private EJBMethodPermission createEjbMethodPermission(Method invokedMethod, EJBComponent ejbComponent, MethodInterfaceType methodIntfType) { return new EJBMethodPermission(ejbComponent.getComponentName(), methodIntfType.name(), invokedMethod); }
@Override public ProtectionDomain run() { if (!securityManager.authorize(ejbComponent.getComponentName(), componentView.getProxyClass().getProtectionDomain().getCodeSource(), methodIntfType.name(), AuthorizationInterceptor.this.viewMethod, AuthorizationInterceptor.this.getMethodRolesAsPrincipals(), AuthorizationInterceptor.this.contextID)) { throw EjbLogger.ROOT_LOGGER.invocationOfMethodNotAllowed(invokedMethod,ejbComponent.getComponentName()); } return null; } });
methodIntfType.name(), this.viewMethod, this.getMethodRolesAsPrincipals(), this.contextID)) { throw EjbLogger.ROOT_LOGGER.invocationOfMethodNotAllowed(invokedMethod,ejbComponent.getComponentName());
final EJBMethodPermission permission = new EJBMethodPermission(description.getEJBName(), methodIdentifier.getName(), interfaceType.name(), methodIdentifier.getParameterTypes());
@Override public Object processInvocation(InterceptorContext context) throws Exception { final Component component = context.getPrivateData(Component.class); if (component instanceof EJBComponent == false) { throw MESSAGES.unexpectedComponent(component,EJBComponent.class); } final Method invokedMethod = context.getMethod(); final ComponentView componentView = context.getPrivateData(ComponentView.class); final String viewClassOfInvokedMethod = componentView.getViewClass().getName(); // shouldn't really happen if the interceptor was setup correctly. But let's be safe and do a check if (!this.viewClassName.equals(viewClassOfInvokedMethod) || !this.viewMethod.equals(invokedMethod)) { throw MESSAGES.failProcessInvocation(this.getClass().getName(), invokedMethod,viewClassOfInvokedMethod, viewMethod, viewClassName); } final EJBComponent ejbComponent = (EJBComponent) component; final ServerSecurityManager securityManager = ejbComponent.getSecurityManager(); final MethodInterfaceType methodIntfType = this.getMethodInterfaceType(componentView.getPrivateData(MethodIntf.class)); // set the JACC contextID before calling the security manager. final String previousContextID = setContextID(this.contextID); try { if (!securityManager.authorize(ejbComponent.getComponentName(), componentView.getProxyClass().getProtectionDomain().getCodeSource(), methodIntfType.name(), this.viewMethod, this.getMethodRolesAsPrincipals(), this.contextID)) throw MESSAGES.invocationOfMethodNotAllowed(invokedMethod,ejbComponent.getComponentName()); } finally { // reset the previous JACC contextID. setContextID(previousContextID); } // successful authorization, let the invocation proceed return context.proceed(); }
final EJBMethodPermission permission = new EJBMethodPermission(description.getEJBName(), methodIdentifier.getName(), interfaceType.name(), methodIdentifier.getParameterTypes());
methodName = null; MethodInterfaceType miType = mmd.getMethodIntf(); String iface = miType != null ? miType.name() : null; EJBMethodPermission p = new EJBMethodPermission(mmd.getEjbName(), methodName, iface, params); if (perm.getUnchecked() != null) methodName = null; MethodInterfaceType miType = mmd.getMethodIntf(); String iface = miType != null ? miType.name() : null; EJBMethodPermission p = new EJBMethodPermission(mmd.getEjbName(), methodName, iface, params); pc.addToExcludedPolicy(p);