptor.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- SecurityProxyInterceptor.java 2001/11/24 20:43:23 1.7
+++ SecurityProxyInterceptor.java 2001/12/03 03:43:42 1.8
@@ -18,7 +18,7 @@
import org.jboss.ejb.EnterpriseContext;
import org.jboss.ejb.MethodInvocation;
-import org.jboss.security.EJBSecurityManager;
+import org.jboss.security.AuthenticationManager;
import org.jboss.security.SecurityProxy;
import org.jboss.security.SecurityProxyFactory;
@@ -30,7 +30,7 @@
* interceptor has access to the EJB instance and context.
*
* @author a href=mailto:[EMAIL PROTECTED];Scott Stark/a.
- * @version $Revision: 1.7 $
+ * @version $Revision: 1.8 $
*/
public class SecurityProxyInterceptor
extends AbstractInterceptor
@@ -51,7 +51,7 @@
*/
protected Container container;
- protected EJBSecurityManager securityManager;
+ protected AuthenticationManager securityManager;
/**
* @supplierCardinality 0..1
___
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
[JBoss-dev] CVS update: jboss/src/main/org/jboss/ejb/plugins SecurityInterceptor.java SecurityProxyInterceptor.java
User: starksm
Date: 01/11/09 02:39:37
Modified:src/main/org/jboss/ejb/plugins Tag: Branch_2_4
SecurityInterceptor.java
SecurityProxyInterceptor.java
Log:
Change org.jboss.security.SecurityManager to org.jboss.security.AuthenticationManager
since SecurityManager clashes with the java.lang.SecurityManager
Add support for an ssl-domain config element to support RMI+SSL in the
container invoker config
Revision ChangesPath
No revision
No revision
1.17.2.5 +3 -3 jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
Index: SecurityInterceptor.java
===
RCS file:
/cvsroot/jboss/jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java,v
retrieving revision 1.17.2.4
retrieving revision 1.17.2.5
diff -u -r1.17.2.4 -r1.17.2.5
--- SecurityInterceptor.java 2001/11/05 04:09:37 1.17.2.4
+++ SecurityInterceptor.java 2001/11/09 10:39:37 1.17.2.5
@@ -19,7 +19,7 @@
import org.jboss.metadata.BeanMetaData;
import org.jboss.metadata.SecurityIdentityMetaData;
import org.jboss.security.AnybodyPrincipal;
-import org.jboss.security.SecurityManager;
+import org.jboss.security.AuthenticationManager;
import org.jboss.security.RealmMapping;
import org.jboss.security.SecurityAssociation;
import org.jboss.security.SimplePrincipal;
@@ -29,7 +29,7 @@
@author a href=[EMAIL PROTECTED]Oleg Nitz/a
@author [EMAIL PROTECTED]
-@version $Revision: 1.17.2.4 $
+@version $Revision: 1.17.2.5 $
*/
public class SecurityInterceptor extends AbstractInterceptor
{
@@ -44,7 +44,7 @@
* @supplierQualifier authentication
* @clientCardinality 1..*
*/
-protected SecurityManager securityManager;
+protected AuthenticationManager securityManager;
/**
* @supplierCardinality 0..1
1.2.2.2 +3 -3
jboss/src/main/org/jboss/ejb/plugins/SecurityProxyInterceptor.java
Index: SecurityProxyInterceptor.java
===
RCS file:
/cvsroot/jboss/jboss/src/main/org/jboss/ejb/plugins/SecurityProxyInterceptor.java,v
retrieving revision 1.2.2.1
retrieving revision 1.2.2.2
diff -u -r1.2.2.1 -r1.2.2.2
--- SecurityProxyInterceptor.java 2001/11/05 04:09:37 1.2.2.1
+++ SecurityProxyInterceptor.java 2001/11/09 10:39:37 1.2.2.2
@@ -17,7 +17,7 @@
import org.jboss.ejb.EnterpriseContext;
import org.jboss.ejb.MethodInvocation;
-import org.jboss.security.SecurityManager;
+import org.jboss.security.AuthenticationManager;
import org.jboss.security.SecurityProxy;
import org.jboss.security.SecurityProxyFactory;
@@ -28,7 +28,7 @@
interceptor has access to the EJB instance and context.
@author [EMAIL PROTECTED]
-@version $Revision: 1.2.2.1 $
+@version $Revision: 1.2.2.2 $
*/
public class SecurityProxyInterceptor extends AbstractInterceptor
{
@@ -42,7 +42,7 @@
* @supplierCardinality 1
*/
protected Container container;
-protected SecurityManager securityManager;
+protected AuthenticationManager securityManager;
/**
* @supplierCardinality 0..1
___
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
[JBoss-dev] CVS update: jboss/src/main/org/jboss/ejb/plugins SecurityInterceptor.java
User: starksm
Date: 01/09/26 09:01:08
Modified:src/main/org/jboss/ejb/plugins Tag: Branch_2_4
SecurityInterceptor.java
Log:
Log the principal roles on authorization failure
Revision ChangesPath
No revision
No revision
1.17.2.3 +3 -2 jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
Index: SecurityInterceptor.java
===
RCS file:
/cvsroot/jboss/jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java,v
retrieving revision 1.17.2.2
retrieving revision 1.17.2.3
diff -u -r1.17.2.2 -r1.17.2.3
--- SecurityInterceptor.java 2001/08/20 22:16:35 1.17.2.2
+++ SecurityInterceptor.java 2001/09/26 16:01:07 1.17.2.3
@@ -29,7 +29,7 @@
@author a href=[EMAIL PROTECTED]Oleg Nitz/a
@author [EMAIL PROTECTED]
-@version $Revision: 1.17.2.2 $
+@version $Revision: 1.17.2.3 $
*/
public class SecurityInterceptor extends AbstractInterceptor
{
@@ -209,8 +209,9 @@
else if( realmMapping.doesUserHaveRole(principal, methodRoles) == false )
{
String method = mi.getMethod().getName();
+Set userRoles = realmMapping.getUserRoles(principal);
String msg = Insufficient method permissions, principal=+principal
-+ , method=+method+, requiredRoles=+methodRoles;
++ , method=+method+, requiredRoles=+methodRoles+,
principalRoles=+userRoles;
Logger.error(msg);
SecurityException e = new SecurityException(msg);
throw new RemoteException(checkSecurityAssociation, e);
___
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
[JBoss-dev] CVS update: jboss/src/main/org/jboss/ejb/plugins SecurityInterceptor.java
User: starksm
Date: 01/09/25 23:00:26
Modified:src/main/org/jboss/ejb/plugins SecurityInterceptor.java
Log:
Display the principal roles set in the authorization error msg
Revision ChangesPath
1.24 +3 -2 jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
Index: SecurityInterceptor.java
===
RCS file:
/cvsroot/jboss/jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- SecurityInterceptor.java 2001/09/11 18:34:59 1.23
+++ SecurityInterceptor.java 2001/09/26 06:00:26 1.24
@@ -30,7 +30,7 @@
@author a href=[EMAIL PROTECTED]Oleg Nitz/a
@author a href=mailto:[EMAIL PROTECTED];Scott Stark/a.
-@version $Revision: 1.23 $
+@version $Revision: 1.24 $
*/
public class SecurityInterceptor extends AbstractInterceptor
{
@@ -213,8 +213,9 @@
else if( realmMapping.doesUserHaveRole(principal, methodRoles) == false )
{
String method = mi.getMethod().getName();
+Set userRoles = realmMapping.getUserRoles(principal);
String msg = Insufficient method permissions, principal=+principal
-+ , method=+method+, requiredRoles=+methodRoles;
++ , method=+method+, requiredRoles=+methodRoles+,
principalRoles=+userRoles;
log.error(msg);
SecurityException e = new SecurityException(msg);
throw new RemoteException(checkSecurityAssociation, e);
___
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
[JBoss-dev] CVS update: jboss/src/main/org/jboss/ejb/plugins SecurityInterceptor.java
User: starksm
Date: 01/08/20 15:16:35
Modified:src/main/org/jboss/ejb/plugins Tag: Branch_2_4
SecurityInterceptor.java
Log:
Need to validate the method permission role set against the anybody role
Revision ChangesPath
No revision
No revision
1.17.2.2 +220 -218 jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
Index: SecurityInterceptor.java
===
RCS file:
/cvsroot/jboss/jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java,v
retrieving revision 1.17.2.1
retrieving revision 1.17.2.2
diff -u -r1.17.2.1 -r1.17.2.2
--- SecurityInterceptor.java 2001/07/09 08:33:26 1.17.2.1
+++ SecurityInterceptor.java 2001/08/20 22:16:35 1.17.2.2
@@ -1,218 +1,220 @@
-/*
- * JBoss, the OpenSource EJB server
- *
- * Distributable under LGPL license.
- * See terms of license at gnu.org.
- */
-package org.jboss.ejb.plugins;
-
-import java.lang.reflect.Method;
-import java.rmi.RemoteException;
-import java.security.Principal;
-import java.util.Iterator;
-import java.util.Set;
-import javax.naming.InitialContext;
-
-import org.jboss.ejb.Container;
-import org.jboss.ejb.MethodInvocation;
-import org.jboss.logging.Logger;
-import org.jboss.metadata.BeanMetaData;
-import org.jboss.metadata.SecurityIdentityMetaData;
-import org.jboss.security.EJBSecurityManager;
-import org.jboss.security.RealmMapping;
-import org.jboss.security.SecurityAssociation;
-import org.jboss.security.SimplePrincipal;
-
-/** The SecurityInterceptor is where the EJB 2.0 declarative security model
-is enforced. This is where the caller identity propagation is controlled as well.
-
-@author a href=[EMAIL PROTECTED]Oleg Nitz/a
-@author [EMAIL PROTECTED]
-@version $Revision: 1.17.2.1 $
-*/
-public class SecurityInterceptor extends AbstractInterceptor
-{
-/**
- * @clientCardinality 0..1
- * @supplierCardinality 1
- */
-protected Container container;
-
-/**
- * @supplierCardinality 0..1
- * @supplierQualifier authentication
- * @clientCardinality 1..*
- */
-protected EJBSecurityManager securityManager;
-
-/**
- * @supplierCardinality 0..1
- * @clientCardinality 1..*
- * @supplierQualifier identity mapping
- */
-protected RealmMapping realmMapping;
-protected Principal runAsRole;
-
-public SecurityInterceptor()
-{
-}
-
-/** Called by the super class to set the container to which this interceptor
- belongs. We obtain the security manager and runAs identity to use here.
- */
-public void setContainer(Container container)
-{
-this.container = container;
-BeanMetaData beanMetaData = container.getBeanMetaData();
-SecurityIdentityMetaData secMetaData =
beanMetaData.getSecurityIdentityMetaData();
-if( secMetaData != null secMetaData.getUseCallerIdentity() == false )
-{
-String roleName = secMetaData.getRunAsRoleName();
-runAsRole = new SimplePrincipal(roleName);
-}
-securityManager = container.getSecurityManager();
-realmMapping = container.getRealmMapping();
-}
-
-public Container getContainer()
-{
-return container;
-}
-
- // Container implementation --
-public void start() throws Exception
-{
-super.start();
-}
-
-public Object invokeHome(MethodInvocation mi) throws Exception
-{
-// Authenticate the subject and apply any declarative security checks
-checkSecurityAssociation(mi, true);
-/* If a run-as role was specified, push it so that any calls made
- by this bean will have the runAsRole available for declarative
- security checks.
-*/
-if( runAsRole != null )
-{
-SecurityAssociation.pushRunAsRole(runAsRole);
-}
-try
-{
-Object returnValue = getNext().invokeHome(mi);
-return returnValue;
-}
-finally
-{
-if( runAsRole != null )
-{
-SecurityAssociation.popRunAsRole();
-}
-}
-}
-public Object invoke(MethodInvocation mi) throws Exception
-{
-// Authenticate the subject and apply any declarative security checks
-checkSecurityAssociation(mi, false);
-/* If a run-as role was specified, push it so that any calls made
- by this bean will have the runAsRole available for declarative
- security checks.
-*/
-if( runAsRole != null )
-{
-
[JBoss-dev] CVS update: jboss/src/main/org/jboss/ejb/plugins SecurityInterceptor.java
User: starksm
Date: 01/07/09 01:33:26
Modified:src/main/org/jboss/ejb/plugins Tag: Branch_2_4
SecurityInterceptor.java
Log:
Update support for unauthenticated users via the standard security
manager and login modules.
Revision ChangesPath
No revision
No revision
1.17.2.1 +218 -218 jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
Index: SecurityInterceptor.java
===
RCS file:
/cvsroot/jboss/jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java,v
retrieving revision 1.17
retrieving revision 1.17.2.1
diff -u -r1.17 -r1.17.2.1
--- SecurityInterceptor.java 2001/06/15 08:31:02 1.17
+++ SecurityInterceptor.java 2001/07/09 08:33:26 1.17.2.1
@@ -1,218 +1,218 @@
-/*
- * JBoss, the OpenSource EJB server
- *
- * Distributable under LGPL license.
- * See terms of license at gnu.org.
- */
-package org.jboss.ejb.plugins;
-
-import java.lang.reflect.Method;
-import java.rmi.RemoteException;
-import java.security.Principal;
-import java.util.Iterator;
-import java.util.Set;
-import javax.naming.InitialContext;
-
-import org.jboss.ejb.Container;
-import org.jboss.ejb.MethodInvocation;
-import org.jboss.logging.Logger;
-import org.jboss.metadata.BeanMetaData;
-import org.jboss.metadata.SecurityIdentityMetaData;
-import org.jboss.security.EJBSecurityManager;
-import org.jboss.security.RealmMapping;
-import org.jboss.security.SecurityAssociation;
-import org.jboss.security.SimplePrincipal;
-
-/** The SecurityInterceptor is where the EJB 2.0 declarative security model
-is enforced. This is where the caller identity propagation is controlled as well.
-
-@author a href=[EMAIL PROTECTED]Oleg Nitz/a
-@author [EMAIL PROTECTED]
-@version $Revision: 1.17 $
-*/
-public class SecurityInterceptor extends AbstractInterceptor
-{
-/**
- * @clientCardinality 0..1
- * @supplierCardinality 1
- */
-protected Container container;
-
-/**
- * @supplierCardinality 0..1
- * @supplierQualifier authentication
- * @clientCardinality 1..*
- */
-protected EJBSecurityManager securityManager;
-
-/**
- * @supplierCardinality 0..1
- * @clientCardinality 1..*
- * @supplierQualifier identity mapping
- */
-protected RealmMapping realmMapping;
-protected Principal runAsRole;
-
-public SecurityInterceptor()
-{
-}
-
-/** Called by the super class to set the container to which this interceptor
- belongs. We obtain the security manager and runAs identity to use here.
- */
-public void setContainer(Container container)
-{
-this.container = container;
-BeanMetaData beanMetaData = container.getBeanMetaData();
-SecurityIdentityMetaData secMetaData =
beanMetaData.getSecurityIdentityMetaData();
-if( secMetaData != null secMetaData.getUseCallerIdentity() == false )
-{
-String roleName = secMetaData.getRunAsRoleName();
-runAsRole = new SimplePrincipal(roleName);
-}
-securityManager = container.getSecurityManager();
-realmMapping = container.getRealmMapping();
-}
-
-public Container getContainer()
-{
-return container;
-}
-
- // Container implementation --
-public void start() throws Exception
-{
-super.start();
-}
-
-public Object invokeHome(MethodInvocation mi) throws Exception
-{
-// Authenticate the subject and apply any declarative security checks
-checkSecurityAssociation(mi, true);
-/* If a run-as role was specified, push it so that any calls made
- by this bean will have the runAsRole available for declarative
- security checks.
-*/
-if( runAsRole != null )
-{
-SecurityAssociation.pushRunAsRole(runAsRole);
-}
-try
-{
-Object returnValue = getNext().invokeHome(mi);
-return returnValue;
-}
-finally
-{
-if( runAsRole != null )
-{
-SecurityAssociation.popRunAsRole();
-}
-}
-}
-public Object invoke(MethodInvocation mi) throws Exception
-{
-// Authenticate the subject and apply any declarative security checks
-checkSecurityAssociation(mi, false);
-/* If a run-as role was specified, push it so that any calls made
- by this bean will have the runAsRole available for declarative
- security checks.
-*/
-if( runAsRole != null )
-{
-
[JBoss-dev] CVS update: jboss/src/main/org/jboss/ejb/plugins SecurityInterceptor.java
User: starksm
Date: 01/06/15 01:31:02
Modified:src/main/org/jboss/ejb/plugins SecurityInterceptor.java
Log:
Add support for the EJB2.0 security-identity/run-as element
Revision ChangesPath
1.17 +90 -9 jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
Index: SecurityInterceptor.java
===
RCS file:
/cvsroot/jboss/jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- SecurityInterceptor.java 2001/06/11 07:04:15 1.16
+++ SecurityInterceptor.java 2001/06/15 08:31:02 1.17
@@ -16,17 +16,19 @@
import org.jboss.ejb.Container;
import org.jboss.ejb.MethodInvocation;
import org.jboss.logging.Logger;
-
+import org.jboss.metadata.BeanMetaData;
+import org.jboss.metadata.SecurityIdentityMetaData;
import org.jboss.security.EJBSecurityManager;
import org.jboss.security.RealmMapping;
import org.jboss.security.SecurityAssociation;
+import org.jboss.security.SimplePrincipal;
/** The SecurityInterceptor is where the EJB 2.0 declarative security model
-is enforced.
+is enforced. This is where the caller identity propagation is controlled as well.
@author a href=[EMAIL PROTECTED]Oleg Nitz/a
@author [EMAIL PROTECTED]
-@version $Revision: 1.16 $
+@version $Revision: 1.17 $
*/
public class SecurityInterceptor extends AbstractInterceptor
{
@@ -49,14 +51,25 @@
* @supplierQualifier identity mapping
*/
protected RealmMapping realmMapping;
+protected Principal runAsRole;
public SecurityInterceptor()
{
}
+/** Called by the super class to set the container to which this interceptor
+ belongs. We obtain the security manager and runAs identity to use here.
+ */
public void setContainer(Container container)
{
this.container = container;
+BeanMetaData beanMetaData = container.getBeanMetaData();
+SecurityIdentityMetaData secMetaData =
beanMetaData.getSecurityIdentityMetaData();
+if( secMetaData != null secMetaData.getUseCallerIdentity() == false )
+{
+String roleName = secMetaData.getRunAsRoleName();
+runAsRole = new SimplePrincipal(roleName);
+}
securityManager = container.getSecurityManager();
realmMapping = container.getRealmMapping();
}
@@ -76,13 +89,51 @@
{
// Authenticate the subject and apply any declarative security checks
checkSecurityAssociation(mi, true);
-return getNext().invokeHome(mi);
+/* If a run-as role was specified, push it so that any calls made
+ by this bean will have the runAsRole available for declarative
+ security checks.
+*/
+if( runAsRole != null )
+{
+SecurityAssociation.pushRunAsRole(runAsRole);
+}
+try
+{
+Object returnValue = getNext().invokeHome(mi);
+return returnValue;
+}
+finally
+{
+if( runAsRole != null )
+{
+SecurityAssociation.popRunAsRole();
+}
+}
}
public Object invoke(MethodInvocation mi) throws Exception
{
// Authenticate the subject and apply any declarative security checks
checkSecurityAssociation(mi, false);
-return getNext().invoke(mi);
+/* If a run-as role was specified, push it so that any calls made
+ by this bean will have the runAsRole available for declarative
+ security checks.
+*/
+if( runAsRole != null )
+{
+SecurityAssociation.pushRunAsRole(runAsRole);
+}
+try
+{
+Object returnValue = getNext().invoke(mi);
+return returnValue;
+}
+finally
+{
+if( runAsRole != null )
+{
+SecurityAssociation.popRunAsRole();
+}
+}
}
/** The EJB 2.0 declarative security algorithm:
@@ -93,9 +144,14 @@
private void checkSecurityAssociation(MethodInvocation mi, boolean home)
throws Exception
{
-// if this isn't ok, bean shouldn't deploy
+Principal principal = mi.getPrincipal();
+Object credential = mi.getCredential();
+// If there is not a security manager then there is no authentication
required
if (securityManager == null)
{
+// Allow for the progatation of caller info to other beans
+SecurityAssociation.setPrincipal( principal );
+SecurityAssociation.setCredential( credential );
return;
}
[JBoss-dev] CVS update: jboss/src/main/org/jboss/ejb/plugins SecurityInterceptor.java
User: starksm
Date: 01/05/24 00:04:45
Modified:src/main/org/jboss/ejb/plugins Tag: Branch_2_2
SecurityInterceptor.java
Log:
Improve the SecurityException message
Revision ChangesPath
No revision
No revision
1.13.2.2 +8 -5 jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
Index: SecurityInterceptor.java
===
RCS file:
/cvsroot/jboss/jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java,v
retrieving revision 1.13.2.1
retrieving revision 1.13.2.2
diff -u -r1.13.2.1 -r1.13.2.2
--- SecurityInterceptor.java 2001/04/01 01:52:05 1.13.2.1
+++ SecurityInterceptor.java 2001/05/24 07:04:45 1.13.2.2
@@ -39,7 +39,7 @@
@author a href=[EMAIL PROTECTED]Oleg Nitz/a
@author [EMAIL PROTECTED]
-@version $Revision: 1.13.2.1 $
+@version $Revision: 1.13.2.2 $
*/
public class SecurityInterceptor extends AbstractInterceptor
{
@@ -208,8 +208,9 @@
Object credential = mi.getCredential();
if( principal == null || securityManager.isValid(principal, credential) ==
false )
{
-Logger.error(Authentication exception, principal=+principal);
-SecurityException e = new SecurityException(Authentication exception);
+String msg = Authentication exception, principal=+principal;
+Logger.error(msg);
+SecurityException e = new SecurityException(msg);
throw new RemoteException(checkSecurityAssociation, e);
}
else
@@ -225,8 +226,10 @@
if( methodRoles == null || realmMapping.doesUserHaveRole(principal,
methodRoles) == false )
{
String method = mi.getMethod().getName();
-Logger.error(Illegal access, principal=+principal+ method=+method);
-SecurityException e = new SecurityException(Illegal access exception);
+String msg = Insufficient method permissions, principal=+principal
++ , method=+method+, requiredRoles=+methodRoles;
+Logger.error(msg);
+SecurityException e = new SecurityException(msg);
throw new RemoteException(checkSecurityAssociation, e);
}
}
___
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development
[JBoss-dev] CVS update: jboss/src/main/org/jboss/ejb/plugins SecurityInterceptor.java
User: starksm
Date: 01/05/09 20:19:54
Modified:src/main/org/jboss/ejb/plugins SecurityInterceptor.java
Log:
Make the SecurityException msgs more descriptive
Revision ChangesPath
1.15 +8 -5 jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
Index: SecurityInterceptor.java
===
RCS file:
/cvsroot/jboss/jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- SecurityInterceptor.java 2001/03/30 10:40:58 1.14
+++ SecurityInterceptor.java 2001/05/10 03:19:54 1.15
@@ -39,7 +39,7 @@
@author a href=[EMAIL PROTECTED]Oleg Nitz/a
@author [EMAIL PROTECTED]
-@version $Revision: 1.14 $
+@version $Revision: 1.15 $
*/
public class SecurityInterceptor extends AbstractInterceptor
{
@@ -208,8 +208,9 @@
Object credential = mi.getCredential();
if( principal == null || securityManager.isValid(principal, credential) ==
false )
{
-Logger.error(Authentication exception, principal=+principal);
-SecurityException e = new SecurityException(Authentication exception);
+String msg = Authentication exception, principal=+principal;
+Logger.error(msg);
+SecurityException e = new SecurityException(msg);
throw new RemoteException(checkSecurityAssociation, e);
}
else
@@ -225,8 +226,10 @@
if( methodRoles == null || realmMapping.doesUserHaveRole(principal,
methodRoles) == false )
{
String method = mi.getMethod().getName();
-Logger.error(Illegal access, principal=+principal+ method=+method);
-SecurityException e = new SecurityException(Illegal access exception);
+String msg = Insufficient method permissions, principal=+principal
++ , method=+method+, requiredRoles=+methodRoles;
+Logger.error(msg);
+SecurityException e = new SecurityException(msg);
throw new RemoteException(checkSecurityAssociation, e);
}
}
___
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development
[JBoss-dev] CVS update: jboss/src/main/org/jboss/ejb/plugins SecurityInterceptor.java
User: starksm
Date: 01/03/30 02:40:58
Modified:src/main/org/jboss/ejb/plugins SecurityInterceptor.java
Log:
Fix the logging of the method name that fails the access permission check.
Revision ChangesPath
1.14 +3 -2 jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java
Index: SecurityInterceptor.java
===
RCS file:
/cvsroot/jboss/jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- SecurityInterceptor.java 2001/03/27 07:23:06 1.13
+++ SecurityInterceptor.java 2001/03/30 10:40:58 1.14
@@ -39,7 +39,7 @@
@author a href="[EMAIL PROTECTED]"Oleg Nitz/a
@author [EMAIL PROTECTED]
-@version $Revision: 1.13 $
+@version $Revision: 1.14 $
*/
public class SecurityInterceptor extends AbstractInterceptor
{
@@ -224,7 +224,8 @@
*/
if( methodRoles == null || realmMapping.doesUserHaveRole(principal,
methodRoles) == false )
{
-Logger.error("Illegal access, principal="+principal+" method="+mi);
+String method = mi.getMethod().getName();
+Logger.error("Illegal access, principal="+principal+" method="+method);
SecurityException e = new SecurityException("Illegal access exception");
throw new RemoteException("checkSecurityAssociation", e);
}
___
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development
