Example 1 with EJBSecurityMetaData
use of org.jboss.as.ejb3.security.EJBSecurityMetaData in project wildfly by wildfly.
the class SecurityDomainInterceptorFactory method create.
@Override
protected Interceptor create(final Component component, final InterceptorFactoryContext context) {
if (!(component instanceof EJBComponent)) {
throw EjbLogger.ROOT_LOGGER.unexpectedComponent(component, EJBComponent.class);
}
final EJBComponent ejbComponent = (EJBComponent) component;
final EJBSecurityMetaData securityMetaData = ejbComponent.getSecurityMetaData();
String securityDomainName = securityMetaData.getSecurityDomainName();
if (securityDomainName == null) {
securityDomainName = DEFAULT_DOMAIN;
}
final SecurityDomain securityDomain = ejbComponent.getSecurityDomain();
if (securityDomain == null) {
throw EjbLogger.ROOT_LOGGER.invalidSecurityForDomainSet(ejbComponent.getComponentName());
}
if (ROOT_LOGGER.isTraceEnabled()) {
ROOT_LOGGER.trace("Using security domain: " + securityDomainName + " for EJB " + ejbComponent.getComponentName());
}
return new SecurityDomainInterceptor(securityDomain);
}
Also used :
EJBComponent(org.jboss.as.ejb3.component.EJBComponent)
SecurityDomain(org.wildfly.security.auth.server.SecurityDomain)
Example 2 with EJBSecurityMetaData
use of org.jboss.as.ejb3.security.EJBSecurityMetaData in project wildfly by wildfly.
the class AbstractEJBComponentRuntimeHandler method executeReadAttribute.
protected void executeReadAttribute(final String attributeName, final OperationContext context, final T component, final PathAddress address) {
final boolean hasPool = componentType.hasPool();
final ModelNode result = context.getResult();
final EJBComponentDescription componentDescription = component.getComponentDescription();
if (COMPONENT_CLASS_NAME.getName().equals(attributeName)) {
result.set(component.getComponentClass().getName());
} else if (JNDI_NAMES.getName().equals(attributeName)) {
for (ViewDescription view : componentDescription.getViews()) {
for (String binding : view.getBindingNames()) {
result.add(binding);
}
}
} else if (BUSINESS_LOCAL.getName().equals(attributeName)) {
for (final ViewDescription view : componentDescription.getViews()) {
final EJBViewDescription ejbViewDescription = (EJBViewDescription) view;
if (!ejbViewDescription.isEjb2xView() && ejbViewDescription.getMethodIntf() == MethodIntf.LOCAL) {
result.add(ejbViewDescription.getViewClassName());
}
}
} else if (BUSINESS_REMOTE.getName().equals(attributeName)) {
for (final ViewDescription view : componentDescription.getViews()) {
final EJBViewDescription ejbViewDescription = (EJBViewDescription) view;
if (!ejbViewDescription.isEjb2xView() && ejbViewDescription.getMethodIntf() == MethodIntf.REMOTE) {
result.add(ejbViewDescription.getViewClassName());
}
}
} else if (TIMEOUT_METHOD.getName().equals(attributeName)) {
final Method timeoutMethod = component.getTimeoutMethod();
if (timeoutMethod != null) {
result.set(timeoutMethod.toString());
}
} else if (ASYNC_METHODS.getName().equals(attributeName)) {
final SessionBeanComponentDescription sessionBeanComponentDescription = (SessionBeanComponentDescription) componentDescription;
final Set<MethodIdentifier> asynchronousMethods = sessionBeanComponentDescription.getAsynchronousMethods();
for (MethodIdentifier m : asynchronousMethods) {
result.add(m.getReturnType() + ' ' + m.getName() + '(' + String.join(", ", m.getParameterTypes()) + ')');
}
} else if (TRANSACTION_TYPE.getName().equals(attributeName)) {
result.set(component.isBeanManagedTransaction() ? TransactionManagementType.BEAN.name() : TransactionManagementType.CONTAINER.name());
} else if (SECURITY_DOMAIN.getName().equals(attributeName)) {
EJBSecurityMetaData md = component.getSecurityMetaData();
if (md != null && md.getSecurityDomainName() != null) {
result.set(md.getSecurityDomainName());
}
} else if (RUN_AS_ROLE.getName().equals(attributeName)) {
EJBSecurityMetaData md = component.getSecurityMetaData();
if (md != null && md.getRunAs() != null) {
result.set(md.getRunAs());
}
} else if (DECLARED_ROLES.getName().equals(attributeName)) {
EJBSecurityMetaData md = component.getSecurityMetaData();
if (md != null) {
result.setEmptyList();
Set<String> roles = md.getDeclaredRoles();
if (roles != null) {
for (String role : roles) {
result.add(role);
}
}
}
} else if (componentType.hasTimer() && TimerAttributeDefinition.INSTANCE.getName().equals(attributeName)) {
TimerAttributeDefinition.addTimers(component, result);
} else if (hasPool && POOL_AVAILABLE_COUNT.getName().equals(attributeName)) {
final Pool<?> pool = componentType.getPool(component);
if (pool != null) {
result.set(pool.getAvailableCount());
}
} else if (hasPool && POOL_CREATE_COUNT.getName().equals(attributeName)) {
final Pool<?> pool = componentType.getPool(component);
if (pool != null) {
result.set(pool.getCreateCount());
}
} else if (hasPool && POOL_NAME.getName().equals(attributeName)) {
final String poolName = componentType.pooledComponent(component).getPoolName();
if (poolName != null) {
result.set(poolName);
}
} else if (hasPool && POOL_REMOVE_COUNT.getName().equals(attributeName)) {
final Pool<?> pool = componentType.getPool(component);
if (pool != null) {
result.set(pool.getRemoveCount());
}
} else if (hasPool && POOL_CURRENT_SIZE.getName().equals(attributeName)) {
final Pool<?> pool = componentType.getPool(component);
if (pool != null) {
result.set(pool.getCurrentSize());
}
} else if (hasPool && POOL_MAX_SIZE.getName().equals(attributeName)) {
final Pool<?> pool = componentType.getPool(component);
if (pool != null) {
result.set(pool.getMaxSize());
}
} else {
// Bug; we were registered for an attribute but there is no code for handling it
throw EjbLogger.ROOT_LOGGER.unknownAttribute(attributeName);
}
}
Also used :
EJBViewDescription(org.jboss.as.ejb3.component.EJBViewDescription)
Set(java.util.Set)
EJBViewDescription(org.jboss.as.ejb3.component.EJBViewDescription)
ViewDescription(org.jboss.as.ee.component.ViewDescription)
Method(java.lang.reflect.Method)
MethodIdentifier(org.jboss.invocation.proxy.MethodIdentifier)
EJBSecurityMetaData(org.jboss.as.ejb3.security.EJBSecurityMetaData)
EJBComponentDescription(org.jboss.as.ejb3.component.EJBComponentDescription)
Pool(org.jboss.as.ejb3.pool.Pool)
ModelNode(org.jboss.dmr.ModelNode)
SessionBeanComponentDescription(org.jboss.as.ejb3.component.session.SessionBeanComponentDescription)
Example 3 with EJBSecurityMetaData
use of org.jboss.as.ejb3.security.EJBSecurityMetaData in project wildfly by wildfly.
the class SecurityContextInterceptorFactory method create.
@Override
protected Interceptor create(final Component component, final InterceptorFactoryContext context) {
if (component instanceof EJBComponent == false) {
throw EjbLogger.ROOT_LOGGER.unexpectedComponent(component, EJBComponent.class);
}
final EJBComponent ejbComponent = (EJBComponent) component;
final ServerSecurityManager securityManager;
if (propagateSecurity) {
securityManager = ejbComponent.getSecurityManager();
} else {
securityManager = new SimpleSecurityManager((SimpleSecurityManager) ejbComponent.getSecurityManager());
}
final EJBSecurityMetaData securityMetaData = ejbComponent.getSecurityMetaData();
String securityDomain = securityMetaData.getSecurityDomain();
if (securityDomain == null) {
securityDomain = DEFAULT_DOMAIN;
}
if (ROOT_LOGGER.isTraceEnabled()) {
ROOT_LOGGER.trace("Using security domain: " + securityDomain + " for EJB " + ejbComponent.getComponentName());
}
final String runAs = securityMetaData.getRunAs();
// TODO - We should do something with DeclaredRoles although it never has much meaning in JBoss AS
final String runAsPrincipal = securityMetaData.getRunAsPrincipal();
final SecurityRolesMetaData securityRoles = securityMetaData.getSecurityRoles();
Set<String> extraRoles = null;
Map<String, Set<String>> principalVsRolesMap = null;
if (securityRoles != null) {
principalVsRolesMap = securityRoles.getPrincipalVersusRolesMap();
if (runAsPrincipal != null)
extraRoles = securityRoles.getSecurityRoleNamesByPrincipal(runAsPrincipal);
}
SecurityContextInterceptorHolder holder = new SecurityContextInterceptorHolder();
holder.setSecurityManager(securityManager).setSecurityDomain(securityDomain).setRunAs(runAs).setRunAsPrincipal(runAsPrincipal).setPolicyContextID(this.policyContextID).setExtraRoles(extraRoles).setPrincipalVsRolesMap(principalVsRolesMap).setSkipAuthentication(securityRequired == false);
return new SecurityContextInterceptor(holder);
}
Also used :
Set(java.util.Set)
SecurityRolesMetaData(org.jboss.metadata.javaee.spec.SecurityRolesMetaData)
ServerSecurityManager(org.jboss.as.core.security.ServerSecurityManager)
EJBComponent(org.jboss.as.ejb3.component.EJBComponent)
SimpleSecurityManager(org.jboss.as.security.service.SimpleSecurityManager)
Aggregations
Set (java.util.Set)2
EJBComponent (org.jboss.as.ejb3.component.EJBComponent)2
Method (java.lang.reflect.Method)1
ServerSecurityManager (org.jboss.as.core.security.ServerSecurityManager)1
ViewDescription (org.jboss.as.ee.component.ViewDescription)1
EJBComponentDescription (org.jboss.as.ejb3.component.EJBComponentDescription)1
EJBViewDescription (org.jboss.as.ejb3.component.EJBViewDescription)1
SessionBeanComponentDescription (org.jboss.as.ejb3.component.session.SessionBeanComponentDescription)1
Pool (org.jboss.as.ejb3.pool.Pool)1
EJBSecurityMetaData (org.jboss.as.ejb3.security.EJBSecurityMetaData)1
SimpleSecurityManager (org.jboss.as.security.service.SimpleSecurityManager)1
ModelNode (org.jboss.dmr.ModelNode)1
MethodIdentifier (org.jboss.invocation.proxy.MethodIdentifier)1
SecurityRolesMetaData (org.jboss.metadata.javaee.spec.SecurityRolesMetaData)1
SecurityDomain (org.wildfly.security.auth.server.SecurityDomain)1
