geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d...@apache.org
Subject svn commit: r522762 - in /geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb: EjbDeployment.java EjbDeploymentGBean.java GeronimoSecurityService.java
Date Tue, 27 Mar 2007 05:35:36 GMT
Author: dain
Date: Mon Mar 26 22:35:35 2007
New Revision: 522762

URL: http://svn.apache.org/viewvc?view=rev&rev=522762
Log:
When there is no security config, disable security checks

Modified:
    geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/EjbDeployment.java
    geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/EjbDeploymentGBean.java
    geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java

Modified: geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/EjbDeployment.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/EjbDeployment.java?view=diff&rev=522762&r1=522761&r2=522762
==============================================================================
--- geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/EjbDeployment.java
(original)
+++ geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/EjbDeployment.java
Mon Mar 26 22:35:35 2007
@@ -49,6 +49,7 @@
     private final String beanClassName;
     private final ClassLoader classLoader;
 
+    private final boolean securityEnabled;
     private final Subject defaultSubject;
     private final Subject runAs;
 
@@ -67,7 +68,7 @@
 
     public EjbDeployment() {
         this(null, null, null, null, null, null, null, null, null, null, 
-             null, null, null, null, null, null, null);
+             false, null, null, null, null, null, null, null);
     }
 
     public EjbDeployment(String objectName,
@@ -80,6 +81,7 @@
                          String serviceEndpointInterfaceName,
                          String beanClassName,
                          ClassLoader classLoader,
+                         boolean securityEnabled,
                          Subject defaultSubject,
                          Subject runAs,
                          Context componentContext,
@@ -97,6 +99,7 @@
         this.serviceEndpointInterfaceName = serviceEndpointInterfaceName;
         this.beanClassName = beanClassName;
         this.classLoader = classLoader;
+        this.securityEnabled = securityEnabled;
         this.defaultSubject = defaultSubject;
         this.runAs = runAs;
         this.componentContext = componentContext;
@@ -144,6 +147,10 @@
 
     public ClassLoader getClassLoader() {
         return classLoader;
+    }
+
+    public boolean isSecurityEnabled() {
+        return securityEnabled;
     }
 
     public Subject getDefaultSubject() {

Modified: geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/EjbDeploymentGBean.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/EjbDeploymentGBean.java?view=diff&rev=522762&r1=522761&r2=522762
==============================================================================
--- geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/EjbDeploymentGBean.java
(original)
+++ geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/EjbDeploymentGBean.java
Mon Mar 26 22:35:35 2007
@@ -44,6 +44,7 @@
             String serviceEndpointInterfaceName,
             String beanClassName,
             ClassLoader classLoader,
+            boolean securityEnabled,
             DefaultPrincipal defaultPrincipal,
             Subject runAs,
             Map componentContext,
@@ -63,6 +64,7 @@
                 serviceEndpointInterfaceName,
                 beanClassName,
                 classLoader,
+                securityEnabled,
                 generateDefaultSubject(defaultPrincipal, classLoader),
                 runAs,
                 EnterpriseNamingContext.createEnterpriseNamingContext(componentContext, transactionManager,
kernel, classLoader),
@@ -110,6 +112,7 @@
         infoFactory.addAttribute("beanClassName", String.class, true);
         infoFactory.addAttribute("classLoader", ClassLoader.class, false);
 
+        infoFactory.addAttribute("securityEnabled", boolean.class, true);
         infoFactory.addAttribute("defaultPrincipal", DefaultPrincipal.class, true);
         infoFactory.addAttribute("runAs", Subject.class, true);
 
@@ -137,6 +140,7 @@
                 "beanClassName",
                 "classLoader",
 
+                "securityEnabled",
                 "defaultPrincipal",
                 "runAs",
 

Modified: geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java?view=diff&rev=522762&r1=522761&r2=522762
==============================================================================
--- geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java
(original)
+++ geronimo/server/trunk/modules/geronimo-openejb/src/main/java/org/apache/geronimo/openejb/GeronimoSecurityService.java
Mon Mar 26 22:35:35 2007
@@ -75,12 +75,17 @@
     }
 
     public boolean isCallerAuthorized(Method method, InterfaceType typee) {
-        if (true) return true;
         ThreadContext threadContext = ThreadContext.getThreadContext();
 
         try {
             CoreDeploymentInfo deploymentInfo = threadContext.getDeploymentInfo();
 
+            // if security is not enabled we are autorized
+            EjbDeployment ejbDeployment = deploymentInfo.get(EjbDeployment.class);
+            if (ejbDeployment == null || !ejbDeployment.isSecurityEnabled()) {
+                return true;
+            }
+
             String ejbName = deploymentInfo.getEjbName();
 
             InterfaceType type = deploymentInfo.getInterfaceType(method.getDeclaringClass());
@@ -104,11 +109,26 @@
 
         ThreadContext threadContext = ThreadContext.getThreadContext();
 
-        CoreDeploymentInfo deployment = threadContext.getDeploymentInfo();
-        return ContextManager.isCallerInRole(deployment.getEjbName(), role);
+        CoreDeploymentInfo deploymentInfo = threadContext.getDeploymentInfo();
+
+        // if security is not enabled we are not in that role
+        EjbDeployment ejbDeployment = deploymentInfo.get(EjbDeployment.class);
+        if (ejbDeployment == null || !ejbDeployment.isSecurityEnabled()) {
+            return false;
+        }
+
+        return ContextManager.isCallerInRole(deploymentInfo.getEjbName(), role);
     }
 
     public Principal getCallerPrincipal() {
+        // if security is not enabled, we don't have a principal
+        ThreadContext threadContext = ThreadContext.getThreadContext();
+        CoreDeploymentInfo deploymentInfo = threadContext.getDeploymentInfo();
+        EjbDeployment ejbDeployment = deploymentInfo.get(EjbDeployment.class);
+        if (ejbDeployment == null || !ejbDeployment.isSecurityEnabled()) {
+            return null;
+        }
+
         Subject callerSubject = ContextManager.getCurrentCaller();
         return ContextManager.getCurrentPrincipal(callerSubject);
     }
@@ -118,7 +138,6 @@
     //
 
     public Object getSecurityIdentity() {
-        // throw new UnsupportedOperationException();
         return null;
     }
 



Mime
View raw message