Search in sources :

Example 11 with ResourcePrincipal

use of com.sun.enterprise.deployment.ResourcePrincipal in project Payara by payara.

the class ConnectorConnectionPoolAdminServiceImpl method getUnpooledConnection.

/**
 * This method is used to provide backend functionality for the
 * ping-connection-pool asadmin command. Briefly the design is as
 * follows:<br>
 * 1. obtainManagedConnectionFactory for the poolname<br>
 * 2. lookup ConnectorDescriptorInfo from InitialContext using poolname<br>
 * 3. from cdi get username and password<br>
 * 4. create ResourcePrincipal using default username and password<br>
 * 5. create a Subject from this (doPriveleged)<br>
 * 6. createManagedConnection using above subject<br>
 * 7. add a dummy ConnectionEventListener to the mc that simply handles connectionClosed
 * 8. getConnection from the ManagedConnection with above subject<br>
 *
 * @param poolInfo               The poolname from whose MCF to obtain the unpooled mc
 * @param principal                   The ResourcePrincipal to use for authenticating the request if not null.
 *                               If null, the pool's default authentication mechanism is used
 * @param returnConnectionHandle If true will return the logical connection handle
 *                               derived from the Managed Connection, else will only return mc
 * @return an unPooled connection
 * @throws ResourceException for various error conditions
 */
public Object getUnpooledConnection(PoolInfo poolInfo, ResourcePrincipal principal, boolean returnConnectionHandle) throws ResourceException {
    ManagedConnectionFactory mcf = null;
    ResourcePool poolToDeploy = null;
    boolean needToUndeployPool = false;
    ConnectorRuntime runtime = ConnectorRuntime.getRuntime();
    try {
        // START CR 6597868
        if (!isPoolReferredByResource(poolInfo)) {
            if (_registry.isMCFCreated(poolInfo)) {
                unloadAndKillPool(poolInfo);
            }
        }
        // END CR 6597868
        mcf = obtainManagedConnectionFactory(poolInfo, new Hashtable());
    } catch (ConnectorRuntimeException re) {
        logFine("getUnpooledConnection :: obtainManagedConnectionFactory " + "threw exception. So doing checkAndLoadPoolResource");
        if (checkAndLoadPool(poolInfo)) {
            logFine("getUnpooledConnection:: checkAndLoadPoolResource is true");
            try {
                // remote instance, the pool will not have been created
                if (!isConnectorConnectionPoolDeployed(poolInfo)) {
                    logFine("getUnpooledConnection :: isConnectorConnectionPoolDeployed is false");
                    try {
                        poolToDeploy = (ResourcePool) ConnectorsUtil.getResourceByName(runtime.getResources(poolInfo), ResourcePool.class, poolInfo.getName());
                        runtime.getResourceDeployer(poolToDeploy).deployResource(poolToDeploy);
                        logFine("getUnpooledConnection :: force deployed the ConnectionPool : " + poolInfo);
                        needToUndeployPool = true;
                    } catch (Exception e) {
                        _logger.log(Level.SEVERE, "jdbc.could_not_do_actual_deploy for : ", poolInfo);
                        throw new ResourceException(e);
                    }
                }
                logFine("getUnpooledConnection :: Now calling obtainManagedConnectionFactory again");
                mcf = obtainManagedConnectionFactory(poolInfo);
                logFine("getUnpooledConnection:: done obtainManagedConnectionFactory again");
            } catch (ConnectorRuntimeException creAgain) {
                String l10nMsg = localStrings.getString("pingpool.cannot_obtain_mcf", poolInfo);
                _logger.log(Level.WARNING, "jdbc.pool_not_reachable", l10nMsg);
                ResourceException e = new ResourceException(l10nMsg);
                e.initCause(creAgain);
                throw e;
            }
        } else {
            _logger.log(Level.WARNING, "jdbc.pool_not_reachable", re.getMessage());
            String l10nMsg = localStrings.getString("pingpool.cannot_obtain_mcf", poolInfo);
            ResourceException e = new ResourceException(l10nMsg);
            e.initCause(re);
            throw e;
        }
    }
    ResourcePrincipal resourcePrincipal = null;
    if (principal == null) {
        try {
            resourcePrincipal = getDefaultResourcePrincipal(poolInfo, mcf);
        } catch (NamingException ne) {
            _logger.log(Level.WARNING, "jdbc.pool_not_reachable", ne.getMessage());
            String l10nMsg = localStrings.getString("pingpool.name_not_bound", poolInfo);
            ResourceException e = new ResourceException(l10nMsg + poolInfo);
            e.initCause(ne);
            throw e;
        }
    } else {
        resourcePrincipal = principal;
    }
    final Subject defaultSubject = ConnectionPoolObjectsUtils.createSubject(mcf, resourcePrincipal);
    if (_logger.isLoggable(Level.FINE)) {
        _logger.fine("using subject: " + defaultSubject);
    }
    // Create the ManagedConnection
    ManagedConnection mc = mcf.createManagedConnection(defaultSubject, null);
    // it here
    if (needToUndeployPool) {
        if (poolToDeploy != null) {
            logFine("getUnpooledConnection :: need to force undeploy pool");
            try {
                runtime.getResourceDeployer(poolToDeploy).undeployResource(poolToDeploy);
            } catch (Exception e) {
                if (_logger.isLoggable(Level.FINE)) {
                    _logger.fine("getUnpooledConnection: error undeploying pool");
                }
            }
            logFine("getUnpooledConnection :: done.. force undeploy of pool");
        }
    }
    // Add our dummy ConnectionEventListener impl.
    // This impl only knows how to handle connectionClosed events
    mc.addConnectionEventListener(new UnpooledConnectionEventListener());
    return returnConnectionHandle ? mc.getConnection(defaultSubject, null) : mc;
}
Also used : ConnectorRuntimeException(com.sun.appserv.connectors.internal.api.ConnectorRuntimeException) ResourcePrincipal(com.sun.enterprise.deployment.ResourcePrincipal) ResourcePool(com.sun.enterprise.config.serverbeans.ResourcePool) PoolingException(com.sun.appserv.connectors.internal.api.PoolingException) ResourceException(javax.resource.ResourceException) NamingException(javax.naming.NamingException) SQLException(java.sql.SQLException) ConnectorRuntimeException(com.sun.appserv.connectors.internal.api.ConnectorRuntimeException) Subject(javax.security.auth.Subject) ManagedConnectionFactory(javax.resource.spi.ManagedConnectionFactory) ResourceException(javax.resource.ResourceException) NamingException(javax.naming.NamingException) ManagedConnection(javax.resource.spi.ManagedConnection) UnpooledConnectionEventListener(com.sun.enterprise.resource.listener.UnpooledConnectionEventListener)

Example 12 with ResourcePrincipal

use of com.sun.enterprise.deployment.ResourcePrincipal in project Payara by payara.

the class ConnectorConnectionPoolAdminServiceImpl method obtainManagedConnectionFactory.

/**
 * Returns the MCF instance. If the MCF is already created and
 * present in connectorRegistry that instance is returned. Otherwise it
 * is created explicitly and added to ConnectorRegistry.
 *
 * @param poolInfo Name of the pool.MCF pertaining to this pool is
 *                 created/returned.
 * @return created/already present MCF instance
 * @throws ConnectorRuntimeException if creation/retrieval of MCF fails
 */
public ManagedConnectionFactory obtainManagedConnectionFactory(PoolInfo poolInfo, Hashtable env) throws ConnectorRuntimeException {
    try {
        if (_registry.isMCFCreated(poolInfo)) {
            return _registry.getManagedConnectionFactory(poolInfo);
        } else {
            ConnectorConnectionPool connectorConnectionPool = getConnectorConnectionPool(poolInfo, env);
            ActiveResourceAdapter activeResourceAdapter = getResourceAdapter(connectorConnectionPool);
            ClassLoader loader = activeResourceAdapter.getClassLoader();
            ManagedConnectionFactory mcf = activeResourceAdapter.createManagedConnectionFactory(connectorConnectionPool, loader);
            if (mcf != null) {
                // validate MCF before it is used or related pooling infrastructure is created.
                validateMCF(mcf, activeResourceAdapter.getModuleName());
                ResourcePrincipal prin = getDefaultResourcePrincipal(poolInfo, mcf, env);
                Subject s = ConnectionPoolObjectsUtils.createSubject(mcf, prin);
                int txSupport = connectorConnectionPool.getTransactionSupport();
                // JSR-322 : check the runtime transaction level support of MCF and use appropriately.
                if (mcf instanceof javax.resource.spi.TransactionSupport) {
                    TransactionSupport.TransactionSupportLevel mcfTS = ((javax.resource.spi.TransactionSupport) mcf).getTransactionSupport();
                    int containerTxSupport = ConnectionPoolObjectsUtils.convertSpecTxSupportToContainerTxSupport(mcfTS);
                    boolean isValidTxSupportLevel = ConnectionPoolObjectsUtils.isTxSupportConfigurationSane(containerTxSupport, activeResourceAdapter.getModuleName());
                    if (isValidTxSupportLevel) {
                        txSupport = containerTxSupport;
                    } else {
                        Object[] params = { mcfTS, activeResourceAdapter.getModuleName() };
                        String i18nMsg = localStrings.getString("ccp_adm_service.incorrect_tx_support", params);
                        ConnectorRuntimeException cre = new ConnectorRuntimeException(i18nMsg);
                        _logger.log(Level.SEVERE, "rardeployment.incorrect_tx_support", connectorConnectionPool.getName());
                        throw cre;
                    }
                }
                boolean isPM = connectorConnectionPool.isNonComponent();
                boolean isNonTx = connectorConnectionPool.isNonTransactional();
                ConnectorSecurityMap[] securityMaps = connectorConnectionPool.getSecurityMaps();
                RuntimeSecurityMap runtimeSecurityMap = SecurityMapUtils.processSecurityMaps(securityMaps);
                boolean lazyEnlistable = connectorConnectionPool.isLazyConnectionEnlist();
                boolean lazyAssoc = connectorConnectionPool.isLazyConnectionAssoc();
                if (isPM || isNonTx) {
                    /*
                        We should not do lazyEnlistment if we are an __pm
                        resource since we won't have an InvocationContext and
                        the lazy enlistment depends upon an InvocationContext
                        For a nonTx resource enlistment (lazy or otherwise)
                        doesn't come into the picture at all
                        */
                    lazyEnlistable = false;
                }
                if (isPM) {
                    // lazy association with PM resources
                    if (lazyAssoc) {
                        String str = System.getProperty("com.sun.enterprise.resource.AllowLazyAssociationWithPM", "FALSE");
                        if (str.toUpperCase(Locale.getDefault()).trim().equals("FALSE")) {
                            lazyAssoc = false;
                        }
                    }
                }
                PoolMetaData pmd = new PoolMetaData(poolInfo, mcf, s, txSupport, prin, isPM, isNonTx, lazyEnlistable, runtimeSecurityMap, lazyAssoc);
                logFine(pmd.toString());
                _registry.addManagedConnectionFactory(poolInfo, pmd);
            }
            PoolType pt = getPoolType(connectorConnectionPool);
            createAndAddPool(poolInfo, pt, env);
            return mcf;
        }
    } catch (NamingException ne) {
        String i18nMsg = localStrings.getString("pingpool.name_not_bound", poolInfo);
        ConnectorRuntimeException cre = new ConnectorRuntimeException(i18nMsg);
        cre.initCause(ne);
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "rardeployment.jndi_lookup_failed", poolInfo);
            _logger.log(Level.FINE, "", cre);
        }
        throw cre;
    } catch (NullPointerException ne) {
        String i18nMsg = localStrings.getString("ccp_adm.failed_to_register_mcf", poolInfo);
        ConnectorRuntimeException cre = new ConnectorRuntimeException(i18nMsg);
        cre.initCause(ne);
        _logger.log(Level.SEVERE, "mcf_add_toregistry_failed", poolInfo);
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "", cre);
        }
        throw cre;
    }
}
Also used : ConnectorRuntimeException(com.sun.appserv.connectors.internal.api.ConnectorRuntimeException) ConnectorSecurityMap(com.sun.enterprise.connectors.authentication.ConnectorSecurityMap) ResourcePrincipal(com.sun.enterprise.deployment.ResourcePrincipal) Subject(javax.security.auth.Subject) ManagedConnectionFactory(javax.resource.spi.ManagedConnectionFactory) TransactionSupport(javax.resource.spi.TransactionSupport) RuntimeSecurityMap(com.sun.enterprise.connectors.authentication.RuntimeSecurityMap) NamingException(javax.naming.NamingException)

Example 13 with ResourcePrincipal

use of com.sun.enterprise.deployment.ResourcePrincipal in project Payara by payara.

the class SecurityMapUtils method processSecurityMaps.

/**
 * Updates the registry with the security map. If a security map already
 * exists it deletes that map completely before adding the mew security
 * map.
 *
 * @param securityMaps Array of securityMaps to be updated.
 * @return Hash Map containing 1 - 1 mappings of principal and
 *         Resource Principal
 */
public static RuntimeSecurityMap processSecurityMaps(ConnectorSecurityMap[] securityMaps) {
    if (securityMaps == null || securityMaps.length == 0) {
        return new RuntimeSecurityMap();
    }
    HashMap userMap = new HashMap();
    HashMap groupMap = new HashMap();
    // Add user-backendPrincipal mappings to Map1
    for (ConnectorSecurityMap map : securityMaps) {
        ResourcePrincipal principal = generateResourcePrincipal(map);
        List<String> principalNames = map.getPrincipals();
        for (String principalName : principalNames) {
            userMap.put(principalName, principal);
        }
        List<String> groupNames = map.getUserGroups();
        for (String groupName : groupNames) groupMap.put(groupName, principal);
    }
    return new RuntimeSecurityMap(userMap, groupMap);
}
Also used : HashMap(java.util.HashMap) RuntimeSecurityMap(com.sun.enterprise.connectors.authentication.RuntimeSecurityMap) ConnectorSecurityMap(com.sun.enterprise.connectors.authentication.ConnectorSecurityMap) ResourcePrincipal(com.sun.enterprise.deployment.ResourcePrincipal)

Aggregations

ResourcePrincipal (com.sun.enterprise.deployment.ResourcePrincipal)13 NamingException (javax.naming.NamingException)7 ResourceException (javax.resource.ResourceException)6 Subject (javax.security.auth.Subject)5 ConnectorRuntimeException (com.sun.appserv.connectors.internal.api.ConnectorRuntimeException)4 ManagedConnectionFactory (javax.resource.spi.ManagedConnectionFactory)4 ResourceReferenceDescriptor (com.sun.enterprise.deployment.ResourceReferenceDescriptor)3 Result (com.sun.enterprise.tools.verifier.Result)3 ComponentNameConstructor (com.sun.enterprise.tools.verifier.tests.ComponentNameConstructor)3 Principal (java.security.Principal)3 Set (java.util.Set)3 ManagedConnection (javax.resource.spi.ManagedConnection)3 PoolInfo (org.glassfish.resourcebase.resources.api.PoolInfo)3 PoolingException (com.sun.appserv.connectors.internal.api.PoolingException)2 ConnectorSecurityMap (com.sun.enterprise.connectors.authentication.ConnectorSecurityMap)2 RuntimeSecurityMap (com.sun.enterprise.connectors.authentication.RuntimeSecurityMap)2 SQLException (java.sql.SQLException)2 Iterator (java.util.Iterator)2 PasswordCredential (javax.resource.spi.security.PasswordCredential)2 XAResource (javax.transaction.xa.XAResource)2