Examples of org.jboss.security.RunAs

• org.jboss.security.RunAs
  Represent an entity X with a proof of identity Y @author Anil.Saldhana@redhat.com @since Mar 6, 2007 @version $Revision$

/* 95 */         AssemblyDescriptorMetaData assemblyDescriptor = applicationMetaData.getAssemblyDescriptor();
/* 96 */         String roleName = ejbTimeoutIdentity.getRunAsRoleName();
/* 97 */         String principalName = ejbTimeoutIdentity.getRunAsPrincipalName();
/*    */
/* 99 */         Set extraRoleNames = assemblyDescriptor.getSecurityRoleNamesByPrincipal(principalName);
/* 100 */         RunAs runAsIdentity = new RunAsIdentity(roleName, principalName, extraRoleNames);
/* 101 */         SecurityActions.pushRunAsIdentity(runAsIdentity);
/* 102 */         this.pushedRunAs = true;
/*    */       }
/* 104 */       this.container.invoke(inv);
/*    */     }

/* 140 */     map.put("roleName", roleName);
/* 141 */     map.put("roleRefPermissionCheck", Boolean.TRUE);
/*     */
/* 144 */     EJBResource ejbResource = new EJBResource(map);
/*     */
/* 146 */     RunAs callerRunAs = this.securityContext.getIncomingRunAs();
/*     */
/* 148 */     ejbResource.setEjbName(ejbName);
/* 149 */     ejbResource.setPrincipal(ejbPrincipal);
/* 150 */     ejbResource.setCallerRunAsIdentity(callerRunAs);
/* 151 */     ejbResource.setSecurityRoleReferences(securityRoleRefs);

/*    */ public class JavaEETrustModule extends AbstractIdentityTrustModule
/*    */ {
/*    */   public IdentityTrustManager.TrustDecision isTrusted()
/*    */     throws IdentityTrustException
/*    */   {
/* 43 */     RunAs runAs = this.securityContext.getIncomingRunAs();
/* 44 */     if ((runAs instanceof RunAsIdentity))
/*    */     {
/* 46 */       RunAsIdentity runAsIdentity = (RunAsIdentity)runAs;
/* 47 */       if ("JavaEE".equals(runAsIdentity.getProof()))
/* 48 */         return IdentityTrustManager.TrustDecision.Permit;

/*     */     }
/* 189 */     SecurityContext sc = SecurityActions.getSecurityContext();
/* 190 */     if (sc == null) {
/* 191 */       throw new IllegalStateException("Security Context is null");
/*     */     }
/* 193 */     RunAs callerRunAsIdentity = sc.getIncomingRunAs();
/*     */
/* 196 */     checkSecurityContext(mi, callerRunAsIdentity);
/*     */
/* 202 */     if ((callerRunAsIdentity != null) && (this.isUseCallerIdentity)) {
/* 203 */       this.runAsIdentity = callerRunAsIdentity;

/*     */     }
/* 230 */     SecurityContext sc = SecurityActions.getSecurityContext();
/* 231 */     if (sc == null) {
/* 232 */       throw new IllegalStateException("Security Context is null");
/*     */     }
/* 234 */     RunAs callerRunAsIdentity = sc.getIncomingRunAs();
/*     */
/* 237 */     checkSecurityContext(mi, callerRunAsIdentity);
/*     */
/* 243 */     if ((callerRunAsIdentity != null) && (this.isUseCallerIdentity)) {
/* 244 */       this.runAsIdentity = callerRunAsIdentity;

      map.put(ResourceKeys.ROLEREF_PERM_CHECK, Boolean.TRUE);

      EJBResource ejbResource = new EJBResource(map);
      ejbResource.setPolicyContextID(contextID);

      RunAs callerRunAs = SecurityActions.getIncomingRunAs(securityContext);

      ejbResource.setEjbVersion(version);
      ejbResource.setEjbName(ejbName);
      ejbResource.setPrincipal(ejbPrincipal);
      ejbResource.setCallerRunAsIdentity(callerRunAs);

      }
      SecurityContext sc = scb.getSecurityContext();

      //Handle the case of Incoming RunAs
      Principal callerPrincipal = null;
      RunAs callerRunAs = sc.getIncomingRunAs();
      if(callerRunAs != null)
      {
         callerPrincipal = new SimplePrincipal(callerRunAs.getName());
      }

      RoleGroup roles = this.getCurrentRoles(callerPrincipal, authenticatedSubject, sc);
      if(roles == null)
         roles = new SimpleRoleGroup(SecurityConstants.ROLES_IDENTIFIER);

            return false;
        }

        RoleGroup roleGroup = null;

        RunAs runAs = securityContext.getIncomingRunAs();
        if (runAs != null && runAs instanceof RunAsIdentity) {
            RunAsIdentity runAsIdentity = (RunAsIdentity) runAs;
            roleGroup = runAsIdentity.getRunAsRolesAsRoleGroup();
        } else {

        if (previous != null) {
            current.setSubjectInfo(previous.getSubjectInfo());
            current.setIncomingRunAs(previous.getOutgoingRunAs());
        }

        RunAs currentRunAs = current.getIncomingRunAs();
        boolean trusted = currentRunAs != null && currentRunAs instanceof RunAsIdentity;

        // TODO - Set unauthenticated identity if no auth to occur
        if (trusted == false) {
            // If we have a trusted identity no need for a re-auth.
            boolean authenticated = authenticate(current);
            if (authenticated == false) {
                // TODO - Better type needed.
                throw new SecurityException("Invalid User");
            }
        }

        if (runAs != null) {
            RunAs runAsIdentity = new RunAsIdentity(runAs, runAsPrincipal, extraRoles);
            current.setOutgoingRunAs(runAsIdentity);
        } else if (previous != null && previous.getOutgoingRunAs() != null) {
            // Ensure the propagation continues.
            current.setOutgoingRunAs(previous.getOutgoingRunAs());
        }

            return false;
        }

        RoleGroup roleGroup = null;

        RunAs runAs = securityContext.getIncomingRunAs();
        if (runAs != null && runAs instanceof RunAsIdentity) {
            RunAsIdentity runAsIdentity = (RunAsIdentity) runAs;
            roleGroup = runAsIdentity.getRunAsRolesAsRoleGroup();
        } else {
            AuthorizationManager am = securityContext.getAuthorizationManager();