Package javax.annotation.security

Examples of javax.annotation.security.RolesAllowed

3290
3291
3292
3293
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361
3362
3363
3364
3365
3366
3367
3368
3369
3370
3371
3372
3373
3374
3375
3376
3377
3378
3379
3380
3381
3382
3383
3384
3385
3386
3387
3388
                /*
                 * Process annotations at the class level
                 */
                if (!classPermissions.contains("*") || !classPermissions.contains(clazz.getName())) {

                    final RolesAllowed rolesAllowed = clazz.getAnnotation(RolesAllowed.class);
                    final PermitAll permitAll = clazz.getAnnotation(PermitAll.class);
                    final DenyAll denyAll = clazz.getAnnotation(DenyAll.class);

                    /*
                     * @RolesAllowed
                     */
                    if ((rolesAllowed != null && permitAll != null)
                        || (rolesAllowed != null && denyAll != null)
                        || (permitAll != null && denyAll != null)) {
                        ejbModule.getValidation().fail(ejbName, "permitAllAndRolesAllowedOnClass", clazz.getName());
                    }

                    if (rolesAllowed != null) {
                        final MethodPermission methodPermission = new MethodPermission();
                        methodPermission.getRoleName().addAll(Arrays.asList(rolesAllowed.value()));
                        methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, clazz.getName(), "*"));
                        assemblyDescriptor.getMethodPermission().add(methodPermission);

                        // Automatically add a role ref for any role listed in RolesAllowed
                        final RemoteBean remoteBean = (RemoteBean) bean;
                        final List<SecurityRoleRef> securityRoleRefs = remoteBean.getSecurityRoleRef();
                        for (final String role : rolesAllowed.value()) {
                            securityRoleRefs.add(new SecurityRoleRef(role));
                        }
                    }

                    /*
                     * @PermitAll
                     */
                    if (permitAll != null) {
                        final MethodPermission methodPermission = new MethodPermission();
                        methodPermission.setUnchecked(true);
                        methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, clazz.getName(), "*"));
                        assemblyDescriptor.getMethodPermission().add(methodPermission);
                    }

                    /**
                     * @DenyAll
                     */
                    if (denyAll != null) {
                        assemblyDescriptor.getExcludeList()
                            .addMethod(new org.apache.openejb.jee.Method(ejbName, clazz.getName(), "*"));
                    }
                }

                /*
                 * @RunAs
                 */
                final RunAs runAs = clazz.getAnnotation(RunAs.class);
                if (runAs != null && bean.getSecurityIdentity() == null) {
                    final SecurityIdentity securityIdentity = new SecurityIdentity();
                    securityIdentity.setRunAs(runAs.value());
                    bean.setSecurityIdentity(securityIdentity);
                }

                /*
                 * @DeclareRoles
                 */
                final DeclareRoles declareRoles = clazz.getAnnotation(DeclareRoles.class);
                if (declareRoles != null && bean instanceof RemoteBean) {
                    final RemoteBean remoteBean = (RemoteBean) bean;
                    final List<SecurityRoleRef> securityRoleRefs = remoteBean.getSecurityRoleRef();
                    for (final String role : declareRoles.value()) {
                        securityRoleRefs.add(new SecurityRoleRef(role));
                    }
                }
            }

            /*
             * Process annotations at the method level
             */
            final List<Method> seen = new ArrayList<Method>();

            /*
             * @RolesAllowed
             */
            for (final Annotated<Method> method : annotationFinder.findMetaAnnotatedMethods(RolesAllowed.class)) {
                checkConflictingSecurityAnnotations(method, ejbName, ejbModule, seen);
                final RolesAllowed rolesAllowed = method.getAnnotation(RolesAllowed.class);
                final MethodPermission methodPermission = new MethodPermission();
                methodPermission.getRoleName().addAll(Arrays.asList(rolesAllowed.value()));
                methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, method.get()));
                assemblyDescriptor.getMethodPermission().add(methodPermission);

                // Automatically add a role ref for any role listed in RolesAllowed
                final RemoteBean remoteBean = (RemoteBean) bean;
                final List<SecurityRoleRef> securityRoleRefs = remoteBean.getSecurityRoleRef();
                for (final String role : rolesAllowed.value()) {
                    securityRoleRefs.add(new SecurityRoleRef(role));
                }
            }

            /*
 
View Full Code Here
25
26
27
28
29
30
31
32
33
34
35
36
      if (declaring == null || method == null) return;

      String[] rolesAllowed = null;
      boolean denyAll;
      boolean permitAll;
      RolesAllowed allowed = (RolesAllowed) declaring.getAnnotation(RolesAllowed.class);
      RolesAllowed methodAllowed = method.getAnnotation(RolesAllowed.class);
      if (methodAllowed != null) allowed = methodAllowed;
      if (allowed != null)
      {
         rolesAllowed = allowed.value();
      }
View Full Code Here
177
178
179
180
181
182
183
184
185
186
187
188
189
190
      // class not here, therefore not on method either
      return true;
    }
    // From now on we can use this class since it's there. I (Stef Epardaud) don't think we need to
    // remove the reference here and use reflection.
    RolesAllowed rolesAllowed = m.getAnnotation(RolesAllowed.class);
    if(rolesAllowed == null)
      return true;
    SecurityContext context = ResteasyProviderFactory.getContextData(SecurityContext.class);
    for(String role : rolesAllowed.value())
      if(context.isUserInRole(role))
        return true;
    return false;
  }
View Full Code Here
73
74
75
76
77
78
79
80
81
82
83
84
     */
    @Override
    protected void processEjbMethodSecurity(Annotation authAnnotation,
            MethodDescriptor md, EjbDescriptor ejbDesc) {

        RolesAllowed rolesAllowedAn = (RolesAllowed)authAnnotation;
        for (String roleName : rolesAllowedAn.value()) {
            Role role = new Role(roleName);
            // add role if not exists
            ejbDesc.getEjbBundleDescriptor().addRole(role);
            ejbDesc.addPermissionedMethod(new MethodPermission(role), md);
        }
View Full Code Here
3131
3132
3133
3134
3135
3136
3137
3138
3139
3140
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
3174
3175
3176
3177
3178
3179
3180
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190
3191
3192
3193
3194
3195
3196
3197
3198
3199
3200
3201
3202
3203
3204
3205
3206
3207
3208
3209
3210
3211
3212
3213
3214
3215
3216
3217
3218
                /*
                 * Process annotations at the class level
                 */
                if (!classPermissions.contains("*") || !classPermissions.contains(clazz.getName())) {

                    RolesAllowed rolesAllowed = clazz.getAnnotation(RolesAllowed.class);
                    PermitAll permitAll = clazz.getAnnotation(PermitAll.class);

                    /*
                     * @RolesAllowed
                     */
                    if (rolesAllowed != null && permitAll != null) {
                        ejbModule.getValidation().fail(ejbName, "permitAllAndRolesAllowedOnClass", clazz.getName());
                    }

                    if (rolesAllowed != null) {
                        MethodPermission methodPermission = new MethodPermission();
                        methodPermission.getRoleName().addAll(asList(rolesAllowed.value()));
                        methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, clazz.getName(), "*"));
                        assemblyDescriptor.getMethodPermission().add(methodPermission);

                        // Automatically add a role ref for any role listed in RolesAllowed
                        RemoteBean remoteBean = (RemoteBean) bean;
                        List<SecurityRoleRef> securityRoleRefs = remoteBean.getSecurityRoleRef();
                        for (String role : rolesAllowed.value()) {
                            securityRoleRefs.add(new SecurityRoleRef(role));
                        }
                    }

                    /*
                     * @PermitAll
                     */
                    if (permitAll != null) {
                        MethodPermission methodPermission = new MethodPermission();
                        methodPermission.setUnchecked(true);
                        methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, clazz.getName(), "*"));
                        assemblyDescriptor.getMethodPermission().add(methodPermission);
                    }
                }

                /*
                 * @RunAs
                 */
                RunAs runAs = clazz.getAnnotation(RunAs.class);
                if (runAs != null && bean.getSecurityIdentity() == null) {
                    SecurityIdentity securityIdentity = new SecurityIdentity();
                    securityIdentity.setRunAs(runAs.value());
                    bean.setSecurityIdentity(securityIdentity);
                }

                /*
                 * @DeclareRoles
                 */
                DeclareRoles declareRoles = clazz.getAnnotation(DeclareRoles.class);
                if (declareRoles != null && bean instanceof RemoteBean) {
                    RemoteBean remoteBean = (RemoteBean) bean;
                    List<SecurityRoleRef> securityRoleRefs = remoteBean.getSecurityRoleRef();
                    for (String role : declareRoles.value()) {
                        securityRoleRefs.add(new SecurityRoleRef(role));
                    }
                }
            }

            /*
             * Process annotations at the method level
             */
            List<Method> seen = new ArrayList<Method>();

            /*
             * @RolesAllowed
             */
            for (Annotated<Method> method : annotationFinder.findMetaAnnotatedMethods(RolesAllowed.class)) {
                checkConflictingSecurityAnnotations(method, ejbName, ejbModule, seen);
                RolesAllowed rolesAllowed = method.getAnnotation(RolesAllowed.class);
                MethodPermission methodPermission = new MethodPermission();
                methodPermission.getRoleName().addAll(asList(rolesAllowed.value()));
                methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, method.get()));
                assemblyDescriptor.getMethodPermission().add(methodPermission);

                // Automatically add a role ref for any role listed in RolesAllowed
                RemoteBean remoteBean = (RemoteBean) bean;
                List<SecurityRoleRef> securityRoleRefs = remoteBean.getSecurityRoleRef();
                for (String role : rolesAllowed.value()) {
                    securityRoleRefs.add(new SecurityRoleRef(role));
                }
            }

            /*
 
View Full Code Here
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
/* 53 */     super(finder);
/*    */   }
/*    */
/*    */   public void process(MethodPermissionsMetaData metaData, T type)
/*    */   {
/* 59 */     RolesAllowed allowed = (RolesAllowed)this.finder.getAnnotation(type, RolesAllowed.class);
/* 60 */     if (allowed == null) {
/* 61 */       return;
/*    */     }
/* 63 */     Method method = null;
/* 64 */     if ((type instanceof Method)) {
/* 65 */       method = (Method)type;
/*    */     }
/* 67 */     String ejbName = (String)EjbNameThreadLocal.ejbName.get();
/* 68 */     MethodMetaData mmd = ProcessorUtils.createMethod(ejbName, method);
/* 69 */     MethodPermissionMetaData perm = new MethodPermissionMetaData();
/* 70 */     MethodsMetaData methods = perm.getMethods();
/* 71 */     if (methods == null)
/*    */     {
/* 73 */       methods = new MethodsMetaData();
/* 74 */       perm.setMethods(methods);
/*    */     }
/* 76 */     HashSet roles = new HashSet();
/* 77 */     for (String role : allowed.value())
/* 78 */       roles.add(role);
/* 79 */     perm.setRoles(roles);
/* 80 */     Descriptions descriptions = ProcessorUtils.getDescription("@RolesAllowed for: " + type);
/* 81 */     mmd.setDescriptions(descriptions);
/* 82 */     methods.add(mmd);
View Full Code Here
68
69
70
71
72
73
74
75
76
77
78
79
80
81
/*     */       {
/* 104 */         set.add(AnybodyPrincipal.ANYBODY_PRINCIPAL);
/*     */       }
/* 106 */       else if ((annotation instanceof RolesAllowed))
/*     */       {
/* 108 */         RolesAllowed permissions = (RolesAllowed)annotation;
/* 109 */         for (int i = 0; i < permissions.value().length; i++)
/*     */         {
/* 111 */           set.add(new SimplePrincipal(permissions.value()[i]));
/*     */         }
/*     */       }
/*     */       else {
/* 115 */         set.add(AnybodyPrincipal.ANYBODY_PRINCIPAL);
/*     */       }
View Full Code Here
54
55
56
57
58
59
60
61
62
63
64
65
66
67
/*     */       {
/*  85 */         set.add(AnybodyPrincipal.ANYBODY_PRINCIPAL);
/*     */       }
/*  87 */       else if ((annotation instanceof RolesAllowed))
/*     */       {
/*  89 */         RolesAllowed permissions = (RolesAllowed)annotation;
/*  90 */         for (int i = 0; i < permissions.value().length; i++)
/*     */         {
/*  92 */           set.add(new SimplePrincipal(permissions.value()[i]));
/*     */         }
/*     */       }
/*     */       else {
/*  96 */         set.add(AnybodyPrincipal.ANYBODY_PRINCIPAL);
/*     */       }
View Full Code Here
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
/*     */   private static void addPermissions(EJBContainer container, PolicyConfiguration pc)
/*     */   {
/* 169 */     SecurityDomain sd = (SecurityDomain)container.resolveAnnotation(SecurityDomain.class);
/*     */
/* 171 */     PermitAll beanUnchecked = (PermitAll)container.resolveAnnotation(PermitAll.class);
/* 172 */     RolesAllowed beanPermissions = (RolesAllowed)container.resolveAnnotation(RolesAllowed.class);
/*     */
/* 174 */     DeclareRoles beanDeclareRolesPerms = (DeclareRoles)container.resolveAnnotation(DeclareRoles.class);
/*     */
/* 176 */     if ((beanUnchecked != null) && (beanPermissions != null))
/*     */     {
/* 178 */       throw new RuntimeException("Cannot annotate a bean with both @Unchecked and @MethodPermissions");
/*     */     }
/*     */
/* 181 */     String ejbName = container.getEjbName();
/*     */
/* 184 */     if (beanDeclareRolesPerms != null)
/*     */     {
/* 186 */       String[] rolerefs = beanDeclareRolesPerms.value();
/* 187 */       int len = rolerefs != null ? rolerefs.length : 0;
/* 188 */       for (int i = 0; i < len; i++)
/*     */       {
/*     */         try
/*     */         {
/* 192 */           pc.addToRole(rolerefs[i], new EJBRoleRefPermission(ejbName, rolerefs[i]));
/*     */         }
/*     */         catch (PolicyContextException e)
/*     */         {
/* 196 */           throw new RuntimeException(e);
/*     */         }
/*     */
/*     */       }
/*     */
/*     */     }
/*     */
/* 203 */     for (Method m : container.getBeanClass().getMethods())
/*     */     {
/* 205 */       EJBMethodPermission permission = new EJBMethodPermission(ejbName, null, m);
/* 206 */       log.trace("Creating permission: " + permission);
/*     */
/* 208 */       PermitAll unchecked = (PermitAll)container.resolveAnnotation(m, PermitAll.class);
/* 209 */       RolesAllowed permissions = (RolesAllowed)container.resolveAnnotation(m, RolesAllowed.class);
/* 210 */       DenyAll exclude = (DenyAll)container.resolveAnnotation(m, DenyAll.class);
/*     */
/* 212 */       int annotationCount = getAnnotationCount(unchecked, permissions, exclude);
/*     */
/* 214 */       if ((annotationCount == 0) && (beanPermissions == null) && (beanUnchecked == null))
View Full Code Here
3065
3066
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
3081
3082
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
3129
3130
3131
3132
3133
3134
3135
3136
3137
3138
3139
3140
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
3151
3152
                /*
                 * Process annotations at the class level
                 */
                if (!classPermissions.contains("*") || !classPermissions.contains(clazz.getName())) {

                    RolesAllowed rolesAllowed = clazz.getAnnotation(RolesAllowed.class);
                    PermitAll permitAll = clazz.getAnnotation(PermitAll.class);

                    /*
                     * @RolesAllowed
                     */
                    if (rolesAllowed != null && permitAll != null) {
                        ejbModule.getValidation().fail(ejbName, "permitAllAndRolesAllowedOnClass", clazz.getName());
                    }

                    if (rolesAllowed != null) {
                        MethodPermission methodPermission = new MethodPermission();
                        methodPermission.getRoleName().addAll(asList(rolesAllowed.value()));
                        methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, clazz.getName(), "*"));
                        assemblyDescriptor.getMethodPermission().add(methodPermission);

                        // Automatically add a role ref for any role listed in RolesAllowed
                        RemoteBean remoteBean = (RemoteBean) bean;
                        List<SecurityRoleRef> securityRoleRefs = remoteBean.getSecurityRoleRef();
                        for (String role : rolesAllowed.value()) {
                            securityRoleRefs.add(new SecurityRoleRef(role));
                        }
                    }

                    /*
                     * @PermitAll
                     */
                    if (permitAll != null) {
                        MethodPermission methodPermission = new MethodPermission();
                        methodPermission.setUnchecked(true);
                        methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, clazz.getName(), "*"));
                        assemblyDescriptor.getMethodPermission().add(methodPermission);
                    }
                }

                /*
                 * @RunAs
                 */
                RunAs runAs = clazz.getAnnotation(RunAs.class);
                if (runAs != null && bean.getSecurityIdentity() == null) {
                    SecurityIdentity securityIdentity = new SecurityIdentity();
                    securityIdentity.setRunAs(runAs.value());
                    bean.setSecurityIdentity(securityIdentity);
                }

                /*
                 * @DeclareRoles
                 */
                DeclareRoles declareRoles = clazz.getAnnotation(DeclareRoles.class);
                if (declareRoles != null && bean instanceof RemoteBean) {
                    RemoteBean remoteBean = (RemoteBean) bean;
                    List<SecurityRoleRef> securityRoleRefs = remoteBean.getSecurityRoleRef();
                    for (String role : declareRoles.value()) {
                        securityRoleRefs.add(new SecurityRoleRef(role));
                    }
                }
            }

            /*
             * Process annotations at the method level
             */
            List<Method> seen = new ArrayList<Method>();

            /*
             * @RolesAllowed
             */
            for (Annotated<Method> method : annotationFinder.findMetaAnnotatedMethods(RolesAllowed.class)) {
                checkConflictingSecurityAnnotations(method, ejbName, ejbModule, seen);
                RolesAllowed rolesAllowed = method.getAnnotation(RolesAllowed.class);
                MethodPermission methodPermission = new MethodPermission();
                methodPermission.getRoleName().addAll(asList(rolesAllowed.value()));
                methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, method.get()));
                assemblyDescriptor.getMethodPermission().add(methodPermission);

                // Automatically add a role ref for any role listed in RolesAllowed
                RemoteBean remoteBean = (RemoteBean) bean;
                List<SecurityRoleRef> securityRoleRefs = remoteBean.getSecurityRoleRef();
                for (String role : rolesAllowed.value()) {
                    securityRoleRefs.add(new SecurityRoleRef(role));
                }
            }

            /*
 
View Full Code Here
TOP

Related Classes of javax.annotation.security.RolesAllowed

  • com.caucho.config.gen.SecurityFactory
  • com.caucho.ejb.session.AbstractSessionManager
  • com.caucho.ejb.session.SessionServer
  • com.sun.enterprise.deployment.annotation.handlers.RolesAllowedHandler
  • com.sun.jersey.api.container.filter.RolesAllowedResourceFilterFactory
  • com.sun.jersey.api.container.filter.servlet.RolesAllowedResourceFilterFactory
  • com.walters.sms.rest.SecurityFilter
  • es.internna.jee.security.impl.SecurityInterceptor
  • juzu.plugin.authz.AuthzManager
  • org.apache.openejb.config.AnnotationDeployer$ProcessAnnotatedBeans
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.