You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2008/06/06 02:06:14 UTC
svn commit: r663791 - in /geronimo/server/trunk: framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java plugins/openejb/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java

Author: djencks
Date: Thu Jun  5 17:06:12 2008
New Revision: 663791

URL: http://svn.apache.org/viewvc?rev=663791&view=rev
Log:
GERONIMO-4101 move method from ContextManager to GeronmoSecurityService and inline it

Modified:
    geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java
    geronimo/server/trunk/plugins/openejb/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java

Modified: geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java?rev=663791&r1=663790&r2=663791&view=diff
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java (original)
+++ geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java Thu Jun  5 17:06:12 2008
@@ -18,7 +18,6 @@
 package org.apache.geronimo.security;
 
 import java.security.AccessControlContext;
-import java.security.AccessControlException;
 import java.security.AccessController;
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
@@ -38,7 +37,6 @@
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
-import javax.security.jacc.EJBRoleRefPermission;
 
 import org.apache.geronimo.security.realm.providers.GeronimoCallerPrincipal;
 
@@ -206,31 +204,6 @@
         return (context != null ? context.id : null);
     }
 
-    public static boolean isCallerInRole(String EJBName, String role) {
-        if (EJBName == null) throw new IllegalArgumentException("EJBName must not be null");
-        if (role == null) throw new IllegalArgumentException("Role must not be null");
-
-        try {
-            Callers currentCallers = callers.get();
-            if (currentCallers == null) {
-                return false;
-            }
-            Subject currentSubject = currentCallers.getCurrentCaller();
-            if (currentSubject == null) {
-                return false;
-            }
-
-            Context context = subjectContexts.get(currentSubject);
-
-            assert context != null : "No registered context";
-
-            context.context.checkPermission(new EJBRoleRefPermission(EJBName, role));
-        } catch (AccessControlException e) {
-            return false;
-        }
-        return true;
-    }
-
     public static Subject getRegisteredSubject(SubjectId id) {
         return subjectIds.get(id);
     }

Modified: geronimo/server/trunk/plugins/openejb/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/openejb/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java?rev=663791&r1=663790&r2=663791&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/openejb/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java (original)
+++ geronimo/server/trunk/plugins/openejb/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java Thu Jun  5 17:06:12 2008
@@ -28,6 +28,7 @@
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
 import javax.security.jacc.EJBMethodPermission;
+import javax.security.jacc.EJBRoleRefPermission;
 
 import org.apache.geronimo.security.ContextManager;
 import org.apache.geronimo.security.SubjectId;
@@ -121,7 +122,15 @@
             return false;
         }
 
-        return ContextManager.isCallerInRole(deploymentInfo.getEjbName(), role);
+        String EJBName = deploymentInfo.getEjbName();
+        if (EJBName == null) throw new IllegalArgumentException("EJBName must not be null");
+        try {
+            AccessControlContext context = ContextManager.getCurrentContext();
+            context.checkPermission(new EJBRoleRefPermission(EJBName, role));
+        } catch (AccessControlException e) {
+            return false;
+        }
+        return true;
     }
 
     public Principal getCallerPrincipal() {