private EJBMethodPermission createEjbMethodPermission(Method invokedMethod, EJBComponent ejbComponent, MethodInterfaceType methodIntfType) { return new EJBMethodPermission(ejbComponent.getComponentName(), methodIntfType.name(), invokedMethod); }
private void doPermissionCheckInContext(PermissionCheckEntityInformation entityInformation, PermissibleAction action) { final Policy policy = Policy.getPolicy(); final Principal[] principals = getCallerPrincipals(); final CodeSource codeSource = entityInformation.getEntity().getClass().getProtectionDomain().getCodeSource(); final ProtectionDomain pd = new ProtectionDomain( codeSource, null, null, principals ); // the action is known as 'method name' in JACC final EJBMethodPermission jaccPermission = new EJBMethodPermission( entityInformation.getEntityName(), action.getImpliedActions()[0], null, null ); if ( ! policy.implies( pd, jaccPermission) ) { throw new SecurityException( String.format( "JACC denied permission to [%s.%s] for [%s]", entityInformation.getEntityName(), action.getImpliedActions()[0], join( principals ) ) ); } }
SessionBeanComponentDescription session = SessionBeanComponentDescription.class.cast(ejbComponentDescription); if (session.isStateful()) { EJBMethodPermission p = new EJBMethodPermission(ejbComponentDescription.getEJBName(), "getEJBObject", "Home", null); ejbJaccConfig.addPermit(p);
@Override public void addPermission(GrantedPermission permissionDeclaration) { // todo : do we need to wrap these PolicyConfiguration calls in privileged actions like we do during permission checks? if ( policyConfiguration == null ) { policyConfiguration = locatePolicyConfiguration( contextId ); } for ( String grantedAction : permissionDeclaration.getPermissibleAction().getImpliedActions() ) { final EJBMethodPermission permission = new EJBMethodPermission( permissionDeclaration.getEntityName(), grantedAction, null, // interfaces null // arguments ); log.debugf( "Adding permission [%s] to role [%s]", grantedAction, permissionDeclaration.getRole() ); try { policyConfiguration.addToRole( permissionDeclaration.getRole(), permission ); } catch (PolicyContextException pce) { throw new HibernateException( "policy context exception occurred", pce ); } } }
final EJBMethodPermission permission = new EJBMethodPermission(description.getEJBName(), methodIdentifier.getName(), interfaceType.name(), methodIdentifier.getParameterTypes());
public void addPermission(String role, String entityName, String action) { EJBMethodPermission permission = new EJBMethodPermission(entityName, action); if ( log.isDebugEnabled() ) { log.debug("adding permission to role " + role + ": " + permission); } try { policyConfiguration.addToRole(role, permission); } catch (PolicyContextException pce) { throw new HibernateException("policy context exception occurred", pce); } }
public boolean onPreUpdate(PreUpdateEvent event) { EJBMethodPermission updatePermission = new EJBMethodPermission( event.getPersister().getEntityName(), HibernatePermission.UPDATE, null, null ); JACCPermissions.checkPermission( event.getEntity().getClass(), contextID, updatePermission ); return false; }
public boolean onPreDelete(PreDeleteEvent event) { EJBMethodPermission deletePermission = new EJBMethodPermission( event.getPersister().getEntityName(), HibernatePermission.DELETE, null, null ); JACCPermissions.checkPermission( event.getEntity().getClass(), contextID, deletePermission ); return false; }
public void onPreLoad(PreLoadEvent event) { final EJBMethodPermission loadPermission = new EJBMethodPermission( event.getPersister().getEntityName(), HibernatePermission.READ, null, null ); JACCPermissions.checkPermission( event.getEntity().getClass(), contextId, loadPermission ); } }
public void onPreLoad(PreLoadEvent event) { EJBMethodPermission loadPermission = new EJBMethodPermission( event.getPersister().getEntityName(), HibernatePermission.READ, null, null ); JACCPermissions.checkPermission( event.getEntity().getClass(), contextID, loadPermission ); }
public boolean onPreDelete(PreDeleteEvent event) { final EJBMethodPermission deletePermission = new EJBMethodPermission( event.getPersister().getEntityName(), HibernatePermission.DELETE, null, null ); JACCPermissions.checkPermission( event.getEntity().getClass(), contextId, deletePermission ); return false; }
public boolean onPreInsert(PreInsertEvent event) { final EJBMethodPermission insertPermission = new EJBMethodPermission( event.getPersister().getEntityName(), HibernatePermission.INSERT, null, null ); JACCPermissions.checkPermission( event.getEntity().getClass(), contextId, insertPermission ); return false; } }
public boolean onPreUpdate(PreUpdateEvent event) { final EJBMethodPermission updatePermission = new EJBMethodPermission( event.getPersister().getEntityName(), HibernatePermission.UPDATE, null, null ); JACCPermissions.checkPermission( event.getEntity().getClass(), contextId, updatePermission ); return false; } }
public boolean onPreDelete(PreDeleteEvent event) { final EJBMethodPermission deletePermission = new EJBMethodPermission( event.getPersister().getEntityName(), HibernatePermission.DELETE, null, null ); JACCPermissions.checkPermission( event.getEntity().getClass(), contextId, deletePermission ); return false; }
public boolean onPreInsert(PreInsertEvent event) { EJBMethodPermission insertPermission = new EJBMethodPermission( event.getPersister().getEntityName(), HibernatePermission.INSERT, null, null ); JACCPermissions.checkPermission( event.getEntity().getClass(), contextID, insertPermission ); return false; }
public boolean onPreInsert(PreInsertEvent event) { final EJBMethodPermission insertPermission = new EJBMethodPermission( event.getPersister().getEntityName(), HibernatePermission.INSERT, null, null ); JACCPermissions.checkPermission( event.getEntity().getClass(), contextId, insertPermission ); return false; } }
public boolean onPreUpdate(PreUpdateEvent event) { EJBMethodPermission updatePermission = new EJBMethodPermission( event.getPersister().getEntityName(), HibernatePermission.UPDATE ); log.debug( "checking update permission on: " + updatePermission.getName() ); AccessController.checkPermission(updatePermission); return super.onPreUpdate(event); } }
public void onPreLoad(PreLoadEvent event) { EJBMethodPermission loadPermission = new EJBMethodPermission( event.getPersister().getEntityName(), HibernatePermission.READ ); log.debug( "checking load permission on: " + loadPermission.getName() ); AccessController.checkPermission(loadPermission); super.onPreLoad(event); } }
public boolean onPreDelete(PreDeleteEvent event) { EJBMethodPermission deletePermission = new EJBMethodPermission( event.getPersister().getEntityName(), HibernatePermission.DELETE ); log.debug( "checking delete permission on: " + deletePermission.getName() ); AccessController.checkPermission(deletePermission); return super.onPreDelete(event); } }
public boolean onPreInsert(PreInsertEvent event) { EJBMethodPermission insertPermission = new EJBMethodPermission( event.getPersister().getEntityName(), HibernatePermission.INSERT ); log.debug( "checking insert permission on: " + insertPermission.getName() ); AccessController.checkPermission(insertPermission); return super.onPreInsert(event); } }