Examples of javax.security.jacc.WebRoleRefPermission

javax.security.jacc.WebRoleRefPermission
@version $Rev: 54183 $ $Date: 2004-10-09 16:04:29 -0600 (Sat, 09 Oct 2004) $

            * must be the value of the role-name (that is the  reference), appearing in the security-role-ref.
            * The deployment tools must  call the addToRole method on the PolicyConfiguration object to add the
            * WebRoleRefPermission object resulting from the translation to the role
            * identified in the role-link appearing in the security-role-ref.
            */
            policyConfiguration.addToRole(roleLink, new WebRoleRefPermission(servletName, roleName));
            unmappedRoles.remove(roleName);
        }
        for (String roleName : unmappedRoles) {
            policyConfiguration.addToRole(roleName, new WebRoleRefPermission(servletName, roleName));
        }
    }

View Full Code Here

        }
    }


    protected void addUnmappedJSPPermissions() throws PolicyContextException {
        for (String roleName : securityRoles) {
            policyConfiguration.addToRole(roleName, new WebRoleRefPermission("", roleName));
        }
    }

View Full Code Here

         */
        if (name == null || name.equals("jsp")) {
            name = "";
        }
        try {
            acc.checkPermission(new WebRoleRefPermission(name, role));
            return true;
        } catch (AccessControlException e) {
            return false;
        }
    }

View Full Code Here

            servletName = "";
        }
        try {
            //correct run-as identity available from context manager.
            AccessControlContext acc = ContextManager.getCurrentContext();
            acc.checkPermission(new WebRoleRefPermission(servletName, role));
            return true;
        } catch (AccessControlException e) {
            return false;
        }
    }

View Full Code Here

         Set<Principal> roles, String servletName)
   { 
      if(servletName == null)
         throw new IllegalArgumentException("servletName is null");
      
      WebRoleRefPermission perm = new WebRoleRefPermission(servletName, roleName);
      Principal[] principals = {principal}; 
      if( roles != null )
      {
         principals = new Principal[roles.size()];
         roles.toArray(principals);

View Full Code Here

            String[] roleRefs = servlet.findSecurityReferences();
            // Perform the unreferenced roles processing for every servlet name
            for (int j = 0; j < roleRefs.length; j++) {
                String roleRef = roleRefs[j];
                String roleName = servlet.findSecurityReference(roleRef);
                WebRoleRefPermission wrrp = new WebRoleRefPermission(servletName, roleRef);
                pc.addToRole(roleName, wrrp);
                /*
                 * A bit of a hack due to how tomcat calls out to its Realm.hasRole() with a role name that has been mapped to
                 * the role-link value. We may need to handle this with a custom request wrapper.
                 */
                wrrp = new WebRoleRefPermission(servletName, roleName);
                pc.addToRole(roleRef, wrrp);
                // Remove the role from the unreferencedRoles
                unRefRoles.remove(roleName);
            }


            // Spec 3.1.3.2: For each servlet element in the deployment descriptor
            // a WebRoleRefPermission must be added to each security-role of the
            // application whose name does not appear as the rolename
            // in a security-role-ref within the servlet element.
            for (String unrefRole : unRefRoles) {
                WebRoleRefPermission unrefP = new WebRoleRefPermission(servletName, unrefRole);
                pc.addToRole(unrefRole, unrefP);
            }
        }


        // JACC 1.1:Spec 3.1.3.2: For each security-role defined in the deployment descriptor, an
        // additional WebRoleRefPermission must be added to the corresponding role by
        // calling the addToRole method on the PolicyConfiguration object. The
        // name of all such permissions must be the empty string, and the actions of each
        // such permission must be the role-name of the corresponding role.
        for (int i = 0; i < unreferencedRoles.length; i++) {
            String unreferencedRole = unreferencedRoles[i];
            WebRoleRefPermission wrrep = new WebRoleRefPermission("", unreferencedRole);
            pc.addToRole(unreferencedRole, wrrep);
        }


        // Now build the cross product of the unreferencedRoles and servlets
        for (int i = 0; i < servlets.length; i++) {
            Wrapper servlet = (Wrapper) servlets[i];
            String servletName = servlet.getName();
            for (int j = 0; j < unreferencedRoles.length; j++) {
                String role = unreferencedRoles[j];
                WebRoleRefPermission wrrp = new WebRoleRefPermission(servletName, role);
                pc.addToRole(role, wrrp);
            }
        }
    }

View Full Code Here

    }


    protected void addUnmappedJSPPermissions(Set securityRoles, Map rolePermissions) {
        for (Iterator iter = securityRoles.iterator(); iter.hasNext();) {
            String roleName = (String) iter.next();
            addPermissionToRole(roleName, new WebRoleRefPermission("", roleName), rolePermissions);
        }
    }

View Full Code Here

            * must be the value of the role-name (that is the  reference), appearing in the security-role-ref.
            * The deployment tools must  call the addToRole method on the PolicyConfiguration object to add the
            * WebRoleRefPermission object resulting from the translation to the role
            * identified in the role-link appearing in the security-role-ref.
            */
            addPermissionToRole(roleLink, new WebRoleRefPermission(servletName, roleName), rolePermissions);
            unmappedRoles.remove(roleName);
        }
        for (Iterator iterator = unmappedRoles.iterator(); iterator.hasNext();) {
            String roleName = (String) iterator.next();
            addPermissionToRole(roleName, new WebRoleRefPermission(servletName, roleName), rolePermissions);
        }
//        servletData.setAttribute("webRoleRefPermissions", webRoleRefPermissions);
    }

View Full Code Here

            // JACC v1.0 secion B.19
            String servletName = JettyServletHolder.getCurrentServletName();
            if (servletName.equals("jsp")) {
                servletName = "";
            }
            acc.checkPermission(new WebRoleRefPermission(servletName, role));
        } catch (AccessControlException e) {
            return false;
        }
        return true;
    }

View Full Code Here


        try {
            /**
             * JACC v1.0 section 4.1.3
             */
            acc.checkPermission(new WebRoleRefPermission(name, role));
        } catch (AccessControlException e) {
            return false;
        }


        return true;

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of javax.security.jacc.WebRoleRefPermission

com.sun.enterprise.security.web.integration.WebPermissionUtil

com.sun.web.security.WebPermissionUtil

org.apache.geronimo.jetty.deployment.JettyModuleBuilder

org.apache.geronimo.jetty.InternalJAASJettyRealm

org.apache.geronimo.jetty.JAASJettyRealm

org.apache.geronimo.jetty.JettyXMLConfiguration

org.apache.geronimo.jetty6.InternalJAASJettyRealm

org.apache.geronimo.jetty7.handler.GeronimoUserIdentity

org.apache.geronimo.jetty8.handler.GeronimoJettyUserIdentity

org.apache.geronimo.jetty8.handler.GeronimoUserIdentity

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.