/** * Generate the JSR 115 policy file for a web application, bundled * within a ear or deployed as a standalone war file. * * Implementation note: If the generated file doesn't contains * all the permission, the role mapper is probably broken. */ protected void configureSecurity(WebBundleDescriptor wbd, boolean isSystem) { try { webSecurityManagerFactory.createManager(wbd,true, serverContext); String context = WebSecurityManager.getContextID(wbd); SecurityUtil.generatePolicyFile(context); if (isSystem && context.equals("__admingui/__admingui")) { websecurityProbeProvider.policyCreationEvent(context); } } catch (Exception ce) { _logger.log(Level.SEVERE, "policy.configure", ce); throw new RuntimeException(ce); } }
WebSecurityManager(WebBundleDescriptor wbd, ServerContext svc, WebSecurityManagerFactory fact, boolean register) throws PolicyContextException{ this.register = register; this.wbd = wbd; this.CONTEXT_ID = getContextID(wbd); this.serverContext = svc; this.wsmf = fact; String appname = getAppId(); //factory = SecurityRoleMapperFactoryGen.getSecurityRoleMapperFactory(); postConstruct(); initialise(appname); }
WebSecurityManager(WebBundleDescriptor wbd, ServerContext svc, WebSecurityManagerFactory fact) throws PolicyContextException { this.wbd = wbd; this.CONTEXT_ID = getContextID(wbd); this.serverContext = svc; this.wsmf = fact; String appname = getAppId(); // factory = SecurityRoleMapperFactoryGen.getSecurityRoleMapperFactory(); postConstruct(); initialise(appname); }
WebSecurityManager(WebBundleDescriptor wbd, ServerContext svc, WebSecurityManagerFactory fact, boolean register) throws PolicyContextException{ this.register = register; this.wbd = wbd; this.CONTEXT_ID = getContextID(wbd); this.serverContext = svc; this.wsmf = fact; String appname = getAppId(); //factory = SecurityRoleMapperFactoryGen.getSecurityRoleMapperFactory(); postConstruct(); initialise(appname); }
WebSecurityManager(WebBundleDescriptor wbd, ServerContext svc, WebSecurityManagerFactory fact) throws PolicyContextException { this.wbd = wbd; this.CONTEXT_ID = getContextID(wbd); this.serverContext = svc; this.wsmf = fact; String appname = getAppId(); // factory = SecurityRoleMapperFactoryGen.getSecurityRoleMapperFactory(); postConstruct(); initialise(appname); }
private void generatePolicy(WebBundleDescriptor wbd) { String name = null; ClassLoader oldTcc = Thread.currentThread().getContextClassLoader(); try { //TODO: workaround here. Once fixed in V3 we should be able to use //Context ClassLoader instead. ClassLoaderHierarchy hierarchy = habitat.getComponent(ClassLoaderHierarchy.class); ClassLoader tcc = hierarchy.getCommonClassLoader(); Thread.currentThread().setContextClassLoader(tcc); policyLoader.loadPolicy(); WebSecurityManagerFactory wsmf =habitat.getComponent(WebSecurityManagerFactory.class); // this should create all permissions wsmf.createManager(wbd,true,serverContext); // for an application the securityRoleMapper should already be // created. I am just creating the web permissions and handing // it to the security component. name = WebSecurityManager.getContextID(wbd); SecurityUtil.generatePolicyFile(name); websecurityProbeProvider.policyCreationEvent(name); } catch (IASSecurityException se) { String msg = "Error in generating security policy for " + name; throw new RuntimeException(msg, se); } finally { Thread.currentThread().setContextClassLoader(oldTcc); } }
CONTEXT_ID = WebSecurityManager.getContextID(webDesc); runAsPrincipals = new HashMap<String, String>(); Iterator bundle = webDesc.getWebComponentDescriptors().iterator();
String policyContextId = WebSecurityManager.getContextID(webBundle); map.put(HttpServletConstants.POLICY_CONTEXT, policyContextId);
String policyContextId = WebSecurityManager.getContextID(webBundle); map.put(HttpServletConstants.POLICY_CONTEXT, policyContextId);
public WebSecurityManager createManager(WebBundleDescriptor wbd, boolean register, ServerContext context) { String ctxId = WebSecurityManager.getContextID(wbd); WebSecurityManager manager = null; if (register) { manager = getManager(ctxId, null,false); } if (manager == null || !register) { try { probeProvider.securityManagerCreationStartedEvent(wbd.getModuleID()); manager = new WebSecurityManager(wbd, context, this, register); probeProvider.securityManagerCreationEndedEvent(wbd.getModuleID()); if (register) { String appName = wbd.getApplication().getRegistrationName(); addManagerToApp(ctxId, null, appName, manager); probeProvider.securityManagerCreationEvent(ctxId); } } catch (javax.security.jacc.PolicyContextException e) { logger.log(Level.FINE, "[Web-Security] FATAL Exception. Unable to create WebSecurityManager: " + e.getMessage()); throw new RuntimeException(e); } } return manager; } }
public WebSecurityManager createManager(WebBundleDescriptor wbd, boolean register, ServerContext context) { String ctxId = WebSecurityManager.getContextID(wbd); WebSecurityManager manager = null; if (register) { manager = getManager(ctxId, null,false); } if (manager == null || !register) { try { probeProvider.securityManagerCreationStartedEvent(wbd.getModuleID()); manager = new WebSecurityManager(wbd, context, this, register); probeProvider.securityManagerCreationEndedEvent(wbd.getModuleID()); if (register) { String appName = wbd.getApplication().getRegistrationName(); addManagerToApp(ctxId, null, appName, manager); probeProvider.securityManagerCreationEvent(ctxId); } } catch (javax.security.jacc.PolicyContextException e) { logger.log(Level.FINE, "[Web-Security] FATAL Exception. Unable to create WebSecurityManager: " + e.getMessage()); throw new RuntimeException(e); } } return manager; } }