Examples of org.jboss.as.core.security.ServerSecurityManager

org.jboss.as.core.security.ServerSecurityManager

        // shouldn't really happen if the interceptor was setup correctly. But let's be safe and do a check
        if (!this.viewClassName.equals(viewClassOfInvokedMethod) || !this.viewMethod.equals(invokedMethod)) {
            throw EjbLogger.ROOT_LOGGER.failProcessInvocation(this.getClass().getName(), invokedMethod, viewClassOfInvokedMethod, viewMethod, viewClassName);
        }
        final EJBComponent ejbComponent = (EJBComponent) component;
        final ServerSecurityManager securityManager = ejbComponent.getSecurityManager();
        final MethodInterfaceType methodIntfType = this.getMethodInterfaceType(componentView.getPrivateData(MethodIntf.class));


        // set the JACC contextID before calling the security manager.
        final String previousContextID = setContextID(this.contextID);
        try {
            if(WildFlySecurityManager.isChecking()) {
                try {
                    AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
                        @Override
                        public ProtectionDomain run() {


                            if (!securityManager.authorize(ejbComponent.getComponentName(), componentView.getProxyClass().getProtectionDomain().getCodeSource(),
                                    methodIntfType.name(), AuthorizationInterceptor.this.viewMethod, AuthorizationInterceptor.this.getMethodRolesAsPrincipals(), AuthorizationInterceptor.this.contextID)) {
                                throw EjbLogger.ROOT_LOGGER.invocationOfMethodNotAllowed(invokedMethod,ejbComponent.getComponentName());
                            }
                            return null;
                        }
                    });
                } catch (PrivilegedActionException e) {
                    throw e.getException();
                }
            } else {
                if (!securityManager.authorize(ejbComponent.getComponentName(), componentView.getProxyClass().getProtectionDomain().getCodeSource(),
                        methodIntfType.name(), this.viewMethod, this.getMethodRolesAsPrincipals(), this.contextID)) {
                    throw EjbLogger.ROOT_LOGGER.invocationOfMethodNotAllowed(invokedMethod,ejbComponent.getComponentName());
                }
            }
            // successful authorization, let the invocation proceed

View Full Code Here

    public Injector<ResourceAdapterRepository> getResourceAdapterRepositoryInjector() {
        return resourceAdapterRepositoryValue;
    }


    public ServerSecurityManager getSecurityManager() {
        final ServerSecurityManager securityManager = securityManagerValue.getOptionalValue();
        if (securityManager == null)
            throw EjbLogger.ROOT_LOGGER.securityNotEnabled();
        return securityManager;
    }

View Full Code Here

    protected Interceptor create(final Component component, final InterceptorFactoryContext context) {
        if (component instanceof EJBComponent == false) {
            throw EjbLogger.ROOT_LOGGER.unexpectedComponent(component, EJBComponent.class);
        }
        final EJBComponent ejbComponent = (EJBComponent) component;
        final ServerSecurityManager securityManager;
        if(propagateSecurity) {
            securityManager = ejbComponent.getSecurityManager();
        } else {
            securityManager = new SimpleSecurityManager((SimpleSecurityManager) ejbComponent.getSecurityManager());
        }

View Full Code Here

TOP

Related Classes of org.jboss.as.core.security.ServerSecurityManager

org.jboss.as.ejb3.component.EJBUtilities

org.jboss.as.ejb3.security.AuthorizationInterceptor

org.jboss.as.ejb3.security.SecurityContextInterceptorFactory

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.