Return-Path: Delivered-To: apmail-geronimo-dev-archive@www.apache.org Received: (qmail 36627 invoked from network); 26 Jul 2009 20:57:39 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 26 Jul 2009 20:57:39 -0000 Received: (qmail 60361 invoked by uid 500); 26 Jul 2009 20:58:44 -0000 Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org Received: (qmail 60264 invoked by uid 500); 26 Jul 2009 20:58:43 -0000 Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list dev@geronimo.apache.org Received: (qmail 60256 invoked by uid 99); 26 Jul 2009 20:58:43 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 26 Jul 2009 20:58:43 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 26 Jul 2009 20:58:35 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id D54F8234C046 for ; Sun, 26 Jul 2009 13:58:14 -0700 (PDT) Message-ID: <1666827410.1248641894872.JavaMail.jira@brutus> Date: Sun, 26 Jul 2009 13:58:14 -0700 (PDT) From: =?utf-8?Q?J=C3=BCrgen_Weber_=28JIRA=29?= To: dev@geronimo.apache.org Subject: [jira] Commented: (GERONIMO-4765) API for Assumed Identity (run-as) support In-Reply-To: <1044213432.1248604515247.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/GERONIMO-4765?page=3Dcom.atlass= ian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=3D1= 2735424#action_12735424 ]=20 J=C3=BCrgen Weber commented on GERONIMO-4765: ---------------------------------------- As an application developer you are supposed to stick to standards, and for= Java security the Standard is JAAS. It has limitations for JEE thence the = extensions by BEA and IBM. I suggest to include a doas() method to use a similar pattern as WAS and WL= S (which both use an API similar to javax.security.auth.Subject.doAs()) to = make it easier to write portable software, not to provide the "best" securi= ty API. Unfortunately there seems no way for a working doAs() without a proprietary= extension, but it should be kept as small as possible. Going away from JAAS might be another option, but not an option most conser= vative IT managers would like. But if you do, you might as well have a look= at Apache Shiro. > API for Assumed Identity (run-as) support > ----------------------------------------- > > Key: GERONIMO-4765 > URL: https://issues.apache.org/jira/browse/GERONIMO-4765 > Project: Geronimo > Issue Type: Improvement > Security Level: public(Regular issues)=20 > Components: security > Affects Versions: 2.2 > Reporter: J=C3=BCrgen Weber > Fix For: 2.2 > > > To programmatically change the currently active subject, at the moment yo= u have to use the following Geronimo-proprietary code: > ContextManager.registerSubject(subject); > Callers oldCallers =3D ContextManager.pushNextCaller(subject); > try > { > =09// secure code > } > finally > { > =09ContextManager.popCallers(oldCallers); > } > (see http://www.nabble.com/NPE-in-ContextManager.getCurrentContext-ts2464= 5453s134.html) > There should be a simpler (less Geronimo-dependend code) API analog to ja= vax.security.auth.Subject.doAs() > (http://java.sun.com/javase/6/docs/api/javax/security/auth/Subject.html#d= oAs%28javax.security.auth.Subject,%20java.security.PrivilegedExceptionActio= n%29) > This API itself cannot be used, see http://publib.boulder.ibm.com/infocen= ter/wasinfo/v5r1//index.jsp?topic=3D/com.ibm.websphere.base.doc/info/aes/ae= /rsec_jaasauthor.html > http://www.nabble.com/security-propagation-from-JAAS-context-to-EJB-quest= ion-ts24091806s134.html > An API for Assumed Identity (run-as) support could be implemented like > =09public T doAs(Subject subject, PrivilegedExceptionAction action= ) > =09=09=09throws PrivilegedActionException > =09{ > =09=09T t =3D null; > =09=09ContextManager.registerSubject(subject); > =09=09Callers oldCallers =3D ContextManager.pushNextCaller(subject); > =09=09try > =09=09{ > =09=09=09t =3D action.run(); > =09=09} > =09=09catch (Exception e) > =09=09{ > =09=09=09throw new PrivilegedActionException(e); > =09=09} > =09=09finally > =09=09{ > =09=09=09ContextManager.popCallers(oldCallers); > =09=09} > =09=09return t; > =09} > This code could be put into a method of ContextManager or into a new clas= s org.apache.geronimo.security.Security.=20 > This would still create a non-portable dependency to Geronimo in user cod= e. > You would use it like=20 > LoginContext lc =3D new LoginContext("geronimo-admin", handler); > lc.login(); > Subject subject =3D lc.getSubject(); > String s =3D doAs(subject, new PrivilegedExceptionAction() > { > =09public String run() throws Exception > =09{ > =09=09return null; // secure code > =09} > }); > This would be analogous to similar APIs in Weblogic Server or Websphere A= S. --=20 This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.