You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "David Jencks (JIRA)" <ji...@apache.org> on 2009/10/27 02:13:59 UTC
[jira] Updated: (GERONIMO-4765) API for Assumed Identity (run-as)
support
[ https://issues.apache.org/jira/browse/GERONIMO-4765?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Jencks updated GERONIMO-4765:
-----------------------------------
Fix Version/s: (was: 2.2)
Wish List
I think this is basically a good idea but want to think about it more before putting it into a release. I think you could write your own object with a static method to do this?
> API for Assumed Identity (run-as) support
> -----------------------------------------
>
> Key: GERONIMO-4765
> URL: https://issues.apache.org/jira/browse/GERONIMO-4765
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 2.2
> Reporter: Jürgen Weber
> Fix For: Wish List
>
>
> To programmatically change the currently active subject, at the moment you have to use the following Geronimo-proprietary code:
> ContextManager.registerSubject(subject);
> Callers oldCallers = ContextManager.pushNextCaller(subject);
> try
> {
> // secure code
> }
> finally
> {
> ContextManager.popCallers(oldCallers);
> }
> (see http://www.nabble.com/NPE-in-ContextManager.getCurrentContext-ts24645453s134.html)
> There should be a simpler (less Geronimo-dependend code) API analog to javax.security.auth.Subject.doAs()
> (http://java.sun.com/javase/6/docs/api/javax/security/auth/Subject.html#doAs%28javax.security.auth.Subject,%20java.security.PrivilegedExceptionAction%29)
> This API itself cannot be used, see http://publib.boulder.ibm.com/infocenter/wasinfo/v5r1//index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/rsec_jaasauthor.html
> http://www.nabble.com/security-propagation-from-JAAS-context-to-EJB-question-ts24091806s134.html
> An API for Assumed Identity (run-as) support could be implemented like
> public <T> T doAs(Subject subject, PrivilegedExceptionAction<T> action)
> throws PrivilegedActionException
> {
> T t = null;
> ContextManager.registerSubject(subject);
> Callers oldCallers = ContextManager.pushNextCaller(subject);
> try
> {
> t = action.run();
> }
> catch (Exception e)
> {
> throw new PrivilegedActionException(e);
> }
> finally
> {
> ContextManager.popCallers(oldCallers);
> }
> return t;
> }
> This code could be put into a method of ContextManager or into a new class org.apache.geronimo.security.Security.
> This would still create a non-portable dependency to Geronimo in user code.
> You would use it like
> LoginContext lc = new LoginContext("geronimo-admin", handler);
> lc.login();
> Subject subject = lc.getSubject();
> String s = doAs(subject, new PrivilegedExceptionAction<String>()
> {
> public String run() throws Exception
> {
> return null; // secure code
> }
> });
> This would be analogous to similar APIs in Weblogic Server or Websphere AS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.