Example 16 with EjbDescriptor
use of com.sun.enterprise.deployment.EjbDescriptor in project Payara by payara.
the class EjbContext method getHandlerChainContainers.
public HandlerChainContainer[] getHandlerChainContainers(boolean serviceSideHandlerChain, Class declaringClass) {
if (serviceSideHandlerChain) {
EjbDescriptor[] ejbs = getDescriptor().getEjbBundleDescriptor().getEjbByClassName(declaringClass.getName());
List<WebServiceEndpoint> result = new ArrayList<WebServiceEndpoint>();
for (EjbDescriptor ejb : ejbs) {
result.addAll(getDescriptor().getEjbBundleDescriptor().getWebServices().getEndpointsImplementedBy(ejb));
}
return (result.toArray(new HandlerChainContainer[result.size()]));
} else {
List<ServiceReferenceDescriptor> result = new ArrayList<ServiceReferenceDescriptor>();
result.addAll(getDescriptor().getEjbBundleDescriptor().getEjbServiceReferenceDescriptors());
return (result.toArray(new HandlerChainContainer[result.size()]));
}
}
Also used :
HandlerChainContainer(com.sun.enterprise.deployment.types.HandlerChainContainer)
WebServiceEndpoint(com.sun.enterprise.deployment.WebServiceEndpoint)
ArrayList(java.util.ArrayList)
ServiceReferenceDescriptor(com.sun.enterprise.deployment.ServiceReferenceDescriptor)
EjbDescriptor(com.sun.enterprise.deployment.EjbDescriptor)
Example 17 with EjbDescriptor
use of com.sun.enterprise.deployment.EjbDescriptor in project Payara by payara.
the class AbstractAuthAnnotationHandler method postProcessAnnotation.
/**
* This method is for processing security annotation associated to ejb.
* Dervied class call this method may like to override
*
* protected void processEjbMethodSecurity(Annotation authAnnotation,
* MethodDescriptor md, EjbDescriptor ejbDesc)
*/
@Override
public void postProcessAnnotation(AnnotationInfo ainfo, EjbContext ejbContext) throws AnnotationProcessorException {
EjbDescriptor ejbDesc = ejbContext.getDescriptor();
Annotation authAnnotation = ainfo.getAnnotation();
if (!ejbContext.isInherited() && (ejbDesc.getMethodPermissionsFromDD() == null || ejbDesc.getMethodPermissionsFromDD().size() == 0)) {
for (MethodDescriptor md : getMethodAllDescriptors(ejbDesc)) {
processEjbMethodSecurity(authAnnotation, md, ejbDesc);
}
} else {
Class classAn = (Class) ainfo.getAnnotatedElement();
for (Object next : ejbDesc.getSecurityBusinessMethodDescriptors()) {
MethodDescriptor md = (MethodDescriptor) next;
// override by existing info
if (classAn.equals(ejbContext.getDeclaringClass(md)) && !hasMethodPermissionsFromDD(md, ejbDesc)) {
processEjbMethodSecurity(authAnnotation, md, ejbDesc);
}
}
}
}
Also used :
MethodDescriptor(com.sun.enterprise.deployment.MethodDescriptor)
EjbDescriptor(com.sun.enterprise.deployment.EjbDescriptor)
Annotation(java.lang.annotation.Annotation)
Example 18 with EjbDescriptor
use of com.sun.enterprise.deployment.EjbDescriptor in project Payara by payara.
the class RunAsHandler method processAnnotation.
protected HandlerProcessingResult processAnnotation(AnnotationInfo ainfo, EjbContext[] ejbContexts) throws AnnotationProcessorException {
RunAs runAsAn = (RunAs) ainfo.getAnnotation();
for (EjbContext ejbContext : ejbContexts) {
EjbDescriptor ejbDesc = ejbContext.getDescriptor();
// override by xml
if (ejbDesc.getUsesCallerIdentity() != null) {
continue;
}
String roleName = runAsAn.value();
Role role = new Role(roleName);
// add Role if not exists
ejbDesc.getEjbBundleDescriptor().addRole(role);
RunAsIdentityDescriptor runAsDesc = new RunAsIdentityDescriptor();
runAsDesc.setRoleName(roleName);
ejbDesc.setUsesCallerIdentity(false);
if (ejbDesc.getRunAsIdentity() == null) {
ejbDesc.setRunAsIdentity(runAsDesc);
}
}
return getDefaultProcessedResult();
}
Also used :
Role(org.glassfish.security.common.Role)
RunAsIdentityDescriptor(com.sun.enterprise.deployment.RunAsIdentityDescriptor)
EjbContext(com.sun.enterprise.deployment.annotation.context.EjbContext)
RunAs(javax.annotation.security.RunAs)
EjbDescriptor(com.sun.enterprise.deployment.EjbDescriptor)
Example 19 with EjbDescriptor
use of com.sun.enterprise.deployment.EjbDescriptor in project Payara by payara.
the class CSIV2TaggedComponentInfo method getEjbDescriptor.
public EjbDescriptor getEjbDescriptor(IORInfo iorInfo) {
CSIv2Policy csiv2Policy = null;
try {
csiv2Policy = (CSIv2Policy) iorInfo.get_effective_policy(orbHelper.getCSIv2PolicyType());
} catch (INV_POLICY ex) {
logger.log(FINE, "CSIV2TaggedComponentInfo.getEjbDescriptor: CSIv2Policy not present");
}
// Add CSIv2 tagged component for this EJB type.
if (logger.isLoggable(FINE)) {
logger.log(FINE, "TxSecIORInterceptor.establish_components: CSIv2Policy: " + csiv2Policy);
}
EjbDescriptor ejbDesc = null;
if (csiv2Policy != null) {
ejbDesc = csiv2Policy.getEjbDescriptor();
}
return ejbDesc;
}
Also used :
INV_POLICY(org.omg.CORBA.INV_POLICY)
CSIv2Policy(org.glassfish.enterprise.iiop.impl.CSIv2Policy)
EjbDescriptor(com.sun.enterprise.deployment.EjbDescriptor)
Example 20 with EjbDescriptor
use of com.sun.enterprise.deployment.EjbDescriptor in project Payara by payara.
the class SecurityMechanismSelector method evaluate_client_conformance.
/**
* Evaluates a client's conformance to the security policies configured on the target. Returns true
* if conformant to the security policies otherwise return false.
*
* Conformance checking is done as follows: First, the object_id is mapped to the set of
* EjbIORConfigurationDescriptor. Each EjbIORConfigurationDescriptor corresponds to a single
* CompoundSecMechanism of the CSIv2 spec. A client is considered to be conformant if a
* CompoundSecMechanism consistent with the client's actions is found i.e. transport_mech,
* as_context_mech and sas_context_mech must all be consistent.
*/
private boolean evaluate_client_conformance(SecurityContext ctx, byte[] object_id, boolean ssl_used, X509Certificate[] certchain) {
if (object_id == null)
return true;
if (protocolMgr == null)
protocolMgr = orbHelper.getProtocolManager();
// is on a callback object in the client VM.
if (protocolMgr == null)
return true;
EjbDescriptor ejbDesc = protocolMgr.getEjbDescriptor(object_id);
Set iorDescSet = null;
if (ejbDesc != null) {
iorDescSet = ejbDesc.getIORConfigurationDescriptors();
} else {
// Probably a non-EJB CORBA object.
// Create a temporary EjbIORConfigurationDescriptor.
iorDescSet = getCorbaIORDescSet();
}
if (_logger.isLoggable(Level.FINE)) {
_logger.log(Level.FINE, "SecurityMechanismSelector.evaluate_client_conformance: iorDescSet: " + iorDescSet);
}
/*
* if there are no IORConfigurationDescriptors configured, then no security policy is configured. So
* consider the client to be conformant.
*/
if (iorDescSet.isEmpty())
return true;
// go through each EjbIORConfigurationDescriptor trying to find
// a find a CompoundSecMechanism that matches client's actions.
boolean checkSkipped = false;
for (Iterator itr = iorDescSet.iterator(); itr.hasNext(); ) {
EjbIORConfigurationDescriptor iorDesc = (EjbIORConfigurationDescriptor) itr.next();
if (skip_client_conformance(iorDesc)) {
if (_logger.isLoggable(Level.FINE)) {
_logger.log(Level.FINE, "SecurityMechanismSelector.evaluate_client_conformance: skip_client_conformance");
}
checkSkipped = true;
continue;
}
if (!evaluate_client_conformance_ssl(iorDesc, ssl_used, certchain)) {
if (_logger.isLoggable(Level.FINE)) {
_logger.log(Level.FINE, "SecurityMechanismSelector.evaluate_client_conformance: evaluate_client_conformance_ssl");
}
checkSkipped = false;
continue;
}
String realmName = "default";
if (ejbDesc != null && ejbDesc.getApplication() != null) {
realmName = ejbDesc.getApplication().getRealm();
}
if (realmName == null) {
realmName = iorDesc.getRealmName();
}
if (realmName == null) {
realmName = "default";
}
if (!evaluate_client_conformance_ascontext(ctx, iorDesc, realmName)) {
if (_logger.isLoggable(Level.FINE)) {
_logger.log(Level.FINE, "SecurityMechanismSelector.evaluate_client_conformance: evaluate_client_conformance_ascontext");
}
checkSkipped = false;
continue;
}
if (!evaluate_client_conformance_sascontext(ctx, iorDesc)) {
if (_logger.isLoggable(Level.FINE)) {
_logger.log(Level.FINE, "SecurityMechanismSelector.evaluate_client_conformance: evaluate_client_conformance_sascontext");
}
checkSkipped = false;
continue;
}
// security policy matched.
return true;
}
if (checkSkipped)
return true;
// No matching security policy found
return false;
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
Iterator(java.util.Iterator)
EjbDescriptor(com.sun.enterprise.deployment.EjbDescriptor)
EjbIORConfigurationDescriptor(com.sun.enterprise.deployment.EjbIORConfigurationDescriptor)
Aggregations
EjbDescriptor (com.sun.enterprise.deployment.EjbDescriptor)48
EjbBundleDescriptor (com.sun.enterprise.deployment.EjbBundleDescriptor)16
WebBundleDescriptor (com.sun.enterprise.deployment.WebBundleDescriptor)11
BundleDescriptor (com.sun.enterprise.deployment.BundleDescriptor)10
Application (com.sun.enterprise.deployment.Application)6
JndiNameEnvironment (com.sun.enterprise.deployment.JndiNameEnvironment)6
WebServiceEndpoint (com.sun.enterprise.deployment.WebServiceEndpoint)5
ManagedBeanDescriptor (com.sun.enterprise.deployment.ManagedBeanDescriptor)4
EjbContext (com.sun.enterprise.deployment.annotation.context.EjbContext)4
ArrayList (java.util.ArrayList)4
Descriptor (org.glassfish.deployment.common.Descriptor)4
BeanDeploymentArchive (org.jboss.weld.bootstrap.spi.BeanDeploymentArchive)4
ApplicationClientDescriptor (com.sun.enterprise.deployment.ApplicationClientDescriptor)3
EjbInterceptor (com.sun.enterprise.deployment.EjbInterceptor)3
EjbMessageBeanDescriptor (com.sun.enterprise.deployment.EjbMessageBeanDescriptor)3
MethodDescriptor (com.sun.enterprise.deployment.MethodDescriptor)3
RunAsIdentityDescriptor (com.sun.enterprise.deployment.RunAsIdentityDescriptor)3
ServiceReferenceDescriptor (com.sun.enterprise.deployment.ServiceReferenceDescriptor)3
WebComponentDescriptor (com.sun.enterprise.deployment.WebComponentDescriptor)3
Method (java.lang.reflect.Method)3
