this.securityMetaData = new EJBSecurityMetaData(componentConfiguration);
final ModelNode result = context.getResult(); EJBSecurityMetaData md = component.getSecurityMetaData(); if (md != null && md.getSecurityDomain() != null) { result.set(md.getSecurityDomain()); if (md != null && md.getRunAs() != null) { result.set(md.getRunAs()); if (md != null) { result.setEmptyList(); Set<String> roles = md.getDeclaredRoles(); if (roles != null) { for (String role : roles) {
String securityDomain = securityMetaData.getSecurityDomain(); if (securityDomain == null) { securityDomain = DEFAULT_DOMAIN; ROOT_LOGGER.trace("Using security domain: " + securityDomain + " for EJB " + ejbComponent.getComponentName()); final String runAs = securityMetaData.getRunAs(); final String runAsPrincipal = securityMetaData.getRunAsPrincipal(); final SecurityRolesMetaData securityRoles = securityMetaData.getSecurityRoles(); Set<String> extraRoles = null; Map<String,Set<String>> principalVsRolesMap = null;
public boolean isCallerInRole(final String roleName) throws IllegalStateException { if (isSecurityDomainKnown()) { if (enableJacc) { Policy policy = WildFlySecurityManager.isChecking() ? doPrivileged((PrivilegedAction<Policy>) Policy::getPolicy) : Policy.getPolicy(); ProtectionDomain domain = new ProtectionDomain(null, null, null, JaccInterceptor.getGrantedRoles(getCallerSecurityIdentity())); return policy.implies(domain, new EJBRoleRefPermission(getComponentName(), roleName)); } else { return checkCallerSecurityIdentityRole(roleName); } } else if (WildFlySecurityManager.isChecking()) { return WildFlySecurityManager.doUnchecked((PrivilegedAction<Boolean>) () -> serverSecurityManager.isCallerInRole(getComponentName(), policyContextID, securityMetaData.getSecurityRoles(), securityMetaData.getSecurityRoleLinks(), roleName)); } else { return this.serverSecurityManager.isCallerInRole(getComponentName(), policyContextID, securityMetaData.getSecurityRoles(), securityMetaData.getSecurityRoleLinks(), roleName); } }
@Override protected Interceptor create(final Component component, final InterceptorFactoryContext context) { if (! (component instanceof EJBComponent)) { throw EjbLogger.ROOT_LOGGER.unexpectedComponent(component, EJBComponent.class); } final EJBComponent ejbComponent = (EJBComponent) component; final EJBSecurityMetaData securityMetaData = ejbComponent.getSecurityMetaData(); String securityDomainName = securityMetaData.getSecurityDomain(); if (securityDomainName == null) { securityDomainName = DEFAULT_DOMAIN; } final SecurityDomain securityDomain = ejbComponent.getSecurityDomain(); if (securityDomain == null) { throw EjbLogger.ROOT_LOGGER.invalidSecurityForDomainSet(ejbComponent.getComponentName()); } if (ROOT_LOGGER.isTraceEnabled()) { ROOT_LOGGER.trace("Using security domain: " + securityDomainName + " for EJB " + ejbComponent.getComponentName()); } return new SecurityDomainInterceptor(securityDomain); } }
private boolean checkCallerSecurityIdentityRole(String roleName) { final SecurityIdentity identity = getCallerSecurityIdentity(); if("**".equals(roleName)) { return !identity.isAnonymous(); } Roles roles = identity.getRoles("ejb", true); if(roles.contains(roleName)) { return true; } if(securityMetaData.getSecurityRoleLinks() != null) { Collection<String> linked = securityMetaData.getSecurityRoleLinks().get(roleName); if(linked != null) { for (String role : roles) { if (linked.contains(role)) { return true; } } } } return false; }
public boolean isCallerInRole(final String roleName) throws IllegalStateException { return utilities.getSecurityManager().isCallerInRole(securityMetaData.getSecurityRoles(), securityMetaData.getSecurityRoleLinks(), roleName); }
securityDomain = component.getSecurityMetaData().getSecurityDomain();
final ServerSecurityManager securityManager = ejbComponent.getSecurityManager(); final EJBSecurityMetaData securityMetaData = ejbComponent.getSecurityMetaData(); final String securityDomain = securityMetaData.getSecurityDomain(); if (securityDomain == null) { throw MESSAGES.invalidSecurityForDomainSet(ejbComponent.getComponentName()); ROOT_LOGGER.trace("Using security domain: " + securityDomain + " for EJB " + ejbComponent.getComponentName()); final String runAs = securityMetaData.getRunAs(); final String runAsPrincipal = securityMetaData.getRunAsPrincipal(); final SecurityRolesMetaData securityRoles = securityMetaData.getSecurityRoles(); Set<String> extraRoles = null; Map<String,Set<String>> principalVsRolesMap = null;
final ModelNode result = context.getResult(); EJBSecurityMetaData md = component.getSecurityMetaData(); if (md != null && md.getSecurityDomain() != null) { result.set(md.getSecurityDomain()); if (md != null && md.getRunAs() != null) { result.set(md.getRunAs()); if (md != null) { result.setEmptyList(); Set<String> roles = md.getDeclaredRoles(); if (roles != null) { for (String role : roles) {
securityDomain = component.getSecurityMetaData().getSecurityDomain();
this.securityMetaData = new EJBSecurityMetaData(componentConfiguration);