geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vamsavardhana Reddy" <c1vams...@gmail.com>
Subject Re: How is the default-subject used in EJB security?
Date Fri, 17 Oct 2008 17:50:55 GMT
Created GERONIMO-4367.

++Vamsi

On Fri, Oct 17, 2008 at 1:21 PM, Vamsavardhana Reddy <c1vamsi1c@gmail.com>wrote:

>
>
> On Fri, Oct 17, 2008 at 12:47 PM, David Jencks <david_jencks@yahoo.com>wrote:
>
>>
>> On Oct 16, 2008, at 1:14 PM, Vamsavardhana Reddy wrote:
>>
>>  I have a stateless bean BankBean1 as given below:
>>>
>>> @Stateless
>>> @DeclareRoles(value = {"bank", "customer"})
>>> public class BankBean1 implements Bank {
>>>
>>>    @RolesAllowed({"customer", "bank"})
>>>    public Double getBalance(Integer account) {
>>>        return data.get(account);
>>>    }
>>>
>>>    @RolesAllowed({"bank"})
>>>    public Double creditAccount(Integer account, Double amt) {
>>>        ...
>>>        return value;
>>>    }
>>>
>>>    @RolesAllowed({"bank"})
>>>    public Double debitAccount(Integer account, Double amt) {
>>>        ...
>>>        return value;
>>>    }
>>> }
>>>
>>> I have a second stateless bean BankBean2 that has a reference injected to
>>> BankBean1 and uses @RunAs as given below:
>>> @Stateless
>>> @DeclareRoles(value = {"bank", "customer"})
>>> @RunAs(value = "bank")
>>> public class BankBean2 implements Bank2 {
>>>
>>>    @EJB
>>>    private Bank bank; // BankBean1 gets injected here.
>>>
>>>    public Double getBalance(Integer account) {
>>>        return bank.getBalance(account);
>>>    }
>>>
>>>    public Double creditAccount(Integer account, Double amt) {
>>>        return bank.creditAccount(account, amt);
>>>    }
>>>
>>>    public Double debitAccount(Integer account, Double amt) {
>>>        return bank.debitAccount(account, amt);
>>>    }
>>> }
>>>
>>> In the security mapping in openejb-jar.xml, if I specify a run-as-subject
>>> for "bank" role, BankBean2 is able to invoke BankBean1 as per that
>>> run-as-subject specified.  But if I don't specify a run-as-subject, but only
>>> use a default-subject, BankBean2 is unable to invoke BankBean1 as per the
>>> default-subject specified. I guess the default-subject is being ignored.
>>>  This is not the case with run-as-subject and default-subject used in
>>> geronimo-web.xml.  In the absence of run-as-subject I notice that
>>> default-subject is used.  I am wondering how the default-subject is used in
>>> ejb security.
>>>
>>
>> What is the default-subject you have specified?  I'd expect it would be
>> used if no run-as subject is specified for the role.
>
> I tried a default-subject that maps to "customer" role and also a
> default-subject that maps to "bank" role.  When I specify the run-as-subject
> the BankBean1 invocation is happening as per that subject i.e. when the
> subject contains a principal that maps to the "bank" role all methods are
> accessible and when the subject contains a principal that maps to "customer"
> role only getBalance() method is accessible.  If I remove the run-as-subject
> and put the same as default-subject, none of the methods are accessible.
>
>
>>  If you are trying to tell us that you have specified a default subject
>> with a principal that maps to the "bank" role and you still can't access the
>> BankBean1 then I think you've found a bug.... jira time :-)
>
> Yes, the methods are not accessible even when the default-subject has a
> principal that maps to "bank" role.  I will create a JIRA and upload the
> test sample.
>
>
>>
>>
>> Note that our security system requires some extra configuration for the
>> run-as role to actually work, you need to specify a subject corresponding to
>> the run-as role.  You are expected to assure that some principal in this
>> subject actually maps to the run-as role but this is not enfforced.
>
> This has been taken care.  I am using SimpleCredentialStoreImpl to create a
> credential store and the credential-store-ref element in security element in
> the deployment plan.
>
> ++Vamsi
>
>>
>>
>> thanks
>> david jencks
>>
>>
>>> ++Vamsi
>>>
>>>
>>
>

Mime
View raw message