Examples with DeploymentReflectionIndex org.jboss.as.server.deployment.reflect.DeploymentReflectionIndex used on opensource projects

Example 6 with DeploymentReflectionIndex

use of org.jboss.as.server.deployment.reflect.DeploymentReflectionIndex in project wildfly by wildfly.

the class EJBSecurityViewConfigurator method configure.

@Override
public void configure(DeploymentPhaseContext context, ComponentConfiguration componentConfiguration, ViewDescription viewDescription, ViewConfiguration viewConfiguration) throws DeploymentUnitProcessingException {
    if (componentConfiguration.getComponentDescription() instanceof EJBComponentDescription == false) {
        throw EjbLogger.ROOT_LOGGER.invalidEjbComponent(componentConfiguration.getComponentName(), componentConfiguration.getComponentClass());
    }
    final DeploymentUnit deploymentUnit = context.getDeploymentUnit();
    final EJBComponentDescription ejbComponentDescription = (EJBComponentDescription) componentConfiguration.getComponentDescription();
    final boolean isSecurityDomainKnown = ejbComponentDescription.isSecurityDomainKnown();
    if ((!deploymentUnit.hasAttachment(SecurityAttachments.SECURITY_ENABLED)) && (!isSecurityDomainKnown)) {
        // the security subsystem is not present and Elytron is not being used for security, we don't apply any security settings
        return;
    }
    final DeploymentReflectionIndex deploymentReflectionIndex = deploymentUnit.getAttachment(org.jboss.as.server.deployment.Attachments.REFLECTION_INDEX);
    // In such cases, we do *not* apply any security interceptors
    if (ejbComponentDescription.getSecurityDomain() == null || ejbComponentDescription.getSecurityDomain().isEmpty()) {
        if (ROOT_LOGGER.isDebugEnabled()) {
            ROOT_LOGGER.debug("Security is *not* enabled on EJB: " + ejbComponentDescription.getEJBName() + ", since no explicit security domain is configured for the bean, nor is there any default security domain configured in the EJB3 subsystem");
        }
        return;
    }
    final String viewClassName = viewDescription.getViewClassName();
    final EJBViewDescription ejbViewDescription = (EJBViewDescription) viewDescription;
    // setup the JACC contextID.
    String contextID = deploymentUnit.getName();
    if (deploymentUnit.getParent() != null) {
        contextID = deploymentUnit.getParent().getName() + "!" + contextID;
    }
    final EJBViewMethodSecurityAttributesService.Builder viewMethodSecurityAttributesServiceBuilder;
    final ServiceName viewMethodSecurityAttributesServiceName;
    // for both these views. So here we skip the @WebService view if the bean also has a @LocalBean (no-interface) view and let the EJBViewMethodSecurityAttributesService be built when the no-interface view is processed
    if (ejbComponentDescription instanceof SessionBeanComponentDescription && MethodIntf.SERVICE_ENDPOINT == ejbViewDescription.getMethodIntf() && ((SessionBeanComponentDescription) ejbComponentDescription).hasNoInterfaceView()) {
        viewMethodSecurityAttributesServiceBuilder = null;
        viewMethodSecurityAttributesServiceName = null;
    } else {
        viewMethodSecurityAttributesServiceBuilder = new EJBViewMethodSecurityAttributesService.Builder();
        viewMethodSecurityAttributesServiceName = EJBViewMethodSecurityAttributesService.getServiceName(ejbComponentDescription.getApplicationName(), ejbComponentDescription.getModuleName(), ejbComponentDescription.getEJBName(), viewClassName);
    }
    // setup the method specific security interceptor(s)
    boolean beanHasMethodLevelSecurityMetadata = false;
    final List<Method> viewMethods = viewConfiguration.getProxyFactory().getCachedMethods();
    final List<Method> methodsWithoutExplicitSecurityConfiguration = new ArrayList<Method>();
    for (final Method viewMethod : viewMethods) {
        // TODO: proxy factory exposes non-public methods, is this a bug in the no-interface view?
        if (!Modifier.isPublic(viewMethod.getModifiers())) {
            continue;
        }
        if (viewMethod.getDeclaringClass() == WriteReplaceInterface.class) {
            continue;
        }
        // setup the authorization interceptor
        final ApplicableMethodInformation<EJBMethodSecurityAttribute> permissions = ejbComponentDescription.getDescriptorMethodPermissions();
        boolean methodHasSecurityMetadata = handlePermissions(contextID, componentConfiguration, viewConfiguration, deploymentReflectionIndex, viewClassName, ejbViewDescription, viewMethod, permissions, false, viewMethodSecurityAttributesServiceBuilder, ejbComponentDescription);
        if (!methodHasSecurityMetadata) {
            //if it was not handled by the descriptor processor we look for annotation basic info
            methodHasSecurityMetadata = handlePermissions(contextID, componentConfiguration, viewConfiguration, deploymentReflectionIndex, viewClassName, ejbViewDescription, viewMethod, ejbComponentDescription.getAnnotationMethodPermissions(), true, viewMethodSecurityAttributesServiceBuilder, ejbComponentDescription);
        }
        // if any method has security metadata then the bean has method level security metadata
        if (methodHasSecurityMetadata) {
            beanHasMethodLevelSecurityMetadata = true;
        } else {
            // make a note that this method didn't have any explicit method permissions configured
            methodsWithoutExplicitSecurityConfiguration.add(viewMethod);
        }
    }
    final boolean securityRequired = beanHasMethodLevelSecurityMetadata || ejbComponentDescription.hasBeanLevelSecurityMetadata();
    // setup the security context interceptor
    if (isSecurityDomainKnown) {
        final HashMap<Integer, InterceptorFactory> elytronInterceptorFactories = ejbComponentDescription.getElytronInterceptorFactories(contextID, ejbComponentDescription.isEnableJacc());
        elytronInterceptorFactories.forEach((priority, elytronInterceptorFactory) -> viewConfiguration.addViewInterceptor(elytronInterceptorFactory, priority));
    } else {
        viewConfiguration.addViewInterceptor(new SecurityContextInterceptorFactory(securityRequired, true, contextID), InterceptorOrder.View.SECURITY_CONTEXT);
    }
    // now add the authorization interceptor if the bean has *any* security metadata applicable
    if (securityRequired) {
        // check the missing-method-permissions-deny-access configuration and add the authorization interceptor
        // to methods which don't have explicit method permissions.
        // (@see http://anil-identity.blogspot.in/2010/02/tip-interpretation-of-missing-ejb.html for details)
        final Boolean denyAccessToMethodsMissingPermissions = ((EJBComponentDescription) componentConfiguration.getComponentDescription()).isMissingMethodPermissionsDeniedAccess();
        // default to "deny access"
        if (denyAccessToMethodsMissingPermissions != Boolean.FALSE) {
            for (final Method viewMethod : methodsWithoutExplicitSecurityConfiguration) {
                if (viewMethodSecurityAttributesServiceBuilder != null) {
                    // build the EJBViewMethodSecurityAttributesService to expose these security attributes to other components like WS (@see https://issues.jboss.org/browse/WFLY-308)
                    viewMethodSecurityAttributesServiceBuilder.addMethodSecurityMetadata(viewMethod, EJBMethodSecurityAttribute.denyAll());
                }
                // "deny access" implies we need the authorization interceptor to be added so that it can nuke the invocation
                if (isSecurityDomainKnown) {
                    viewConfiguration.addViewInterceptor(viewMethod, new ImmediateInterceptorFactory(RolesAllowedInterceptor.DENY_ALL), InterceptorOrder.View.EJB_SECURITY_AUTHORIZATION_INTERCEPTOR);
                } else {
                    final Interceptor authorizationInterceptor = new AuthorizationInterceptor(EJBMethodSecurityAttribute.denyAll(), viewClassName, viewMethod, contextID);
                    viewConfiguration.addViewInterceptor(viewMethod, new ImmediateInterceptorFactory(authorizationInterceptor), InterceptorOrder.View.EJB_SECURITY_AUTHORIZATION_INTERCEPTOR);
                }
            }
        }
    }
    if (viewMethodSecurityAttributesServiceBuilder != null) {
        final EJBViewMethodSecurityAttributesService viewMethodSecurityAttributesService = viewMethodSecurityAttributesServiceBuilder.build();
        context.getServiceTarget().addService(viewMethodSecurityAttributesServiceName, viewMethodSecurityAttributesService).install();
    }
}

Example 7 with DeploymentReflectionIndex

use of org.jboss.as.server.deployment.reflect.DeploymentReflectionIndex in project wildfly by wildfly.

the class SessionSynchronizationMergingProcessor method handleDeploymentDescriptor.

@Override
protected void handleDeploymentDescriptor(final DeploymentUnit deploymentUnit, final DeploymentReflectionIndex deploymentReflectionIndex, final Class<?> componentClass, final StatefulComponentDescription description) throws DeploymentUnitProcessingException {
    final DeploymentReflectionIndex reflectionIndex = deploymentUnit.getAttachment(Attachments.REFLECTION_INDEX);
    //if we implement SessionSynchronization we can ignore any DD information
    if (SessionSynchronization.class.isAssignableFrom(componentClass)) {
        final ClassReflectionIndex classIndex = reflectionIndex.getClassIndex(SessionSynchronization.class);
        description.setAfterBegin(classIndex.getMethod(void.class, "afterBegin"));
        description.setAfterCompletion(classIndex.getMethod(void.class, "afterCompletion", boolean.class));
        description.setBeforeCompletion(classIndex.getMethod(void.class, "beforeCompletion"));
        return;
    }
    SessionBeanMetaData data = description.getDescriptorData();
    if (data instanceof SessionBean31MetaData) {
        SessionBean31MetaData metaData = (SessionBean31MetaData) data;
        if (metaData.getAfterBeginMethod() != null)
            description.setAfterBegin(MethodResolutionUtils.resolveMethod(metaData.getAfterBeginMethod(), componentClass, reflectionIndex));
        if (metaData.getAfterCompletionMethod() != null)
            description.setAfterCompletion(MethodResolutionUtils.resolveMethod(metaData.getAfterCompletionMethod(), componentClass, reflectionIndex));
        if (metaData.getBeforeCompletionMethod() != null)
            description.setBeforeCompletion(MethodResolutionUtils.resolveMethod(metaData.getBeforeCompletionMethod(), componentClass, reflectionIndex));
    }
}

Example 8 with DeploymentReflectionIndex

use of org.jboss.as.server.deployment.reflect.DeploymentReflectionIndex in project wildfly by wildfly.

the class DataSourceDefinitionInjectionSource method getResourceValue.

public void getResourceValue(final ResolutionContext context, final ServiceBuilder<?> serviceBuilder, final DeploymentPhaseContext phaseContext, final Injector<ManagedReferenceFactory> injector) throws DeploymentUnitProcessingException {
    final DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
    final Module module = deploymentUnit.getAttachment(org.jboss.as.server.deployment.Attachments.MODULE);
    final EEModuleDescription eeModuleDescription = deploymentUnit.getAttachment(Attachments.EE_MODULE_DESCRIPTION);
    final String poolName = uniqueName(context, jndiName);
    final ContextNames.BindInfo bindInfo = ContextNames.bindInfoForEnvEntry(context.getApplicationName(), context.getModuleName(), context.getComponentName(), !context.isCompUsesModule(), jndiName);
    final DeploymentReflectionIndex reflectionIndex = deploymentUnit.getAttachment(org.jboss.as.server.deployment.Attachments.REFLECTION_INDEX);
    try {
        final Class<?> clazz = module.getClassLoader().loadClass(className);
        clearUnknownProperties(reflectionIndex, clazz, properties);
        populateProperties(reflectionIndex, clazz, properties);
        DsSecurityImpl dsSecurity = new DsSecurityImpl(user, password, null, false, null, null);
        if (XADataSource.class.isAssignableFrom(clazz) && transactional) {
            final DsXaPoolImpl xaPool = new DsXaPoolImpl(minPoolSize < 0 ? Defaults.MIN_POOL_SIZE : Integer.valueOf(minPoolSize), initialPoolSize < 0 ? Defaults.INITIAL_POOL_SIZE : Integer.valueOf(initialPoolSize), maxPoolSize < 1 ? Defaults.MAX_POOL_SIZE : Integer.valueOf(maxPoolSize), Defaults.PREFILL, Defaults.USE_STRICT_MIN, Defaults.FLUSH_STRATEGY, Defaults.IS_SAME_RM_OVERRIDE, Defaults.INTERLEAVING, Defaults.PAD_XID, Defaults.WRAP_XA_RESOURCE, Defaults.NO_TX_SEPARATE_POOL, Boolean.FALSE, null, Defaults.FAIR, null);
            final ModifiableXaDataSource dataSource = new ModifiableXaDataSource(transactionIsolation(), null, dsSecurity, null, null, null, null, null, null, poolName, true, jndiName, false, false, Defaults.CONNECTABLE, Defaults.TRACKING, Defaults.MCP, Defaults.ENLISTMENT_TRACE, properties, className, null, null, xaPool, null);
            final XaDataSourceService xds = new XaDataSourceService(bindInfo.getBinderServiceName().getCanonicalName(), bindInfo, module.getClassLoader());
            xds.getDataSourceConfigInjector().inject(dataSource);
            startDataSource(xds, bindInfo, eeModuleDescription, context, phaseContext.getServiceTarget(), serviceBuilder, injector);
        } else {
            final DsPoolImpl commonPool = new DsPoolImpl(minPoolSize < 0 ? Defaults.MIN_POOL_SIZE : Integer.valueOf(minPoolSize), initialPoolSize < 0 ? Defaults.INITIAL_POOL_SIZE : Integer.valueOf(initialPoolSize), maxPoolSize < 1 ? Defaults.MAX_POOL_SIZE : Integer.valueOf(maxPoolSize), Defaults.PREFILL, Defaults.USE_STRICT_MIN, Defaults.FLUSH_STRATEGY, Boolean.FALSE, null, Defaults.FAIR, null);
            final ModifiableDataSource dataSource = new ModifiableDataSource(url, null, className, null, transactionIsolation(), properties, null, dsSecurity, null, null, null, null, null, false, poolName, true, jndiName, Defaults.SPY, Defaults.USE_CCM, transactional, Defaults.CONNECTABLE, Defaults.TRACKING, Defaults.MCP, Defaults.ENLISTMENT_TRACE, commonPool);
            final LocalDataSourceService ds = new LocalDataSourceService(bindInfo.getBinderServiceName().getCanonicalName(), bindInfo, module.getClassLoader());
            ds.getDataSourceConfigInjector().inject(dataSource);
            startDataSource(ds, bindInfo, eeModuleDescription, context, phaseContext.getServiceTarget(), serviceBuilder, injector);
        }
    } catch (Exception e) {
        throw new DeploymentUnitProcessingException(e);
    }
}

Example 9 with DeploymentReflectionIndex

use of org.jboss.as.server.deployment.reflect.DeploymentReflectionIndex in project wildfly by wildfly.

the class InterceptorAnnotationProcessor method deploy.

@Override
public void deploy(final DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
    final DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
    final EEModuleDescription eeModuleDescription = deploymentUnit.getAttachment(Attachments.EE_MODULE_DESCRIPTION);
    final Collection<ComponentDescription> componentConfigurations = eeModuleDescription.getComponentDescriptions();
    final DeploymentReflectionIndex deploymentReflectionIndex = deploymentUnit.getAttachment(org.jboss.as.server.deployment.Attachments.REFLECTION_INDEX);
    final EEApplicationClasses applicationClasses = deploymentUnit.getAttachment(Attachments.EE_APPLICATION_CLASSES_DESCRIPTION);
    if (MetadataCompleteMarker.isMetadataComplete(deploymentUnit)) {
        return;
    }
    if (componentConfigurations == null || componentConfigurations.isEmpty()) {
        return;
    }
    for (final ComponentDescription description : componentConfigurations) {
        processComponentConfig(applicationClasses, deploymentReflectionIndex, description, deploymentUnit);
    }
}

Example 10 with DeploymentReflectionIndex

use of org.jboss.as.server.deployment.reflect.DeploymentReflectionIndex in project wildfly by wildfly.

the class EEModuleConfigurationProcessor method deploy.

public void deploy(DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
    final DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
    final EEModuleDescription moduleDescription = deploymentUnit.getAttachment(Attachments.EE_MODULE_DESCRIPTION);
    final Module module = deploymentUnit.getAttachment(org.jboss.as.server.deployment.Attachments.MODULE);
    final DeploymentReflectionIndex reflectionIndex = deploymentUnit.getAttachment(org.jboss.as.server.deployment.Attachments.REFLECTION_INDEX);
    if (module == null || moduleDescription == null) {
        return;
    }
    final int startupBeansCount = moduleDescription.getStartupBeansCount();
    if (deploymentUnit.getParent() == null) {
        deploymentUnit.putAttachment(Attachments.STARTUP_COUNTDOWN, new StartupCountdown(startupBeansCount));
    } else {
        final StartupCountdown countdown = deploymentUnit.getParent().getAttachment(Attachments.STARTUP_COUNTDOWN);
        // copy ref to child deployment
        deploymentUnit.putAttachment(Attachments.STARTUP_COUNTDOWN, countdown);
        countdown.countUp(startupBeansCount);
    }
    final Set<ServiceName> failed = new HashSet<ServiceName>();
    final EEModuleConfiguration moduleConfiguration = new EEModuleConfiguration(moduleDescription);
    deploymentUnit.putAttachment(Attachments.EE_MODULE_CONFIGURATION, moduleConfiguration);
    final ClassLoader oldCl = WildFlySecurityManager.getCurrentContextClassLoaderPrivileged();
    try {
        WildFlySecurityManager.setCurrentContextClassLoaderPrivileged(module.getClassLoader());
        final Iterator<ComponentDescription> iterator = moduleDescription.getComponentDescriptions().iterator();
        while (iterator.hasNext()) {
            final ComponentDescription componentDescription = iterator.next();
            ROOT_LOGGER.debugf("Configuring component class: %s named %s", componentDescription.getComponentClassName(), componentDescription.getComponentName());
            final ComponentConfiguration componentConfiguration;
            try {
                componentConfiguration = componentDescription.createConfiguration(reflectionIndex.getClassIndex(ClassLoadingUtils.loadClass(componentDescription.getComponentClassName(), module)), module.getClassLoader(), module.getModuleLoader());
                for (final ComponentConfigurator componentConfigurator : componentDescription.getConfigurators()) {
                    componentConfigurator.configure(phaseContext, componentDescription, componentConfiguration);
                }
                moduleConfiguration.addComponentConfiguration(componentConfiguration);
            } catch (Exception e) {
                if (componentDescription.isOptional()) {
                    // https://issues.jboss.org/browse/WFLY-924 Just log a WARN summary of which component failed and then log the cause at DEBUG level
                    ROOT_LOGGER.componentInstallationFailure(componentDescription.getComponentName());
                    ROOT_LOGGER.debugf(e, "Not installing optional component %s due to an exception", componentDescription.getComponentName());
                    // keep track of failed optional components
                    failed.add(componentDescription.getStartServiceName());
                    failed.add(componentDescription.getCreateServiceName());
                    failed.add(componentDescription.getServiceName());
                    iterator.remove();
                } else {
                    throw EeLogger.ROOT_LOGGER.cannotConfigureComponent(e, componentDescription.getComponentName());
                }
            }
        }
        deploymentUnit.putAttachment(Attachments.FAILED_COMPONENTS, Collections.synchronizedSet(failed));
    } finally {
        WildFlySecurityManager.setCurrentContextClassLoaderPrivileged(oldCl);
    }
}