Search in sources :

Example 11 with EJBComponentDescription

use of org.jboss.as.ejb3.component.EJBComponentDescription in project wildfly by wildfly.

the class EjbManagementDeploymentUnitProcessor method deploy.

@Override
public void deploy(DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
    final DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
    final EEModuleConfiguration moduleDescription = deploymentUnit.getAttachment(EE_MODULE_CONFIGURATION);
    if (moduleDescription == null) {
        // Nothing to do
        return;
    }
    if (deploymentUnit.getParent() != null && deploymentUnit.getParent().getParent() != null) {
        // We only expose management resources 2 levels deep
        return;
    }
    // Iterate through each component, installing it into the container
    for (final ComponentConfiguration configuration : moduleDescription.getComponentConfigurations()) {
        try {
            final ComponentDescription componentDescription = configuration.getComponentDescription();
            if (componentDescription instanceof EJBComponentDescription) {
                installManagementResource(configuration, deploymentUnit);
            }
        } catch (RuntimeException e) {
            throw EjbLogger.ROOT_LOGGER.failedToInstallManagementResource(e, configuration.getComponentName());
        }
    }
}
Also used : ComponentConfiguration(org.jboss.as.ee.component.ComponentConfiguration) EJBComponentDescription(org.jboss.as.ejb3.component.EJBComponentDescription) ComponentDescription(org.jboss.as.ee.component.ComponentDescription) EEModuleConfiguration(org.jboss.as.ee.component.EEModuleConfiguration) DeploymentUnit(org.jboss.as.server.deployment.DeploymentUnit) EJBComponentDescription(org.jboss.as.ejb3.component.EJBComponentDescription)

Example 12 with EJBComponentDescription

use of org.jboss.as.ejb3.component.EJBComponentDescription in project wildfly by wildfly.

the class EjbManagementDeploymentUnitProcessor method installManagementResource.

private void installManagementResource(ComponentConfiguration configuration, DeploymentUnit deploymentUnit) {
    final EJBComponentType type = EJBComponentType.getComponentType(configuration);
    PathAddress addr = getComponentAddress(type, configuration, deploymentUnit);
    final AbstractEJBComponentRuntimeHandler<?> handler = type.getRuntimeHandler();
    handler.registerComponent(addr, configuration.getComponentDescription().getStartServiceName());
    deploymentUnit.addToAttachmentList(EjbDeploymentAttachmentKeys.MANAGED_COMPONENTS, new InstalledComponent(type, addr));
    final DeploymentResourceSupport deploymentResourceSupport = deploymentUnit.getAttachment(Attachments.DEPLOYMENT_RESOURCE_SUPPORT);
    deploymentResourceSupport.getDeploymentSubModel(EJB3Extension.SUBSYSTEM_NAME, addr.getLastElement());
    final EJBComponentDescription description = (EJBComponentDescription) configuration.getComponentDescription();
    if (description.isTimerServiceRequired()) {
        final PathAddress timerServiceAddress = PathAddress.pathAddress(addr.getLastElement(), EJB3SubsystemModel.TIMER_SERVICE_PATH);
        final TimerServiceResource timerServiceResource = ((TimerServiceImpl) description.getTimerService()).getResource();
        deploymentResourceSupport.registerDeploymentSubResource(EJB3Extension.SUBSYSTEM_NAME, timerServiceAddress, timerServiceResource);
    }
}
Also used : DeploymentResourceSupport(org.jboss.as.server.deployment.DeploymentResourceSupport) TimerServiceResource(org.jboss.as.ejb3.subsystem.deployment.TimerServiceResource) InstalledComponent(org.jboss.as.ejb3.subsystem.deployment.InstalledComponent) PathAddress(org.jboss.as.controller.PathAddress) EJBComponentType(org.jboss.as.ejb3.subsystem.deployment.EJBComponentType) TimerServiceImpl(org.jboss.as.ejb3.timerservice.TimerServiceImpl) EJBComponentDescription(org.jboss.as.ejb3.component.EJBComponentDescription)

Example 13 with EJBComponentDescription

use of org.jboss.as.ejb3.component.EJBComponentDescription in project wildfly by wildfly.

the class SecurityRoleRefDDProcessor method processBeanMetaData.

@Override
protected void processBeanMetaData(final EnterpriseBeanMetaData beanMetaData, final DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
    final SecurityRoleRefsMetaData securityRoleRefs = beanMetaData.getSecurityRoleRefs();
    if (securityRoleRefs == null) {
        return;
    }
    final DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
    final EEModuleDescription moduleDescription = deploymentUnit.getAttachment(Attachments.EE_MODULE_DESCRIPTION);
    final EJBComponentDescription ejbComponentDescription = (EJBComponentDescription) moduleDescription.getComponentByName(beanMetaData.getEjbName());
    for (final SecurityRoleRefMetaData securityRoleRef : securityRoleRefs) {
        final String fromRole = securityRoleRef.getRoleName();
        String toRole = securityRoleRef.getRoleLink();
        if (fromRole == null || fromRole.trim().isEmpty()) {
            throw EjbLogger.ROOT_LOGGER.roleNamesIsNull(ejbComponentDescription.getEJBName());
        }
        // in the role-name
        if (toRole == null) {
            toRole = fromRole;
        }
        ejbComponentDescription.linkSecurityRoles(fromRole, toRole);
    }
}
Also used : SecurityRoleRefMetaData(org.jboss.metadata.javaee.spec.SecurityRoleRefMetaData) SecurityRoleRefsMetaData(org.jboss.metadata.javaee.spec.SecurityRoleRefsMetaData) EEModuleDescription(org.jboss.as.ee.component.EEModuleDescription) DeploymentUnit(org.jboss.as.server.deployment.DeploymentUnit) EJBComponentDescription(org.jboss.as.ejb3.component.EJBComponentDescription)

Example 14 with EJBComponentDescription

use of org.jboss.as.ejb3.component.EJBComponentDescription in project wildfly by wildfly.

the class EJBSecurityViewConfigurator method configure.

@Override
public void configure(DeploymentPhaseContext context, ComponentConfiguration componentConfiguration, ViewDescription viewDescription, ViewConfiguration viewConfiguration) throws DeploymentUnitProcessingException {
    if (componentConfiguration.getComponentDescription() instanceof EJBComponentDescription == false) {
        throw EjbLogger.ROOT_LOGGER.invalidEjbComponent(componentConfiguration.getComponentName(), componentConfiguration.getComponentClass());
    }
    final DeploymentUnit deploymentUnit = context.getDeploymentUnit();
    final EJBComponentDescription ejbComponentDescription = (EJBComponentDescription) componentConfiguration.getComponentDescription();
    final boolean isSecurityDomainKnown = ejbComponentDescription.isSecurityDomainKnown();
    if ((!deploymentUnit.hasAttachment(SecurityAttachments.SECURITY_ENABLED)) && (!isSecurityDomainKnown)) {
        // the security subsystem is not present and Elytron is not being used for security, we don't apply any security settings
        return;
    }
    final DeploymentReflectionIndex deploymentReflectionIndex = deploymentUnit.getAttachment(org.jboss.as.server.deployment.Attachments.REFLECTION_INDEX);
    // In such cases, we do *not* apply any security interceptors
    if (ejbComponentDescription.getSecurityDomain() == null || ejbComponentDescription.getSecurityDomain().isEmpty()) {
        if (ROOT_LOGGER.isDebugEnabled()) {
            ROOT_LOGGER.debug("Security is *not* enabled on EJB: " + ejbComponentDescription.getEJBName() + ", since no explicit security domain is configured for the bean, nor is there any default security domain configured in the EJB3 subsystem");
        }
        return;
    }
    final String viewClassName = viewDescription.getViewClassName();
    final EJBViewDescription ejbViewDescription = (EJBViewDescription) viewDescription;
    // setup the JACC contextID.
    String contextID = deploymentUnit.getName();
    if (deploymentUnit.getParent() != null) {
        contextID = deploymentUnit.getParent().getName() + "!" + contextID;
    }
    final EJBViewMethodSecurityAttributesService.Builder viewMethodSecurityAttributesServiceBuilder;
    final ServiceName viewMethodSecurityAttributesServiceName;
    // for both these views. So here we skip the @WebService view if the bean also has a @LocalBean (no-interface) view and let the EJBViewMethodSecurityAttributesService be built when the no-interface view is processed
    if (ejbComponentDescription instanceof SessionBeanComponentDescription && MethodIntf.SERVICE_ENDPOINT == ejbViewDescription.getMethodIntf() && ((SessionBeanComponentDescription) ejbComponentDescription).hasNoInterfaceView()) {
        viewMethodSecurityAttributesServiceBuilder = null;
        viewMethodSecurityAttributesServiceName = null;
    } else {
        viewMethodSecurityAttributesServiceBuilder = new EJBViewMethodSecurityAttributesService.Builder();
        viewMethodSecurityAttributesServiceName = EJBViewMethodSecurityAttributesService.getServiceName(ejbComponentDescription.getApplicationName(), ejbComponentDescription.getModuleName(), ejbComponentDescription.getEJBName(), viewClassName);
    }
    // setup the method specific security interceptor(s)
    boolean beanHasMethodLevelSecurityMetadata = false;
    final List<Method> viewMethods = viewConfiguration.getProxyFactory().getCachedMethods();
    final List<Method> methodsWithoutExplicitSecurityConfiguration = new ArrayList<Method>();
    for (final Method viewMethod : viewMethods) {
        // TODO: proxy factory exposes non-public methods, is this a bug in the no-interface view?
        if (!Modifier.isPublic(viewMethod.getModifiers())) {
            continue;
        }
        if (viewMethod.getDeclaringClass() == WriteReplaceInterface.class) {
            continue;
        }
        // setup the authorization interceptor
        final ApplicableMethodInformation<EJBMethodSecurityAttribute> permissions = ejbComponentDescription.getDescriptorMethodPermissions();
        boolean methodHasSecurityMetadata = handlePermissions(contextID, componentConfiguration, viewConfiguration, deploymentReflectionIndex, viewClassName, ejbViewDescription, viewMethod, permissions, false, viewMethodSecurityAttributesServiceBuilder, ejbComponentDescription);
        if (!methodHasSecurityMetadata) {
            //if it was not handled by the descriptor processor we look for annotation basic info
            methodHasSecurityMetadata = handlePermissions(contextID, componentConfiguration, viewConfiguration, deploymentReflectionIndex, viewClassName, ejbViewDescription, viewMethod, ejbComponentDescription.getAnnotationMethodPermissions(), true, viewMethodSecurityAttributesServiceBuilder, ejbComponentDescription);
        }
        // if any method has security metadata then the bean has method level security metadata
        if (methodHasSecurityMetadata) {
            beanHasMethodLevelSecurityMetadata = true;
        } else {
            // make a note that this method didn't have any explicit method permissions configured
            methodsWithoutExplicitSecurityConfiguration.add(viewMethod);
        }
    }
    final boolean securityRequired = beanHasMethodLevelSecurityMetadata || ejbComponentDescription.hasBeanLevelSecurityMetadata();
    // setup the security context interceptor
    if (isSecurityDomainKnown) {
        final HashMap<Integer, InterceptorFactory> elytronInterceptorFactories = ejbComponentDescription.getElytronInterceptorFactories(contextID, ejbComponentDescription.isEnableJacc());
        elytronInterceptorFactories.forEach((priority, elytronInterceptorFactory) -> viewConfiguration.addViewInterceptor(elytronInterceptorFactory, priority));
    } else {
        viewConfiguration.addViewInterceptor(new SecurityContextInterceptorFactory(securityRequired, true, contextID), InterceptorOrder.View.SECURITY_CONTEXT);
    }
    // now add the authorization interceptor if the bean has *any* security metadata applicable
    if (securityRequired) {
        // check the missing-method-permissions-deny-access configuration and add the authorization interceptor
        // to methods which don't have explicit method permissions.
        // (@see http://anil-identity.blogspot.in/2010/02/tip-interpretation-of-missing-ejb.html for details)
        final Boolean denyAccessToMethodsMissingPermissions = ((EJBComponentDescription) componentConfiguration.getComponentDescription()).isMissingMethodPermissionsDeniedAccess();
        // default to "deny access"
        if (denyAccessToMethodsMissingPermissions != Boolean.FALSE) {
            for (final Method viewMethod : methodsWithoutExplicitSecurityConfiguration) {
                if (viewMethodSecurityAttributesServiceBuilder != null) {
                    // build the EJBViewMethodSecurityAttributesService to expose these security attributes to other components like WS (@see https://issues.jboss.org/browse/WFLY-308)
                    viewMethodSecurityAttributesServiceBuilder.addMethodSecurityMetadata(viewMethod, EJBMethodSecurityAttribute.denyAll());
                }
                // "deny access" implies we need the authorization interceptor to be added so that it can nuke the invocation
                if (isSecurityDomainKnown) {
                    viewConfiguration.addViewInterceptor(viewMethod, new ImmediateInterceptorFactory(RolesAllowedInterceptor.DENY_ALL), InterceptorOrder.View.EJB_SECURITY_AUTHORIZATION_INTERCEPTOR);
                } else {
                    final Interceptor authorizationInterceptor = new AuthorizationInterceptor(EJBMethodSecurityAttribute.denyAll(), viewClassName, viewMethod, contextID);
                    viewConfiguration.addViewInterceptor(viewMethod, new ImmediateInterceptorFactory(authorizationInterceptor), InterceptorOrder.View.EJB_SECURITY_AUTHORIZATION_INTERCEPTOR);
                }
            }
        }
    }
    if (viewMethodSecurityAttributesServiceBuilder != null) {
        final EJBViewMethodSecurityAttributesService viewMethodSecurityAttributesService = viewMethodSecurityAttributesServiceBuilder.build();
        context.getServiceTarget().addService(viewMethodSecurityAttributesServiceName, viewMethodSecurityAttributesService).install();
    }
}
Also used : EJBViewDescription(org.jboss.as.ejb3.component.EJBViewDescription) ArrayList(java.util.ArrayList) Method(java.lang.reflect.Method) EJBComponentDescription(org.jboss.as.ejb3.component.EJBComponentDescription) EJBViewMethodSecurityAttributesService(org.jboss.as.ejb3.security.service.EJBViewMethodSecurityAttributesService) InterceptorFactory(org.jboss.invocation.InterceptorFactory) ImmediateInterceptorFactory(org.jboss.invocation.ImmediateInterceptorFactory) ServiceName(org.jboss.msc.service.ServiceName) ImmediateInterceptorFactory(org.jboss.invocation.ImmediateInterceptorFactory) DeploymentUnit(org.jboss.as.server.deployment.DeploymentUnit) DeploymentReflectionIndex(org.jboss.as.server.deployment.reflect.DeploymentReflectionIndex) SessionBeanComponentDescription(org.jboss.as.ejb3.component.session.SessionBeanComponentDescription) Interceptor(org.jboss.invocation.Interceptor)

Example 15 with EJBComponentDescription

use of org.jboss.as.ejb3.component.EJBComponentDescription in project wildfly by wildfly.

the class TimerMethodMergingProcessor method handleAnnotations.

@Override
protected void handleAnnotations(final DeploymentUnit deploymentUnit, final EEApplicationClasses applicationClasses, final DeploymentReflectionIndex deploymentReflectionIndex, final Class<?> componentClass, final EJBComponentDescription description) throws DeploymentUnitProcessingException {
    final RuntimeAnnotationInformation<AutoTimer> scheduleAnnotationData = MethodAnnotationAggregator.runtimeAnnotationInformation(componentClass, applicationClasses, deploymentReflectionIndex, Schedule.class);
    final Set<Method> timerAnnotationData = MethodAnnotationAggregator.runtimeAnnotationPresent(componentClass, applicationClasses, deploymentReflectionIndex, Timeout.class);
    final Method timeoutMethod;
    if (timerAnnotationData.size() > 1) {
        throw EjbLogger.ROOT_LOGGER.componentClassHasMultipleTimeoutAnnotations(componentClass);
    } else if (timerAnnotationData.size() == 1) {
        timeoutMethod = timerAnnotationData.iterator().next();
    } else {
        timeoutMethod = null;
    }
    description.setTimeoutMethod(timeoutMethod);
    //now for the schedule methods
    for (Map.Entry<Method, List<AutoTimer>> entry : scheduleAnnotationData.getMethodAnnotations().entrySet()) {
        for (AutoTimer timer : entry.getValue()) {
            description.addScheduleMethod(entry.getKey(), timer);
        }
    }
}
Also used : AutoTimer(org.jboss.as.ejb3.timerservice.AutoTimer) List(java.util.List) Method(java.lang.reflect.Method) Map(java.util.Map)

Aggregations

EJBComponentDescription (org.jboss.as.ejb3.component.EJBComponentDescription)23 EEModuleDescription (org.jboss.as.ee.component.EEModuleDescription)16 DeploymentUnit (org.jboss.as.server.deployment.DeploymentUnit)15 ComponentDescription (org.jboss.as.ee.component.ComponentDescription)14 EJBViewDescription (org.jboss.as.ejb3.component.EJBViewDescription)9 EjbJarMetaData (org.jboss.metadata.ejb.spec.EjbJarMetaData)9 Method (java.lang.reflect.Method)8 DeploymentPhaseContext (org.jboss.as.server.deployment.DeploymentPhaseContext)8 Module (org.jboss.modules.Module)8 ServiceName (org.jboss.msc.service.ServiceName)8 HashMap (java.util.HashMap)7 ComponentConfiguration (org.jboss.as.ee.component.ComponentConfiguration)7 SessionBeanComponentDescription (org.jboss.as.ejb3.component.session.SessionBeanComponentDescription)7 DeploymentReflectionIndex (org.jboss.as.server.deployment.reflect.DeploymentReflectionIndex)7 ViewDescription (org.jboss.as.ee.component.ViewDescription)6 DeploymentUnitProcessingException (org.jboss.as.server.deployment.DeploymentUnitProcessingException)6 Map (java.util.Map)5 ComponentConfigurator (org.jboss.as.ee.component.ComponentConfigurator)5 MethodIntf (org.jboss.as.ejb3.component.MethodIntf)5 MessageDrivenComponentDescription (org.jboss.as.ejb3.component.messagedriven.MessageDrivenComponentDescription)5