Example 11 with EjbInvocation
use of com.sun.ejb.EjbInvocation in project Payara by payara.
the class EJBSecurityManager method authorize.
/**
* This method is called by the EJB container to decide whether or not
* a method specified in the Invocation should be allowed.
*
* @param compInv invocation object that contains all the details of the
* invocation.
* @return A boolean value indicating if the client should be allowed
* to invoke the EJB.
*/
public boolean authorize(ComponentInvocation compInv) {
if (!(compInv instanceof EjbInvocation)) {
return false;
}
// FIXME: Param type should be EjbInvocation
EjbInvocation inv = (EjbInvocation) compInv;
if (inv.getAuth() != null) {
return inv.getAuth().booleanValue();
}
boolean ret = false;
CachedPermission cp = null;
Permission ejbmp = null;
if (inv.invocationInfo == null || inv.invocationInfo.cachedPermission == null) {
ejbmp = new EJBMethodPermission(ejbName, inv.getMethodInterface(), inv.method);
cp = new CachedPermissionImpl(uncheckedMethodPermissionCache, ejbmp);
if (inv.invocationInfo != null) {
inv.invocationInfo.cachedPermission = cp;
if (_logger.isLoggable(Level.FINE)) {
_logger.fine("JACC: permission initialized in InvocationInfo: EJBMethodPermission (Name) = " + ejbmp.getName() + " (Action) = " + ejbmp.getActions());
}
}
} else {
cp = inv.invocationInfo.cachedPermission;
ejbmp = cp.getPermission();
}
String caller = null;
SecurityContext sc = null;
pcHandlerImpl.getHandlerData().setInvocation(inv);
ret = cp.checkPermission();
if (!ret) {
sc = SecurityContext.getCurrent();
Set principalSet = sc.getPrincipalSet();
ProtectionDomain prdm = getCachedProtectionDomain(principalSet, true);
try {
// set the policy context in the TLS.
String oldContextId = setPolicyContext(this.contextId);
try {
ret = policy.implies(prdm, ejbmp);
} catch (SecurityException se) {
_logger.log(Level.SEVERE, "jacc_access_exception", se);
ret = false;
} catch (Throwable t) {
_logger.log(Level.SEVERE, "jacc_access_exception", t);
ret = false;
} finally {
resetPolicyContext(oldContextId, this.contextId);
}
} catch (Throwable t) {
_logger.log(Level.SEVERE, "jacc_policy_context_exception", t);
ret = false;
}
}
inv.setAuth((ret) ? Boolean.TRUE : Boolean.FALSE);
if (auditManager.isAuditOn()) {
if (sc == null) {
sc = SecurityContext.getCurrent();
}
caller = sc.getCallerPrincipal().getName();
auditManager.ejbInvocation(caller, ejbName, inv.method.toString(), ret);
}
if (ret && inv.isWebService && !inv.isPreInvokeDone()) {
preInvoke(inv);
}
if (_logger.isLoggable(Level.FINE)) {
_logger.fine("JACC: Access Control Decision Result: " + ret + " EJBMethodPermission (Name) = " + ejbmp.getName() + " (Action) = " + ejbmp.getActions() + " (Caller) = " + caller);
}
return ret;
}
Also used :
ProtectionDomain(java.security.ProtectionDomain)
EjbInvocation(com.sun.ejb.EjbInvocation)
CachedPermission(com.sun.enterprise.security.ee.CachedPermission)
CachedPermissionImpl(com.sun.enterprise.security.ee.CachedPermissionImpl)
Set(java.util.Set)
HashSet(java.util.HashSet)
EJBMethodPermission(javax.security.jacc.EJBMethodPermission)
EJBRoleRefPermission(javax.security.jacc.EJBRoleRefPermission)
Permission(java.security.Permission)
MethodPermission(com.sun.enterprise.deployment.MethodPermission)
CachedPermission(com.sun.enterprise.security.ee.CachedPermission)
SecurityContext(com.sun.enterprise.security.SecurityContext)
EJBMethodPermission(javax.security.jacc.EJBMethodPermission)
Example 12 with EjbInvocation
use of com.sun.ejb.EjbInvocation in project Payara by payara.
the class MessageBeanContainer method createMessageDrivenEJB.
/**
* Instantiate and initialize a message-driven bean instance.
*/
private MessageBeanContextImpl createMessageDrivenEJB() throws CreateException {
EjbInvocation ejbInvocation = null;
MessageBeanContextImpl context = null;
ClassLoader originalClassLoader = null;
try {
// Set application class loader before invoking instance.
originalClassLoader = setContextClassLoader(getClassLoader());
context = (MessageBeanContextImpl) createEjbInstanceAndContext();
Object ejb = context.getEJB();
// java:comp/env lookups are allowed from here on...
ejbInvocation = createEjbInvocation(ejb, context);
ejbInvocation.isMessageDriven = true;
invocationManager.preInvoke(ejbInvocation);
if (ejb instanceof MessageDrivenBean) {
// setMessageDrivenContext will be called without a Tx
// as required by the spec
((MessageDrivenBean) ejb).setMessageDrivenContext(context);
}
// Perform injection right after where setMessageDrivenContext would be called. This is important since
// injection methods have the same "operations allowed" permissions as setMessageDrivenContext.
injectEjbInstance(context);
// Set flag in context so UserTransaction can be used from ejbCreate. Didn't want to add
// a new state to lifecycle since that would require either changing lots of code in
// EJBContextImpl or re-implementing all the context methods within MessageBeanContextImpl.
context.setContextCalled();
// Call ejbCreate OR @PostConstruct on the bean.
intercept(POST_CONSTRUCT, context);
ejbProbeNotifier.ejbBeanCreatedEvent(getContainerId(), containerInfo.appName, containerInfo.modName, containerInfo.ejbName);
// Set the state to POOLED after ejbCreate so that EJBContext methods not allowed will throw exceptions
context.setState(POOLED);
} catch (Throwable t) {
_logger.log(SEVERE, "containers.mdb.ejb_creation_exception", new Object[] { appEJBName_, t.toString() });
if (t instanceof InvocationTargetException) {
_logger.log(Level.SEVERE, t.getClass().getName(), t.getCause());
}
_logger.log(SEVERE, t.getClass().getName(), t);
CreateException ce = new CreateException("Could not create Message-Driven EJB");
ce.initCause(t);
throw ce;
} finally {
if (originalClassLoader != null) {
setContextClassLoader(originalClassLoader);
}
if (ejbInvocation != null) {
invocationManager.postInvoke(ejbInvocation);
}
}
return context;
}
Also used :
EjbInvocation(com.sun.ejb.EjbInvocation)
MessageDrivenBean(javax.ejb.MessageDrivenBean)
Utility.setContextClassLoader(com.sun.enterprise.util.Utility.setContextClassLoader)
EJBLocalRemoteObject(com.sun.ejb.containers.EJBLocalRemoteObject)
CreateException(javax.ejb.CreateException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
Example 13 with EjbInvocation
use of com.sun.ejb.EjbInvocation in project Payara by payara.
the class MessageBeanContainer method beforeMessageDelivery.
/**
* Actual message delivery happens in three steps :
*
* 1) beforeMessageDelivery(Message, MessageListener) This is our chance to
* make the message delivery itself part of the instance's global
* transaction.
*
* 2) onMessage(Message, MessageListener) This is where the container
* delegates to the actual ejb instance's onMessage method.
*
* 3) afterMessageDelivery(Message, MessageListener) Perform transaction
* cleanup and error handling.
*
* We use the EjbInvocation manager's thread-specific state to track the
* invocation across these three calls.
*
* @param method
* @param deliveryType
* @param txImported
* @param resourceHandle
*/
public void beforeMessageDelivery(Method method, MessageDeliveryType deliveryType, boolean txImported, ResourceHandle resourceHandle) {
if (containerState != CONTAINER_STARTED) {
// i.e. no invocation
String errorMsg = localStrings.getLocalString("containers.mdb.invocation_closed", appEJBName_ + ": Message-driven bean invocation closed by container", new Object[] { appEJBName_ });
throw new EJBException(errorMsg);
}
EjbInvocation invocation = createEjbInvocation();
try {
MessageBeanContextImpl context = (MessageBeanContextImpl) getContext(invocation);
if (deliveryType == MessageDeliveryType.Timer) {
invocation.isTimerCallback = true;
}
// Set the context class loader here so that message producer will
// have access to application class loader during message
// processing.
// The previous context class loader will be restored in
// afterMessageDelivery.
invocation.setOriginalContextClassLoader(Utility.setContextClassLoader(getClassLoader()));
invocation.isMessageDriven = true;
invocation.method = method;
context.setState(BeanState.INVOKING);
invocation.context = context;
invocation.instance = context.getEJB();
invocation.ejb = context.getEJB();
invocation.container = this;
// Message Bean Container only starts a new transaction if
// there is no imported transaction and the message listener
// method has tx attribute TX_REQUIRED or the ejbTimeout has
// tx attribute TX_REQUIRES_NEW/TX_REQUIRED
boolean startTx = false;
if (!txImported) {
startTx = containerStartsTx(method);
}
// keep track of whether tx was started for later.
invocation.setContainerStartsTx(startTx);
this.invocationManager.preInvoke(invocation);
if (startTx) {
// Register the session associated with the message-driven
// bean's destination so the message delivery will be
// part of the container-managed transaction.
registerMessageBeanResource(resourceHandle);
}
preInvokeTx(invocation);
} catch (Throwable c) {
if (containerState != CONTAINER_STARTED) {
_logger.log(Level.SEVERE, "containers.mdb.preinvoke_exception", new Object[] { appEJBName_, c.toString() });
_logger.log(Level.SEVERE, c.getClass().getName(), c);
}
invocation.exception = c;
}
}
Also used :
EjbInvocation(com.sun.ejb.EjbInvocation)
EJBLocalRemoteObject(com.sun.ejb.containers.EJBLocalRemoteObject)
EJBException(javax.ejb.EJBException)
Example 14 with EjbInvocation
use of com.sun.ejb.EjbInvocation in project Payara by payara.
the class MessageBeanContainer method deliverMessage.
public Object deliverMessage(Object[] params) throws Throwable {
EjbInvocation invocation = null;
// for monitoring
boolean methodCalled = false;
Object result = null;
invocation = (EjbInvocation) invocationManager.getCurrentInvocation();
if (invocation == null && _logger.isLoggable(Level.FINEST)) {
if (containerState != CONTAINER_STARTED) {
_logger.log(Level.FINEST, "No invocation in onMessage " + " (container closing)");
} else {
_logger.log(Level.FINEST, "No invocation in onMessage : ");
}
}
if ((invocation != null) && (invocation.exception == null)) {
try {
// NOTE : Application classloader already set in
// beforeMessageDelivery
methodCalled = true;
if (isTimedObject() && isEjbTimeoutMethod(invocation.method)) {
invocation.beanMethod = invocation.method;
intercept(invocation);
} else {
// invocation.beanMethod is the actual target method from
// the bean class. The bean class is not required to be
// a formal subtype of the message listener interface, so
// we need to be careful to invoke through the bean class
// method itself. This info is also returned from the
// interceptor context info.
invocation.methodParams = params;
invocation.beanMethod = invocation.ejb.getClass().getMethod(invocation.method.getName(), invocation.method.getParameterTypes());
result = super.intercept(invocation);
}
} catch (InvocationTargetException ite) {
//
// In EJB 2.1, message listener method signatures do not have
// any restrictions on what kind of exceptions can be thrown.
// This was not the case in J2EE 1.3, since JMS message driven
// beans could only implement
// void javax.jms.MessageListener.onMessage() , which does
// not declare any exceptions.
//
// In the J2EE 1.3 implementation, exceptions were only
// propagated when the message driven bean was not configured
// with CMT/Required transaction mode. This has been changed
// due to the Connector 1.5 integration. Now, all exceptions
// are propagated regardless of the tx mode. (18.2.2)
// Application exceptions are propagated as is, while system
// exceptions are wrapped in an EJBException.
//
// If an exception is thrown and there is a container-started
// transaction, the semantics are the same as for other ejb
// types whose business methods throw an exception.
// Specifically, if the exception thrown is an Application
// exception(defined in 18.2.1), it does not automatically
// result in a rollback of the container-started transaction.
//
Throwable cause = ite.getCause();
// set cause on invocation , rather than the propagated
// EJBException
invocation.exception = cause;
if (isSystemUncheckedException(cause)) {
EJBException ejbEx = new EJBException("message-driven bean method " + invocation.method + " system exception");
ejbEx.initCause(cause);
cause = ejbEx;
}
throw cause;
} catch (Throwable t) {
EJBException ejbEx = new EJBException("message-bean container dispatch error");
ejbEx.initCause(t);
invocation.exception = ejbEx;
throw ejbEx;
} finally {
/*
* FIXME if ( AppVerification.doInstrument() ) {
* AppVerification.getInstrumentLogger().doInstrumentForEjb
* (getEjbDescriptor(), invocation.method,
* invocation.exception); }
*/
}
} else // End if -- invoke instance's onMessage method
{
if (invocation == null) {
String errorMsg = localStrings.getLocalString("containers.mdb.invocation_closed", appEJBName_ + ": Message-driven bean invocation " + "closed by container", new Object[] { appEJBName_ });
throw new EJBException(errorMsg);
} else {
_logger.log(Level.SEVERE, "containers.mdb.invocation_exception", new Object[] { appEJBName_, invocation.exception.toString() });
_logger.log(Level.SEVERE, invocation.exception.getClass().getName(), invocation.exception);
EJBException ejbEx = new EJBException();
ejbEx.initCause(invocation.exception);
throw ejbEx;
}
}
return result;
}
Also used :
EjbInvocation(com.sun.ejb.EjbInvocation)
EJBLocalRemoteObject(com.sun.ejb.containers.EJBLocalRemoteObject)
EJBException(javax.ejb.EJBException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
Example 15 with EjbInvocation
use of com.sun.ejb.EjbInvocation in project Payara by payara.
the class ActiveTxCache method enlistResourcesAndStore.
// Called from beforeCompletion and preFind
private void enlistResourcesAndStore(EntityContextImpl context) {
EntityBean e = (EntityBean) context.getEJB();
// NOTE : Use EjbInvocation instead of ComponentInvocation since
// the context is available. It is needed in case ejbStore/ejbLoad
// makes use of EJB timer service in order to perform operations allowed
// checks
EjbInvocation inv = super.createEjbInvocation(e, context);
invocationManager.preInvoke(inv);
try {
transactionManager.enlistComponentResources();
callEJBStore(e, context);
} catch (NoSuchEntityException ex) {
// Error during ejbStore, so discard bean: EJB2.0 18.3.3
forceDestroyBean(context);
throw new NoSuchObjectLocalException("NoSuchEntityException thrown by ejbStore, EJB instance discarded", ex);
} catch (Exception ex) {
// Error during ejbStore, so discard bean: EJB2.0 18.3.3
forceDestroyBean(context);
throw new EJBException(ex);
} finally {
invocationManager.postInvoke(inv);
}
}
Also used :
NoSuchObjectLocalException(javax.ejb.NoSuchObjectLocalException)
EjbInvocation(com.sun.ejb.EjbInvocation)
EntityBean(javax.ejb.EntityBean)
EJBException(javax.ejb.EJBException)
NoSuchEntityException(javax.ejb.NoSuchEntityException)
NoSuchEntityException(javax.ejb.NoSuchEntityException)
RemoveException(javax.ejb.RemoveException)
RemoteException(java.rmi.RemoteException)
EJBException(javax.ejb.EJBException)
FinderException(javax.ejb.FinderException)
SystemException(javax.transaction.SystemException)
CreateException(javax.ejb.CreateException)
NoSuchObjectLocalException(javax.ejb.NoSuchObjectLocalException)
Aggregations
EjbInvocation (com.sun.ejb.EjbInvocation)44
EJBException (javax.ejb.EJBException)22
RemoteException (java.rmi.RemoteException)18
CreateException (javax.ejb.CreateException)18
InvocationTargetException (java.lang.reflect.InvocationTargetException)16
NoSuchObjectLocalException (javax.ejb.NoSuchObjectLocalException)16
RemoveException (javax.ejb.RemoveException)16
SystemException (javax.transaction.SystemException)15
EJBObject (javax.ejb.EJBObject)11
IOException (java.io.IOException)9
NotSerializableException (java.io.NotSerializableException)9
ConcurrentAccessException (javax.ejb.ConcurrentAccessException)9
ConcurrentAccessTimeoutException (javax.ejb.ConcurrentAccessTimeoutException)9
IllegalLoopbackException (javax.ejb.IllegalLoopbackException)9
BackingStoreException (org.glassfish.ha.store.api.BackingStoreException)9
ComponentInvocation (org.glassfish.api.invocation.ComponentInvocation)7
EJBLocalRemoteObject (com.sun.ejb.containers.EJBLocalRemoteObject)6
FinderException (javax.ejb.FinderException)6
NoSuchEntityException (javax.ejb.NoSuchEntityException)6
InvocationInfo (com.sun.ejb.InvocationInfo)4
