geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Jencks (JIRA)" <j...@apache.org>
Subject [jira] Updated: (GERONIMO-4765) API for Assumed Identity (run-as) support
Date Tue, 27 Oct 2009 01:13:59 GMT

     [ https://issues.apache.org/jira/browse/GERONIMO-4765?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

David Jencks updated GERONIMO-4765:
-----------------------------------

    Fix Version/s:     (was: 2.2)
                   Wish List

I think this is basically a good idea but want to think about it more before putting it into
a release.  I think you could write your own object with a static method to do this?

> API for Assumed Identity (run-as) support
> -----------------------------------------
>
>                 Key: GERONIMO-4765
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-4765
>             Project: Geronimo
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: security
>    Affects Versions: 2.2
>            Reporter: J├╝rgen Weber
>             Fix For: Wish List
>
>
> To programmatically change the currently active subject, at the moment you have to use
the following Geronimo-proprietary code:
> ContextManager.registerSubject(subject);
> Callers oldCallers = ContextManager.pushNextCaller(subject);
> try
> {
> 	// secure code
> }
> finally
> {
> 	ContextManager.popCallers(oldCallers);
> }
> (see http://www.nabble.com/NPE-in-ContextManager.getCurrentContext-ts24645453s134.html)
> There should be a simpler (less Geronimo-dependend code) API analog to javax.security.auth.Subject.doAs()
> (http://java.sun.com/javase/6/docs/api/javax/security/auth/Subject.html#doAs%28javax.security.auth.Subject,%20java.security.PrivilegedExceptionAction%29)
> This API itself cannot be used, see http://publib.boulder.ibm.com/infocenter/wasinfo/v5r1//index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/rsec_jaasauthor.html
> http://www.nabble.com/security-propagation-from-JAAS-context-to-EJB-question-ts24091806s134.html
> An API for Assumed Identity (run-as) support could be implemented like
> 	public <T> T doAs(Subject subject, PrivilegedExceptionAction<T> action)
> 			throws PrivilegedActionException
> 	{
> 		T t = null;
> 		ContextManager.registerSubject(subject);
> 		Callers oldCallers = ContextManager.pushNextCaller(subject);
> 		try
> 		{
> 			t = action.run();
> 		}
> 		catch (Exception e)
> 		{
> 			throw new PrivilegedActionException(e);
> 		}
> 		finally
> 		{
> 			ContextManager.popCallers(oldCallers);
> 		}
> 		return t;
> 	}
> This code could be put into a method of ContextManager or into a new class org.apache.geronimo.security.Security.

> This would still create a non-portable dependency to Geronimo in user code.
> You would use it like 
> LoginContext lc = new LoginContext("geronimo-admin", handler);
> lc.login();
> Subject subject = lc.getSubject();
> String s = doAs(subject, new PrivilegedExceptionAction<String>()
> {
> 	public String run() throws Exception
> 	{
> 		return null; // secure code
> 	}
> });
> This would be analogous to similar APIs in Weblogic Server or Websphere AS.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message