Search in sources :

Example 6 with WebComponentDescriptor

use of com.sun.enterprise.deployment.WebComponentDescriptor in project Payara by payara.

the class WebServletHandler method processAnnotation.

@Override
public HandlerProcessingResult processAnnotation(AnnotationInfo ainfo) throws AnnotationProcessorException {
    AnnotatedElementHandler aeHandler = ainfo.getProcessingContext().getHandler();
    if (aeHandler instanceof WebBundleContext) {
        WebBundleContext webBundleContext = (WebBundleContext) aeHandler;
        WebServlet webServletAn = (WebServlet) ainfo.getAnnotation();
        Class webCompClass = (Class) ainfo.getAnnotatedElement();
        String servletName = getServletName(webServletAn, webCompClass);
        // create a WebComponentDescriptor if there is none
        WebComponentDescriptor webCompDesc = webBundleContext.getDescriptor().getWebComponentByCanonicalName(servletName);
        if (webCompDesc == null) {
            createWebComponentDescriptor(servletName, webCompClass, webBundleContext.getDescriptor());
        }
    }
    return super.processAnnotation(ainfo);
}
Also used : WebComponentDescriptor(com.sun.enterprise.deployment.WebComponentDescriptor) WebBundleContext(com.sun.enterprise.deployment.annotation.context.WebBundleContext) WebServlet(javax.servlet.annotation.WebServlet)

Example 7 with WebComponentDescriptor

use of com.sun.enterprise.deployment.WebComponentDescriptor in project Payara by payara.

the class WebServletHandler method processAnnotation.

@Override
protected HandlerProcessingResult processAnnotation(AnnotationInfo ainfo, WebBundleContext webBundleContext) throws AnnotationProcessorException {
    WebServlet webServletAn = (WebServlet) ainfo.getAnnotation();
    Class webCompClass = (Class) ainfo.getAnnotatedElement();
    String servletName = getServletName(webServletAn, webCompClass);
    WebComponentDescriptor webCompDesc = webBundleContext.getDescriptor().getWebComponentByCanonicalName(servletName);
    if (webCompDesc == null) {
        webCompDesc = createWebComponentDescriptor(servletName, webCompClass, webBundleContext.getDescriptor());
    }
    HandlerProcessingResult result = processAnnotation(ainfo, webCompDesc);
    if (result.getOverallResult() == ResultType.PROCESSED) {
        WebComponentContext webCompContext = new WebComponentContext(webCompDesc);
        // we push the new context on the stack...
        webBundleContext.getProcessingContext().pushHandler(webCompContext);
    }
    return result;
}
Also used : WebComponentDescriptor(com.sun.enterprise.deployment.WebComponentDescriptor) WebServlet(javax.servlet.annotation.WebServlet) WebComponentContext(com.sun.enterprise.deployment.annotation.context.WebComponentContext)

Example 8 with WebComponentDescriptor

use of com.sun.enterprise.deployment.WebComponentDescriptor in project Payara by payara.

the class WarScanner method scanXmlDefinedClassesIfNecessary.

// This is not mandated by the spec. It is for WSIT.
// We will also scan any servlets/filters/listeners classes specified
// in web.xml additionally if those classes are not resided in the wars.
private void scanXmlDefinedClassesIfNecessary(WebBundleDescriptor webBundleDesc) throws IOException {
    ClassLoader commonCL = clh.getCommonClassLoader();
    for (Iterator webComponents = webBundleDesc.getWebComponentDescriptors().iterator(); webComponents.hasNext(); ) {
        WebComponentDescriptor webCompDesc = (WebComponentDescriptor) webComponents.next();
        if (webCompDesc.isServlet()) {
            String servletName = webCompDesc.getWebComponentImplementation();
            if (isScan(servletName, commonCL)) {
                addScanClassName(servletName);
            }
        }
    }
    Vector servletFilters = webBundleDesc.getServletFilters();
    for (int i = 0; i < servletFilters.size(); i++) {
        ServletFilter filter = (ServletFilter) servletFilters.elementAt(i);
        String filterName = filter.getClassName();
        if (isScan(filterName, commonCL)) {
            addScanClassName(filter.getClassName());
        }
    }
    Vector listeners = webBundleDesc.getAppListenerDescriptors();
    for (int j = 0; j < listeners.size(); j++) {
        AppListenerDescriptor listenerDesc = (AppListenerDescriptor) listeners.elementAt(j);
        String listenerName = listenerDesc.getListener();
        if (isScan(listenerName, commonCL)) {
            addScanClassName(listenerDesc.getListener());
        }
    }
}
Also used : WebComponentDescriptor(com.sun.enterprise.deployment.WebComponentDescriptor) ServletFilter(com.sun.enterprise.deployment.web.ServletFilter) Iterator(java.util.Iterator) AppListenerDescriptor(com.sun.enterprise.deployment.web.AppListenerDescriptor) Vector(java.util.Vector)

Example 9 with WebComponentDescriptor

use of com.sun.enterprise.deployment.WebComponentDescriptor in project Payara by payara.

the class Audit method dumpDiagnostics.

/**
 * Do the work for showACL().
 */
private static void dumpDiagnostics(Application app) {
    logger.finest("====[ Role and ACL Summary ]==========");
    if (!app.isVirtual()) {
        logger.finest("Summary for application: " + app.getRegistrationName());
    } else {
        logger.finest("Standalone module.");
    }
    logger.finest("EJB components: " + getEjbComponentCount(app));
    logger.finest("Web components: " + getWebComponentCount(app));
    Iterator i;
    StringBuffer sb;
    // show all roles with associated group & user mappings
    Set allRoles = app.getRoles();
    if (allRoles == null) {
        logger.finest("- No roles present.");
        return;
    }
    SecurityRoleMapper rmap = app.getRoleMapper();
    if (rmap == null) {
        logger.finest("- No role mappings present.");
        return;
    }
    i = allRoles.iterator();
    logger.finest("--[ Configured roles and mappings ]--");
    HashMap allRoleMap = new HashMap();
    while (i.hasNext()) {
        Role r = (Role) i.next();
        logger.finest(" [" + r.getName() + "]");
        allRoleMap.put(r.getName(), new HashSet());
        sb = new StringBuffer();
        sb.append("  is mapped to groups: ");
        Enumeration grps = rmap.getGroupsAssignedTo(r);
        while (grps.hasMoreElements()) {
            sb.append(grps.nextElement());
            sb.append(" ");
        }
        logger.finest(sb.toString());
        sb = new StringBuffer();
        sb.append("  is mapped to principals: ");
        Enumeration users = rmap.getUsersAssignedTo(r);
        while (users.hasMoreElements()) {
            sb.append(users.nextElement());
            sb.append(" ");
        }
        logger.finest(sb.toString());
    }
    // Process all EJB modules
    Set ejbDescriptorSet = app.getBundleDescriptors(EjbBundleDescriptor.class);
    i = ejbDescriptorSet.iterator();
    while (i.hasNext()) {
        EjbBundleDescriptor bundle = (EjbBundleDescriptor) i.next();
        logger.finest("--[ EJB module: " + bundle.getName() + " ]--");
        Set ejbs = bundle.getEjbs();
        Iterator it = ejbs.iterator();
        while (it.hasNext()) {
            EjbDescriptor ejb = (EjbDescriptor) it.next();
            logger.finest("EJB: " + ejb.getEjbClassName());
            // check and show run-as if present
            if (!ejb.getUsesCallerIdentity()) {
                RunAsIdentityDescriptor runas = ejb.getRunAsIdentity();
                if (runas == null) {
                    logger.finest(" (ejb does not use caller " + "identity)");
                } else {
                    String role = runas.getRoleName();
                    String user = runas.getPrincipal();
                    logger.finest(" Will run-as: Role: " + role + "  Principal: " + user);
                    if (role == null || "".equals(role) || user == null || "".equals(user)) {
                        if (logger.isLoggable(Level.FINEST)) {
                            logger.finest("*** Configuration error!");
                        }
                    }
                }
            }
            // iterate through available methods
            logger.finest(" Method to Role restriction list:");
            Set methods = ejb.getMethodDescriptors();
            Iterator si = methods.iterator();
            while (si.hasNext()) {
                MethodDescriptor md = (MethodDescriptor) si.next();
                logger.finest("   " + md.getFormattedString());
                Set perms = ejb.getMethodPermissionsFor(md);
                StringBuffer rbuf = new StringBuffer();
                rbuf.append("     can only be invoked by: ");
                Iterator sip = perms.iterator();
                boolean unchecked = false, excluded = false, roleBased = false;
                while (sip.hasNext()) {
                    MethodPermission p = (MethodPermission) sip.next();
                    if (p.isExcluded()) {
                        excluded = true;
                        logger.finest("     excluded - can not " + "be invoked");
                    } else if (p.isUnchecked()) {
                        unchecked = true;
                        logger.finest("     unchecked - can be " + "invoked by all");
                    } else if (p.isRoleBased()) {
                        roleBased = true;
                        Role r = p.getRole();
                        rbuf.append(r.getName());
                        rbuf.append(" ");
                        // add to role's accessible list
                        HashSet ram = (HashSet) allRoleMap.get(r.getName());
                        ram.add(bundle.getName() + ":" + ejb.getEjbClassName() + "." + md.getFormattedString());
                    }
                }
                if (roleBased) {
                    logger.finest(rbuf.toString());
                    if (excluded || unchecked) {
                        logger.finest("*** Configuration error!");
                    }
                } else if (unchecked) {
                    if (excluded) {
                        logger.finest("*** Configuration error!");
                    }
                    Set rks = allRoleMap.keySet();
                    Iterator rksi = rks.iterator();
                    while (rksi.hasNext()) {
                        HashSet ram = (HashSet) allRoleMap.get(rksi.next());
                        ram.add(bundle.getName() + ":" + ejb.getEjbClassName() + "." + md.getFormattedString());
                    }
                } else if (!excluded) {
                    logger.finest("*** Configuration error!");
                }
            }
            // IOR config for this ejb
            logger.finest(" IOR configuration:");
            Set iors = ejb.getIORConfigurationDescriptors();
            if (iors != null) {
                Iterator iorsi = iors.iterator();
                while (iorsi.hasNext()) {
                    EjbIORConfigurationDescriptor ior = (EjbIORConfigurationDescriptor) iorsi.next();
                    StringBuffer iorsb = new StringBuffer();
                    iorsb.append("realm=");
                    iorsb.append(ior.getRealmName());
                    iorsb.append(", integrity=");
                    iorsb.append(ior.getIntegrity());
                    iorsb.append(", trust-in-target=");
                    iorsb.append(ior.getEstablishTrustInTarget());
                    iorsb.append(", trust-in-client=");
                    iorsb.append(ior.getEstablishTrustInClient());
                    iorsb.append(", propagation=");
                    iorsb.append(ior.getCallerPropagation());
                    iorsb.append(", auth-method=");
                    iorsb.append(ior.getAuthenticationMethod());
                    logger.finest(iorsb.toString());
                }
            }
        }
    }
    // show role->accessible methods list
    logger.finest("--[ EJB methods accessible by role ]--");
    Set rks = allRoleMap.keySet();
    Iterator rksi = rks.iterator();
    while (rksi.hasNext()) {
        String roleName = (String) rksi.next();
        logger.finest(" [" + roleName + "]");
        HashSet ram = (HashSet) allRoleMap.get(roleName);
        Iterator rami = ram.iterator();
        while (rami.hasNext()) {
            String meth = (String) rami.next();
            logger.finest("   " + meth);
        }
    }
    // Process all Web modules
    Set webDescriptorSet = app.getBundleDescriptors(WebBundleDescriptor.class);
    i = webDescriptorSet.iterator();
    while (i.hasNext()) {
        WebBundleDescriptor wbd = (WebBundleDescriptor) i.next();
        logger.finest("--[ Web module: " + wbd.getContextRoot() + " ]--");
        // login config
        LoginConfiguration lconf = wbd.getLoginConfiguration();
        if (lconf != null) {
            logger.finest("  Login config: realm=" + lconf.getRealmName() + ", method=" + lconf.getAuthenticationMethod() + ", form=" + lconf.getFormLoginPage() + ", error=" + lconf.getFormErrorPage());
        }
        // get WebComponentDescriptorsSet() info
        logger.finest("  Contains components:");
        Set webComps = wbd.getWebComponentDescriptors();
        Iterator webCompsIt = webComps.iterator();
        while (webCompsIt.hasNext()) {
            WebComponentDescriptor wcd = (WebComponentDescriptor) webCompsIt.next();
            StringBuffer name = new StringBuffer();
            name.append("   - " + wcd.getCanonicalName());
            name.append(" [ ");
            Enumeration urlPs = wcd.getUrlPatterns();
            while (urlPs.hasMoreElements()) {
                name.append(urlPs.nextElement().toString());
                name.append(" ");
            }
            name.append("]");
            logger.finest(name.toString());
            RunAsIdentityDescriptor runas = wcd.getRunAsIdentity();
            if (runas != null) {
                String role = runas.getRoleName();
                String user = runas.getPrincipal();
                logger.finest("      Will run-as: Role: " + role + "  Principal: " + user);
                if (role == null || "".equals(role) || user == null || "".equals(user)) {
                    logger.finest("*** Configuration error!");
                }
            }
        }
        // security constraints
        logger.finest("  Security constraints:");
        Enumeration scEnum = wbd.getSecurityConstraints();
        while (scEnum.hasMoreElements()) {
            SecurityConstraint sc = (SecurityConstraint) scEnum.nextElement();
            for (WebResourceCollection wrc : sc.getWebResourceCollections()) {
                // show list of methods for this collection
                StringBuffer sbm = new StringBuffer();
                for (String httpMethod : wrc.getHttpMethods()) {
                    sbm.append(httpMethod);
                    sbm.append(" ");
                }
                logger.finest("     Using method: " + sbm.toString());
                // and then list of url patterns
                for (String urlPattern : wrc.getUrlPatterns()) {
                    logger.finest("       " + urlPattern);
                }
            }
            // end res.collection iterator
            // show roles which apply to above set of collections
            AuthorizationConstraint authCons = sc.getAuthorizationConstraint();
            Enumeration rolesEnum = authCons.getSecurityRoles();
            StringBuffer rsb = new StringBuffer();
            rsb.append("     Accessible by roles: ");
            while (rolesEnum.hasMoreElements()) {
                SecurityRole sr = (SecurityRole) rolesEnum.nextElement();
                rsb.append(sr.getName());
                rsb.append(" ");
            }
            logger.finest(rsb.toString());
            // show transport guarantee
            UserDataConstraint udc = sc.getUserDataConstraint();
            if (udc != null) {
                logger.finest("     Transport guarantee: " + udc.getTransportGuarantee());
            }
        }
    // end sec.constraint
    }
    // end webDescriptorSet.iterator
    logger.finest("======================================");
}
Also used : SecurityRole(com.sun.enterprise.deployment.web.SecurityRole) WebResourceCollection(com.sun.enterprise.deployment.web.WebResourceCollection) RunAsIdentityDescriptor(com.sun.enterprise.deployment.RunAsIdentityDescriptor) SecurityRoleMapper(org.glassfish.deployment.common.SecurityRoleMapper) AuthorizationConstraint(com.sun.enterprise.deployment.web.AuthorizationConstraint) LoginConfiguration(com.sun.enterprise.deployment.web.LoginConfiguration) MethodDescriptor(com.sun.enterprise.deployment.MethodDescriptor) EjbDescriptor(com.sun.enterprise.deployment.EjbDescriptor) MethodPermission(com.sun.enterprise.deployment.MethodPermission) EjbIORConfigurationDescriptor(com.sun.enterprise.deployment.EjbIORConfigurationDescriptor) SecurityConstraint(com.sun.enterprise.deployment.web.SecurityConstraint) SecurityRole(com.sun.enterprise.deployment.web.SecurityRole) Role(org.glassfish.security.common.Role) WebComponentDescriptor(com.sun.enterprise.deployment.WebComponentDescriptor) EjbBundleDescriptor(com.sun.enterprise.deployment.EjbBundleDescriptor) WebBundleDescriptor(com.sun.enterprise.deployment.WebBundleDescriptor) UserDataConstraint(com.sun.enterprise.deployment.web.UserDataConstraint)

Example 10 with WebComponentDescriptor

use of com.sun.enterprise.deployment.WebComponentDescriptor in project Payara by payara.

the class RunAsHandler method processAnnotation.

protected HandlerProcessingResult processAnnotation(AnnotationInfo ainfo, WebComponentContext[] webCompContexts) throws AnnotationProcessorException {
    RunAs runAsAn = (RunAs) ainfo.getAnnotation();
    for (WebComponentContext webCompContext : webCompContexts) {
        WebComponentDescriptor webDesc = webCompContext.getDescriptor();
        // override by xml
        if (webDesc.getRunAsIdentity() != null) {
            continue;
        }
        String roleName = runAsAn.value();
        Role role = new Role(roleName);
        // add Role if not exists
        webDesc.getWebBundleDescriptor().addRole(role);
        RunAsIdentityDescriptor runAsDesc = new RunAsIdentityDescriptor();
        runAsDesc.setRoleName(roleName);
        webDesc.setRunAsIdentity(runAsDesc);
    }
    return getDefaultProcessedResult();
}
Also used : Role(org.glassfish.security.common.Role) WebComponentDescriptor(com.sun.enterprise.deployment.WebComponentDescriptor) WebComponentContext(com.sun.enterprise.deployment.annotation.context.WebComponentContext) RunAsIdentityDescriptor(com.sun.enterprise.deployment.RunAsIdentityDescriptor) RunAs(javax.annotation.security.RunAs)

Aggregations

WebComponentDescriptor (com.sun.enterprise.deployment.WebComponentDescriptor)28 WebBundleDescriptor (com.sun.enterprise.deployment.WebBundleDescriptor)7 Iterator (java.util.Iterator)5 RunAsIdentityDescriptor (com.sun.enterprise.deployment.RunAsIdentityDescriptor)4 WebComponentContext (com.sun.enterprise.deployment.annotation.context.WebComponentContext)4 Role (org.glassfish.security.common.Role)4 EjbBundleDescriptor (com.sun.enterprise.deployment.EjbBundleDescriptor)3 EjbDescriptor (com.sun.enterprise.deployment.EjbDescriptor)3 WebServicesDescriptor (com.sun.enterprise.deployment.WebServicesDescriptor)3 Set (java.util.Set)3 SunWebAppImpl (org.glassfish.web.deployment.runtime.SunWebAppImpl)3 Application (com.sun.enterprise.deployment.Application)2 ServiceReferenceDescriptor (com.sun.enterprise.deployment.ServiceReferenceDescriptor)2 WebService (com.sun.enterprise.deployment.WebService)2 WebBundleContext (com.sun.enterprise.deployment.annotation.context.WebBundleContext)2 SecurityRoleMapping (com.sun.enterprise.deployment.runtime.common.SecurityRoleMapping)2 IdempotentUrlPattern (com.sun.enterprise.deployment.runtime.web.IdempotentUrlPattern)2 AnnotatedElement (java.lang.reflect.AnnotatedElement)2 WebServlet (javax.servlet.annotation.WebServlet)2 SecurityRoleMapper (org.glassfish.deployment.common.SecurityRoleMapper)2