Package javax.annotation.security

Examples of javax.annotation.security.RolesAllowed

81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
            policySet.getPolicies().add(policy);
            policySet.setUnresolved(false);
            ((org.apache.tuscany.sca.policy.PolicySetAttachPoint)type).getPolicySets().add(policySet);
        }
       
        RolesAllowed rolesAllowed = clazz.getAnnotation(javax.annotation.security.RolesAllowed.class);
        if(rolesAllowed != null) {
            if(rolesAllowed.value().length == 0) {
                //FIXME handle monitor or error
            }
           
            AuthorizationPolicy policy = new AuthorizationPolicy();
            policy.setAccessControl(AuthorizationPolicy.AcessControl.allow);
           
            for(String role : rolesAllowed.value()) {
                policy.getRoleNames().add(role);
            }

            PolicySet policySet = policyFactory.createPolicySet();
            policySet.setName(ALLOW);
View Full Code Here
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
       
    }
   
    @Override
    public void visitMethod(Method method, JavaImplementation type) throws IntrospectionException {
        RolesAllowed rolesAllowed = method.getAnnotation(javax.annotation.security.RolesAllowed.class);
        if(rolesAllowed != null) {
            if(rolesAllowed.value().length == 0) {
                //FIXME handle monitor or error
            }
           
            AuthorizationPolicy policy = new AuthorizationPolicy();
            policy.setAccessControl(AuthorizationPolicy.AcessControl.allow);
           
            for(String role : rolesAllowed.value()) {
                policy.getRoleNames().add(role);
            }
           
            ConfiguredOperation confOp = assemblyFactory.createConfiguredOperation();
            confOp.setName(method.getName());
View Full Code Here
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
                /*
                 * Process annotations at the class level
                 */
                if (!classPermissions.contains("*") || !classPermissions.contains(clazz.getName())) {

                    RolesAllowed rolesAllowed = clazz.getAnnotation(RolesAllowed.class);
                    PermitAll permitAll = clazz.getAnnotation(PermitAll.class);

                    /*
                     * @RolesAllowed
                     */
                    if (rolesAllowed != null && permitAll != null) {
                        ejbModule.getValidation().fail(ejbName, "permitAllAndRolesAllowedOnClass", clazz.getName());
                    }

                    if (rolesAllowed != null) {
                        MethodPermission methodPermission = new MethodPermission();
                        methodPermission.getRoleName().addAll(asList(rolesAllowed.value()));
                        methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, clazz.getName(), "*"));
                        assemblyDescriptor.getMethodPermission().add(methodPermission);

                        // Automatically add a role ref for any role listed in RolesAllowed
                        RemoteBean remoteBean = (RemoteBean) bean;
                        List<SecurityRoleRef> securityRoleRefs = remoteBean.getSecurityRoleRef();
                        for (String role : rolesAllowed.value()) {
                            securityRoleRefs.add(new SecurityRoleRef(role));
                        }
                    }

                    /*
                     * @PermitAll
                     */
                    if (permitAll != null) {
                        MethodPermission methodPermission = new MethodPermission();
                        methodPermission.setUnchecked(true);
                        methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, clazz.getName(), "*"));
                        assemblyDescriptor.getMethodPermission().add(methodPermission);
                    }
                }

                /*
                 * @RunAs
                 */
                RunAs runAs = clazz.getAnnotation(RunAs.class);
                if (runAs != null && bean.getSecurityIdentity() == null) {
                    SecurityIdentity securityIdentity = new SecurityIdentity();
                    securityIdentity.setRunAs(runAs.value());
                    bean.setSecurityIdentity(securityIdentity);
                }

                /*
                 * @DeclareRoles
                 */
                DeclareRoles declareRoles = clazz.getAnnotation(DeclareRoles.class);
                if (declareRoles != null && bean instanceof RemoteBean) {
                    RemoteBean remoteBean = (RemoteBean) bean;
                    List<SecurityRoleRef> securityRoleRefs = remoteBean.getSecurityRoleRef();
                    for (String role : declareRoles.value()) {
                        securityRoleRefs.add(new SecurityRoleRef(role));
                    }
                }
            }

            /*
             * Process annotations at the method level
             */
            List<Method> seen = new ArrayList<Method>();

            /*
             * @RolesAllowed
             */
            for (Annotated<Method> method : annotationFinder.findMetaAnnotatedMethods(RolesAllowed.class)) {
                checkConflictingSecurityAnnotations(method, ejbName, ejbModule, seen);
                RolesAllowed rolesAllowed = method.getAnnotation(RolesAllowed.class);
                MethodPermission methodPermission = new MethodPermission();
                methodPermission.getRoleName().addAll(asList(rolesAllowed.value()));
                methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, method.get()));
                assemblyDescriptor.getMethodPermission().add(methodPermission);

                // Automatically add a role ref for any role listed in RolesAllowed
                RemoteBean remoteBean = (RemoteBean) bean;
                List<SecurityRoleRef> securityRoleRefs = remoteBean.getSecurityRoleRef();
                for (String role : rolesAllowed.value()) {
                    securityRoleRefs.add(new SecurityRoleRef(role));
                }
            }

            /*
 
View Full Code Here
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
            policy.setRunAsRole(roleName);
            PolicySet policySet = createPolicySet(RUN_AS, SecurityIdentityPolicy.NAME, policy);
            type.getPolicySets().add(policySet);
        }
       
        RolesAllowed rolesAllowed = clazz.getAnnotation(javax.annotation.security.RolesAllowed.class);
        if(rolesAllowed != null) {
            if(rolesAllowed.value().length == 0) {
                //FIXME handle monitor or error
            }
           
            AuthorizationPolicy policy = new AuthorizationPolicy();
            policy.setAccessControl(AuthorizationPolicy.AcessControl.allow);
           
            for(String role : rolesAllowed.value()) {
                policy.getRoleNames().add(role);
            }

            PolicySet policySet = createPolicySet(ALLOW, AuthorizationPolicy.NAME, policy);
            type.getPolicySets().add(policySet);
View Full Code Here
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
       
    }
   
    @Override
    public void visitMethod(Method method, JavaImplementation type) throws IntrospectionException {
        RolesAllowed rolesAllowed = method.getAnnotation(javax.annotation.security.RolesAllowed.class);
        if(rolesAllowed != null) {
            if(rolesAllowed.value().length == 0) {
                //FIXME handle monitor or error
            }
           
            AuthorizationPolicy policy = new AuthorizationPolicy();
            policy.setAccessControl(AuthorizationPolicy.AcessControl.allow);
           
            for(String role : rolesAllowed.value()) {
                policy.getRoleNames().add(role);
            }
           
            // find the operation in the interface model
            Operation operation = getOperationModel(method, type);
View Full Code Here
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
            policySet.getPolicies().add(policy);
            policySet.setUnresolved(false);
            ((org.apache.tuscany.sca.policy.PolicySetAttachPoint)type).getPolicySets().add(policySet);
        }
       
        RolesAllowed rolesAllowed = clazz.getAnnotation(javax.annotation.security.RolesAllowed.class);
        if(rolesAllowed != null) {
            if(rolesAllowed.value().length == 0) {
                //FIXME handle monitor or error
            }
           
            AuthorizationPolicy policy = new AuthorizationPolicy();
            policy.setAccessControl(AuthorizationPolicy.AcessControl.allow);
           
            for(String role : rolesAllowed.value()) {
                policy.getRoleNames().add(role);
            }

            PolicySet policySet = policyFactory.createPolicySet();
            policySet.setName(ALLOW);
View Full Code Here
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
       
    }
   
    @Override
    public void visitMethod(Method method, JavaImplementation type) throws IntrospectionException {
        RolesAllowed rolesAllowed = method.getAnnotation(javax.annotation.security.RolesAllowed.class);
        if(rolesAllowed != null) {
            if(rolesAllowed.value().length == 0) {
                //FIXME handle monitor or error
            }
           
            AuthorizationPolicy policy = new AuthorizationPolicy();
            policy.setAccessControl(AuthorizationPolicy.AcessControl.allow);
           
            for(String role : rolesAllowed.value()) {
                policy.getRoleNames().add(role);
            }
           
            ConfiguredOperation confOp = assemblyFactory.createConfiguredOperation();
            confOp.setName(method.getName());
View Full Code Here
130
131
132
133
134
135
136
137
138
139
140
    public void postProcessAnnotation(AnnotationInfo ainfo,
            AnnotatedElementHandler aeHandler)
            throws AnnotationProcessorException {
        EjbContext ejbContext = (EjbContext)aeHandler;
        EjbDescriptor ejbDesc = ejbContext.getDescriptor();
        RolesAllowed rolesAllowedAn = (RolesAllowed)ainfo.getAnnotation();
        if (!ejbContext.isInherited() &&
                (ejbDesc.getMethodPermissionsFromDD() == null ||
                ejbDesc.getMethodPermissionsFromDD().size() == 0)) {
            for (MethodDescriptor md : getMethodAllDescriptors(ejbDesc)) {
                addMethodPermissions(rolesAllowedAn, ejbDesc, md);
View Full Code Here
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
        // DenyAll on the method take precedence over RolesAllowed and PermitAll
        if (am.isAnnotationPresent(DenyAll.class))
            return Collections.<ResourceFilter>singletonList(new Filter());

        // RolesAllowed on the method takes precedence over PermitAll
        RolesAllowed ra = am.getAnnotation(RolesAllowed.class);
        if (ra != null)
            return Collections.<ResourceFilter>singletonList(new Filter(ra.value()));

        // PermitAll takes precedence over RolesAllowed on the class
        if (am.isAnnotationPresent(PermitAll.class))
            return null;

        // RolesAllowed on the class takes precedence over PermitAll
        ra = am.getResource().getAnnotation(RolesAllowed.class);
        if (ra != null)
            return Collections.<ResourceFilter>singletonList(new Filter(ra.value()));

        // No need to check whether PermitAll is present.
        return null;
    }
View Full Code Here
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
        // DenyAll on the method take precedence over RolesAllowed and PermitAll
        if (am.isAnnotationPresent(DenyAll.class))
            return Collections.<ResourceFilter>singletonList(new Filter());

        // RolesAllowed on the method takes precedence over PermitAll
        RolesAllowed ra = am.getAnnotation(RolesAllowed.class);
        if (ra != null)
            return Collections.<ResourceFilter>singletonList(new Filter(ra.value()));

        // PermitAll takes precedence over RolesAllowed on the class
        if (am.isAnnotationPresent(PermitAll.class))
            return null;

        // RolesAllowed on the class takes precedence over PermitAll
        ra = am.getResource().getAnnotation(RolesAllowed.class);
        if (ra != null)
            return Collections.<ResourceFilter>singletonList(new Filter(ra.value()));

        // No need to check whether PermitAll is present.
        return null;
    }
View Full Code Here
TOP

Related Classes of javax.annotation.security.RolesAllowed

  • com.caucho.config.gen.SecurityFactory
  • com.caucho.ejb.session.AbstractSessionManager
  • com.caucho.ejb.session.SessionServer
  • com.sun.enterprise.deployment.annotation.handlers.RolesAllowedHandler
  • com.sun.jersey.api.container.filter.RolesAllowedResourceFilterFactory
  • com.sun.jersey.api.container.filter.servlet.RolesAllowedResourceFilterFactory
  • com.walters.sms.rest.SecurityFilter
  • es.internna.jee.security.impl.SecurityInterceptor
  • juzu.plugin.authz.AuthzManager
  • org.apache.openejb.config.AnnotationDeployer$ProcessAnnotatedBeans
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.