use of org.jboss.as.ejb3.component.EJBComponentDescription in project wildfly by wildfly.
the class EjbManagementDeploymentUnitProcessor method deploy.
@Override
public void deploy(DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
final DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
final EEModuleConfiguration moduleDescription = deploymentUnit.getAttachment(EE_MODULE_CONFIGURATION);
if (moduleDescription == null) {
// Nothing to do
return;
}
if (deploymentUnit.getParent() != null && deploymentUnit.getParent().getParent() != null) {
// We only expose management resources 2 levels deep
return;
}
// Iterate through each component, installing it into the container
for (final ComponentConfiguration configuration : moduleDescription.getComponentConfigurations()) {
try {
final ComponentDescription componentDescription = configuration.getComponentDescription();
if (componentDescription instanceof EJBComponentDescription) {
installManagementResource(configuration, deploymentUnit);
}
} catch (RuntimeException e) {
throw EjbLogger.ROOT_LOGGER.failedToInstallManagementResource(e, configuration.getComponentName());
}
}
}
use of org.jboss.as.ejb3.component.EJBComponentDescription in project wildfly by wildfly.
the class EjbManagementDeploymentUnitProcessor method installManagementResource.
private void installManagementResource(ComponentConfiguration configuration, DeploymentUnit deploymentUnit) {
final EJBComponentType type = EJBComponentType.getComponentType(configuration);
PathAddress addr = getComponentAddress(type, configuration, deploymentUnit);
final AbstractEJBComponentRuntimeHandler<?> handler = type.getRuntimeHandler();
handler.registerComponent(addr, configuration.getComponentDescription().getStartServiceName());
deploymentUnit.addToAttachmentList(EjbDeploymentAttachmentKeys.MANAGED_COMPONENTS, new InstalledComponent(type, addr));
final DeploymentResourceSupport deploymentResourceSupport = deploymentUnit.getAttachment(Attachments.DEPLOYMENT_RESOURCE_SUPPORT);
deploymentResourceSupport.getDeploymentSubModel(EJB3Extension.SUBSYSTEM_NAME, addr.getLastElement());
final EJBComponentDescription description = (EJBComponentDescription) configuration.getComponentDescription();
if (description.isTimerServiceRequired()) {
final PathAddress timerServiceAddress = PathAddress.pathAddress(addr.getLastElement(), EJB3SubsystemModel.TIMER_SERVICE_PATH);
final TimerServiceResource timerServiceResource = ((TimerServiceImpl) description.getTimerService()).getResource();
deploymentResourceSupport.registerDeploymentSubResource(EJB3Extension.SUBSYSTEM_NAME, timerServiceAddress, timerServiceResource);
}
}
use of org.jboss.as.ejb3.component.EJBComponentDescription in project wildfly by wildfly.
the class SecurityRoleRefDDProcessor method processBeanMetaData.
@Override
protected void processBeanMetaData(final EnterpriseBeanMetaData beanMetaData, final DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
final SecurityRoleRefsMetaData securityRoleRefs = beanMetaData.getSecurityRoleRefs();
if (securityRoleRefs == null) {
return;
}
final DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
final EEModuleDescription moduleDescription = deploymentUnit.getAttachment(Attachments.EE_MODULE_DESCRIPTION);
final EJBComponentDescription ejbComponentDescription = (EJBComponentDescription) moduleDescription.getComponentByName(beanMetaData.getEjbName());
for (final SecurityRoleRefMetaData securityRoleRef : securityRoleRefs) {
final String fromRole = securityRoleRef.getRoleName();
String toRole = securityRoleRef.getRoleLink();
if (fromRole == null || fromRole.trim().isEmpty()) {
throw EjbLogger.ROOT_LOGGER.roleNamesIsNull(ejbComponentDescription.getEJBName());
}
// in the role-name
if (toRole == null) {
toRole = fromRole;
}
ejbComponentDescription.linkSecurityRoles(fromRole, toRole);
}
}
use of org.jboss.as.ejb3.component.EJBComponentDescription in project wildfly by wildfly.
the class EJBSecurityViewConfigurator method configure.
@Override
public void configure(DeploymentPhaseContext context, ComponentConfiguration componentConfiguration, ViewDescription viewDescription, ViewConfiguration viewConfiguration) throws DeploymentUnitProcessingException {
if (componentConfiguration.getComponentDescription() instanceof EJBComponentDescription == false) {
throw EjbLogger.ROOT_LOGGER.invalidEjbComponent(componentConfiguration.getComponentName(), componentConfiguration.getComponentClass());
}
final DeploymentUnit deploymentUnit = context.getDeploymentUnit();
final EJBComponentDescription ejbComponentDescription = (EJBComponentDescription) componentConfiguration.getComponentDescription();
final boolean isSecurityDomainKnown = ejbComponentDescription.isSecurityDomainKnown();
if ((!deploymentUnit.hasAttachment(SecurityAttachments.SECURITY_ENABLED)) && (!isSecurityDomainKnown)) {
// the security subsystem is not present and Elytron is not being used for security, we don't apply any security settings
return;
}
final DeploymentReflectionIndex deploymentReflectionIndex = deploymentUnit.getAttachment(org.jboss.as.server.deployment.Attachments.REFLECTION_INDEX);
// In such cases, we do *not* apply any security interceptors
if (ejbComponentDescription.getSecurityDomain() == null || ejbComponentDescription.getSecurityDomain().isEmpty()) {
if (ROOT_LOGGER.isDebugEnabled()) {
ROOT_LOGGER.debug("Security is *not* enabled on EJB: " + ejbComponentDescription.getEJBName() + ", since no explicit security domain is configured for the bean, nor is there any default security domain configured in the EJB3 subsystem");
}
return;
}
final String viewClassName = viewDescription.getViewClassName();
final EJBViewDescription ejbViewDescription = (EJBViewDescription) viewDescription;
// setup the JACC contextID.
String contextID = deploymentUnit.getName();
if (deploymentUnit.getParent() != null) {
contextID = deploymentUnit.getParent().getName() + "!" + contextID;
}
final EJBViewMethodSecurityAttributesService.Builder viewMethodSecurityAttributesServiceBuilder;
final ServiceName viewMethodSecurityAttributesServiceName;
// for both these views. So here we skip the @WebService view if the bean also has a @LocalBean (no-interface) view and let the EJBViewMethodSecurityAttributesService be built when the no-interface view is processed
if (ejbComponentDescription instanceof SessionBeanComponentDescription && MethodIntf.SERVICE_ENDPOINT == ejbViewDescription.getMethodIntf() && ((SessionBeanComponentDescription) ejbComponentDescription).hasNoInterfaceView()) {
viewMethodSecurityAttributesServiceBuilder = null;
viewMethodSecurityAttributesServiceName = null;
} else {
viewMethodSecurityAttributesServiceBuilder = new EJBViewMethodSecurityAttributesService.Builder();
viewMethodSecurityAttributesServiceName = EJBViewMethodSecurityAttributesService.getServiceName(ejbComponentDescription.getApplicationName(), ejbComponentDescription.getModuleName(), ejbComponentDescription.getEJBName(), viewClassName);
}
// setup the method specific security interceptor(s)
boolean beanHasMethodLevelSecurityMetadata = false;
final List<Method> viewMethods = viewConfiguration.getProxyFactory().getCachedMethods();
final List<Method> methodsWithoutExplicitSecurityConfiguration = new ArrayList<Method>();
for (final Method viewMethod : viewMethods) {
// TODO: proxy factory exposes non-public methods, is this a bug in the no-interface view?
if (!Modifier.isPublic(viewMethod.getModifiers())) {
continue;
}
if (viewMethod.getDeclaringClass() == WriteReplaceInterface.class) {
continue;
}
// setup the authorization interceptor
final ApplicableMethodInformation<EJBMethodSecurityAttribute> permissions = ejbComponentDescription.getDescriptorMethodPermissions();
boolean methodHasSecurityMetadata = handlePermissions(contextID, componentConfiguration, viewConfiguration, deploymentReflectionIndex, viewClassName, ejbViewDescription, viewMethod, permissions, false, viewMethodSecurityAttributesServiceBuilder, ejbComponentDescription);
if (!methodHasSecurityMetadata) {
//if it was not handled by the descriptor processor we look for annotation basic info
methodHasSecurityMetadata = handlePermissions(contextID, componentConfiguration, viewConfiguration, deploymentReflectionIndex, viewClassName, ejbViewDescription, viewMethod, ejbComponentDescription.getAnnotationMethodPermissions(), true, viewMethodSecurityAttributesServiceBuilder, ejbComponentDescription);
}
// if any method has security metadata then the bean has method level security metadata
if (methodHasSecurityMetadata) {
beanHasMethodLevelSecurityMetadata = true;
} else {
// make a note that this method didn't have any explicit method permissions configured
methodsWithoutExplicitSecurityConfiguration.add(viewMethod);
}
}
final boolean securityRequired = beanHasMethodLevelSecurityMetadata || ejbComponentDescription.hasBeanLevelSecurityMetadata();
// setup the security context interceptor
if (isSecurityDomainKnown) {
final HashMap<Integer, InterceptorFactory> elytronInterceptorFactories = ejbComponentDescription.getElytronInterceptorFactories(contextID, ejbComponentDescription.isEnableJacc());
elytronInterceptorFactories.forEach((priority, elytronInterceptorFactory) -> viewConfiguration.addViewInterceptor(elytronInterceptorFactory, priority));
} else {
viewConfiguration.addViewInterceptor(new SecurityContextInterceptorFactory(securityRequired, true, contextID), InterceptorOrder.View.SECURITY_CONTEXT);
}
// now add the authorization interceptor if the bean has *any* security metadata applicable
if (securityRequired) {
// check the missing-method-permissions-deny-access configuration and add the authorization interceptor
// to methods which don't have explicit method permissions.
// (@see http://anil-identity.blogspot.in/2010/02/tip-interpretation-of-missing-ejb.html for details)
final Boolean denyAccessToMethodsMissingPermissions = ((EJBComponentDescription) componentConfiguration.getComponentDescription()).isMissingMethodPermissionsDeniedAccess();
// default to "deny access"
if (denyAccessToMethodsMissingPermissions != Boolean.FALSE) {
for (final Method viewMethod : methodsWithoutExplicitSecurityConfiguration) {
if (viewMethodSecurityAttributesServiceBuilder != null) {
// build the EJBViewMethodSecurityAttributesService to expose these security attributes to other components like WS (@see https://issues.jboss.org/browse/WFLY-308)
viewMethodSecurityAttributesServiceBuilder.addMethodSecurityMetadata(viewMethod, EJBMethodSecurityAttribute.denyAll());
}
// "deny access" implies we need the authorization interceptor to be added so that it can nuke the invocation
if (isSecurityDomainKnown) {
viewConfiguration.addViewInterceptor(viewMethod, new ImmediateInterceptorFactory(RolesAllowedInterceptor.DENY_ALL), InterceptorOrder.View.EJB_SECURITY_AUTHORIZATION_INTERCEPTOR);
} else {
final Interceptor authorizationInterceptor = new AuthorizationInterceptor(EJBMethodSecurityAttribute.denyAll(), viewClassName, viewMethod, contextID);
viewConfiguration.addViewInterceptor(viewMethod, new ImmediateInterceptorFactory(authorizationInterceptor), InterceptorOrder.View.EJB_SECURITY_AUTHORIZATION_INTERCEPTOR);
}
}
}
}
if (viewMethodSecurityAttributesServiceBuilder != null) {
final EJBViewMethodSecurityAttributesService viewMethodSecurityAttributesService = viewMethodSecurityAttributesServiceBuilder.build();
context.getServiceTarget().addService(viewMethodSecurityAttributesServiceName, viewMethodSecurityAttributesService).install();
}
}
use of org.jboss.as.ejb3.component.EJBComponentDescription in project wildfly by wildfly.
the class TimerMethodMergingProcessor method handleAnnotations.
@Override
protected void handleAnnotations(final DeploymentUnit deploymentUnit, final EEApplicationClasses applicationClasses, final DeploymentReflectionIndex deploymentReflectionIndex, final Class<?> componentClass, final EJBComponentDescription description) throws DeploymentUnitProcessingException {
final RuntimeAnnotationInformation<AutoTimer> scheduleAnnotationData = MethodAnnotationAggregator.runtimeAnnotationInformation(componentClass, applicationClasses, deploymentReflectionIndex, Schedule.class);
final Set<Method> timerAnnotationData = MethodAnnotationAggregator.runtimeAnnotationPresent(componentClass, applicationClasses, deploymentReflectionIndex, Timeout.class);
final Method timeoutMethod;
if (timerAnnotationData.size() > 1) {
throw EjbLogger.ROOT_LOGGER.componentClassHasMultipleTimeoutAnnotations(componentClass);
} else if (timerAnnotationData.size() == 1) {
timeoutMethod = timerAnnotationData.iterator().next();
} else {
timeoutMethod = null;
}
description.setTimeoutMethod(timeoutMethod);
//now for the schedule methods
for (Map.Entry<Method, List<AutoTimer>> entry : scheduleAnnotationData.getMethodAnnotations().entrySet()) {
for (AutoTimer timer : entry.getValue()) {
description.addScheduleMethod(entry.getKey(), timer);
}
}
}
Aggregations