/** * Authorize the Resource * @param resource * @return AuthorizationContext.PERMIT or AuthorizationContext.DENY * @throws AuthorizationException */ public int authorize(final Resource resource) throws AuthorizationException { return this.authorize(resource, this.authenticatedSubject, (RoleGroup) resource.getMap().get( ResourceKeys.SECURITY_CONTEXT_ROLES)); }
public Class<?> run() throws PrivilegedActionException { try { return getContextClassLoader().loadClass(name); } catch ( Exception e) { throw new PrivilegedActionException(e); } } });
private int internalAuthorization(final Resource resource, Subject subject, RoleGroup role) throws AuthorizationException { lock.lock(); try { if(this.authorizationContext == null) this.authorizationContext = new JBossAuthorizationContext(this.securityDomain); return this.authorizationContext.authorize(resource, subject, role); } finally { lock.unlock(); } }
private void initializeModules(Resource resource, RoleGroup role) throws PrivilegedActionException { AuthorizationInfo authzInfo = getAuthorizationInfo(securityDomainName, resource); if(authzInfo == null) throw new IllegalStateException("Authorization Info is null"); AuthorizationModuleEntry[] entries = authzInfo.getAuthorizationModuleEntry(); int len = entries != null ? entries.length : 0; for(int i = 0 ; i < len; i++) { AuthorizationModuleEntry entry = entries[i]; ControlFlag flag = entry.getControlFlag(); if(flag == null) { if(trace) log.trace("Null Control flag for entry:"+entry+". Defaults to REQUIRED!"); flag = ControlFlag.REQUIRED; } else if(trace) log.trace("Control flag for entry:"+entry+"is:["+flag+"]"); this.controlFlags.add(flag); modules.add(instantiateModule(entry.getPolicyModuleName(), entry.getOptions(), role)); } }
initializeModules(resource, callerRoles); if(trace) log.trace("Error in authorize:", exc); invokeAbort(); throw ((AuthorizationException)exc);
return getAuthorizationInfo(layer); else return aPolicy.getAuthorizationInfo();
String msg = getAdditionalErrorMessage(moduleException); if(encounteredRequiredError) throw new AuthorizationException("Authorization Failed:"+ msg);
private void initializeModules(Resource resource, RoleGroup role, List<AuthorizationModule> modules, List<ControlFlag> controlFlags) throws PrivilegedActionException AuthorizationInfo authzInfo = getAuthorizationInfo(securityDomainName, resource); if (authzInfo == null) throw PicketBoxMessages.MESSAGES.failedToObtainAuthorizationInfo(securityDomainName); AuthorizationModule module = instantiateModule(moduleCL, entry.getPolicyModuleName(), entry.getOptions(), role); modules.add(module);
initializeModules(resource, callerRoles, modules, controlFlags); invokeAbort( modules, controlFlags ); throw ((AuthorizationException) exc);
public Class<?> run() throws PrivilegedActionException { try { return getContextClassLoader().loadClass(name); } catch ( Exception e) { throw new PrivilegedActionException(e); } } });
/** * Authorize the Resource * @param resource * @return AuthorizationContext.PERMIT or AuthorizationContext.DENY * @throws AuthorizationException */ public int authorize(final Resource resource) throws AuthorizationException { return this.authorize(resource, this.authenticatedSubject, (RoleGroup)resource.getMap().get(ResourceKeys.SECURITY_CONTEXT_ROLES)); }
private int internalAuthorization(final Resource resource, Subject subject, RoleGroup role) throws AuthorizationException { if(this.authorizationContext == null) this.setAuthorizationContext( new JBossAuthorizationContext(this.securityDomain) ); return this.authorizationContext.authorize(resource, subject, role); }
private AuthorizationInfo getAuthorizationInfo(String domainName, Resource resource) { ResourceType layer = resource.getLayer(); //Check if an instance of ApplicationPolicy is available if (this.applicationPolicy != null) return applicationPolicy.getAuthorizationInfo(); ApplicationPolicy aPolicy = SecurityConfiguration.getApplicationPolicy(domainName); if (aPolicy == null) { if (layer == ResourceType.EJB) aPolicy = SecurityConfiguration.getApplicationPolicy(EJB); else if (layer == ResourceType.WEB) aPolicy = SecurityConfiguration.getApplicationPolicy(WEB); } if (aPolicy == null) throw PicketBoxMessages.MESSAGES.failedToObtainApplicationPolicy(domainName); AuthorizationInfo ai = aPolicy.getAuthorizationInfo(); if (ai == null) return getAuthorizationInfo(layer); else return aPolicy.getAuthorizationInfo(); }
String msg = getAdditionalErrorMessage(moduleException); if (encounteredRequiredError) throw new AuthorizationException(PicketBoxMessages.MESSAGES.authorizationFailedMessage() + msg);
private AuthorizationModule instantiateModule(String name, Map<String,Object> map, RoleGroup subjectRoles) throws PrivilegedActionException { AuthorizationModule am = null; ClassLoader tcl = SecurityActions.getContextClassLoader(); try { Class<?> clazz = tcl.loadClass(name); am = (AuthorizationModule)clazz.newInstance(); } catch ( Exception e) { log.debug("Error instantiating AuthorizationModule:",e); } if(am == null) throw new IllegalStateException("AuthorizationModule has not " + "been instantiated"); am.initialize(this.authenticatedSubject, this.callbackHandler, this.sharedState,map, subjectRoles); return am; }
ClassLoader tcl = SecurityActions.getContextClassLoader(); clazz = tcl.loadClass(name);