Search in sources :

Example 1 with EJBSecurityMetaData

use of org.jboss.as.ejb3.security.EJBSecurityMetaData in project wildfly by wildfly.

the class SecurityDomainInterceptorFactory method create.

@Override
protected Interceptor create(final Component component, final InterceptorFactoryContext context) {
    if (!(component instanceof EJBComponent)) {
        throw EjbLogger.ROOT_LOGGER.unexpectedComponent(component, EJBComponent.class);
    }
    final EJBComponent ejbComponent = (EJBComponent) component;
    final EJBSecurityMetaData securityMetaData = ejbComponent.getSecurityMetaData();
    String securityDomainName = securityMetaData.getSecurityDomainName();
    if (securityDomainName == null) {
        securityDomainName = DEFAULT_DOMAIN;
    }
    final SecurityDomain securityDomain = ejbComponent.getSecurityDomain();
    if (securityDomain == null) {
        throw EjbLogger.ROOT_LOGGER.invalidSecurityForDomainSet(ejbComponent.getComponentName());
    }
    if (ROOT_LOGGER.isTraceEnabled()) {
        ROOT_LOGGER.trace("Using security domain: " + securityDomainName + " for EJB " + ejbComponent.getComponentName());
    }
    return new SecurityDomainInterceptor(securityDomain);
}
Also used : EJBComponent(org.jboss.as.ejb3.component.EJBComponent) SecurityDomain(org.wildfly.security.auth.server.SecurityDomain)

Example 2 with EJBSecurityMetaData

use of org.jboss.as.ejb3.security.EJBSecurityMetaData in project wildfly by wildfly.

the class AbstractEJBComponentRuntimeHandler method executeReadAttribute.

protected void executeReadAttribute(final String attributeName, final OperationContext context, final T component, final PathAddress address) {
    final boolean hasPool = componentType.hasPool();
    final ModelNode result = context.getResult();
    final EJBComponentDescription componentDescription = component.getComponentDescription();
    if (COMPONENT_CLASS_NAME.getName().equals(attributeName)) {
        result.set(component.getComponentClass().getName());
    } else if (JNDI_NAMES.getName().equals(attributeName)) {
        for (ViewDescription view : componentDescription.getViews()) {
            for (String binding : view.getBindingNames()) {
                result.add(binding);
            }
        }
    } else if (BUSINESS_LOCAL.getName().equals(attributeName)) {
        for (final ViewDescription view : componentDescription.getViews()) {
            final EJBViewDescription ejbViewDescription = (EJBViewDescription) view;
            if (!ejbViewDescription.isEjb2xView() && ejbViewDescription.getMethodIntf() == MethodIntf.LOCAL) {
                result.add(ejbViewDescription.getViewClassName());
            }
        }
    } else if (BUSINESS_REMOTE.getName().equals(attributeName)) {
        for (final ViewDescription view : componentDescription.getViews()) {
            final EJBViewDescription ejbViewDescription = (EJBViewDescription) view;
            if (!ejbViewDescription.isEjb2xView() && ejbViewDescription.getMethodIntf() == MethodIntf.REMOTE) {
                result.add(ejbViewDescription.getViewClassName());
            }
        }
    } else if (TIMEOUT_METHOD.getName().equals(attributeName)) {
        final Method timeoutMethod = component.getTimeoutMethod();
        if (timeoutMethod != null) {
            result.set(timeoutMethod.toString());
        }
    } else if (ASYNC_METHODS.getName().equals(attributeName)) {
        final SessionBeanComponentDescription sessionBeanComponentDescription = (SessionBeanComponentDescription) componentDescription;
        final Set<MethodIdentifier> asynchronousMethods = sessionBeanComponentDescription.getAsynchronousMethods();
        for (MethodIdentifier m : asynchronousMethods) {
            result.add(m.getReturnType() + ' ' + m.getName() + '(' + String.join(", ", m.getParameterTypes()) + ')');
        }
    } else if (TRANSACTION_TYPE.getName().equals(attributeName)) {
        result.set(component.isBeanManagedTransaction() ? TransactionManagementType.BEAN.name() : TransactionManagementType.CONTAINER.name());
    } else if (SECURITY_DOMAIN.getName().equals(attributeName)) {
        EJBSecurityMetaData md = component.getSecurityMetaData();
        if (md != null && md.getSecurityDomainName() != null) {
            result.set(md.getSecurityDomainName());
        }
    } else if (RUN_AS_ROLE.getName().equals(attributeName)) {
        EJBSecurityMetaData md = component.getSecurityMetaData();
        if (md != null && md.getRunAs() != null) {
            result.set(md.getRunAs());
        }
    } else if (DECLARED_ROLES.getName().equals(attributeName)) {
        EJBSecurityMetaData md = component.getSecurityMetaData();
        if (md != null) {
            result.setEmptyList();
            Set<String> roles = md.getDeclaredRoles();
            if (roles != null) {
                for (String role : roles) {
                    result.add(role);
                }
            }
        }
    } else if (componentType.hasTimer() && TimerAttributeDefinition.INSTANCE.getName().equals(attributeName)) {
        TimerAttributeDefinition.addTimers(component, result);
    } else if (hasPool && POOL_AVAILABLE_COUNT.getName().equals(attributeName)) {
        final Pool<?> pool = componentType.getPool(component);
        if (pool != null) {
            result.set(pool.getAvailableCount());
        }
    } else if (hasPool && POOL_CREATE_COUNT.getName().equals(attributeName)) {
        final Pool<?> pool = componentType.getPool(component);
        if (pool != null) {
            result.set(pool.getCreateCount());
        }
    } else if (hasPool && POOL_NAME.getName().equals(attributeName)) {
        final String poolName = componentType.pooledComponent(component).getPoolName();
        if (poolName != null) {
            result.set(poolName);
        }
    } else if (hasPool && POOL_REMOVE_COUNT.getName().equals(attributeName)) {
        final Pool<?> pool = componentType.getPool(component);
        if (pool != null) {
            result.set(pool.getRemoveCount());
        }
    } else if (hasPool && POOL_CURRENT_SIZE.getName().equals(attributeName)) {
        final Pool<?> pool = componentType.getPool(component);
        if (pool != null) {
            result.set(pool.getCurrentSize());
        }
    } else if (hasPool && POOL_MAX_SIZE.getName().equals(attributeName)) {
        final Pool<?> pool = componentType.getPool(component);
        if (pool != null) {
            result.set(pool.getMaxSize());
        }
    } else {
        // Bug; we were registered for an attribute but there is no code for handling it
        throw EjbLogger.ROOT_LOGGER.unknownAttribute(attributeName);
    }
}
Also used : EJBViewDescription(org.jboss.as.ejb3.component.EJBViewDescription) Set(java.util.Set) EJBViewDescription(org.jboss.as.ejb3.component.EJBViewDescription) ViewDescription(org.jboss.as.ee.component.ViewDescription) Method(java.lang.reflect.Method) MethodIdentifier(org.jboss.invocation.proxy.MethodIdentifier) EJBSecurityMetaData(org.jboss.as.ejb3.security.EJBSecurityMetaData) EJBComponentDescription(org.jboss.as.ejb3.component.EJBComponentDescription) Pool(org.jboss.as.ejb3.pool.Pool) ModelNode(org.jboss.dmr.ModelNode) SessionBeanComponentDescription(org.jboss.as.ejb3.component.session.SessionBeanComponentDescription)

Example 3 with EJBSecurityMetaData

use of org.jboss.as.ejb3.security.EJBSecurityMetaData in project wildfly by wildfly.

the class SecurityContextInterceptorFactory method create.

@Override
protected Interceptor create(final Component component, final InterceptorFactoryContext context) {
    if (component instanceof EJBComponent == false) {
        throw EjbLogger.ROOT_LOGGER.unexpectedComponent(component, EJBComponent.class);
    }
    final EJBComponent ejbComponent = (EJBComponent) component;
    final ServerSecurityManager securityManager;
    if (propagateSecurity) {
        securityManager = ejbComponent.getSecurityManager();
    } else {
        securityManager = new SimpleSecurityManager((SimpleSecurityManager) ejbComponent.getSecurityManager());
    }
    final EJBSecurityMetaData securityMetaData = ejbComponent.getSecurityMetaData();
    String securityDomain = securityMetaData.getSecurityDomain();
    if (securityDomain == null) {
        securityDomain = DEFAULT_DOMAIN;
    }
    if (ROOT_LOGGER.isTraceEnabled()) {
        ROOT_LOGGER.trace("Using security domain: " + securityDomain + " for EJB " + ejbComponent.getComponentName());
    }
    final String runAs = securityMetaData.getRunAs();
    // TODO - We should do something with DeclaredRoles although it never has much meaning in JBoss AS
    final String runAsPrincipal = securityMetaData.getRunAsPrincipal();
    final SecurityRolesMetaData securityRoles = securityMetaData.getSecurityRoles();
    Set<String> extraRoles = null;
    Map<String, Set<String>> principalVsRolesMap = null;
    if (securityRoles != null) {
        principalVsRolesMap = securityRoles.getPrincipalVersusRolesMap();
        if (runAsPrincipal != null)
            extraRoles = securityRoles.getSecurityRoleNamesByPrincipal(runAsPrincipal);
    }
    SecurityContextInterceptorHolder holder = new SecurityContextInterceptorHolder();
    holder.setSecurityManager(securityManager).setSecurityDomain(securityDomain).setRunAs(runAs).setRunAsPrincipal(runAsPrincipal).setPolicyContextID(this.policyContextID).setExtraRoles(extraRoles).setPrincipalVsRolesMap(principalVsRolesMap).setSkipAuthentication(securityRequired == false);
    return new SecurityContextInterceptor(holder);
}
Also used : Set(java.util.Set) SecurityRolesMetaData(org.jboss.metadata.javaee.spec.SecurityRolesMetaData) ServerSecurityManager(org.jboss.as.core.security.ServerSecurityManager) EJBComponent(org.jboss.as.ejb3.component.EJBComponent) SimpleSecurityManager(org.jboss.as.security.service.SimpleSecurityManager)

Aggregations

Set (java.util.Set)2 EJBComponent (org.jboss.as.ejb3.component.EJBComponent)2 Method (java.lang.reflect.Method)1 ServerSecurityManager (org.jboss.as.core.security.ServerSecurityManager)1 ViewDescription (org.jboss.as.ee.component.ViewDescription)1 EJBComponentDescription (org.jboss.as.ejb3.component.EJBComponentDescription)1 EJBViewDescription (org.jboss.as.ejb3.component.EJBViewDescription)1 SessionBeanComponentDescription (org.jboss.as.ejb3.component.session.SessionBeanComponentDescription)1 Pool (org.jboss.as.ejb3.pool.Pool)1 EJBSecurityMetaData (org.jboss.as.ejb3.security.EJBSecurityMetaData)1 SimpleSecurityManager (org.jboss.as.security.service.SimpleSecurityManager)1 ModelNode (org.jboss.dmr.ModelNode)1 MethodIdentifier (org.jboss.invocation.proxy.MethodIdentifier)1 SecurityRolesMetaData (org.jboss.metadata.javaee.spec.SecurityRolesMetaData)1 SecurityDomain (org.wildfly.security.auth.server.SecurityDomain)1