Search in sources :

Example 1 with SecurityRoleMetaData

use of org.jboss.metadata.javaee.spec.SecurityRoleMetaData in project wildfly by wildfly.

the class AbstractSecurityMetaDataAccessorEJB method getSecurityRoles.

public SecurityRolesMetaData getSecurityRoles(final Deployment dep) {
    final SecurityRolesMetaData securityRolesMD = new SecurityRolesMetaData();
    Set<String> firstEndpointDeclaredSecurityRoles = null;
    for (final EJBEndpoint ejbEndpoint : getEjbEndpoints(dep)) {
        final Set<String> declaredSecurityRoles = ejbEndpoint.getDeclaredSecurityRoles();
        if (firstEndpointDeclaredSecurityRoles == null) {
            firstEndpointDeclaredSecurityRoles = declaredSecurityRoles;
        } else if (!firstEndpointDeclaredSecurityRoles.equals(declaredSecurityRoles)) {
            WSLogger.ROOT_LOGGER.multipleEndpointsWithDifferentDeclaredSecurityRoles();
        }
        //union of declared security roles from all endpoints...
        for (final String roleName : declaredSecurityRoles) {
            final SecurityRoleMetaData securityRoleMD = new SecurityRoleMetaData();
            securityRoleMD.setRoleName(roleName);
            securityRolesMD.add(securityRoleMD);
        }
    }
    return securityRolesMD;
}
Also used : SecurityRoleMetaData(org.jboss.metadata.javaee.spec.SecurityRoleMetaData) EJBEndpoint(org.jboss.as.webservices.metadata.model.EJBEndpoint) SecurityRolesMetaData(org.jboss.metadata.javaee.spec.SecurityRolesMetaData)

Example 2 with SecurityRoleMetaData

use of org.jboss.metadata.javaee.spec.SecurityRoleMetaData in project wildfly by wildfly.

the class SecurityRoleMetaDataParser method parse.

@Override
public SecurityRoleMetaData parse(XMLStreamReader reader, final PropertyReplacer propertyReplacer) throws XMLStreamException {
    SecurityRoleMetaData metaData = new SecurityRoleMetaData();
    processElements(metaData, reader, propertyReplacer);
    return metaData;
}
Also used : SecurityRoleMetaData(org.jboss.metadata.javaee.spec.SecurityRoleMetaData)

Example 3 with SecurityRoleMetaData

use of org.jboss.metadata.javaee.spec.SecurityRoleMetaData in project wildfly by wildfly.

the class SecurityRolesMergingProcessor method handleDeploymentDescriptor.

@Override
protected void handleDeploymentDescriptor(DeploymentUnit deploymentUnit, DeploymentReflectionIndex deploymentReflectionIndex, Class<?> componentClass, EJBComponentDescription ejbComponentDescription) throws DeploymentUnitProcessingException {
    final SecurityRolesMetaData roleMappings = new SecurityRolesMetaData();
    final EjbJarMetaData ejbJarMetaData = deploymentUnit.getAttachment(EjbDeploymentAttachmentKeys.EJB_JAR_METADATA);
    if (ejbJarMetaData != null) {
        final AssemblyDescriptorMetaData assemblyDescriptorMetaData = ejbJarMetaData.getAssemblyDescriptor();
        if (assemblyDescriptorMetaData != null) {
            // get the mapping between principal to rolename, defined in the assembly descriptor
            final List<SecurityRoleMetaData> securityRoleMetaDatas = assemblyDescriptorMetaData.getAny(SecurityRoleMetaData.class);
            if (securityRoleMetaDatas != null) {
                for (SecurityRoleMetaData securityRoleMetaData : securityRoleMetaDatas) {
                    roleMappings.add(securityRoleMetaData);
                }
            }
        }
    }
    //Let us look at the ear metadata also
    DeploymentUnit parent = deploymentUnit.getParent();
    if (parent != null) {
        final EarMetaData earMetaData = parent.getAttachment(Attachments.EAR_METADATA);
        if (earMetaData != null) {
            SecurityRolesMetaData earSecurityRolesMetaData = earMetaData.getSecurityRoles();
            SecurityRolesMetaDataMerger.merge(roleMappings, roleMappings, earSecurityRolesMetaData);
        }
    }
    // add it to the EJB component description
    ejbComponentDescription.setSecurityRoles(roleMappings);
}
Also used : SecurityRoleMetaData(org.jboss.metadata.javaee.spec.SecurityRoleMetaData) EjbJarMetaData(org.jboss.metadata.ejb.spec.EjbJarMetaData) SecurityRolesMetaData(org.jboss.metadata.javaee.spec.SecurityRolesMetaData) AssemblyDescriptorMetaData(org.jboss.metadata.ejb.spec.AssemblyDescriptorMetaData) DeploymentUnit(org.jboss.as.server.deployment.DeploymentUnit) EarMetaData(org.jboss.metadata.ear.spec.EarMetaData)

Example 4 with SecurityRoleMetaData

use of org.jboss.metadata.javaee.spec.SecurityRoleMetaData in project wildfly by wildfly.

the class WarAnnotationDeploymentProcessor method processAnnotations.

/**
     * Process a single index.
     *
     * @param index the annotation index
     *
     * @throws DeploymentUnitProcessingException
     */
protected WebMetaData processAnnotations(Index index) throws DeploymentUnitProcessingException {
    Web30MetaData metaData = new Web30MetaData();
    // @WebServlet
    final List<AnnotationInstance> webServletAnnotations = index.getAnnotations(webServlet);
    if (webServletAnnotations != null && webServletAnnotations.size() > 0) {
        ServletsMetaData servlets = new ServletsMetaData();
        List<ServletMappingMetaData> servletMappings = new ArrayList<ServletMappingMetaData>();
        for (final AnnotationInstance annotation : webServletAnnotations) {
            ServletMetaData servlet = new ServletMetaData();
            AnnotationTarget target = annotation.target();
            if (!(target instanceof ClassInfo)) {
                throw new DeploymentUnitProcessingException(UndertowLogger.ROOT_LOGGER.invalidWebServletAnnotation(target));
            }
            ClassInfo classInfo = ClassInfo.class.cast(target);
            servlet.setServletClass(classInfo.toString());
            AnnotationValue nameValue = annotation.value("name");
            if (nameValue == null || nameValue.asString().isEmpty()) {
                servlet.setName(classInfo.toString());
            } else {
                servlet.setName(nameValue.asString());
            }
            AnnotationValue loadOnStartup = annotation.value("loadOnStartup");
            if (loadOnStartup != null && loadOnStartup.asInt() >= 0) {
                servlet.setLoadOnStartupInt(loadOnStartup.asInt());
            }
            AnnotationValue asyncSupported = annotation.value("asyncSupported");
            if (asyncSupported != null) {
                servlet.setAsyncSupported(asyncSupported.asBoolean());
            }
            AnnotationValue initParamsValue = annotation.value("initParams");
            if (initParamsValue != null) {
                AnnotationInstance[] initParamsAnnotations = initParamsValue.asNestedArray();
                if (initParamsAnnotations != null && initParamsAnnotations.length > 0) {
                    List<ParamValueMetaData> initParams = new ArrayList<ParamValueMetaData>();
                    for (AnnotationInstance initParamsAnnotation : initParamsAnnotations) {
                        ParamValueMetaData initParam = new ParamValueMetaData();
                        AnnotationValue initParamName = initParamsAnnotation.value("name");
                        AnnotationValue initParamValue = initParamsAnnotation.value();
                        if (initParamName == null || initParamValue == null) {
                            throw new DeploymentUnitProcessingException(UndertowLogger.ROOT_LOGGER.invalidWebInitParamAnnotation(target));
                        }
                        AnnotationValue initParamDescription = initParamsAnnotation.value("description");
                        initParam.setParamName(initParamName.asString());
                        initParam.setParamValue(initParamValue.asString());
                        if (initParamDescription != null) {
                            Descriptions descriptions = getDescription(initParamDescription.asString());
                            if (descriptions != null) {
                                initParam.setDescriptions(descriptions);
                            }
                        }
                        initParams.add(initParam);
                    }
                    servlet.setInitParam(initParams);
                }
            }
            AnnotationValue descriptionValue = annotation.value("description");
            AnnotationValue displayNameValue = annotation.value("displayName");
            AnnotationValue smallIconValue = annotation.value("smallIcon");
            AnnotationValue largeIconValue = annotation.value("largeIcon");
            DescriptionGroupMetaData descriptionGroup = getDescriptionGroup((descriptionValue == null) ? "" : descriptionValue.asString(), (displayNameValue == null) ? "" : displayNameValue.asString(), (smallIconValue == null) ? "" : smallIconValue.asString(), (largeIconValue == null) ? "" : largeIconValue.asString());
            if (descriptionGroup != null) {
                servlet.setDescriptionGroup(descriptionGroup);
            }
            ServletMappingMetaData servletMapping = new ServletMappingMetaData();
            servletMapping.setServletName(servlet.getName());
            List<String> urlPatterns = new ArrayList<String>();
            AnnotationValue urlPatternsValue = annotation.value("urlPatterns");
            if (urlPatternsValue != null) {
                for (String urlPattern : urlPatternsValue.asStringArray()) {
                    urlPatterns.add(urlPattern);
                }
            }
            urlPatternsValue = annotation.value();
            if (urlPatternsValue != null) {
                for (String urlPattern : urlPatternsValue.asStringArray()) {
                    urlPatterns.add(urlPattern);
                }
            }
            if (urlPatterns.size() > 0) {
                servletMapping.setUrlPatterns(urlPatterns);
                servletMappings.add(servletMapping);
            }
            servlets.add(servlet);
        }
        metaData.setServlets(servlets);
        metaData.setServletMappings(servletMappings);
    }
    // @WebFilter
    final List<AnnotationInstance> webFilterAnnotations = index.getAnnotations(webFilter);
    if (webFilterAnnotations != null && webFilterAnnotations.size() > 0) {
        FiltersMetaData filters = new FiltersMetaData();
        List<FilterMappingMetaData> filterMappings = new ArrayList<FilterMappingMetaData>();
        for (final AnnotationInstance annotation : webFilterAnnotations) {
            FilterMetaData filter = new FilterMetaData();
            AnnotationTarget target = annotation.target();
            if (!(target instanceof ClassInfo)) {
                throw new DeploymentUnitProcessingException(UndertowLogger.ROOT_LOGGER.invalidWebFilterAnnotation(target));
            }
            ClassInfo classInfo = ClassInfo.class.cast(target);
            filter.setFilterClass(classInfo.toString());
            AnnotationValue nameValue = annotation.value("filterName");
            if (nameValue == null || nameValue.asString().isEmpty()) {
                filter.setName(classInfo.toString());
            } else {
                filter.setName(nameValue.asString());
            }
            AnnotationValue asyncSupported = annotation.value("asyncSupported");
            if (asyncSupported != null) {
                filter.setAsyncSupported(asyncSupported.asBoolean());
            }
            AnnotationValue initParamsValue = annotation.value("initParams");
            if (initParamsValue != null) {
                AnnotationInstance[] initParamsAnnotations = initParamsValue.asNestedArray();
                if (initParamsAnnotations != null && initParamsAnnotations.length > 0) {
                    List<ParamValueMetaData> initParams = new ArrayList<ParamValueMetaData>();
                    for (AnnotationInstance initParamsAnnotation : initParamsAnnotations) {
                        ParamValueMetaData initParam = new ParamValueMetaData();
                        AnnotationValue initParamName = initParamsAnnotation.value("name");
                        AnnotationValue initParamValue = initParamsAnnotation.value();
                        if (initParamName == null || initParamValue == null) {
                            throw new DeploymentUnitProcessingException(UndertowLogger.ROOT_LOGGER.invalidWebInitParamAnnotation(target));
                        }
                        AnnotationValue initParamDescription = initParamsAnnotation.value("description");
                        initParam.setParamName(initParamName.asString());
                        initParam.setParamValue(initParamValue.asString());
                        if (initParamDescription != null) {
                            Descriptions descriptions = getDescription(initParamDescription.asString());
                            if (descriptions != null) {
                                initParam.setDescriptions(descriptions);
                            }
                        }
                        initParams.add(initParam);
                    }
                    filter.setInitParam(initParams);
                }
            }
            AnnotationValue descriptionValue = annotation.value("description");
            AnnotationValue displayNameValue = annotation.value("displayName");
            AnnotationValue smallIconValue = annotation.value("smallIcon");
            AnnotationValue largeIconValue = annotation.value("largeIcon");
            DescriptionGroupMetaData descriptionGroup = getDescriptionGroup((descriptionValue == null) ? "" : descriptionValue.asString(), (displayNameValue == null) ? "" : displayNameValue.asString(), (smallIconValue == null) ? "" : smallIconValue.asString(), (largeIconValue == null) ? "" : largeIconValue.asString());
            if (descriptionGroup != null) {
                filter.setDescriptionGroup(descriptionGroup);
            }
            filters.add(filter);
            FilterMappingMetaData filterMapping = new FilterMappingMetaData();
            filterMapping.setFilterName(filter.getName());
            List<String> urlPatterns = new ArrayList<String>();
            List<String> servletNames = new ArrayList<String>();
            List<DispatcherType> dispatchers = new ArrayList<DispatcherType>();
            AnnotationValue urlPatternsValue = annotation.value("urlPatterns");
            if (urlPatternsValue != null) {
                for (String urlPattern : urlPatternsValue.asStringArray()) {
                    urlPatterns.add(urlPattern);
                }
            }
            urlPatternsValue = annotation.value();
            if (urlPatternsValue != null) {
                for (String urlPattern : urlPatternsValue.asStringArray()) {
                    urlPatterns.add(urlPattern);
                }
            }
            if (urlPatterns.size() > 0) {
                filterMapping.setUrlPatterns(urlPatterns);
            }
            AnnotationValue servletNamesValue = annotation.value("servletNames");
            if (servletNamesValue != null) {
                for (String servletName : servletNamesValue.asStringArray()) {
                    servletNames.add(servletName);
                }
            }
            if (servletNames.size() > 0) {
                filterMapping.setServletNames(servletNames);
            }
            AnnotationValue dispatcherTypesValue = annotation.value("dispatcherTypes");
            if (dispatcherTypesValue != null) {
                for (String dispatcherValue : dispatcherTypesValue.asEnumArray()) {
                    dispatchers.add(DispatcherType.valueOf(dispatcherValue));
                }
            }
            if (dispatchers.size() > 0) {
                filterMapping.setDispatchers(dispatchers);
            }
            if (urlPatterns.size() > 0 || servletNames.size() > 0) {
                filterMappings.add(filterMapping);
            }
        }
        metaData.setFilters(filters);
        metaData.setFilterMappings(filterMappings);
    }
    // @WebListener
    final List<AnnotationInstance> webListenerAnnotations = index.getAnnotations(webListener);
    if (webListenerAnnotations != null && webListenerAnnotations.size() > 0) {
        List<ListenerMetaData> listeners = new ArrayList<ListenerMetaData>();
        for (final AnnotationInstance annotation : webListenerAnnotations) {
            ListenerMetaData listener = new ListenerMetaData();
            AnnotationTarget target = annotation.target();
            if (!(target instanceof ClassInfo)) {
                throw new DeploymentUnitProcessingException(UndertowLogger.ROOT_LOGGER.invalidWebListenerAnnotation(target));
            }
            ClassInfo classInfo = ClassInfo.class.cast(target);
            listener.setListenerClass(classInfo.toString());
            AnnotationValue descriptionValue = annotation.value();
            if (descriptionValue != null) {
                DescriptionGroupMetaData descriptionGroup = getDescriptionGroup(descriptionValue.asString());
                if (descriptionGroup != null) {
                    listener.setDescriptionGroup(descriptionGroup);
                }
            }
            listeners.add(listener);
        }
        metaData.setListeners(listeners);
    }
    // @RunAs
    final List<AnnotationInstance> runAsAnnotations = index.getAnnotations(runAs);
    if (runAsAnnotations != null && runAsAnnotations.size() > 0) {
        AnnotationsMetaData annotations = metaData.getAnnotations();
        if (annotations == null) {
            annotations = new AnnotationsMetaData();
            metaData.setAnnotations(annotations);
        }
        for (final AnnotationInstance annotation : runAsAnnotations) {
            AnnotationTarget target = annotation.target();
            if (!(target instanceof ClassInfo)) {
                continue;
            }
            ClassInfo classInfo = ClassInfo.class.cast(target);
            AnnotationMetaData annotationMD = annotations.get(classInfo.toString());
            if (annotationMD == null) {
                annotationMD = new AnnotationMetaData();
                annotationMD.setClassName(classInfo.toString());
                annotations.add(annotationMD);
            }
            if (annotation.value() == null) {
                throw new DeploymentUnitProcessingException(UndertowLogger.ROOT_LOGGER.invalidRunAsAnnotation(target));
            }
            RunAsMetaData runAs = new RunAsMetaData();
            runAs.setRoleName(annotation.value().asString());
            annotationMD.setRunAs(runAs);
        }
    }
    // @DeclareRoles
    final List<AnnotationInstance> declareRolesAnnotations = index.getAnnotations(declareRoles);
    if (declareRolesAnnotations != null && declareRolesAnnotations.size() > 0) {
        SecurityRolesMetaData securityRoles = metaData.getSecurityRoles();
        if (securityRoles == null) {
            securityRoles = new SecurityRolesMetaData();
            metaData.setSecurityRoles(securityRoles);
        }
        for (final AnnotationInstance annotation : declareRolesAnnotations) {
            if (annotation.value() == null) {
                throw new DeploymentUnitProcessingException(UndertowLogger.ROOT_LOGGER.invalidDeclareRolesAnnotation(annotation.target()));
            }
            for (String role : annotation.value().asStringArray()) {
                SecurityRoleMetaData sr = new SecurityRoleMetaData();
                sr.setRoleName(role);
                securityRoles.add(sr);
            }
        }
    }
    // @MultipartConfig
    final List<AnnotationInstance> multipartConfigAnnotations = index.getAnnotations(multipartConfig);
    if (multipartConfigAnnotations != null && multipartConfigAnnotations.size() > 0) {
        AnnotationsMetaData annotations = metaData.getAnnotations();
        if (annotations == null) {
            annotations = new AnnotationsMetaData();
            metaData.setAnnotations(annotations);
        }
        for (final AnnotationInstance annotation : multipartConfigAnnotations) {
            AnnotationTarget target = annotation.target();
            if (!(target instanceof ClassInfo)) {
                throw new DeploymentUnitProcessingException(UndertowLogger.ROOT_LOGGER.invalidMultipartConfigAnnotation(target));
            }
            ClassInfo classInfo = ClassInfo.class.cast(target);
            AnnotationMetaData annotationMD = annotations.get(classInfo.toString());
            if (annotationMD == null) {
                annotationMD = new AnnotationMetaData();
                annotationMD.setClassName(classInfo.toString());
                annotations.add(annotationMD);
            }
            MultipartConfigMetaData multipartConfig = new MultipartConfigMetaData();
            AnnotationValue locationValue = annotation.value("location");
            if (locationValue != null && locationValue.asString().length() > 0) {
                multipartConfig.setLocation(locationValue.asString());
            }
            AnnotationValue maxFileSizeValue = annotation.value("maxFileSize");
            if (maxFileSizeValue != null && maxFileSizeValue.asLong() != -1L) {
                multipartConfig.setMaxFileSize(maxFileSizeValue.asLong());
            }
            AnnotationValue maxRequestSizeValue = annotation.value("maxRequestSize");
            if (maxRequestSizeValue != null && maxRequestSizeValue.asLong() != -1L) {
                multipartConfig.setMaxRequestSize(maxRequestSizeValue.asLong());
            }
            AnnotationValue fileSizeThresholdValue = annotation.value("fileSizeThreshold");
            if (fileSizeThresholdValue != null && fileSizeThresholdValue.asInt() != 0) {
                multipartConfig.setFileSizeThreshold(fileSizeThresholdValue.asInt());
            }
            annotationMD.setMultipartConfig(multipartConfig);
        }
    }
    // @ServletSecurity
    final List<AnnotationInstance> servletSecurityAnnotations = index.getAnnotations(servletSecurity);
    if (servletSecurityAnnotations != null && servletSecurityAnnotations.size() > 0) {
        AnnotationsMetaData annotations = metaData.getAnnotations();
        if (annotations == null) {
            annotations = new AnnotationsMetaData();
            metaData.setAnnotations(annotations);
        }
        for (final AnnotationInstance annotation : servletSecurityAnnotations) {
            AnnotationTarget target = annotation.target();
            if (!(target instanceof ClassInfo)) {
                throw new DeploymentUnitProcessingException(UndertowLogger.ROOT_LOGGER.invalidServletSecurityAnnotation(target));
            }
            ClassInfo classInfo = ClassInfo.class.cast(target);
            AnnotationMetaData annotationMD = annotations.get(classInfo.toString());
            if (annotationMD == null) {
                annotationMD = new AnnotationMetaData();
                annotationMD.setClassName(classInfo.toString());
                annotations.add(annotationMD);
            }
            ServletSecurityMetaData servletSecurity = new ServletSecurityMetaData();
            AnnotationValue httpConstraintValue = annotation.value();
            List<String> rolesAllowed = new ArrayList<String>();
            if (httpConstraintValue != null) {
                AnnotationInstance httpConstraint = httpConstraintValue.asNested();
                AnnotationValue httpConstraintERSValue = httpConstraint.value();
                if (httpConstraintERSValue != null) {
                    servletSecurity.setEmptyRoleSemantic(EmptyRoleSemanticType.valueOf(httpConstraintERSValue.asEnum()));
                }
                AnnotationValue httpConstraintTGValue = httpConstraint.value("transportGuarantee");
                if (httpConstraintTGValue != null) {
                    servletSecurity.setTransportGuarantee(TransportGuaranteeType.valueOf(httpConstraintTGValue.asEnum()));
                }
                AnnotationValue rolesAllowedValue = httpConstraint.value("rolesAllowed");
                if (rolesAllowedValue != null) {
                    for (String role : rolesAllowedValue.asStringArray()) {
                        rolesAllowed.add(role);
                    }
                }
            }
            servletSecurity.setRolesAllowed(rolesAllowed);
            AnnotationValue httpMethodConstraintsValue = annotation.value("httpMethodConstraints");
            if (httpMethodConstraintsValue != null) {
                AnnotationInstance[] httpMethodConstraints = httpMethodConstraintsValue.asNestedArray();
                if (httpMethodConstraints.length > 0) {
                    List<HttpMethodConstraintMetaData> methodConstraints = new ArrayList<HttpMethodConstraintMetaData>();
                    for (AnnotationInstance httpMethodConstraint : httpMethodConstraints) {
                        HttpMethodConstraintMetaData methodConstraint = new HttpMethodConstraintMetaData();
                        AnnotationValue httpMethodConstraintValue = httpMethodConstraint.value();
                        if (httpMethodConstraintValue != null) {
                            methodConstraint.setMethod(httpMethodConstraintValue.asString());
                        }
                        AnnotationValue httpMethodConstraintERSValue = httpMethodConstraint.value("emptyRoleSemantic");
                        if (httpMethodConstraintERSValue != null) {
                            methodConstraint.setEmptyRoleSemantic(EmptyRoleSemanticType.valueOf(httpMethodConstraintERSValue.asEnum()));
                        }
                        AnnotationValue httpMethodConstraintTGValue = httpMethodConstraint.value("transportGuarantee");
                        if (httpMethodConstraintTGValue != null) {
                            methodConstraint.setTransportGuarantee(TransportGuaranteeType.valueOf(httpMethodConstraintTGValue.asEnum()));
                        }
                        AnnotationValue rolesAllowedValue = httpMethodConstraint.value("rolesAllowed");
                        rolesAllowed = new ArrayList<String>();
                        if (rolesAllowedValue != null) {
                            for (String role : rolesAllowedValue.asStringArray()) {
                                rolesAllowed.add(role);
                            }
                        }
                        methodConstraint.setRolesAllowed(rolesAllowed);
                        methodConstraints.add(methodConstraint);
                    }
                    servletSecurity.setHttpMethodConstraints(methodConstraints);
                }
            }
            annotationMD.setServletSecurity(servletSecurity);
        }
    }
    return metaData;
}
Also used : DeploymentUnitProcessingException(org.jboss.as.server.deployment.DeploymentUnitProcessingException) SecurityRoleMetaData(org.jboss.metadata.javaee.spec.SecurityRoleMetaData) ArrayList(java.util.ArrayList) SecurityRolesMetaData(org.jboss.metadata.javaee.spec.SecurityRolesMetaData) ServletSecurityMetaData(org.jboss.metadata.web.spec.ServletSecurityMetaData) Descriptions(org.jboss.annotation.javaee.Descriptions) ListenerMetaData(org.jboss.metadata.web.spec.ListenerMetaData) MultipartConfigMetaData(org.jboss.metadata.web.spec.MultipartConfigMetaData) Web30MetaData(org.jboss.metadata.web.spec.Web30MetaData) ServletMetaData(org.jboss.metadata.web.spec.ServletMetaData) DispatcherType(org.jboss.metadata.web.spec.DispatcherType) FilterMappingMetaData(org.jboss.metadata.web.spec.FilterMappingMetaData) AnnotationTarget(org.jboss.jandex.AnnotationTarget) ParamValueMetaData(org.jboss.metadata.javaee.spec.ParamValueMetaData) FilterMetaData(org.jboss.metadata.web.spec.FilterMetaData) RunAsMetaData(org.jboss.metadata.javaee.spec.RunAsMetaData) HttpMethodConstraintMetaData(org.jboss.metadata.web.spec.HttpMethodConstraintMetaData) FiltersMetaData(org.jboss.metadata.web.spec.FiltersMetaData) ServletMappingMetaData(org.jboss.metadata.web.spec.ServletMappingMetaData) ServletsMetaData(org.jboss.metadata.web.spec.ServletsMetaData) AnnotationValue(org.jboss.jandex.AnnotationValue) DescriptionGroupMetaData(org.jboss.metadata.javaee.spec.DescriptionGroupMetaData) AnnotationsMetaData(org.jboss.metadata.web.spec.AnnotationsMetaData) AnnotationMetaData(org.jboss.metadata.web.spec.AnnotationMetaData) AnnotationInstance(org.jboss.jandex.AnnotationInstance) ClassInfo(org.jboss.jandex.ClassInfo)

Example 5 with SecurityRoleMetaData

use of org.jboss.metadata.javaee.spec.SecurityRoleMetaData in project wildfly by wildfly.

the class WSIntegrationProcessorJAXWS_EJB method getDeclaredSecurityRoles.

private static Set<String> getDeclaredSecurityRoles(final DeploymentUnit unit, final ClassInfo webServiceClassInfo) {
    final Set<String> securityRoles = new HashSet<String>();
    // process assembly-descriptor DD section
    final EjbJarMetaData ejbJarMD = unit.getAttachment(EjbDeploymentAttachmentKeys.EJB_JAR_METADATA);
    if (ejbJarMD != null && ejbJarMD.getAssemblyDescriptor() != null) {
        final List<SecurityRoleMetaData> securityRoleMetaDatas = ejbJarMD.getAssemblyDescriptor().getAny(SecurityRoleMetaData.class);
        if (securityRoleMetaDatas != null) {
            for (final SecurityRoleMetaData securityRoleMetaData : securityRoleMetaDatas) {
                securityRoles.add(securityRoleMetaData.getRoleName());
            }
        }
        final SecurityRolesMetaData securityRolesMD = ejbJarMD.getAssemblyDescriptor().getSecurityRoles();
        if (securityRolesMD != null && securityRolesMD.size() > 0) {
            for (final SecurityRoleMetaData securityRoleMD : securityRolesMD) {
                securityRoles.add(securityRoleMD.getRoleName());
            }
        }
    }
    // process @RolesAllowed annotation
    if (webServiceClassInfo.annotations().containsKey(ROLES_ALLOWED_ANNOTATION)) {
        final List<AnnotationInstance> allowedRoles = webServiceClassInfo.annotations().get(ROLES_ALLOWED_ANNOTATION);
        for (final AnnotationInstance allowedRole : allowedRoles) {
            if (allowedRole.target().equals(webServiceClassInfo)) {
                for (final String roleName : allowedRole.value().asStringArray()) {
                    securityRoles.add(roleName);
                }
            }
        }
    }
    // process @DeclareRoles annotation
    if (webServiceClassInfo.annotations().containsKey(DECLARE_ROLES_ANNOTATION)) {
        final List<AnnotationInstance> declareRoles = webServiceClassInfo.annotations().get(DECLARE_ROLES_ANNOTATION);
        for (final AnnotationInstance declareRole : declareRoles) {
            if (declareRole.target().equals(webServiceClassInfo)) {
                for (final String roleName : declareRole.value().asStringArray()) {
                    securityRoles.add(roleName);
                }
            }
        }
    }
    // process @PermitAll annotation
    if (webServiceClassInfo.annotations().containsKey(PERMIT_ALL_ANNOTATION)) {
        for (AnnotationInstance permitAll : webServiceClassInfo.annotations().get(PERMIT_ALL_ANNOTATION)) {
            if (permitAll.target().equals(webServiceClassInfo)) {
                securityRoles.add("*");
                break;
            }
        }
    }
    //if there is no class level security annotation, it will delegate to ejb's security check
    if (securityRoles.isEmpty()) {
        securityRoles.add("*");
    }
    return Collections.unmodifiableSet(securityRoles);
}
Also used : SecurityRoleMetaData(org.jboss.metadata.javaee.spec.SecurityRoleMetaData) EjbJarMetaData(org.jboss.metadata.ejb.spec.EjbJarMetaData) SecurityRolesMetaData(org.jboss.metadata.javaee.spec.SecurityRolesMetaData) AnnotationInstance(org.jboss.jandex.AnnotationInstance) HashSet(java.util.HashSet)

Aggregations

SecurityRoleMetaData (org.jboss.metadata.javaee.spec.SecurityRoleMetaData)6 SecurityRolesMetaData (org.jboss.metadata.javaee.spec.SecurityRolesMetaData)5 HashSet (java.util.HashSet)2 DeploymentUnit (org.jboss.as.server.deployment.DeploymentUnit)2 AnnotationInstance (org.jboss.jandex.AnnotationInstance)2 EjbJarMetaData (org.jboss.metadata.ejb.spec.EjbJarMetaData)2 Method (java.lang.reflect.Method)1 Permission (java.security.Permission)1 ArrayList (java.util.ArrayList)1 Collection (java.util.Collection)1 Map (java.util.Map)1 EJBMethodPermission (javax.security.jacc.EJBMethodPermission)1 EJBRoleRefPermission (javax.security.jacc.EJBRoleRefPermission)1 Descriptions (org.jboss.annotation.javaee.Descriptions)1 ViewConfiguration (org.jboss.as.ee.component.ViewConfiguration)1 WriteReplaceInterface (org.jboss.as.ee.component.serialization.WriteReplaceInterface)1 EJBComponentDescription (org.jboss.as.ejb3.component.EJBComponentDescription)1 EJBViewConfiguration (org.jboss.as.ejb3.component.EJBViewConfiguration)1 SessionBeanComponentDescription (org.jboss.as.ejb3.component.session.SessionBeanComponentDescription)1 DeploymentUnitProcessingException (org.jboss.as.server.deployment.DeploymentUnitProcessingException)1