use of com.sun.enterprise.connectors.authentication.RuntimeSecurityMap in project Payara by payara.
the class ConnectionPoolReconfigHelper method isEqualConnectorConnectionPool.
/*
* Compare the Original ConnectorConnectionPool with the passed one
* If MCF properties are changed, indicate that pool recreation is
* required
* We only check the MCF properties since a pool restart is required
* for changes in MCF props. For pool specific properties we can get
* away without restart
* If the new pool and old pool have identical MCF properties returns
* true
*/
private static ReconfigAction isEqualConnectorConnectionPool(ConnectorConnectionPool oldCcp, ConnectorConnectionPool newCcp, Set excludedProps) {
boolean poolsEqual = true;
// have changed
if (newCcp.isPoolingOn() != oldCcp.isPoolingOn()) {
return ReconfigAction.RECREATE_POOL;
}
if (newCcp.getTransactionSupport() != oldCcp.getTransactionSupport()) {
return ReconfigAction.RECREATE_POOL;
}
if (newCcp.isAssociateWithThread() != oldCcp.isAssociateWithThread()) {
return ReconfigAction.RECREATE_POOL;
}
if (newCcp.isLazyConnectionAssoc() != oldCcp.isLazyConnectionAssoc()) {
return ReconfigAction.RECREATE_POOL;
}
if (newCcp.isPartitionedPool() != oldCcp.isPartitionedPool()) {
return ReconfigAction.RECREATE_POOL;
}
if (newCcp.getPoolDataStructureType() == null && oldCcp.getPoolDataStructureType() != null) {
return ReconfigAction.RECREATE_POOL;
}
if (newCcp.getPoolDataStructureType() != null && oldCcp.getPoolDataStructureType() == null) {
return ReconfigAction.RECREATE_POOL;
}
if (((newCcp.getPoolDataStructureType() != null) && (oldCcp.getPoolDataStructureType() != null) && !(newCcp.getPoolDataStructureType().equals(oldCcp.getPoolDataStructureType())))) {
return ReconfigAction.RECREATE_POOL;
}
if ((newCcp.getPoolWaitQueue() != null) && (oldCcp.getPoolWaitQueue() == null)) {
return ReconfigAction.RECREATE_POOL;
}
if ((newCcp.getPoolWaitQueue() == null) && (oldCcp.getPoolWaitQueue() != null)) {
return ReconfigAction.RECREATE_POOL;
}
if ((newCcp.getPoolWaitQueue() != null) && (oldCcp.getPoolWaitQueue() != null) && (!newCcp.getPoolWaitQueue().equals(oldCcp.getPoolWaitQueue()))) {
return ReconfigAction.RECREATE_POOL;
}
if ((newCcp.getDataStructureParameters() != null) && (oldCcp.getDataStructureParameters() == null)) {
return ReconfigAction.RECREATE_POOL;
}
if ((newCcp.getDataStructureParameters() == null) && (oldCcp.getDataStructureParameters() != null)) {
return ReconfigAction.RECREATE_POOL;
}
if ((newCcp.getDataStructureParameters() != null) && (oldCcp.getDataStructureParameters() != null) && !(newCcp.getDataStructureParameters().equals(oldCcp.getDataStructureParameters()))) {
return ReconfigAction.RECREATE_POOL;
}
ConnectorDescriptorInfo oldCdi = oldCcp.getConnectorDescriptorInfo();
ConnectorDescriptorInfo newCdi = newCcp.getConnectorDescriptorInfo();
if (!oldCdi.getResourceAdapterClassName().equals(newCdi.getResourceAdapterClassName())) {
logFine("isEqualConnectorConnectionPool: getResourceAdapterClassName:: " + oldCdi.getResourceAdapterClassName() + " -- " + newCdi.getResourceAdapterClassName());
return ReconfigAction.RECREATE_POOL;
}
if (!oldCdi.getConnectionDefinitionName().equals(newCdi.getConnectionDefinitionName())) {
logFine("isEqualConnectorConnectionPool: getConnectionDefinitionName:: " + oldCdi.getConnectionDefinitionName() + " -- " + newCdi.getConnectionDefinitionName());
return ReconfigAction.RECREATE_POOL;
}
ConnectorSecurityMap[] newSecurityMaps = newCcp.getSecurityMaps();
RuntimeSecurityMap newRuntimeSecurityMap = SecurityMapUtils.processSecurityMaps(newSecurityMaps);
ConnectorSecurityMap[] oldSecurityMaps = oldCcp.getSecurityMaps();
RuntimeSecurityMap oldRuntimeSecurityMap = SecurityMapUtils.processSecurityMaps(oldSecurityMaps);
if (!(oldRuntimeSecurityMap.equals(newRuntimeSecurityMap))) {
logFine("isEqualConnectorConnectionPool: CCP.getSecurityMaps:: " + "New set of Security Maps is not equal to the existing" + " set of security Maps.");
return ReconfigAction.RECREATE_POOL;
}
return oldCdi.compareMCFConfigProperties(newCdi, excludedProps);
}
use of com.sun.enterprise.connectors.authentication.RuntimeSecurityMap in project Payara by payara.
the class ConnectorConnectionPoolAdminServiceImpl method obtainManagedConnectionFactory.
/**
* Returns the MCF instance. If the MCF is already created and
* present in connectorRegistry that instance is returned. Otherwise it
* is created explicitly and added to ConnectorRegistry.
*
* @param poolInfo Name of the pool.MCF pertaining to this pool is
* created/returned.
* @return created/already present MCF instance
* @throws ConnectorRuntimeException if creation/retrieval of MCF fails
*/
public ManagedConnectionFactory obtainManagedConnectionFactory(PoolInfo poolInfo, Hashtable env) throws ConnectorRuntimeException {
try {
if (_registry.isMCFCreated(poolInfo)) {
return _registry.getManagedConnectionFactory(poolInfo);
} else {
ConnectorConnectionPool connectorConnectionPool = getConnectorConnectionPool(poolInfo, env);
ActiveResourceAdapter activeResourceAdapter = getResourceAdapter(connectorConnectionPool);
ClassLoader loader = activeResourceAdapter.getClassLoader();
ManagedConnectionFactory mcf = activeResourceAdapter.createManagedConnectionFactory(connectorConnectionPool, loader);
if (mcf != null) {
// validate MCF before it is used or related pooling infrastructure is created.
validateMCF(mcf, activeResourceAdapter.getModuleName());
ResourcePrincipal prin = getDefaultResourcePrincipal(poolInfo, mcf, env);
Subject s = ConnectionPoolObjectsUtils.createSubject(mcf, prin);
int txSupport = connectorConnectionPool.getTransactionSupport();
// JSR-322 : check the runtime transaction level support of MCF and use appropriately.
if (mcf instanceof javax.resource.spi.TransactionSupport) {
TransactionSupport.TransactionSupportLevel mcfTS = ((javax.resource.spi.TransactionSupport) mcf).getTransactionSupport();
int containerTxSupport = ConnectionPoolObjectsUtils.convertSpecTxSupportToContainerTxSupport(mcfTS);
boolean isValidTxSupportLevel = ConnectionPoolObjectsUtils.isTxSupportConfigurationSane(containerTxSupport, activeResourceAdapter.getModuleName());
if (isValidTxSupportLevel) {
txSupport = containerTxSupport;
} else {
Object[] params = { mcfTS, activeResourceAdapter.getModuleName() };
String i18nMsg = localStrings.getString("ccp_adm_service.incorrect_tx_support", params);
ConnectorRuntimeException cre = new ConnectorRuntimeException(i18nMsg);
_logger.log(Level.SEVERE, "rardeployment.incorrect_tx_support", connectorConnectionPool.getName());
throw cre;
}
}
boolean isPM = connectorConnectionPool.isNonComponent();
boolean isNonTx = connectorConnectionPool.isNonTransactional();
ConnectorSecurityMap[] securityMaps = connectorConnectionPool.getSecurityMaps();
RuntimeSecurityMap runtimeSecurityMap = SecurityMapUtils.processSecurityMaps(securityMaps);
boolean lazyEnlistable = connectorConnectionPool.isLazyConnectionEnlist();
boolean lazyAssoc = connectorConnectionPool.isLazyConnectionAssoc();
if (isPM || isNonTx) {
/*
We should not do lazyEnlistment if we are an __pm
resource since we won't have an InvocationContext and
the lazy enlistment depends upon an InvocationContext
For a nonTx resource enlistment (lazy or otherwise)
doesn't come into the picture at all
*/
lazyEnlistable = false;
}
if (isPM) {
// lazy association with PM resources
if (lazyAssoc) {
String str = System.getProperty("com.sun.enterprise.resource.AllowLazyAssociationWithPM", "FALSE");
if (str.toUpperCase(Locale.getDefault()).trim().equals("FALSE")) {
lazyAssoc = false;
}
}
}
PoolMetaData pmd = new PoolMetaData(poolInfo, mcf, s, txSupport, prin, isPM, isNonTx, lazyEnlistable, runtimeSecurityMap, lazyAssoc);
logFine(pmd.toString());
_registry.addManagedConnectionFactory(poolInfo, pmd);
}
PoolType pt = getPoolType(connectorConnectionPool);
createAndAddPool(poolInfo, pt, env);
return mcf;
}
} catch (NamingException ne) {
String i18nMsg = localStrings.getString("pingpool.name_not_bound", poolInfo);
ConnectorRuntimeException cre = new ConnectorRuntimeException(i18nMsg);
cre.initCause(ne);
if (_logger.isLoggable(Level.FINE)) {
_logger.log(Level.FINE, "rardeployment.jndi_lookup_failed", poolInfo);
_logger.log(Level.FINE, "", cre);
}
throw cre;
} catch (NullPointerException ne) {
String i18nMsg = localStrings.getString("ccp_adm.failed_to_register_mcf", poolInfo);
ConnectorRuntimeException cre = new ConnectorRuntimeException(i18nMsg);
cre.initCause(ne);
_logger.log(Level.SEVERE, "mcf_add_toregistry_failed", poolInfo);
if (_logger.isLoggable(Level.FINE)) {
_logger.log(Level.FINE, "", cre);
}
throw cre;
}
}
use of com.sun.enterprise.connectors.authentication.RuntimeSecurityMap in project Payara by payara.
the class SecurityMapUtils method processSecurityMaps.
/**
* Updates the registry with the security map. If a security map already
* exists it deletes that map completely before adding the mew security
* map.
*
* @param securityMaps Array of securityMaps to be updated.
* @return Hash Map containing 1 - 1 mappings of principal and
* Resource Principal
*/
public static RuntimeSecurityMap processSecurityMaps(ConnectorSecurityMap[] securityMaps) {
if (securityMaps == null || securityMaps.length == 0) {
return new RuntimeSecurityMap();
}
HashMap userMap = new HashMap();
HashMap groupMap = new HashMap();
// Add user-backendPrincipal mappings to Map1
for (ConnectorSecurityMap map : securityMaps) {
ResourcePrincipal principal = generateResourcePrincipal(map);
List<String> principalNames = map.getPrincipals();
for (String principalName : principalNames) {
userMap.put(principalName, principal);
}
List<String> groupNames = map.getUserGroups();
for (String groupName : groupNames) groupMap.put(groupName, principal);
}
return new RuntimeSecurityMap(userMap, groupMap);
}
Aggregations