You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2008/06/06 02:06:14 UTC
svn commit: r663791 - in /geronimo/server/trunk:
framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java
plugins/openejb/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java
Author: djencks
Date: Thu Jun 5 17:06:12 2008
New Revision: 663791
URL: http://svn.apache.org/viewvc?rev=663791&view=rev
Log:
GERONIMO-4101 move method from ContextManager to GeronmoSecurityService and inline it
Modified:
geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java
geronimo/server/trunk/plugins/openejb/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java
Modified: geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java?rev=663791&r1=663790&r2=663791&view=diff
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java (original)
+++ geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java Thu Jun 5 17:06:12 2008
@@ -18,7 +18,6 @@
package org.apache.geronimo.security;
import java.security.AccessControlContext;
-import java.security.AccessControlException;
import java.security.AccessController;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
@@ -38,7 +37,6 @@
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
-import javax.security.jacc.EJBRoleRefPermission;
import org.apache.geronimo.security.realm.providers.GeronimoCallerPrincipal;
@@ -206,31 +204,6 @@
return (context != null ? context.id : null);
}
- public static boolean isCallerInRole(String EJBName, String role) {
- if (EJBName == null) throw new IllegalArgumentException("EJBName must not be null");
- if (role == null) throw new IllegalArgumentException("Role must not be null");
-
- try {
- Callers currentCallers = callers.get();
- if (currentCallers == null) {
- return false;
- }
- Subject currentSubject = currentCallers.getCurrentCaller();
- if (currentSubject == null) {
- return false;
- }
-
- Context context = subjectContexts.get(currentSubject);
-
- assert context != null : "No registered context";
-
- context.context.checkPermission(new EJBRoleRefPermission(EJBName, role));
- } catch (AccessControlException e) {
- return false;
- }
- return true;
- }
-
public static Subject getRegisteredSubject(SubjectId id) {
return subjectIds.get(id);
}
Modified: geronimo/server/trunk/plugins/openejb/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/openejb/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java?rev=663791&r1=663790&r2=663791&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/openejb/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java (original)
+++ geronimo/server/trunk/plugins/openejb/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java Thu Jun 5 17:06:12 2008
@@ -28,6 +28,7 @@
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.security.jacc.EJBMethodPermission;
+import javax.security.jacc.EJBRoleRefPermission;
import org.apache.geronimo.security.ContextManager;
import org.apache.geronimo.security.SubjectId;
@@ -121,7 +122,15 @@
return false;
}
- return ContextManager.isCallerInRole(deploymentInfo.getEjbName(), role);
+ String EJBName = deploymentInfo.getEjbName();
+ if (EJBName == null) throw new IllegalArgumentException("EJBName must not be null");
+ try {
+ AccessControlContext context = ContextManager.getCurrentContext();
+ context.checkPermission(new EJBRoleRefPermission(EJBName, role));
+ } catch (AccessControlException e) {
+ return false;
+ }
+ return true;
}
public Principal getCallerPrincipal() {