Refine search
private PolicyConfiguration locatePolicyConfiguration(String contextId) { try { return PolicyConfigurationFactory .getPolicyConfigurationFactory() .getPolicyConfiguration( contextId, false ); } catch (Exception e) { throw new IntegrationException( "Unable to access JACC PolicyConfiguration" ); } }
/** {@inheritDoc} */ @Override public void stop(StopContext context) { try { PolicyConfigurationFactory pcf = PolicyConfigurationFactory.getPolicyConfigurationFactory(); synchronized (pcf) { // synchronize on the factory policyConfiguration = pcf.getPolicyConfiguration(contextId, false); policyConfiguration.delete(); } } catch (Exception e) { SecurityLogger.ROOT_LOGGER.errorDeletingJACCPolicy(e); } policyConfiguration = null; }
public void install(PolicyContext policyContext) throws OpenEJBException { try { PolicyConfigurationFactory factory = PolicyConfigurationFactory.getPolicyConfigurationFactory(); PolicyConfiguration policy = factory.getPolicyConfiguration(policyContext.getContextID(), false); policy.addToExcludedPolicy(policyContext.getExcludedPermissions()); policy.addToUncheckedPolicy(policyContext.getUncheckedPermissions()); for (Map.Entry<String, PermissionCollection> entry : policyContext.getRolePermissions().entrySet()) { policy.addToRole(entry.getKey(), entry.getValue()); } policy.commit(); } catch (ClassNotFoundException e) { throw new OpenEJBException("PolicyConfigurationFactory class not found", e); } catch (PolicyContextException e) { throw new OpenEJBException("JACC PolicyConfiguration failed: ContextId=" + policyContext.getContextID(), e); } }
PolicyConfigurationFactory pcf = getPolicyConfigurationFactory(); synchronized (pcf) { // synchronize on the factory policyConfiguration = pcf.getPolicyConfiguration(contextId, false); if (metaData != null) { createPermissions(metaData, policyConfiguration); PolicyConfiguration parent = parentPolicy.getValue(); if (parent != null) { parent = pcf.getPolicyConfiguration(parent.getContextID(), false); parent.linkConfiguration(policyConfiguration); policyConfiguration.commit(); parent.commit(); } else {
/** * JBAS-5935: The dynamic web application generated by the JBossWS * does not go through the war security deployer. Hence the JACC * permissions are not created. There is a need to explicitly create * the war jacc permissions. * @param depName * @param jbwmd * @throws Exception */ protected void generateJACCPermissions(String depName, JBossWebMetaData jbwmd) throws Exception { PolicyConfigurationFactory policyConfigurationFactory = PolicyConfigurationFactory.getPolicyConfigurationFactory(); PolicyConfiguration policyConfiguration = policyConfigurationFactory.getPolicyConfiguration(depName, false); WebPermissionMapping.createPermissions(jbwmd, policyConfiguration); policyConfiguration.commit(); } }
PolicyConfigurationFactory pcFactory = PolicyConfigurationFactory.getPolicyConfigurationFactory(); PolicyConfiguration pc = pcFactory.getPolicyConfiguration(contextID, false); Class clazz = con.getHomeClass(); if (pc.inService() == false) pc.commit();
private PolicyConfigurationFactory getPolicyConfigurationFactory() throws ModuleLoadException, ClassNotFoundException, PolicyContextException { String module = WildFlySecurityManager.getPropertyPrivileged(JACC_MODULE, null); final ClassLoader originalClassLoader; final ClassLoader jaccClassLoader; if (module != null) { jaccClassLoader = SecurityActions.getModuleClassLoader(module); originalClassLoader = SecurityActions.setThreadContextClassLoader(jaccClassLoader); } else { jaccClassLoader = null; originalClassLoader = null; } try { return PolicyConfigurationFactory.getPolicyConfigurationFactory(); } finally { if (originalClassLoader != null) { SecurityActions.setThreadContextClassLoader(originalClassLoader); } } }
PolicyConfigurationFactory.getPolicyConfigurationFactory(). inService(name); if (!inService) { PolicyConfigurationFactory.getPolicyConfigurationFactory(); PolicyConfiguration pc = pcf.getPolicyConfiguration(name, false); pc.commit(); if (_logger.isLoggable(Level.FINE)){ _logger.fine("JACC: committed policy for context: "+name);
getPolicyFactory().getPolicyConfiguration(pcid, false); pc.addToUncheckedPolicy(uncheckedPermissions); pc.addToExcludedPolicy(excludedPermissions); pc.addToRole((String) entry.getKey(), (Permissions) entry.getValue());
PolicyConfigurationFactory.getPolicyConfigurationFactory(). inService(name); PolicyConfigurationFactory.getPolicyConfigurationFactory(). getPolicyConfiguration(name, false); pc.delete();
PolicyConfigurationFactory pcf = PolicyConfigurationFactory.getPolicyConfigurationFactory(); boolean inService = pcf.inService(name); pcf.getPolicyConfiguration(name, false); PolicyConfiguration linkPc = pcf.getPolicyConfiguration(linkName, false); pc.linkConfiguration(linkPc);
public void loadPolicyConfiguration() throws PolicyContextException { boolean inService = getPolicyFactory().inService(CONTEXT_ID); // only regenerate policy file if it isn't already in service // Consequently all things that deploy modules (as apposed to // loading already deployed modules) must make sure pre-exiting // pc is either in deleted or open state before this method // (i.e. initialise) is called. That is, before constructing // the WebSecurityManager. Note that policy statements are not // removed to allow multiple web modules to be represented by same pc. if (!inService) { pc = getPolicyFactory().getPolicyConfiguration(CONTEXT_ID,false); try{ WebPermissionUtil.processConstraints(wbd, pc); WebPermissionUtil.createWebRoleRefPermission(wbd, pc); } catch (PolicyContextException pce){ logger.log(Level.FINE,"[Web-Security] FATAL Permission Generation: " + pce.getMessage()); throw pce; } } }
/** * Commit policy context IDs of the given list. * @param ctxIDs list of context ID to commit. * @throws DeployerException if the policy objects cannot be committed. */ private void commitPolicyObjects(final List ctxIDs) throws DeployerException { String ctxId = null; try { // commit the policy configuration objects for (Iterator itCtxId = ctxIDs.iterator(); itCtxId.hasNext();) { ctxId = (String) itCtxId.next(); PolicyConfiguration pc = getPolicyConfigurationFactory().getPolicyConfiguration(ctxId, false); pc.commit(); } } catch (PolicyContextException pce) { throw new DeployerException("Cannot commit policy configuration with Id '" + ctxId + "'", pce); } // refresh policy Policy.getPolicy().refresh(); }
getPolicyFactory().getPolicyConfiguration(pcid, false); assert pc != null; if (pc != null) { String rolelink = roleRef.getSecurityRoleLink().getName(); pc.addToRole(rolelink, ejbrr);
/** * This method is used to obtain an instance of the provider specific * class that implements the PolicyConfiguration interface that corresponds * to the identified policy context within the provider. * @param contextID A String identifying the policy context whose * PolicyConfiguration interface is to be returned. The value passed * to this parameter must not be null. * @param remove A boolean value that establishes whether or not the policy * statements of an existing policy context are to be removed before * its PolicyConfiguration object is returned. If the value passed to * this parameter is true, the policy statements of an existing * policy context will be removed. If the value is false, * they will not be removed. * @return an Object that implements the PolicyConfiguration Interface * matched to the Policy provider and corresponding to the * identified policy context. * @throws SecurityException when called by an AccessControlContext that * has not been granted the "setPolicy" SecurityPermission. * @throws PolicyContextException if the implementation throws a checked * exception that has not been accounted for by the * getPolicyConfiguration method signature. The exception thrown * by the implementation class will be encapsulated * (during construction) in the thrown PolicyContextException. */ public PolicyConfiguration getPolicyConfiguration(String contextID, boolean remove) throws PolicyContextException, SecurityException { return policyConfigurationFactory.getPolicyConfiguration(contextID, remove); }
/** * Link policy configuration objects of EJB and Web Component. * @param earDeployable the EAR that contains the EJB files * @throws DeployerException if the policy objects can't be linked */ private void linkPolicyObjects(final EARDeployable earDeployable) throws DeployerException { // Add context ID of EJB and Web components List<String> ctxIDs = new LinkedList<String>(); // Get contextID of EJB addEjbContextIdToList(earDeployable, ctxIDs, false); // Now for WebApp addWebBContextIdToList(earDeployable, ctxIDs, true); try { // Now link the policy configuration objects for (Iterator itCtxId = ctxIDs.iterator(); itCtxId.hasNext();) { String toBeLinkedCtxId = (String) itCtxId.next(); PolicyConfiguration toBeLinkedPC = getPolicyConfigurationFactory().getPolicyConfiguration(toBeLinkedCtxId, false); for (Iterator linkCId = ctxIDs.iterator(); linkCId.hasNext();) { String linkedCtxId = (String) linkCId.next(); if (!toBeLinkedCtxId.equals(linkedCtxId)) { PolicyConfiguration linkedPC = getPolicyConfigurationFactory().getPolicyConfiguration(linkedCtxId, false); toBeLinkedPC.linkConfiguration(linkedPC); } } } } catch (PolicyContextException pce) { throw new DeployerException("Cannot retrieve a policy configuration", pce); } }
/** * This method determines if the identified policy context exists * with state "inService" in the Policy provider associated with * the factory. * @param contextID A string identifying a policy context * @return true if the identified policy context exists within * the provider and its state is "inService", false otherwise. * @throws SecurityException when called by an AccessControlContext * that has not been granted the "setPolicy" SecurityPermission. * @throws PolicyContextException if the implementation throws a checked * exception that has not been accounted for by the inService * method signature. The exception thrown by the implementation * class will be encapsulated (during construction) in the thrown * PolicyContextException. */ public boolean inService(String contextID) throws PolicyContextException, SecurityException { return policyConfigurationFactory.inService(contextID); }
public void install(final PolicyContext policyContext) throws OpenEJBException { if (SystemInstance.get().hasProperty("openejb.geronimo")) { return; } try { final PolicyConfigurationFactory factory = PolicyConfigurationFactory.getPolicyConfigurationFactory(); final PolicyConfiguration policy = factory.getPolicyConfiguration(policyContext.getContextID(), false); policy.addToExcludedPolicy(policyContext.getExcludedPermissions()); policy.addToUncheckedPolicy(policyContext.getUncheckedPermissions()); for (final Map.Entry<String, PermissionCollection> entry : policyContext.getRolePermissions().entrySet()) { policy.addToRole(entry.getKey(), entry.getValue()); } policy.commit(); } catch (final ClassNotFoundException e) { throw new OpenEJBException("PolicyConfigurationFactory class not found", e); } catch (final PolicyContextException e) { throw new OpenEJBException("JACC PolicyConfiguration failed: ContextId=" + policyContext.getContextID(), e); } }
PolicyConfigurationFactory policyConfigurationFactory = PolicyConfigurationFactory.getPolicyConfigurationFactory(); PolicyConfiguration pcChild = policyConfigurationFactory.getPolicyConfiguration(jaccContextIdChild, false); if(pcChild != null) parentPC.linkConfiguration(pcChild); pcChild.commit(); parentPC.commit();
/** * JBAS-5935: The dynamic web application generated by the JBossWS * does not go through the war security deployer. Hence the JACC * permissions are not created. There is a need to explicitly create * the war jacc permissions. * @param depName * @param jbwmd * @throws Exception */ protected void generateJACCPermissions(String depName, JBossWebMetaData jbwmd) throws Exception { PolicyConfigurationFactory policyConfigurationFactory = PolicyConfigurationFactory.getPolicyConfigurationFactory(); PolicyConfiguration policyConfiguration = policyConfigurationFactory.getPolicyConfiguration(depName, false); WebPermissionMapping.createPermissions(jbwmd, policyConfiguration); policyConfiguration.commit(); } }