private EJBMethodSecurityAttribute mergeExistingRoles(EJBMethodSecurityAttribute ejbMethodSecurityMetaData, final EJBMethodSecurityAttribute existingRoles) { if (existingRoles != null && !existingRoles.getRolesAllowed().isEmpty()) { final Set<String> roles = new HashSet<String>(existingRoles.getRolesAllowed()); roles.addAll(ejbMethodSecurityMetaData.getRolesAllowed()); ejbMethodSecurityMetaData = EJBMethodSecurityAttribute.rolesAllowed(roles); } return ejbMethodSecurityMetaData; } }
/** * <p> * Returns the method roles as a set of {@code Principal} instances. All roles specified in the method-permissions or * via {@code RolesAllowed} for this method are wrapped by a {@code SimplePrincipal}. If the method has been added to * the exclude-list or annotated with {@code DenyAll}, a NOBODY_PRINCIPAL is returned. If the method has been added * to the unchecked list or annotated with {@code PermitAll}, an ANYBODY_PRINCIPAL is returned. * </p> * * @return the constructed set of role principals. */ protected Set<Principal> getMethodRolesAsPrincipals() { Set<Principal> methodRoles = new HashSet<Principal>(); if (this.ejbMethodSecurityMetaData.isDenyAll()) methodRoles.add(NobodyPrincipal.NOBODY_PRINCIPAL); else if (this.ejbMethodSecurityMetaData.isPermitAll()) methodRoles.add(AnybodyPrincipal.ANYBODY_PRINCIPAL); else { for (String role : this.ejbMethodSecurityMetaData.getRolesAllowed()) methodRoles.add(new SimplePrincipal(role)); } return methodRoles; }
rolesAllowed.addAll(attr.getRolesAllowed()); authorizationInterceptor = new JaccInterceptor(viewClassName, viewMethod); } else { authorizationInterceptor = new RolesAllowedInterceptor(ejbMethodSecurityMetaData.getRolesAllowed());
for (String role : ejbMethodSecurityMetaData.getRolesAllowed()) { ejbJaccConfig.addRole(role, permission);
@Override public Set<String> getRolesAllowed() { return att.getRolesAllowed(); } };
@Override public Set<String> getRolesAllowed() { return att.getRolesAllowed(); } };
private EJBMethodSecurityAttribute mergeExistingRoles(EJBMethodSecurityAttribute ejbMethodSecurityMetaData, final EJBMethodSecurityAttribute existingRoles) { if (existingRoles != null && !existingRoles.getRolesAllowed().isEmpty()) { final Set<String> roles = new HashSet<String>(existingRoles.getRolesAllowed()); roles.addAll(ejbMethodSecurityMetaData.getRolesAllowed()); ejbMethodSecurityMetaData = EJBMethodSecurityAttribute.rolesAllowed(roles); } return ejbMethodSecurityMetaData; } }
/** * <p> * Returns the method roles as a set of {@code Principal} instances. All roles specified in the method-permissions or * via {@code RolesAllowed} for this method are wrapped by a {@code SimplePrincipal}. If the method has been added to * the exclude-list or annotated with {@code DenyAll}, a NOBODY_PRINCIPAL is returned. If the method has been added * to the unchecked list or annotated with {@code PermitAll}, a ANYBODY_PRINCIPAL is returned. * </p> * * @return the constructed set of role principals. */ protected Set<Principal> getMethodRolesAsPrincipals() { Set<Principal> methodRoles = new HashSet<Principal>(); if (this.ejbMethodSecurityMetaData.isDenyAll()) methodRoles.add(NobodyPrincipal.NOBODY_PRINCIPAL); else if (this.ejbMethodSecurityMetaData.isPermitAll()) methodRoles.add(AnybodyPrincipal.ANYBODY_PRINCIPAL); else { for (String role : this.ejbMethodSecurityMetaData.getRolesAllowed()) methodRoles.add(new SimplePrincipal(role)); } return methodRoles; }
rolesAllowed.addAll(attr.getRolesAllowed());
for (String role : ejbMethodSecurityMetaData.getRolesAllowed()) { ejbJaccConfig.addRole(role, permission);