geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From djen...@apache.org
Subject svn commit: r740521 - in /geronimo/server/branches/2.1/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment: EjbDeploymentBuilder.java SecurityBuilder.java
Date Tue, 03 Feb 2009 23:49:24 GMT
Author: djencks
Date: Tue Feb  3 23:49:24 2009
New Revision: 740521

URL: http://svn.apache.org/viewvc?rev=740521&view=rev
Log:
GERONIMO-4526 make ejbTimeout accessible when security is enabled

Modified:
    geronimo/server/branches/2.1/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbDeploymentBuilder.java
    geronimo/server/branches/2.1/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/SecurityBuilder.java

Modified: geronimo/server/branches/2.1/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbDeploymentBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbDeploymentBuilder.java?rev=740521&r1=740520&r2=740521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbDeploymentBuilder.java
(original)
+++ geronimo/server/branches/2.1/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbDeploymentBuilder.java
Tue Feb  3 23:49:24 2009
@@ -58,12 +58,11 @@
 import org.apache.openejb.jee.EnterpriseBean;
 import org.apache.openejb.jee.EntityBean;
 import org.apache.openejb.jee.MessageDrivenBean;
+import org.apache.openejb.jee.MethodPermission;
 import org.apache.openejb.jee.RemoteBean;
 import org.apache.openejb.jee.SecurityIdentity;
 import org.apache.openejb.jee.SessionBean;
 import org.apache.openejb.jee.SessionType;
-import org.apache.openejb.jee.AssemblyDescriptor;
-import org.apache.openejb.jee.MethodPermission;
 import org.apache.openejb.jee.oejb3.EjbDeployment;
 import org.apache.xbean.finder.ClassFinder;
 import org.apache.xmlbeans.XmlObject;
@@ -189,30 +188,30 @@
                 RemoteBean remoteBean = (RemoteBean) enterpriseBean;
 
                 SecurityBuilder securityBuilder = new SecurityBuilder();
-                PermissionCollection permissions = new Permissions();
+                PermissionCollection allPermissions = new Permissions();
 
-                securityBuilder.addToPermissions(permissions,
+                securityBuilder.addToPermissions(allPermissions,
                         remoteBean.getEjbName(),
                         EjbInterface.HOME.getJaccInterfaceName(),
                         remoteBean.getHome(),
                         ejbModule.getClassLoader());
-                securityBuilder.addToPermissions(permissions,
+                securityBuilder.addToPermissions(allPermissions,
                         remoteBean.getEjbName(),
                         EjbInterface.REMOTE.getJaccInterfaceName(),
                         remoteBean.getRemote(),
                         ejbModule.getClassLoader());
-                securityBuilder.addToPermissions(permissions,
+                securityBuilder.addToPermissions(allPermissions,
                         remoteBean.getEjbName(),
                         EjbInterface.LOCAL.getJaccInterfaceName(),
                         remoteBean.getLocal(),
                         ejbModule.getClassLoader());
-                securityBuilder.addToPermissions(permissions,
+                securityBuilder.addToPermissions(allPermissions,
                         remoteBean.getEjbName(),
                         EjbInterface.LOCAL_HOME.getJaccInterfaceName(),
                         remoteBean.getLocalHome(),
                         ejbModule.getClassLoader());
                 if (remoteBean instanceof SessionBean) {
-                    securityBuilder.addToPermissions(permissions,
+                    securityBuilder.addToPermissions(allPermissions,
                             remoteBean.getEjbName(),
                             EjbInterface.SERVICE_ENDPOINT.getJaccInterfaceName(),
                             ((SessionBean) remoteBean).getServiceEndpoint(),
@@ -220,7 +219,7 @@
                 }
                 if (remoteBean.getBusinessRemote() != null && !remoteBean.getBusinessRemote().isEmpty())
{
                     for (String businessRemote : remoteBean.getBusinessRemote()) {
-                        securityBuilder.addToPermissions(permissions,
+                        securityBuilder.addToPermissions(allPermissions,
                                 remoteBean.getEjbName(),
                                 EjbInterface.REMOTE.getJaccInterfaceName(),
                                 businessRemote,
@@ -234,7 +233,7 @@
                 }
                 if (remoteBean.getBusinessLocal() != null && !remoteBean.getBusinessLocal().isEmpty())
{
                     for (String businessLocal : remoteBean.getBusinessLocal()) {
-                        securityBuilder.addToPermissions(permissions,
+                        securityBuilder.addToPermissions(allPermissions,
                                 remoteBean.getEjbName(),
                                 EjbInterface.LOCAL.getJaccInterfaceName(),
                                 businessLocal,
@@ -247,9 +246,11 @@
                             ejbModule.getClassLoader());
                 }
 
+                securityBuilder.addEjbTimeout(remoteBean, ejbModule, allPermissions);
+
                 String defaultRole = securityConfiguration.getDefaultRole();
                 securityBuilder.addComponentPermissions(defaultRole,
-                        permissions,
+                        allPermissions,
                         ejbModule.getEjbJar().getAssemblyDescriptor(),
                         enterpriseBean.getEjbName(),
                         remoteBean.getSecurityRoleRef(),
@@ -270,6 +271,7 @@
         }
     }
 
+
     public void buildEnc() throws DeploymentException {
         //
         // XMLBeans types must be use because Geronimo naming building is coupled via XMLBeans
objects

Modified: geronimo/server/branches/2.1/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/SecurityBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.1/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/SecurityBuilder.java?rev=740521&r1=740520&r2=740521&view=diff
==============================================================================
--- geronimo/server/branches/2.1/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/SecurityBuilder.java
(original)
+++ geronimo/server/branches/2.1/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/SecurityBuilder.java
Tue Feb  3 23:49:24 2009
@@ -24,6 +24,8 @@
 import java.util.List;
 import java.util.Map;
 
+import javax.ejb.TimedObject;
+import javax.ejb.Timer;
 import javax.security.jacc.EJBMethodPermission;
 import javax.security.jacc.EJBRoleRefPermission;
 
@@ -31,9 +33,13 @@
 import org.apache.geronimo.security.jacc.ComponentPermissions;
 import org.apache.openejb.jee.AssemblyDescriptor;
 import org.apache.openejb.jee.ExcludeList;
+import org.apache.openejb.jee.MessageDrivenBean;
 import org.apache.openejb.jee.Method;
 import org.apache.openejb.jee.MethodPermission;
+import org.apache.openejb.jee.NamedMethod;
+import org.apache.openejb.jee.RemoteBean;
 import org.apache.openejb.jee.SecurityRoleRef;
+import org.apache.openejb.jee.SessionBean;
 
 public class SecurityBuilder {
     /**
@@ -42,22 +48,22 @@
      * is also filled with permissions that need to be used to fill the JACC
      * policy configuration.
      *
-     * @param defaultRole default role for otherwise unassigned permissions
-     * @param notAssigned the set of all possible permissions.  These will be
-     * culled so that all that are left are those that have
-     * not been assigned roles.
-     * @param assemblyDescriptor the assembly descriptor
-     * @param ejbName the name of the EJB
-     * @param securityRoleRefs the EJB's role references
+     * @param defaultRole          default role for otherwise unassigned permissions
+     * @param notAssigned          the set of all possible permissions.  These will be
+     *                             culled so that all that are left are those that have
+     *                             not been assigned roles.
+     * @param assemblyDescriptor   the assembly descriptor
+     * @param ejbName              the name of the EJB
+     * @param securityRoleRefs     the EJB's role references
      * @param componentPermissions the holder for the ejb's permissions
      * @throws DeploymentException if any constraints are violated
      */
     public void addComponentPermissions(String defaultRole,
-            PermissionCollection notAssigned,
-            AssemblyDescriptor assemblyDescriptor,
-            String ejbName,
-            List<SecurityRoleRef> securityRoleRefs,
-            ComponentPermissions componentPermissions) throws DeploymentException {
+                                        PermissionCollection notAssigned,
+                                        AssemblyDescriptor assemblyDescriptor,
+                                        String ejbName,
+                                        List<SecurityRoleRef> securityRoleRefs,
+                                        ComponentPermissions componentPermissions) throws
DeploymentException {
 
         PermissionCollection uncheckedPermissions = componentPermissions.getUncheckedPermissions();
         PermissionCollection excludedPermissions = componentPermissions.getExcludedPermissions();
@@ -85,7 +91,7 @@
                         methodName = null;
                     }
                     // method interface
-                    String methodIntf = method.getMethodIntf() == null? null: method.getMethodIntf().toString();
+                    String methodIntf = method.getMethodIntf() == null ? null : method.getMethodIntf().toString();
 
                     // method parameters
                     String[] methodParams;
@@ -130,7 +136,7 @@
                     // method name
                     String methodName = method.getMethodName();
                     // method interface
-                    String methodIntf = method.getMethodIntf() == null? null: method.getMethodIntf().toString();
+                    String methodIntf = method.getMethodIntf() == null ? null : method.getMethodIntf().toString();
 
                     // method parameters
                     String[] methodParams;
@@ -154,7 +160,7 @@
              */
             for (SecurityRoleRef securityRoleRef : securityRoleRefs) {
 
-                String roleLink = securityRoleRef.getRoleLink() == null? securityRoleRef.getRoleName():
securityRoleRef.getRoleLink();
+                String roleLink = securityRoleRef.getRoleLink() == null ? securityRoleRef.getRoleName()
: securityRoleRef.getRoleLink();
 
                 PermissionCollection roleLinks = rolePermissions.get(roleLink);
                 if (roleLinks == null) {
@@ -204,18 +210,19 @@
      * of the <code>EJBHome</code> and <code>EJBObject</code> interfaces
and/or
      * <code>EJBLocalHome</code> and <code>EJBLocalObject</code>
interfaces).
      *
-     * @param permissions the permission set to be extended
-     * @param ejbName the name of the EJB
+     * @param permissions     the permission set to be extended
+     * @param ejbName         the name of the EJB
      * @param methodInterface the EJB method interface
-     * @param interfaceClass the class name of the interface to be used to generate the permissions
-     * @param classLoader the class loader to be used in obtaining the interface class
-     * @throws org.apache.geronimo.common.DeploymentException in case a class could not be
found
+     * @param interfaceClass  the class name of the interface to be used to generate the
permissions
+     * @param classLoader     the class loader to be used in obtaining the interface class
+     * @throws org.apache.geronimo.common.DeploymentException
+     *          in case a class could not be found
      */
     public void addToPermissions(PermissionCollection permissions,
-            String ejbName,
-            String methodInterface,
-            String interfaceClass,
-            ClassLoader classLoader) throws DeploymentException {
+                                 String ejbName,
+                                 String methodInterface,
+                                 String interfaceClass,
+                                 ClassLoader classLoader) throws DeploymentException {
 
         if (interfaceClass == null) {
             return;
@@ -237,7 +244,7 @@
      * <code>permission</code>.
      *
      * @param toBeChecked the permissions that are to be checked and possibly culled
-     * @param permission the permission that is to be used for culling
+     * @param permission  the permission that is to be used for culling
      * @return the culled set of permissions that are not implied by <code>permission</code>
      */
     private Permissions cullPermissions(PermissionCollection toBeChecked, Permission permission)
{
@@ -252,4 +259,26 @@
 
         return result;
     }
+
+    public void addEjbTimeout(RemoteBean remoteBean, EjbModule ejbModule, PermissionCollection
permissions) throws DeploymentException {
+        NamedMethod timeout = null;
+        if (remoteBean instanceof SessionBean) {
+            timeout = ((SessionBean) remoteBean).getTimeoutMethod();
+        } else if (remoteBean instanceof MessageDrivenBean) {
+            timeout = ((MessageDrivenBean) remoteBean).getTimeoutMethod();
+        }
+        if (timeout != null) {
+            permissions.add(new EJBMethodPermission(remoteBean.getEjbName(), timeout.getMethodName(),
null, new String[]{Timer.class.getName()}));
+        } else {
+            try {
+                Class ejbClass = ejbModule.getClassLoader().loadClass(remoteBean.getEjbClass());
+                if (TimedObject.class.isAssignableFrom(ejbClass)) {
+                    permissions.add(new EJBMethodPermission(remoteBean.getEjbName(), "ejbTimeout",
null, new String[]{Timer.class.getName()}));
+                }
+            } catch (ClassNotFoundException e) {
+                throw new DeploymentException("Could not figure out timer method", e);
+            }
+        }
+    }
+
 }



Mime
View raw message