Examples with RoleReference com.sun.enterprise.deployment.RoleReference used on opensource projects

Example 6 with RoleReference

use of com.sun.enterprise.deployment.RoleReference in project Payara by payara.

the class EjbBundleDescriptorImpl method areResourceReferencesValid.

/**
 * Checks whether the role references my ejbs have reference roles that I have.
 */
public boolean areResourceReferencesValid() {
    // run through each of the ejb's role references, checking that the roles exist in this bundle
    for (EjbDescriptor ejbDescriptor : getEjbs()) {
        for (Iterator roleRefs = ejbDescriptor.getRoleReferences().iterator(); roleRefs.hasNext(); ) {
            RoleReference roleReference = (RoleReference) roleRefs.next();
            Role referredRole = roleReference.getRole();
            if (!referredRole.getName().equals("") && !super.getRoles().contains(referredRole)) {
                _logger.log(Level.FINE, localStrings.getLocalString("enterprise.deployment.badrolereference", "Warning: Bad role reference to {0}", new Object[] { referredRole }));
                _logger.log(Level.FINE, "Roles:  " + getRoles());
                return false;
            }
        }
    }
    return true;
}

Example 7 with RoleReference

use of com.sun.enterprise.deployment.RoleReference in project Payara by payara.

the class EJBSecurityManager method convertEJBRoleReferences.

/**
 * This method converts ejb role references to jacc permission objects
 * and adds them to the policy configuration object
 * It gets the list of role references from the ejb descriptor. For each
 * such role reference, create a EJBRoleRefPermission and add it to the
 * PolicyConfiguration object.
 *
 * @param eDescriptor the ejb descriptor
 * @param pcid,       the policy context identifier
 */
private static void convertEJBRoleReferences(EjbDescriptor eDescriptor, String pcid) throws PolicyContextException {
    PolicyConfiguration pc = getPolicyFactory().getPolicyConfiguration(pcid, false);
    // of PolicyConfigurationFactory
    assert pc != null;
    // Get the set of roles declared
    Set<Role> roleset = eDescriptor.getEjbBundleDescriptor().getRoles();
    Role anyAuthUserRole = new Role("**");
    boolean rolesetContainsAnyAuthUserRole = roleset.contains(anyAuthUserRole);
    List<Role> role = new ArrayList<Role>();
    String eName = eDescriptor.getName();
    for (RoleReference roleRef : eDescriptor.getRoleReferences()) {
        String rolename = roleRef.getRoleName();
        EJBRoleRefPermission ejbrr = new EJBRoleRefPermission(eName, rolename);
        String rolelink = roleRef.getSecurityRoleLink().getName();
        role.add(new Role(rolename));
        pc.addToRole(rolelink, ejbrr);
        if (_logger.isLoggable(Level.FINE)) {
            _logger.fine("JACC: Converting role-ref -> " + roleRef.toString() + " to permission with name(" + ejbrr.getName() + ") and actions (" + ejbrr.getActions() + ")" + "mapped to role (" + rolelink + ")");
        }
    }
    if (_logger.isLoggable(Level.FINE)) {
        _logger.log(Level.FINE, "JACC: Converting role-ref: Going through the list of roles not present in RoleRef elements and creating EJBRoleRefPermissions ");
    }
    for (Role r : roleset) {
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "JACC: Converting role-ref: Looking at Role =  " + r.getName());
        }
        if (!role.contains(r)) {
            String action = r.getName();
            EJBRoleRefPermission ejbrr = new EJBRoleRefPermission(eName, action);
            pc.addToRole(action, ejbrr);
            if (_logger.isLoggable(Level.FINE)) {
                _logger.fine("JACC: Converting role-ref: Role =  " + r.getName() + " is added as a permission with name(" + ejbrr.getName() + ") and actions (" + ejbrr.getActions() + ")" + "mapped to role (" + action + ")");
            }
        }
    }
    /**
     * JACC MR8 add EJBRoleRefPermission for the any authenticated user role '**'
     */
    if ((!role.contains(anyAuthUserRole)) && !rolesetContainsAnyAuthUserRole) {
        String rolename = anyAuthUserRole.getName();
        EJBRoleRefPermission ejbrr = new EJBRoleRefPermission(eName, rolename);
        pc.addToRole(rolename, ejbrr);
        if (_logger.isLoggable(Level.FINE)) {
            _logger.fine("JACC: Converting role-ref: Adding any authenticated user role-ref " + " to permission with name(" + ejbrr.getName() + ") and actions (" + ejbrr.getActions() + ")" + "mapped to role (" + rolename + ")");
        }
    }
}

Example 8 with RoleReference

use of com.sun.enterprise.deployment.RoleReference in project Payara by payara.

the class SecurityRoleRefNode method writeDescriptor.

/**
 * write the descriptor class to a DOM tree and return it
 *
 * @param parent node in the DOM tree
 * @param node name for the root element for this DOM tree fragment
 * @param the descriptor to write
 * @return the DOM tree top node
 */
public Node writeDescriptor(Node parent, String nodeName, Descriptor descriptor) {
    if (!(descriptor instanceof RoleReference)) {
        throw new IllegalArgumentException(getClass() + " cannot handles descriptors of type " + descriptor.getClass());
    }
    RoleReference roleRef = (RoleReference) descriptor;
    Node subNode = super.writeDescriptor(parent, nodeName, roleRef);
    writeLocalizedDescriptions(subNode, descriptor);
    appendTextChild(subNode, EjbTagNames.ROLE_NAME, roleRef.getName());
    appendTextChild(subNode, EjbTagNames.ROLE_LINK, roleRef.getValue());
    return subNode;
}