[
https://issues.apache.org/jira/browse/GERONIMO-4765?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jürgen Weber updated GERONIMO-4765:
-----------------------------------
Affects Version/s: (was: 2.2)
3.0
2.2.1
> API for Assumed Identity (run-as) support
> -----------------------------------------
>
> Key: GERONIMO-4765
> URL: https://issues.apache.org/jira/browse/GERONIMO-4765
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 2.2.1, 3.0
> Reporter: Jürgen Weber
> Fix For: Wish List
>
>
> To programmatically change the currently active subject, at the moment you
> have to use the following Geronimo-proprietary code:
> ContextManager.registerSubject(subject);
> Callers oldCallers = ContextManager.pushNextCaller(subject);
> try
> {
> // secure code
> }
> finally
> {
> ContextManager.popCallers(oldCallers);
> }
> (see
> http://www.nabble.com/NPE-in-ContextManager.getCurrentContext-ts24645453s134.html)
> There should be a simpler (less Geronimo-dependend code) API analog to
> javax.security.auth.Subject.doAs()
> (http://java.sun.com/javase/6/docs/api/javax/security/auth/Subject.html#doAs%28javax.security.auth.Subject,%20java.security.PrivilegedExceptionAction%29)
> This API itself cannot be used, see
> http://publib.boulder.ibm.com/infocenter/wasinfo/v5r1//index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/rsec_jaasauthor.html
> http://www.nabble.com/security-propagation-from-JAAS-context-to-EJB-question-ts24091806s134.html
> An API for Assumed Identity (run-as) support could be implemented like
> public <T> T doAs(Subject subject, PrivilegedExceptionAction<T> action)
> throws PrivilegedActionException
> {
> T t = null;
> ContextManager.registerSubject(subject);
> Callers oldCallers = ContextManager.pushNextCaller(subject);
> try
> {
> t = action.run();
> }
> catch (Exception e)
> {
> throw new PrivilegedActionException(e);
> }
> finally
> {
> ContextManager.popCallers(oldCallers);
> }
> return t;
> }
> This code could be put into a method of ContextManager or into a new class
> org.apache.geronimo.security.Security.
> This would still create a non-portable dependency to Geronimo in user code.
> You would use it like
> LoginContext lc = new LoginContext("geronimo-admin", handler);
> lc.login();
> Subject subject = lc.getSubject();
> String s = doAs(subject, new PrivilegedExceptionAction<String>()
> {
> public String run() throws Exception
> {
> return null; // secure code
> }
> });
> This would be analogous to similar APIs in Weblogic Server or Websphere AS.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
