Examples with SessionBeanComponentDescription org.jboss.as.ejb3.component.session.SessionBeanComponentDescription used on opensource projects

Example 1 with SessionBeanComponentDescription

use of org.jboss.as.ejb3.component.session.SessionBeanComponentDescription in project wildfly by wildfly.

the class WSRefAnnotationProcessor method processRef.

private static void processRef(final DeploymentUnit unit, final String type, final WSRefAnnotationWrapper annotation, final ClassInfo classInfo, final InjectionTarget injectionTarget, final String bindingName) throws DeploymentUnitProcessingException {
    final EEModuleDescription moduleDescription = unit.getAttachment(Attachments.EE_MODULE_DESCRIPTION);
    final AnnotatedElement target = createAnnotatedElement(unit, classInfo, injectionTarget);
    final String componentClassName = classInfo.name().toString();
    final Map<String, String> bindingMap = new HashMap<String, String>();
    boolean isEJB = false;
    for (final ComponentDescription componentDescription : moduleDescription.getComponentsByClassName(componentClassName)) {
        if (componentDescription instanceof SessionBeanComponentDescription) {
            isEJB = true;
            bindingMap.put(componentDescription.getComponentName() + "/" + bindingName, bindingName);
        }
    }
    if (!isEJB) {
        bindingMap.put(bindingName, bindingName);
    }
    for (String refKey : bindingMap.keySet()) {
        String refName = bindingMap.get(refKey);
        ManagedReferenceFactory factory = WebServiceReferences.createWebServiceFactory(unit, type, annotation, target, refName, refKey);
        final EEModuleClassDescription classDescription = moduleDescription.addOrGetLocalClassDescription(classInfo.name().toString());
        // Create the binding from whence our injection comes.
        final InjectionSource serviceRefSource = new FixedInjectionSource(factory, factory);
        final BindingConfiguration bindingConfiguration = new BindingConfiguration(refName, serviceRefSource);
        classDescription.getBindingConfigurations().add(bindingConfiguration);
        // our injection comes from the local lookup, no matter what.
        final ResourceInjectionConfiguration injectionConfiguration = injectionTarget != null ? new ResourceInjectionConfiguration(injectionTarget, new LookupInjectionSource(refName)) : null;
        if (injectionConfiguration != null) {
            classDescription.addResourceInjection(injectionConfiguration);
        }
    }
}

Example 2 with SessionBeanComponentDescription

use of org.jboss.as.ejb3.component.session.SessionBeanComponentDescription in project wildfly by wildfly.

the class EJBSecurityViewConfigurator method configure.

@Override
public void configure(DeploymentPhaseContext context, ComponentConfiguration componentConfiguration, ViewDescription viewDescription, ViewConfiguration viewConfiguration) throws DeploymentUnitProcessingException {
    if (componentConfiguration.getComponentDescription() instanceof EJBComponentDescription == false) {
        throw EjbLogger.ROOT_LOGGER.invalidEjbComponent(componentConfiguration.getComponentName(), componentConfiguration.getComponentClass());
    }
    final DeploymentUnit deploymentUnit = context.getDeploymentUnit();
    final EJBComponentDescription ejbComponentDescription = (EJBComponentDescription) componentConfiguration.getComponentDescription();
    final boolean isSecurityDomainKnown = ejbComponentDescription.isSecurityDomainKnown();
    if ((!deploymentUnit.hasAttachment(SecurityAttachments.SECURITY_ENABLED)) && (!isSecurityDomainKnown)) {
        // the security subsystem is not present and Elytron is not being used for security, we don't apply any security settings
        return;
    }
    final DeploymentReflectionIndex deploymentReflectionIndex = deploymentUnit.getAttachment(org.jboss.as.server.deployment.Attachments.REFLECTION_INDEX);
    // In such cases, we do *not* apply any security interceptors
    if (ejbComponentDescription.getSecurityDomain() == null || ejbComponentDescription.getSecurityDomain().isEmpty()) {
        if (ROOT_LOGGER.isDebugEnabled()) {
            ROOT_LOGGER.debug("Security is *not* enabled on EJB: " + ejbComponentDescription.getEJBName() + ", since no explicit security domain is configured for the bean, nor is there any default security domain configured in the EJB3 subsystem");
        }
        return;
    }
    final String viewClassName = viewDescription.getViewClassName();
    final EJBViewDescription ejbViewDescription = (EJBViewDescription) viewDescription;
    // setup the JACC contextID.
    String contextID = deploymentUnit.getName();
    if (deploymentUnit.getParent() != null) {
        contextID = deploymentUnit.getParent().getName() + "!" + contextID;
    }
    final EJBViewMethodSecurityAttributesService.Builder viewMethodSecurityAttributesServiceBuilder;
    final ServiceName viewMethodSecurityAttributesServiceName;
    // for both these views. So here we skip the @WebService view if the bean also has a @LocalBean (no-interface) view and let the EJBViewMethodSecurityAttributesService be built when the no-interface view is processed
    if (ejbComponentDescription instanceof SessionBeanComponentDescription && MethodIntf.SERVICE_ENDPOINT == ejbViewDescription.getMethodIntf() && ((SessionBeanComponentDescription) ejbComponentDescription).hasNoInterfaceView()) {
        viewMethodSecurityAttributesServiceBuilder = null;
        viewMethodSecurityAttributesServiceName = null;
    } else {
        viewMethodSecurityAttributesServiceBuilder = new EJBViewMethodSecurityAttributesService.Builder();
        viewMethodSecurityAttributesServiceName = EJBViewMethodSecurityAttributesService.getServiceName(ejbComponentDescription.getApplicationName(), ejbComponentDescription.getModuleName(), ejbComponentDescription.getEJBName(), viewClassName);
    }
    // setup the method specific security interceptor(s)
    boolean beanHasMethodLevelSecurityMetadata = false;
    final List<Method> viewMethods = viewConfiguration.getProxyFactory().getCachedMethods();
    final List<Method> methodsWithoutExplicitSecurityConfiguration = new ArrayList<Method>();
    for (final Method viewMethod : viewMethods) {
        // TODO: proxy factory exposes non-public methods, is this a bug in the no-interface view?
        if (!Modifier.isPublic(viewMethod.getModifiers())) {
            continue;
        }
        if (viewMethod.getDeclaringClass() == WriteReplaceInterface.class) {
            continue;
        }
        // setup the authorization interceptor
        final ApplicableMethodInformation<EJBMethodSecurityAttribute> permissions = ejbComponentDescription.getDescriptorMethodPermissions();
        boolean methodHasSecurityMetadata = handlePermissions(contextID, componentConfiguration, viewConfiguration, deploymentReflectionIndex, viewClassName, ejbViewDescription, viewMethod, permissions, false, viewMethodSecurityAttributesServiceBuilder, ejbComponentDescription);
        if (!methodHasSecurityMetadata) {
            //if it was not handled by the descriptor processor we look for annotation basic info
            methodHasSecurityMetadata = handlePermissions(contextID, componentConfiguration, viewConfiguration, deploymentReflectionIndex, viewClassName, ejbViewDescription, viewMethod, ejbComponentDescription.getAnnotationMethodPermissions(), true, viewMethodSecurityAttributesServiceBuilder, ejbComponentDescription);
        }
        // if any method has security metadata then the bean has method level security metadata
        if (methodHasSecurityMetadata) {
            beanHasMethodLevelSecurityMetadata = true;
        } else {
            // make a note that this method didn't have any explicit method permissions configured
            methodsWithoutExplicitSecurityConfiguration.add(viewMethod);
        }
    }
    final boolean securityRequired = beanHasMethodLevelSecurityMetadata || ejbComponentDescription.hasBeanLevelSecurityMetadata();
    // setup the security context interceptor
    if (isSecurityDomainKnown) {
        final HashMap<Integer, InterceptorFactory> elytronInterceptorFactories = ejbComponentDescription.getElytronInterceptorFactories(contextID, ejbComponentDescription.isEnableJacc());
        elytronInterceptorFactories.forEach((priority, elytronInterceptorFactory) -> viewConfiguration.addViewInterceptor(elytronInterceptorFactory, priority));
    } else {
        viewConfiguration.addViewInterceptor(new SecurityContextInterceptorFactory(securityRequired, true, contextID), InterceptorOrder.View.SECURITY_CONTEXT);
    }
    // now add the authorization interceptor if the bean has *any* security metadata applicable
    if (securityRequired) {
        // check the missing-method-permissions-deny-access configuration and add the authorization interceptor
        // to methods which don't have explicit method permissions.
        // (@see http://anil-identity.blogspot.in/2010/02/tip-interpretation-of-missing-ejb.html for details)
        final Boolean denyAccessToMethodsMissingPermissions = ((EJBComponentDescription) componentConfiguration.getComponentDescription()).isMissingMethodPermissionsDeniedAccess();
        // default to "deny access"
        if (denyAccessToMethodsMissingPermissions != Boolean.FALSE) {
            for (final Method viewMethod : methodsWithoutExplicitSecurityConfiguration) {
                if (viewMethodSecurityAttributesServiceBuilder != null) {
                    // build the EJBViewMethodSecurityAttributesService to expose these security attributes to other components like WS (@see https://issues.jboss.org/browse/WFLY-308)
                    viewMethodSecurityAttributesServiceBuilder.addMethodSecurityMetadata(viewMethod, EJBMethodSecurityAttribute.denyAll());
                }
                // "deny access" implies we need the authorization interceptor to be added so that it can nuke the invocation
                if (isSecurityDomainKnown) {
                    viewConfiguration.addViewInterceptor(viewMethod, new ImmediateInterceptorFactory(RolesAllowedInterceptor.DENY_ALL), InterceptorOrder.View.EJB_SECURITY_AUTHORIZATION_INTERCEPTOR);
                } else {
                    final Interceptor authorizationInterceptor = new AuthorizationInterceptor(EJBMethodSecurityAttribute.denyAll(), viewClassName, viewMethod, contextID);
                    viewConfiguration.addViewInterceptor(viewMethod, new ImmediateInterceptorFactory(authorizationInterceptor), InterceptorOrder.View.EJB_SECURITY_AUTHORIZATION_INTERCEPTOR);
                }
            }
        }
    }
    if (viewMethodSecurityAttributesServiceBuilder != null) {
        final EJBViewMethodSecurityAttributesService viewMethodSecurityAttributesService = viewMethodSecurityAttributesServiceBuilder.build();
        context.getServiceTarget().addService(viewMethodSecurityAttributesServiceName, viewMethodSecurityAttributesService).install();
    }
}

Example 3 with SessionBeanComponentDescription

use of org.jboss.as.ejb3.component.session.SessionBeanComponentDescription in project wildfly by wildfly.

the class DeploymentDescriptorMethodProcessor method deploy.

@Override
public void deploy(final DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
    final DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
    final EEModuleDescription eeModuleDescription = deploymentUnit.getAttachment(org.jboss.as.ee.component.Attachments.EE_MODULE_DESCRIPTION);
    final DeploymentReflectionIndex reflectionIndex = deploymentUnit.getAttachment(org.jboss.as.server.deployment.Attachments.REFLECTION_INDEX);
    final Module module = deploymentUnit.getAttachment(Attachments.MODULE);
    if (eeModuleDescription != null) {
        for (final ComponentDescription component : eeModuleDescription.getComponentDescriptions()) {
            if (component instanceof EJBComponentDescription) {
                try {
                    if (component instanceof SessionBeanComponentDescription || component instanceof MessageDrivenComponentDescription)
                        handleSessionBean((EJBComponentDescription) component, module, reflectionIndex);
                    if (component instanceof StatelessComponentDescription || component instanceof MessageDrivenComponentDescription) {
                        handleStatelessSessionBean((EJBComponentDescription) component, module, reflectionIndex);
                    }
                } catch (ClassNotFoundException e) {
                    throw EjbLogger.ROOT_LOGGER.failToLoadComponentClass(e, component.getComponentName());
                }
            }
        }
    }
}

Example 4 with SessionBeanComponentDescription

use of org.jboss.as.ejb3.component.session.SessionBeanComponentDescription in project wildfly by wildfly.

the class SessionBeanComponentDescriptionFactory method processSessionBeanMetaData.

private void processSessionBeanMetaData(final DeploymentUnit deploymentUnit, final SessionBeanMetaData sessionBean) throws DeploymentUnitProcessingException {
    final EjbJarDescription ejbJarDescription = getEjbJarDescription(deploymentUnit);
    final CompositeIndex compositeIndex = deploymentUnit.getAttachment(org.jboss.as.server.deployment.Attachments.COMPOSITE_ANNOTATION_INDEX);
    final String beanName = sessionBean.getName();
    SessionType sessionType = sessionBean.getSessionType();
    if (sessionType == null && sessionBean instanceof GenericBeanMetaData) {
        final GenericBeanMetaData bean = (GenericBeanMetaData) sessionBean;
        if (bean.getEjbType() == EjbType.SESSION) {
            sessionType = determineSessionType(sessionBean.getEjbClass(), compositeIndex);
            if (sessionType == null) {
                throw EjbLogger.ROOT_LOGGER.sessionTypeNotSpecified(beanName);
            }
        } else {
            //it is not a session bean, so we ignore it
            return;
        }
    } else if (sessionType == null) {
        sessionType = determineSessionType(sessionBean.getEjbClass(), compositeIndex);
        if (sessionType == null) {
            throw EjbLogger.ROOT_LOGGER.sessionTypeNotSpecified(beanName);
        }
    }
    final String beanClassName = sessionBean.getEjbClass();
    final SessionBeanComponentDescription sessionBeanDescription;
    switch(sessionType) {
        case Stateless:
            sessionBeanDescription = new StatelessComponentDescription(beanName, beanClassName, ejbJarDescription, deploymentUnit.getServiceName(), sessionBean);
            break;
        case Stateful:
            sessionBeanDescription = new StatefulComponentDescription(beanName, beanClassName, ejbJarDescription, deploymentUnit.getServiceName(), sessionBean);
            if (sessionBean instanceof SessionBean32MetaData && ((SessionBean32MetaData) sessionBean).isPassivationCapable() != null) {
                ((StatefulComponentDescription) sessionBeanDescription).setPassivationApplicable(((SessionBean32MetaData) sessionBean).isPassivationCapable());
            }
            break;
        case Singleton:
            sessionBeanDescription = new SingletonComponentDescription(beanName, beanClassName, ejbJarDescription, deploymentUnit.getServiceName(), sessionBean);
            break;
        default:
            throw EjbLogger.ROOT_LOGGER.unknownSessionBeanType(sessionType.name());
    }
    addComponent(deploymentUnit, sessionBeanDescription);
}

Example 5 with SessionBeanComponentDescription

use of org.jboss.as.ejb3.component.session.SessionBeanComponentDescription in project wildfly by wildfly.

the class SessionBeanHomeProcessor method processComponentConfig.

@Override
protected void processComponentConfig(final DeploymentUnit deploymentUnit, final DeploymentPhaseContext phaseContext, final CompositeIndex index, final ComponentDescription componentDescription) throws DeploymentUnitProcessingException {
    if (componentDescription instanceof SessionBeanComponentDescription) {
        final SessionBeanComponentDescription ejbComponentDescription = (SessionBeanComponentDescription) componentDescription;
        //check for EJB's with a local home interface
        if (ejbComponentDescription.getEjbLocalHomeView() != null) {
            final EJBViewDescription view = ejbComponentDescription.getEjbLocalHomeView();
            final EJBViewDescription ejbLocalView = ejbComponentDescription.getEjbLocalView();
            configureHome(phaseContext, componentDescription, ejbComponentDescription, view, ejbLocalView);
        }
        if (ejbComponentDescription.getEjbHomeView() != null) {
            final EJBViewDescription view = ejbComponentDescription.getEjbHomeView();
            final EJBViewDescription ejbRemoteView = ejbComponentDescription.getEjbRemoteView();
            configureHome(phaseContext, componentDescription, ejbComponentDescription, view, ejbRemoteView);
        }
    }
}