User: oconnor
Date: 00/08/06 14:35:59
Modified: src/main/org/jboss/ejb Container.java ContainerFactory.java
MethodInvocation.java
Log:
Changes to introduce a skeleton security system.
Revision Changes Path
1.20 +180 -2 jboss/src/main/org/jboss/ejb/Container.java
Index: Container.java
===================================================================
RCS file: /products/cvs/ejboss/jboss/src/main/org/jboss/ejb/Container.java,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- Container.java 2000/07/06 20:36:45 1.19
+++ Container.java 2000/08/06 21:35:59 1.20
@@ -13,6 +13,11 @@
import java.util.Map;
import java.util.Iterator;
import java.util.Hashtable;
+import java.util.HashMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.Collection;
+import java.util.Enumeration;
import javax.ejb.Handle;
import javax.ejb.HomeHandle;
@@ -34,6 +39,10 @@
import javax.transaction.TransactionManager;
import javax.sql.DataSource;
+import javax.swing.tree.TreeModel;
+import javax.swing.tree.DefaultMutableTreeNode;
+import javax.swing.JCheckBox;
+
import org.jboss.ejb.deployment.jBossEnterpriseBean;
import com.dreambean.ejx.ejb.EnvironmentEntry;
import org.jboss.ejb.deployment.jBossEjbJar;
@@ -45,11 +54,16 @@
import org.jboss.ejb.deployment.URLResource;
import org.jboss.logging.Logger;
import org.jboss.metadata.BeanMetaData;
+import org.jboss.system.EJBSecurityManager;
+import org.jboss.system.RealmMapping;
import org.jnp.interfaces.Naming;
import org.jnp.interfaces.java.javaURLContextFactory;
import org.jnp.server.NamingServer;
+import com.dreambean.ejx.ejb.AssemblyDescriptor;
+import com.dreambean.ejx.ejb.MethodPermission;
+
/**
* This is the base class for all EJB-containers in jBoss. A Container
* functions as the central hub of all metadata and plugins. Through this
@@ -64,7 +78,7 @@
* @see ContainerFactory
* @author Rickard �berg ([EMAIL PROTECTED])
* @author <a href="[EMAIL PROTECTED]">Marc Fleury</a>
- * @version $Revision: 1.19 $
+ * @version $Revision: 1.20 $
*/
public abstract class Container
{
@@ -82,6 +96,9 @@
// This is the jBoss-specific metadata. Note that it extends the generic EJB
1.1 class from EJX
protected jBossEnterpriseBean metaData;
+ // This is the assembly descriptor information
+ protected AssemblyDescriptor assemblyDescriptor;
+
// This is the Home interface class
protected Class homeInterface;
@@ -94,9 +111,18 @@
// This is the TransactionManager
protected TransactionManager tm;
+ // This is the SecurityManager
+ protected EJBSecurityManager sm;
+
+ // This is the realm mapping
+ protected RealmMapping rm;
+
// This is the new MetaData construct
protected BeanMetaData newMetaData;
+ // This is a cache for method permissions
+ private HashMap methodPermissionsCache = new HashMap();
+
// Public --------------------------------------------------------
/**
@@ -121,6 +147,27 @@
return tm;
}
+ public void setSecurityManager(EJBSecurityManager sm)
+ {
+ this.sm = sm;
+ }
+
+ public EJBSecurityManager getSecurityManager()
+ {
+ return sm;
+ }
+
+ public void setRealmMapping(RealmMapping rm)
+ {
+ this.rm = rm;
+ }
+
+ public RealmMapping getRealmMapping()
+ {
+ return rm;
+ }
+
+
/**
* Sets the application deployment unit for this container. All the bean
* containers within the same application unit share the same instance.
@@ -186,8 +233,139 @@
{
return metaData;
}
+
+ /**
+ * Sets the assembly descriptor for this container. The meta data consists of
the
+ * properties found in the XML descriptors.
+ *
+ * @param assemblyDescriptor
+ */
+ public void setAssemblyDescriptor(AssemblyDescriptor assemblyDescriptor)
+ {
+ this.assemblyDescriptor = assemblyDescriptor;
+ }
+
+ /**
+ * Returns the assembly descriptor of this container.
+ *
+ * @return assemblyDescriptor;
+ */
+ public AssemblyDescriptor getAssemblyDescriptor()
+ {
+ return assemblyDescriptor;
+ }
+
+ private void addRoles( Collection roles, Set permissions )
+ {
+ Iterator iter = roles.iterator();
+ while (iter.hasNext())
+ {
+ JCheckBox checkBox = (JCheckBox) iter.next();
+ permissions.add( checkBox.getLabel() );
+ }
+ }
+
+ /**
+ * Returns the permissions for a method.
+ *
+ * @return assemblyDescriptor;
+ */
+ public Set getMethodPermissions( Method m, boolean home )
+ {
+ Set permissions = (Set) methodPermissionsCache.get( m );
+ if (permissions != null)
+ return permissions;
+ permissions = new HashSet();
+
+ Iterator iterPermissions = assemblyDescriptor.getMethodPermissions();
+ // go fishing in ejx's tree to build method permissions
+ while (iterPermissions.hasNext())
+ {
+ MethodPermission methodPermission =
+ (MethodPermission) iterPermissions.next();
+ Collection roles = methodPermission.getRoles();
+ TreeModel model = methodPermission.getMethods();
+ int count = model.getChildCount( model.getRoot() );
+ // look at the specific grants in a method permission
+ boolean rolesAdded_shouldBreak = false; // if we're in an inner loop
+ for (int iter=0; iter<count; iter++)
+ {
+ DefaultMutableTreeNode beannode =
+ (DefaultMutableTreeNode) model.getChild( model.getRoot(), iter );
+ com.dreambean.ejx.ejb.Method bean =
+ (com.dreambean.ejx.ejb.Method)beannode.getUserObject();
+
+ // check if this is the bean under consideration
+ if (!bean.getEjbName().equals( metaData.getEjbName() ))
+ continue;
+
+ // see if everything in the bean is selected regardless of interface
+ if (bean.isSelected())
+ {
+ addRoles( roles, permissions );
+ break;
+ }
+
+ // depends on ejb ordering home then remote (could check name)
+ DefaultMutableTreeNode interfaceNode = (DefaultMutableTreeNode)
+ beannode.getChildAt( home ? 0 : 1 );
+ com.dreambean.ejx.ejb.Method beaninterface =
+ (com.dreambean.ejx.ejb.Method) interfaceNode.getUserObject();
+ // see if everything in the interface is selected regardless of method
+ if (beaninterface.isSelected())
+ {
+ addRoles( roles, permissions );
+ break;
+ }
+
+ // check the method
+ Enumeration enumMethods = interfaceNode.children();
+ while (enumMethods.hasMoreElements())
+ {
+ DefaultMutableTreeNode methodNode =
+ (DefaultMutableTreeNode) enumMethods.nextElement();
+ com.dreambean.ejx.ejb.Method beanmethod =
+ (com.dreambean.ejx.ejb.Method) methodNode.getUserObject();
+
+ // name doesn't match
+ if (!beanmethod.getMethodName().equals( m.getName() ))
+ continue;
+
+ String[] descriptorParams = beanmethod.getParams();
+ Class[] declaredParams = m.getParameterTypes();
+
+ // different number of parameters
+ if (descriptorParams.length != declaredParams.length)
+ continue;
+
+ boolean paramDoesntMatch = false;
+ for (int iterParams=0; iterParams<descriptorParams.length; iterParams++)
+ {
+ if (!descriptorParams[iterParams].equals(
declaredParams[iterParams].getName() ))
+ {
+ paramDoesntMatch = true;
+ break;
+ }
+ }
+ if (paramDoesntMatch)
+ continue;
+
+ if (beanmethod.isSelected())
+ {
+ addRoles( roles, permissions );
+ rolesAdded_shouldBreak = true; // outer loop
+ // (could also use label)
+ }
+ break; // we've already found the method
+ }
+ if (rolesAdded_shouldBreak)
+ break;
+ }
+ }
+ methodPermissionsCache.put( m, permissions );
+ return permissions;
+ }
-
// the following two methods use the new metadata structures from
// package org.jboss.metadata
public void setBeanMetaData(BeanMetaData metaData) {
1.27 +12 -1 jboss/src/main/org/jboss/ejb/ContainerFactory.java
Index: ContainerFactory.java
===================================================================
RCS file: /products/cvs/ejboss/jboss/src/main/org/jboss/ejb/ContainerFactory.java,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- ContainerFactory.java 2000/07/18 19:42:54 1.26
+++ ContainerFactory.java 2000/08/06 21:35:59 1.27
@@ -55,6 +55,8 @@
import org.jboss.verifier.event.VerificationEvent;
import org.jboss.verifier.event.VerificationListener;
+import org.jboss.system.EJBSecurityManager;
+import org.jboss.system.RealmMapping;
/**
* A ContainerFactory is used to deploy EJB applications. It can be given a URL to
@@ -66,7 +68,7 @@
* @author <a href="mailto:[EMAIL PROTECTED]">Marc Fleury</a>
* @author <a href="mailto:[EMAIL PROTECTED]">Juha Lindfors</a>
*
-* @version $Revision: 1.26 $
+* @version $Revision: 1.27 $
*/
public class ContainerFactory
extends org.jboss.util.ServiceMBeanSupport
@@ -314,8 +316,17 @@
// use the new metadata classes in org.jboss.metadata
container.setBeanMetaData(efm.getMetaData().getBean(bean.getEjbName()));
+ // set assembly descriptor info
+ container.setAssemblyDescriptor(jar.getAssemblyDescriptor() );
+
// Set transaction manager
container.setTransactionManager((TransactionManager)new
InitialContext().lookup("TransactionManager"));
+
+ // Set security manager (should be
chosen based on container config)
+
container.setSecurityManager((EJBSecurityManager)new
InitialContext().lookup("EJBSecurityManager"));
+
+ // Set realm mapping (should be chosen based on container config)
+ container.setRealmMapping( (RealmMapping)new
InitialContext().lookup("SimpleRealmMapping"));
// Get container configuration
ContainerConfiguration conf =
bean.getContainerConfiguration();
1.3 +18 -5 jboss/src/main/org/jboss/ejb/MethodInvocation.java
Index: MethodInvocation.java
===================================================================
RCS file: /products/cvs/ejboss/jboss/src/main/org/jboss/ejb/MethodInvocation.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- MethodInvocation.java 2000/07/27 23:33:59 1.2
+++ MethodInvocation.java 2000/08/06 21:35:59 1.3
@@ -26,7 +26,7 @@
* @see <related>
* @author Rickard �berg ([EMAIL PROTECTED])
* @author <a href="mailto:[EMAIL PROTECTED]">Marc Fleury</a>.
- * @version $Revision: 1.2 $
+ * @version $Revision: 1.3 $
*/
public class MethodInvocation
{
@@ -38,20 +38,23 @@
Transaction tx;
Principal identity;
-
+ Object credential;
+
Method m;
EnterpriseContext ctx;
-
+
// Static --------------------------------------------------------
// Constructors --------------------------------------------------
- public MethodInvocation(Object id, Method m, Object[] args, Transaction tx,
Principal identity)
+ public MethodInvocation(Object id, Method m, Object[] args, Transaction tx,
+ Principal identity, Object credential )
{
this.id = id;
this.m = m;
this.args = args;
this.tx = tx;
this.identity = identity;
+ this.credential = credential;
}
// Public --------------------------------------------------------
public Object getId() { return id; }
@@ -88,7 +91,17 @@
{
return identity;
}
-
+
+ public void setCredential(Object credential)
+ {
+ this.credential = credential;
+ }
+
+ public Object getCredential()
+ {
+ return credential;
+ }
+
/*
* setEnterpriseContext()
*
