geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ke...@apache.org
Subject svn commit: r442795 - in /geronimo/server/trunk/modules: geronimo-axis/src/main/java/org/apache/geronimo/axis/client/ geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/ geronimo-security/src/main/java/org/apache/geronimo/security/
Date Wed, 13 Sep 2006 02:04:35 GMT
Author: kevan
Date: Tue Sep 12 19:04:35 2006
New Revision: 442795

URL: http://svn.apache.org/viewvc?view=rev&rev=442795
Log:
GERONIMO-2313 Merge security fixes onto trunk. Insure that the Context contains the appropriate
caller.

Modified:
    geronimo/server/trunk/modules/geronimo-axis/src/main/java/org/apache/geronimo/axis/client/ServiceEndpointMethodInterceptor.java
    geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/SubjectInterceptor.java
    geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java

Modified: geronimo/server/trunk/modules/geronimo-axis/src/main/java/org/apache/geronimo/axis/client/ServiceEndpointMethodInterceptor.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-axis/src/main/java/org/apache/geronimo/axis/client/ServiceEndpointMethodInterceptor.java?view=diff&rev=442795&r1=442794&r2=442795
==============================================================================
--- geronimo/server/trunk/modules/geronimo-axis/src/main/java/org/apache/geronimo/axis/client/ServiceEndpointMethodInterceptor.java
(original)
+++ geronimo/server/trunk/modules/geronimo-axis/src/main/java/org/apache/geronimo/axis/client/ServiceEndpointMethodInterceptor.java
Tue Sep 12 19:04:35 2006
@@ -64,7 +64,7 @@
 
         stub.setUpCall(call);
         if (credentialsName != null) {
-            Subject subject = ContextManager.getCurrentCaller();
+            Subject subject = ContextManager.getNextCaller();
             if (subject == null) {
                 throw new IllegalStateException("Subject missing but authentication turned
on");
             } else {

Modified: geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/SubjectInterceptor.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/SubjectInterceptor.java?view=diff&rev=442795&r1=442794&r2=442795
==============================================================================
--- geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/SubjectInterceptor.java
(original)
+++ geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/SubjectInterceptor.java
Tue Sep 12 19:04:35 2006
@@ -43,7 +43,7 @@
         Subject currentSubject = null;
         if (!connectionInfo.isApplicationManagedSecurity()) {
             try {
-                currentSubject = ContextManager.getCurrentCaller();
+                currentSubject = ContextManager.getNextCaller();
             } catch (SecurityException e) {
                 throw new ResourceException("Can not obtain Subject for login", e);
             }

Modified: geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java?view=diff&rev=442795&r1=442794&r2=442795
==============================================================================
--- geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java
(original)
+++ geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java
Tue Sep 12 19:04:35 2006
@@ -113,6 +113,7 @@
         if (sm != null) sm.checkPermission(SET_CONTEXT);
         assert nextCaller != null;
         Callers oldCallers = (Callers) callers.get();
+        assert oldCallers != null;
         Callers newCallers = new Callers(oldCallers.getNextCaller(), nextCaller);
         callers.set(newCallers);
         return oldCallers;
@@ -143,11 +144,21 @@
         return callers == null? null: callers.getCurrentCaller();
     }
 
+    public static Subject getNextCaller() {
+        SecurityManager sm = System.getSecurityManager();
+        if (sm != null) sm.checkPermission(GET_CONTEXT);
+
+        Callers callers = (Callers) ContextManager.callers.get();
+        return callers == null? null: callers.getNextCaller();
+    }
+
     public static AccessControlContext getCurrentContext() {
         SecurityManager sm = System.getSecurityManager();
         if (sm != null) sm.checkPermission(GET_CONTEXT);
 
-        Subject currentSubject = ((Callers) callers.get()).getCurrentCaller();
+        Callers threadLocalCallers = (Callers) callers.get();
+        assert threadLocalCallers != null : "No current callers";
+        Subject currentSubject = threadLocalCallers.getCurrentCaller();
         assert currentSubject != null : "No current caller";
         Context context = (Context) subjectContexts.get(currentSubject);
 
@@ -178,7 +189,10 @@
         SecurityManager sm = System.getSecurityManager();
         if (sm != null) sm.checkPermission(GET_CONTEXT);
 
-        Subject currentSubject = ((Callers) callers.get()).getCurrentCaller();
+        Callers threadLocalCallers = (Callers) callers.get();
+        assert threadLocalCallers != null : "No current callers";
+        Subject currentSubject = threadLocalCallers.getCurrentCaller();
+        assert currentSubject != null : "No current caller";
         Context context = (Context) subjectContexts.get(currentSubject);
 
         assert context != null : "No registered context";
@@ -200,8 +214,14 @@
         if (role == null) throw new IllegalArgumentException("Role must not be null");
 
         try {
-            Subject currentSubject = ((Callers) callers.get()).getCurrentCaller();
-            if (currentSubject == null) return false;
+            Callers currentCallers = (Callers)callers.get();
+            if (currentCallers == null) {
+                return false;
+            }
+            Subject currentSubject = currentCallers.getCurrentCaller();
+            if (currentSubject == null) {
+                return false;
+            }
 
             Context context = (Context) subjectContexts.get(currentSubject);
 



Mime
View raw message