/** * write the security identity information about an EJB * * @param parent node for the DOM tree * @param the EJB descriptor the security information to be retrieved */ protected void writeSecurityIdentityDescriptor(Node parent, EjbDescriptor descriptor) { if (!descriptor.getUsesCallerIdentity() && descriptor.getRunAsIdentity()==null) return; SecurityIdentityNode node = new SecurityIdentityNode(); node.writeDescriptor(parent, EjbTagNames.SECURITY_IDENTITY, descriptor); }
/** * write the descriptor class to a DOM tree and return it * * @param parent node in the DOM tree * @param node name for the root element for this DOM tree fragment * @param the descriptor to write * @return the DOM tree top node */ public Node writeDescriptor(Node parent, String nodeName, EjbDescriptor descriptor) { Node subNode = appendChild(parent, nodeName); appendTextChild(subNode, EjbTagNames.DESCRIPTION, descriptor.getSecurityIdentityDescription()); if (descriptor.getUsesCallerIdentity()) { Node useCaller = subNode.getOwnerDocument().createElement(EjbTagNames.USE_CALLER_IDENTITY); subNode.appendChild(useCaller); } else { RunAsNode runAs = new RunAsNode(); runAs.writeDescriptor(subNode, EjbTagNames.RUNAS_SPECIFIED_IDENTITY, descriptor.getRunAsIdentity()); } return subNode; } }
RunAsIdentityDescriptor runas = ejb.getRunAsIdentity(); if (runas == null) { logger.finest(" (ejb does not use caller "+
RunAsIdentityDescriptor runas = ejb.getRunAsIdentity(); if (runas == null) { logger.finest(" (ejb does not use caller "+
/** * This method iniitalizes the EJBSecurityManager */ public EJBSecurityManager(EjbDescriptor ejbDescriptor, InvocationManager invMgr, EJBSecurityManagerFactory fact) throws Exception { this.deploymentDescriptor = (EjbDescriptor) ejbDescriptor; this.invMgr = invMgr; roleMapperFactory = Globals.get(SecurityRoleMapperFactory.class); // get the default policy policy = Policy.getPolicy(); ejbSFM = fact; boolean runas = !(deploymentDescriptor.getUsesCallerIdentity()); if (runas) { runAs = deploymentDescriptor.getRunAsIdentity(); // Note: runAs may be null even when runas==true if this EJB // is an MDB. if (runAs != null) { if (_logger.isLoggable(Level.FINE)) { _logger.log(Level.FINE, deploymentDescriptor.getEjbClassName() + " will run-as: " + runAs.getPrincipal() + " (" + runAs.getRoleName() + ")"); } } } else { runAs = null; } initialize(); }
/** * visits an ejb descriptor * @param ejb descriptor */ public void accept(EjbDescriptor ejb) { DOLUtils.getDefaultLogger().info("=================="); DOLUtils.getDefaultLogger().info(ejb.getType() + " Bean " + ejb.getName()); DOLUtils.getDefaultLogger().info("\thomeClassName " + ejb.getHomeClassName()); DOLUtils.getDefaultLogger().info("\tremoteClassName " + ejb.getRemoteClassName()); DOLUtils.getDefaultLogger().info("\tlocalhomeClassName " +ejb.getLocalHomeClassName()); DOLUtils.getDefaultLogger().info("\tlocalClassName " + ejb.getLocalClassName()); DOLUtils.getDefaultLogger().info("\tremoteBusinessIntfs " + ejb.getRemoteBusinessClassNames()); DOLUtils.getDefaultLogger().info("\tlocalBusinessIntfs " + ejb.getLocalBusinessClassNames()); DOLUtils.getDefaultLogger().info("\tjndiName " + ejb.getJndiName()); DOLUtils.getDefaultLogger().info("\tejbClassName " + ejb.getEjbClassName()); DOLUtils.getDefaultLogger().info("\ttransactionType " + ejb.getTransactionType()); if (ejb.getUsesCallerIdentity() == false) { DOLUtils.getDefaultLogger().info("\trun-as role " + ejb.getRunAsIdentity()); } else { DOLUtils.getDefaultLogger().info("\tuse-caller-identity " + ejb.getUsesCallerIdentity()); } }
/** * Set runtime default value for EjbDescriptor. */ private void computeRuntimeDefault(EjbDescriptor ejb) { String intfName = null; if ((ejb.getJndiName() == null) || (ejb.getJndiName().length() == 0)) { if (ejb.isRemoteInterfacesSupported() && ejb.isRemoteBusinessInterfacesSupported()) { // can't use a default. } else if (ejb.isRemoteInterfacesSupported()) { // For 2.x view, use the Home as the basis for the default intfName = ejb.getHomeClassName(); } else if (ejb.isRemoteBusinessInterfacesSupported()) { Set<String> classNames = ejb.getRemoteBusinessClassNames(); if (classNames.size() == 1) { intfName = (String)classNames.iterator().next(); } } } if( intfName != null ) { String jndiName = getDefaultEjbJndiName(intfName); ejb.setJndiName(jndiName); } if (!ejb.getUsesCallerIdentity()) { computeRunAsPrincipalDefault( ejb.getRunAsIdentity(), ejb.getApplication()); } }
&& descriptor.getRunAsIdentity() != null) { descriptor.getRunAsIdentity().setPrincipal(value);
protected HandlerProcessingResult processAnnotation(AnnotationInfo ainfo, EjbContext[] ejbContexts) throws AnnotationProcessorException { RunAs runAsAn = (RunAs)ainfo.getAnnotation(); for (EjbContext ejbContext : ejbContexts) { EjbDescriptor ejbDesc = ejbContext.getDescriptor(); // override by xml if (ejbDesc.getUsesCallerIdentity() != null) { continue; } String roleName = runAsAn.value(); Role role = new Role(roleName); // add Role if not exists ejbDesc.getEjbBundleDescriptor().addRole(role); RunAsIdentityDescriptor runAsDesc = new RunAsIdentityDescriptor(); runAsDesc.setRoleName(roleName); ejbDesc.setUsesCallerIdentity(false); if (ejbDesc.getRunAsIdentity() == null) { ejbDesc.setRunAsIdentity(runAsDesc); } } return getDefaultProcessedResult(); }
protected HandlerProcessingResult processAnnotation(AnnotationInfo ainfo, EjbContext[] ejbContexts) throws AnnotationProcessorException { RunAs runAsAn = (RunAs)ainfo.getAnnotation(); for (EjbContext ejbContext : ejbContexts) { EjbDescriptor ejbDesc = ejbContext.getDescriptor(); // override by xml if (ejbDesc.getUsesCallerIdentity() != null) { continue; } String roleName = runAsAn.value(); Role role = new Role(roleName); // add Role if not exists ejbDesc.getEjbBundleDescriptor().addRole(role); RunAsIdentityDescriptor runAsDesc = new RunAsIdentityDescriptor(); runAsDesc.setRoleName(roleName); ejbDesc.setUsesCallerIdentity(false); if (ejbDesc.getRunAsIdentity() == null) { ejbDesc.setRunAsIdentity(runAsDesc); } } return getDefaultProcessedResult(); }
RunAsIdentityDescriptor raid = ejbDescriptor.getRunAsIdentity(); if ( raid != null && raid.getPrincipal() != null ) { Node principalNode = appendChild(ejbNode, RuntimeTagNames.PRINCIPAL);