Example 26 with Role
use of org.glassfish.security.common.Role in project Payara by payara.
the class WebBundleDescriptorImpl method addSecurityRole.
/**
* Add a new abstract role to me.
* @param securityRole
*/
@Override
public void addSecurityRole(SecurityRole securityRole) {
Role r = new Role(securityRole.getName());
r.setDescription(securityRole.getDescription());
super.addRole(r);
}
Also used :
SecurityRole(com.sun.enterprise.deployment.web.SecurityRole)
Role(org.glassfish.security.common.Role)
Example 27 with Role
use of org.glassfish.security.common.Role in project Payara by payara.
the class WebBundleRuntimeNode method addDescriptor.
/**
* Adds a new DOL descriptor instance to the descriptor instance associated with
* this XMLNode
*
* @param newDescriptor the new descriptor
*/
@Override
public void addDescriptor(Object newDescriptor) {
SunWebAppImpl sunWebApp = (SunWebAppImpl) descriptor.getSunDescriptor();
if (newDescriptor instanceof WebComponentDescriptor) {
WebComponentDescriptor servlet = (WebComponentDescriptor) newDescriptor;
// for backward compatibility with s1as schema2beans generated desc
Servlet s1descriptor = new Servlet();
s1descriptor.setServletName(servlet.getCanonicalName());
if (servlet.getRunAsIdentity() != null) {
s1descriptor.setPrincipalName(servlet.getRunAsIdentity().getPrincipal());
}
sunWebApp.addServlet(s1descriptor);
} else if (newDescriptor instanceof ServiceReferenceDescriptor) {
descriptor.addServiceReferenceDescriptor((ServiceReferenceDescriptor) newDescriptor);
} else if (newDescriptor instanceof SecurityRoleMapping) {
SecurityRoleMapping srm = (SecurityRoleMapping) newDescriptor;
sunWebApp.addSecurityRoleMapping(srm);
// store it in the application using pure DOL descriptors...
Application app = descriptor.getApplication();
if (app != null) {
Role role = new Role(srm.getRoleName());
SecurityRoleMapper rm = app.getRoleMapper();
if (rm != null) {
List<PrincipalNameDescriptor> principals = srm.getPrincipalNames();
for (int i = 0; i < principals.size(); i++) {
rm.assignRole(principals.get(i).getPrincipal(), role, descriptor);
}
List<String> groups = srm.getGroupNames();
for (int i = 0; i < groups.size(); i++) {
rm.assignRole(new Group(groups.get(i)), role, descriptor);
}
}
}
} else if (newDescriptor instanceof IdempotentUrlPattern) {
sunWebApp.addIdempotentUrlPattern((IdempotentUrlPattern) newDescriptor);
} else if (newDescriptor instanceof SessionConfig) {
sunWebApp.setSessionConfig((SessionConfig) newDescriptor);
} else if (newDescriptor instanceof Cache) {
sunWebApp.setCache((Cache) newDescriptor);
} else if (newDescriptor instanceof ClassLoader) {
sunWebApp.setClassLoader((ClassLoader) newDescriptor);
} else if (newDescriptor instanceof JspConfig) {
sunWebApp.setJspConfig((JspConfig) newDescriptor);
} else if (newDescriptor instanceof LocaleCharsetInfo) {
sunWebApp.setLocaleCharsetInfo((LocaleCharsetInfo) newDescriptor);
} else if (newDescriptor instanceof WebProperty) {
sunWebApp.addWebProperty((WebProperty) newDescriptor);
} else if (newDescriptor instanceof Valve) {
sunWebApp.addValve((Valve) newDescriptor);
} else
super.addDescriptor(descriptor);
}
Also used :
SunWebAppImpl(org.glassfish.web.deployment.runtime.SunWebAppImpl)
Group(org.glassfish.security.common.Group)
JspConfig(org.glassfish.web.deployment.runtime.JspConfig)
WebProperty(org.glassfish.web.deployment.runtime.WebProperty)
SecurityRoleMapping(com.sun.enterprise.deployment.runtime.common.SecurityRoleMapping)
SecurityRoleMapper(org.glassfish.deployment.common.SecurityRoleMapper)
IdempotentUrlPattern(com.sun.enterprise.deployment.runtime.web.IdempotentUrlPattern)
PrincipalNameDescriptor(com.sun.enterprise.deployment.runtime.common.PrincipalNameDescriptor)
SessionConfig(org.glassfish.web.deployment.runtime.SessionConfig)
ServiceReferenceDescriptor(com.sun.enterprise.deployment.ServiceReferenceDescriptor)
Role(org.glassfish.security.common.Role)
WebComponentDescriptor(com.sun.enterprise.deployment.WebComponentDescriptor)
Servlet(org.glassfish.web.deployment.runtime.Servlet)
ClassLoader(org.glassfish.web.deployment.runtime.ClassLoader)
Valve(org.glassfish.web.deployment.runtime.Valve)
Application(com.sun.enterprise.deployment.Application)
LocaleCharsetInfo(org.glassfish.web.deployment.runtime.LocaleCharsetInfo)
Cache(org.glassfish.web.deployment.runtime.Cache)
Example 28 with Role
use of org.glassfish.security.common.Role in project Payara by payara.
the class BundleDescriptor method addRole.
/**
* Adds a Role object based on the supplied SecurityRoleDescriptor.
* <p/>
* A change in SecurityRoleNode to fix bug 4933385 causes the DOL to use SecurityRoleDescriptor, rather
* than Role, to contain information about security roles. To minimize the impact on BundleDescriptor,
* this method has been added for use by the DOL as it processes security-role elements.
* <p/>
* This method creates a new Role object based on the characteristics of the SecurityRoleDescriptor
* and then delegates to addRole(Role) to preserve the rest of the behavior of this class.
*
* @param descriptor SecurityRoleDescriptor that describes the username and description of the role
*/
public void addRole(SecurityRoleDescriptor descriptor) {
Role role = new Role(descriptor.getName());
role.setDescription(descriptor.getDescription());
this.addRole(role);
}
Also used :
Role(org.glassfish.security.common.Role)
Example 29 with Role
use of org.glassfish.security.common.Role in project Payara by payara.
the class EjbBundleDescriptorImpl method areResourceReferencesValid.
/**
* Checks whether the role references my ejbs have reference roles that I have.
*/
public boolean areResourceReferencesValid() {
// run through each of the ejb's role references, checking that the roles exist in this bundle
for (EjbDescriptor ejbDescriptor : getEjbs()) {
for (Iterator roleRefs = ejbDescriptor.getRoleReferences().iterator(); roleRefs.hasNext(); ) {
RoleReference roleReference = (RoleReference) roleRefs.next();
Role referredRole = roleReference.getRole();
if (!referredRole.getName().equals("") && !super.getRoles().contains(referredRole)) {
_logger.log(Level.FINE, localStrings.getLocalString("enterprise.deployment.badrolereference", "Warning: Bad role reference to {0}", new Object[] { referredRole }));
_logger.log(Level.FINE, "Roles: " + getRoles());
return false;
}
}
}
return true;
}
Also used :
Role(org.glassfish.security.common.Role)
RoleReference(com.sun.enterprise.deployment.RoleReference)
Iterator(java.util.Iterator)
Example 30 with Role
use of org.glassfish.security.common.Role in project Payara by payara.
the class RoleMapper method checkAndAddMappings.
/*
* For each role in the current mapping: First check that the role does not already exist in the top-level mapping. If
* it does, then the top-level role mapping overrides the current one and we do not need to check if they conflict. Just
* continue with the next role. If the current mapping is from the top-level file, then check to see if the role has
* already been mapped. If so, do not need to check for conflicts. Simply override and assign the role. If the above
* cases do not apply, check for conflicts with roles already set. If there is a conflict, it is between two submodules,
* so the role should be unmapped in the existing role mappings.
*/
private void checkAndAddMappings() {
if (currentMapping == null) {
return;
}
for (Role r : currentMapping.getRoles()) {
if (topLevelRoles != null && topLevelRoles.contains(r)) {
logConflictWarning();
if (_logger.isLoggable(Level.FINE)) {
_logger.log(Level.FINE, "Role " + r + " from module " + currentMapping.owner + " is being overridden by top-level mapping.");
}
continue;
}
if (currentMapping.owner.equals(TOP_LEVEL)) {
topLevelRoles.add(r);
if (roleToSubject.keySet().contains(r.getName())) {
logConflictWarning();
if (_logger.isLoggable(Level.FINE)) {
_logger.log(Level.FINE, "Role " + r + " from top-level mapping descriptor is " + "overriding existing role in sub module.");
}
unassignRole(r);
}
} else if (roleConflicts(r, currentMapping.getPrincipals(r))) {
// detail message already logged
logConflictWarning();
unassignRole(r);
continue;
}
// no problems, so assign role
for (Principal p : currentMapping.getPrincipals(r)) {
internalAssignRole(p, r);
}
}
// clear current mapping
currentMapping = null;
}Aggregations
Role (org.glassfish.security.common.Role)38
RunAsIdentityDescriptor (com.sun.enterprise.deployment.RunAsIdentityDescriptor)7
Iterator (java.util.Iterator)5
DeclareRoles (javax.annotation.security.DeclareRoles)5
RunAs (javax.annotation.security.RunAs)5
Group (org.glassfish.security.common.Group)5
MethodPermission (com.sun.enterprise.deployment.MethodPermission)4
RoleReference (com.sun.enterprise.deployment.RoleReference)4
WebComponentDescriptor (com.sun.enterprise.deployment.WebComponentDescriptor)4
EjbContext (com.sun.enterprise.deployment.annotation.context.EjbContext)4
Result (com.sun.enterprise.tools.verifier.Result)4
ComponentNameConstructor (com.sun.enterprise.tools.verifier.tests.ComponentNameConstructor)4
SecurityRoleMapper (org.glassfish.deployment.common.SecurityRoleMapper)4
EjbDescriptor (com.sun.enterprise.deployment.EjbDescriptor)3
PrincipalNameDescriptor (com.sun.enterprise.deployment.runtime.common.PrincipalNameDescriptor)3
SecurityRoleMapping (com.sun.enterprise.deployment.runtime.common.SecurityRoleMapping)3
SecurityConstraint (com.sun.enterprise.deployment.web.SecurityConstraint)3
SecurityRole (com.sun.enterprise.deployment.web.SecurityRole)3
UserDataConstraint (com.sun.enterprise.deployment.web.UserDataConstraint)3
Set (java.util.Set)3
