Search in sources :

Example 1 with RuntimeSecurityMap

use of com.sun.enterprise.connectors.authentication.RuntimeSecurityMap in project Payara by payara.

the class ConnectionPoolReconfigHelper method isEqualConnectorConnectionPool.

/*
     * Compare the Original ConnectorConnectionPool with the passed one
     * If MCF properties are changed, indicate that pool recreation is
     * required 
     * We only check the MCF properties since a pool restart is required
     * for changes in MCF props. For pool specific properties we can get
     * away without restart
     * If the new pool and old pool have identical MCF properties returns 
     * true
     */
private static ReconfigAction isEqualConnectorConnectionPool(ConnectorConnectionPool oldCcp, ConnectorConnectionPool newCcp, Set excludedProps) {
    boolean poolsEqual = true;
    // have changed
    if (newCcp.isPoolingOn() != oldCcp.isPoolingOn()) {
        return ReconfigAction.RECREATE_POOL;
    }
    if (newCcp.getTransactionSupport() != oldCcp.getTransactionSupport()) {
        return ReconfigAction.RECREATE_POOL;
    }
    if (newCcp.isAssociateWithThread() != oldCcp.isAssociateWithThread()) {
        return ReconfigAction.RECREATE_POOL;
    }
    if (newCcp.isLazyConnectionAssoc() != oldCcp.isLazyConnectionAssoc()) {
        return ReconfigAction.RECREATE_POOL;
    }
    if (newCcp.isPartitionedPool() != oldCcp.isPartitionedPool()) {
        return ReconfigAction.RECREATE_POOL;
    }
    if (newCcp.getPoolDataStructureType() == null && oldCcp.getPoolDataStructureType() != null) {
        return ReconfigAction.RECREATE_POOL;
    }
    if (newCcp.getPoolDataStructureType() != null && oldCcp.getPoolDataStructureType() == null) {
        return ReconfigAction.RECREATE_POOL;
    }
    if (((newCcp.getPoolDataStructureType() != null) && (oldCcp.getPoolDataStructureType() != null) && !(newCcp.getPoolDataStructureType().equals(oldCcp.getPoolDataStructureType())))) {
        return ReconfigAction.RECREATE_POOL;
    }
    if ((newCcp.getPoolWaitQueue() != null) && (oldCcp.getPoolWaitQueue() == null)) {
        return ReconfigAction.RECREATE_POOL;
    }
    if ((newCcp.getPoolWaitQueue() == null) && (oldCcp.getPoolWaitQueue() != null)) {
        return ReconfigAction.RECREATE_POOL;
    }
    if ((newCcp.getPoolWaitQueue() != null) && (oldCcp.getPoolWaitQueue() != null) && (!newCcp.getPoolWaitQueue().equals(oldCcp.getPoolWaitQueue()))) {
        return ReconfigAction.RECREATE_POOL;
    }
    if ((newCcp.getDataStructureParameters() != null) && (oldCcp.getDataStructureParameters() == null)) {
        return ReconfigAction.RECREATE_POOL;
    }
    if ((newCcp.getDataStructureParameters() == null) && (oldCcp.getDataStructureParameters() != null)) {
        return ReconfigAction.RECREATE_POOL;
    }
    if ((newCcp.getDataStructureParameters() != null) && (oldCcp.getDataStructureParameters() != null) && !(newCcp.getDataStructureParameters().equals(oldCcp.getDataStructureParameters()))) {
        return ReconfigAction.RECREATE_POOL;
    }
    ConnectorDescriptorInfo oldCdi = oldCcp.getConnectorDescriptorInfo();
    ConnectorDescriptorInfo newCdi = newCcp.getConnectorDescriptorInfo();
    if (!oldCdi.getResourceAdapterClassName().equals(newCdi.getResourceAdapterClassName())) {
        logFine("isEqualConnectorConnectionPool: getResourceAdapterClassName:: " + oldCdi.getResourceAdapterClassName() + " -- " + newCdi.getResourceAdapterClassName());
        return ReconfigAction.RECREATE_POOL;
    }
    if (!oldCdi.getConnectionDefinitionName().equals(newCdi.getConnectionDefinitionName())) {
        logFine("isEqualConnectorConnectionPool: getConnectionDefinitionName:: " + oldCdi.getConnectionDefinitionName() + " -- " + newCdi.getConnectionDefinitionName());
        return ReconfigAction.RECREATE_POOL;
    }
    ConnectorSecurityMap[] newSecurityMaps = newCcp.getSecurityMaps();
    RuntimeSecurityMap newRuntimeSecurityMap = SecurityMapUtils.processSecurityMaps(newSecurityMaps);
    ConnectorSecurityMap[] oldSecurityMaps = oldCcp.getSecurityMaps();
    RuntimeSecurityMap oldRuntimeSecurityMap = SecurityMapUtils.processSecurityMaps(oldSecurityMaps);
    if (!(oldRuntimeSecurityMap.equals(newRuntimeSecurityMap))) {
        logFine("isEqualConnectorConnectionPool: CCP.getSecurityMaps:: " + "New set of Security Maps is not equal to the existing" + " set of security Maps.");
        return ReconfigAction.RECREATE_POOL;
    }
    return oldCdi.compareMCFConfigProperties(newCdi, excludedProps);
}
Also used : ConnectorSecurityMap(com.sun.enterprise.connectors.authentication.ConnectorSecurityMap) RuntimeSecurityMap(com.sun.enterprise.connectors.authentication.RuntimeSecurityMap) ConnectorDescriptorInfo(com.sun.enterprise.connectors.ConnectorDescriptorInfo)

Example 2 with RuntimeSecurityMap

use of com.sun.enterprise.connectors.authentication.RuntimeSecurityMap in project Payara by payara.

the class ConnectorConnectionPoolAdminServiceImpl method obtainManagedConnectionFactory.

/**
 * Returns the MCF instance. If the MCF is already created and
 * present in connectorRegistry that instance is returned. Otherwise it
 * is created explicitly and added to ConnectorRegistry.
 *
 * @param poolInfo Name of the pool.MCF pertaining to this pool is
 *                 created/returned.
 * @return created/already present MCF instance
 * @throws ConnectorRuntimeException if creation/retrieval of MCF fails
 */
public ManagedConnectionFactory obtainManagedConnectionFactory(PoolInfo poolInfo, Hashtable env) throws ConnectorRuntimeException {
    try {
        if (_registry.isMCFCreated(poolInfo)) {
            return _registry.getManagedConnectionFactory(poolInfo);
        } else {
            ConnectorConnectionPool connectorConnectionPool = getConnectorConnectionPool(poolInfo, env);
            ActiveResourceAdapter activeResourceAdapter = getResourceAdapter(connectorConnectionPool);
            ClassLoader loader = activeResourceAdapter.getClassLoader();
            ManagedConnectionFactory mcf = activeResourceAdapter.createManagedConnectionFactory(connectorConnectionPool, loader);
            if (mcf != null) {
                // validate MCF before it is used or related pooling infrastructure is created.
                validateMCF(mcf, activeResourceAdapter.getModuleName());
                ResourcePrincipal prin = getDefaultResourcePrincipal(poolInfo, mcf, env);
                Subject s = ConnectionPoolObjectsUtils.createSubject(mcf, prin);
                int txSupport = connectorConnectionPool.getTransactionSupport();
                // JSR-322 : check the runtime transaction level support of MCF and use appropriately.
                if (mcf instanceof javax.resource.spi.TransactionSupport) {
                    TransactionSupport.TransactionSupportLevel mcfTS = ((javax.resource.spi.TransactionSupport) mcf).getTransactionSupport();
                    int containerTxSupport = ConnectionPoolObjectsUtils.convertSpecTxSupportToContainerTxSupport(mcfTS);
                    boolean isValidTxSupportLevel = ConnectionPoolObjectsUtils.isTxSupportConfigurationSane(containerTxSupport, activeResourceAdapter.getModuleName());
                    if (isValidTxSupportLevel) {
                        txSupport = containerTxSupport;
                    } else {
                        Object[] params = { mcfTS, activeResourceAdapter.getModuleName() };
                        String i18nMsg = localStrings.getString("ccp_adm_service.incorrect_tx_support", params);
                        ConnectorRuntimeException cre = new ConnectorRuntimeException(i18nMsg);
                        _logger.log(Level.SEVERE, "rardeployment.incorrect_tx_support", connectorConnectionPool.getName());
                        throw cre;
                    }
                }
                boolean isPM = connectorConnectionPool.isNonComponent();
                boolean isNonTx = connectorConnectionPool.isNonTransactional();
                ConnectorSecurityMap[] securityMaps = connectorConnectionPool.getSecurityMaps();
                RuntimeSecurityMap runtimeSecurityMap = SecurityMapUtils.processSecurityMaps(securityMaps);
                boolean lazyEnlistable = connectorConnectionPool.isLazyConnectionEnlist();
                boolean lazyAssoc = connectorConnectionPool.isLazyConnectionAssoc();
                if (isPM || isNonTx) {
                    /*
                        We should not do lazyEnlistment if we are an __pm
                        resource since we won't have an InvocationContext and
                        the lazy enlistment depends upon an InvocationContext
                        For a nonTx resource enlistment (lazy or otherwise)
                        doesn't come into the picture at all
                        */
                    lazyEnlistable = false;
                }
                if (isPM) {
                    // lazy association with PM resources
                    if (lazyAssoc) {
                        String str = System.getProperty("com.sun.enterprise.resource.AllowLazyAssociationWithPM", "FALSE");
                        if (str.toUpperCase(Locale.getDefault()).trim().equals("FALSE")) {
                            lazyAssoc = false;
                        }
                    }
                }
                PoolMetaData pmd = new PoolMetaData(poolInfo, mcf, s, txSupport, prin, isPM, isNonTx, lazyEnlistable, runtimeSecurityMap, lazyAssoc);
                logFine(pmd.toString());
                _registry.addManagedConnectionFactory(poolInfo, pmd);
            }
            PoolType pt = getPoolType(connectorConnectionPool);
            createAndAddPool(poolInfo, pt, env);
            return mcf;
        }
    } catch (NamingException ne) {
        String i18nMsg = localStrings.getString("pingpool.name_not_bound", poolInfo);
        ConnectorRuntimeException cre = new ConnectorRuntimeException(i18nMsg);
        cre.initCause(ne);
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "rardeployment.jndi_lookup_failed", poolInfo);
            _logger.log(Level.FINE, "", cre);
        }
        throw cre;
    } catch (NullPointerException ne) {
        String i18nMsg = localStrings.getString("ccp_adm.failed_to_register_mcf", poolInfo);
        ConnectorRuntimeException cre = new ConnectorRuntimeException(i18nMsg);
        cre.initCause(ne);
        _logger.log(Level.SEVERE, "mcf_add_toregistry_failed", poolInfo);
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "", cre);
        }
        throw cre;
    }
}
Also used : ConnectorRuntimeException(com.sun.appserv.connectors.internal.api.ConnectorRuntimeException) ConnectorSecurityMap(com.sun.enterprise.connectors.authentication.ConnectorSecurityMap) ResourcePrincipal(com.sun.enterprise.deployment.ResourcePrincipal) Subject(javax.security.auth.Subject) ManagedConnectionFactory(javax.resource.spi.ManagedConnectionFactory) TransactionSupport(javax.resource.spi.TransactionSupport) RuntimeSecurityMap(com.sun.enterprise.connectors.authentication.RuntimeSecurityMap) NamingException(javax.naming.NamingException)

Example 3 with RuntimeSecurityMap

use of com.sun.enterprise.connectors.authentication.RuntimeSecurityMap in project Payara by payara.

the class SecurityMapUtils method processSecurityMaps.

/**
 * Updates the registry with the security map. If a security map already
 * exists it deletes that map completely before adding the mew security
 * map.
 *
 * @param securityMaps Array of securityMaps to be updated.
 * @return Hash Map containing 1 - 1 mappings of principal and
 *         Resource Principal
 */
public static RuntimeSecurityMap processSecurityMaps(ConnectorSecurityMap[] securityMaps) {
    if (securityMaps == null || securityMaps.length == 0) {
        return new RuntimeSecurityMap();
    }
    HashMap userMap = new HashMap();
    HashMap groupMap = new HashMap();
    // Add user-backendPrincipal mappings to Map1
    for (ConnectorSecurityMap map : securityMaps) {
        ResourcePrincipal principal = generateResourcePrincipal(map);
        List<String> principalNames = map.getPrincipals();
        for (String principalName : principalNames) {
            userMap.put(principalName, principal);
        }
        List<String> groupNames = map.getUserGroups();
        for (String groupName : groupNames) groupMap.put(groupName, principal);
    }
    return new RuntimeSecurityMap(userMap, groupMap);
}
Also used : HashMap(java.util.HashMap) RuntimeSecurityMap(com.sun.enterprise.connectors.authentication.RuntimeSecurityMap) ConnectorSecurityMap(com.sun.enterprise.connectors.authentication.ConnectorSecurityMap) ResourcePrincipal(com.sun.enterprise.deployment.ResourcePrincipal)

Aggregations

ConnectorSecurityMap (com.sun.enterprise.connectors.authentication.ConnectorSecurityMap)3 RuntimeSecurityMap (com.sun.enterprise.connectors.authentication.RuntimeSecurityMap)3 ResourcePrincipal (com.sun.enterprise.deployment.ResourcePrincipal)2 ConnectorRuntimeException (com.sun.appserv.connectors.internal.api.ConnectorRuntimeException)1 ConnectorDescriptorInfo (com.sun.enterprise.connectors.ConnectorDescriptorInfo)1 HashMap (java.util.HashMap)1 NamingException (javax.naming.NamingException)1 ManagedConnectionFactory (javax.resource.spi.ManagedConnectionFactory)1 TransactionSupport (javax.resource.spi.TransactionSupport)1 Subject (javax.security.auth.Subject)1