You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by rm...@apache.org on 2012/02/03 19:39:14 UTC
svn commit: r1240285 - in /openejb/trunk/openejb/container/openejb-core/src:
main/java/org/apache/openejb/assembler/classic/
main/java/org/apache/openejb/core/security/jacc/
test/java/org/apache/openejb/assembler/classic/
Author: rmannibucau
Date: Fri Feb 3 18:39:13 2012
New Revision: 1240285
URL: http://svn.apache.org/viewvc?rev=1240285&view=rev
Log:
adding and using by default FastPermissionCollection instead of Permissions - todo: check if it can be an issue or not
Added:
openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/DelegatePermissionCollection.java
Modified:
openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/JaccPermissionsBuilder.java
openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/PolicyContext.java
openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/core/security/jacc/BasicPolicyConfiguration.java
openejb/trunk/openejb/container/openejb-core/src/test/java/org/apache/openejb/assembler/classic/OpenEJBXmlByModuleTest.java
Added: openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/DelegatePermissionCollection.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/DelegatePermissionCollection.java?rev=1240285&view=auto
==============================================================================
--- openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/DelegatePermissionCollection.java (added)
+++ openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/DelegatePermissionCollection.java Fri Feb 3 18:39:13 2012
@@ -0,0 +1,67 @@
+package org.apache.openejb.assembler.classic;
+
+import org.apache.openejb.util.ArrayEnumeration;
+
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.security.Permissions;
+import java.util.ArrayList;
+import java.util.Enumeration;
+import java.util.List;
+
+public class DelegatePermissionCollection extends PermissionCollection {
+ private static final String PERMISSION_COLLECTION_CLASS = "openejb.permission-collection.class";
+
+ private PermissionCollection pc = getPermissionCollection();
+
+ @Override
+ public void add(Permission permission) {
+ pc.add(permission);
+ }
+
+ @Override
+ public boolean implies(Permission permission) {
+ return pc.implies(permission);
+ }
+
+ @Override
+ public Enumeration<Permission> elements() {
+ return pc.elements();
+ }
+
+ public static PermissionCollection getPermissionCollection() {
+ try {
+ return (PermissionCollection) DelegatePermissionCollection.class.getClassLoader()
+ .loadClass(
+ System.getProperty(PERMISSION_COLLECTION_CLASS,
+ FastPermissionCollection.class.getName()))
+ .newInstance();
+ } catch (Exception cnfe) {
+ return new Permissions();
+ }
+ }
+
+ public static class FastPermissionCollection extends PermissionCollection {
+ private final List<Permission> permissions = new ArrayList<Permission>();
+
+ @Override
+ public synchronized void add(Permission permission) {
+ permissions.add(permission);
+ }
+
+ @Override
+ public synchronized boolean implies(Permission permission) {
+ for (Permission perm : permissions) {
+ if (perm.implies(perm)) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ @Override
+ public synchronized Enumeration<Permission> elements() {
+ return new ArrayEnumeration(permissions);
+ }
+ }
+}
Modified: openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/JaccPermissionsBuilder.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/JaccPermissionsBuilder.java?rev=1240285&r1=1240284&r2=1240285&view=diff
==============================================================================
--- openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/JaccPermissionsBuilder.java (original)
+++ openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/JaccPermissionsBuilder.java Fri Feb 3 18:39:13 2012
@@ -20,24 +20,25 @@ import org.apache.openejb.BeanContext;
import org.apache.openejb.InterfaceType;
import org.apache.openejb.OpenEJBException;
import org.apache.openejb.loader.SystemInstance;
-import org.apache.openejb.util.Logger;
import org.apache.openejb.util.LogCategory;
-import static org.apache.openejb.assembler.classic.MethodInfoUtil.resolveAttributes;
+import org.apache.openejb.util.Logger;
import javax.security.jacc.EJBMethodPermission;
import javax.security.jacc.EJBRoleRefPermission;
import javax.security.jacc.PolicyConfiguration;
import javax.security.jacc.PolicyConfigurationFactory;
import javax.security.jacc.PolicyContextException;
+import java.lang.reflect.Method;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
+import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import java.util.ArrayList;
-import java.lang.reflect.Method;
+
+import static org.apache.openejb.assembler.classic.MethodInfoUtil.resolveAttributes;
/**
* @version $Rev$ $Date$
@@ -50,7 +51,7 @@ public class JaccPermissionsBuilder {
public void install(PolicyContext policyContext) throws OpenEJBException {
if (SystemInstance.get().hasProperty("openejb.geronimo")) return;
-
+
try {
PolicyConfigurationFactory factory = PolicyConfigurationFactory.getPolicyConfigurationFactory();
@@ -237,7 +238,7 @@ public class JaccPermissionsBuilder {
String roleLink = securityRoleRef.roleLink;
- PermissionCollection roleLinks = (PermissionCollection) rolePermissions.get(roleLink);
+ PermissionCollection roleLinks = rolePermissions.get(roleLink);
if (roleLinks == null) {
roleLinks = new Permissions();
rolePermissions.put(roleLink, roleLinks);
@@ -259,7 +260,7 @@ public class JaccPermissionsBuilder {
if (defaultRole == null) {
permissions = uncheckedPermissions;
} else {
- permissions = (PermissionCollection) rolePermissions.get(defaultRole);
+ permissions = rolePermissions.get(defaultRole);
if (permissions == null) {
permissions = new Permissions();
rolePermissions.put(defaultRole, permissions);
@@ -287,6 +288,7 @@ public class JaccPermissionsBuilder {
* @param permissions the permission set to be extended
* @param ejbName the name of the EJB
* @param methodInterface the EJB method interface
+ *
* @throws org.apache.openejb.OpenEJBException
* in case a class could not be found
*/
Modified: openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/PolicyContext.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/PolicyContext.java?rev=1240285&r1=1240284&r2=1240285&view=diff
==============================================================================
--- openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/PolicyContext.java (original)
+++ openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/assembler/classic/PolicyContext.java Fri Feb 3 18:39:13 2012
@@ -16,23 +16,18 @@
*/
package org.apache.openejb.assembler.classic;
-import javax.security.jacc.PolicyConfiguration;
-import javax.security.jacc.PolicyContextException;
-import java.io.Serializable;
import java.security.PermissionCollection;
-import java.security.Permissions;
-import java.security.Permission;
-import java.util.Map;
import java.util.HashMap;
+import java.util.Map;
/**
* @version $Rev$ $Date$
*/
public class PolicyContext {
- private final PermissionCollection excludedPermissions = new Permissions();
- private final PermissionCollection uncheckedPermissions = new Permissions();
- private final Map rolePermissions = new HashMap();
+ private final PermissionCollection excludedPermissions = new DelegatePermissionCollection();
+ private final PermissionCollection uncheckedPermissions = new DelegatePermissionCollection();
+ private final Map<String,PermissionCollection> rolePermissions = new HashMap<String,PermissionCollection>();
private final String contextId;
public PolicyContext(String contextId) {
@@ -54,5 +49,4 @@ public class PolicyContext {
public String getContextID() {
return contextId;
}
-
}
Modified: openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/core/security/jacc/BasicPolicyConfiguration.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/core/security/jacc/BasicPolicyConfiguration.java?rev=1240285&r1=1240284&r2=1240285&view=diff
==============================================================================
--- openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/core/security/jacc/BasicPolicyConfiguration.java (original)
+++ openejb/trunk/openejb/container/openejb-core/src/main/java/org/apache/openejb/core/security/jacc/BasicPolicyConfiguration.java Fri Feb 3 18:39:13 2012
@@ -16,14 +16,13 @@
*/
package org.apache.openejb.core.security.jacc;
+import org.apache.openejb.assembler.classic.DelegatePermissionCollection;
import org.apache.openejb.loader.SystemInstance;
-import org.apache.openejb.spi.SecurityService;
import javax.security.jacc.PolicyConfiguration;
import javax.security.jacc.PolicyContextException;
import java.security.Permission;
import java.security.PermissionCollection;
-import java.security.Permissions;
import java.security.Principal;
import java.security.ProtectionDomain;
import java.util.Enumeration;
@@ -41,9 +40,9 @@ public class BasicPolicyConfiguration im
private final String contextID;
private int state;
- protected final Map<String, Permissions> rolePermissionsMap = new LinkedHashMap<String, Permissions>();
- protected Permissions unchecked = null;
- protected Permissions excluded = null;
+ protected final Map<String, PermissionCollection> rolePermissionsMap = new LinkedHashMap<String, PermissionCollection>();
+ protected PermissionCollection unchecked = null;
+ protected PermissionCollection excluded = null;
protected BasicPolicyConfiguration(String contextID) {
this.contextID = contextID;
@@ -67,7 +66,7 @@ public class BasicPolicyConfiguration im
Set<String> roles = roleResolver.getLogicalRoles(principals, rolePermissionsMap.keySet());
for (String role : roles) {
- Permissions permissions = rolePermissionsMap.get(role);
+ PermissionCollection permissions = rolePermissionsMap.get(role);
if (permissions != null && permissions.implies(permission)) return true;
}
@@ -87,9 +86,9 @@ public class BasicPolicyConfiguration im
public void addToRole(String roleName, Permission permission) throws PolicyContextException {
if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
- Permissions permissions = rolePermissionsMap.get(roleName);
+ PermissionCollection permissions = rolePermissionsMap.get(roleName);
if (permissions == null) {
- permissions = new Permissions();
+ permissions = new DelegatePermissionCollection();
rolePermissionsMap.put(roleName, permissions);
}
permissions.add(permission);
@@ -105,9 +104,13 @@ public class BasicPolicyConfiguration im
}
public void addToUncheckedPolicy(Permission permission) throws PolicyContextException {
- if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
+ if (state != OPEN) {
+ throw new UnsupportedOperationException("Not in an open state");
+ }
- if (unchecked == null) unchecked = new Permissions();
+ if (unchecked == null) {
+ unchecked = new DelegatePermissionCollection();
+ }
unchecked.add(permission);
}
@@ -122,9 +125,13 @@ public class BasicPolicyConfiguration im
}
public void addToExcludedPolicy(Permission permission) throws PolicyContextException {
- if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
+ if (state != OPEN) {
+ throw new UnsupportedOperationException("Not in an open state");
+ }
- if (excluded == null) excluded = new Permissions();
+ if (excluded == null) {
+ excluded = new DelegatePermissionCollection();
+ }
excluded.add(permission);
}
Modified: openejb/trunk/openejb/container/openejb-core/src/test/java/org/apache/openejb/assembler/classic/OpenEJBXmlByModuleTest.java
URL: http://svn.apache.org/viewvc/openejb/trunk/openejb/container/openejb-core/src/test/java/org/apache/openejb/assembler/classic/OpenEJBXmlByModuleTest.java?rev=1240285&r1=1240284&r2=1240285&view=diff
==============================================================================
--- openejb/trunk/openejb/container/openejb-core/src/test/java/org/apache/openejb/assembler/classic/OpenEJBXmlByModuleTest.java (original)
+++ openejb/trunk/openejb/container/openejb-core/src/test/java/org/apache/openejb/assembler/classic/OpenEJBXmlByModuleTest.java Fri Feb 3 18:39:13 2012
@@ -18,10 +18,10 @@ package org.apache.openejb.assembler.cla
import org.apache.commons.dbcp.BasicDataSource;
import org.apache.openejb.OpenEJBException;
-import org.apache.openejb.core.LocalInitialContextFactory;
import org.apache.openejb.config.AppModule;
import org.apache.openejb.config.ConfigurationFactory;
import org.apache.openejb.config.EjbModule;
+import org.apache.openejb.core.LocalInitialContextFactory;
import org.apache.openejb.jee.EjbJar;
import org.apache.openejb.jee.SingletonBean;
import org.junit.After;
@@ -29,7 +29,6 @@ import org.junit.Before;
import org.junit.Test;
import javax.annotation.Resource;
-import javax.ejb.Singleton;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
@@ -92,7 +91,6 @@ public class OpenEJBXmlByModuleTest {
public String attr = "ok";
}
- @Singleton
public static class UselessBean {
@Resource(name = "DS") private DataSource ds;
@Resource(name = "My Resource", type = MyResource.class) private MyResource rs;