Examples of org.apache.geronimo.security.jacc.RoleMappingConfiguration

• org.apache.geronimo.security.jacc.RoleMappingConfiguration

  The methods of this interface are used by containers to create role mappings in a Policy provider. An object that implements the RoleMappingConfiguration interface provides the role mapping configuration interface for a corresponding policy context within the corresponding Policy provider.

  Geronimo will obtain an instance of this class by calling PolicyConfigurationFactory.getPolicyConfiguration. If the object that is returned also implements RoleMappingConfiguration, Geronimo will call the methods of that interface to provide role mappings to the Policy provider

  @version $Rev: 46019 $ $Date: 2004-09-14 04:56:06 -0500 (Tue, 14 Sep 2004) $ @see javax.security.jacc.PolicyConfiguration @see javax.security.jacc.PolicyConfigurationFactory#getPolicyConfiguration

                configuration.addToUncheckedPolicy(new WebResourcePermission(name, actions));
                configuration.addToUncheckedPolicy(new WebUserDataPermission(name, actions));
            }

            JettyWebAppJACCContext context = (JettyWebAppJACCContext) getWebApplicationContext();
            RoleMappingConfiguration roleMapper = (RoleMappingConfiguration) configuration;
            Iterator rollMappings = security.getRoleMappings().iterator();
            while (rollMappings.hasNext()) {
                Role role = (Role) rollMappings.next();
                String roleName = role.getRoleName();

                if (!securityRoles.contains(roleName)) throw new GeronimoSecurityException("Role does not exist in this configuration");

                Subject roleDesignate = new Subject();

                Iterator realms = role.getRealms().iterator();
                while (realms.hasNext()) {
                    Set principalSet = new HashSet();
                    Realm realm = (Realm) realms.next();

                    Iterator principals = realm.getPrincipals().iterator();
                    while (principals.hasNext()) {
                        Principal principal = (Principal) principals.next();

                        RealmPrincipal realmPrincipal = ConfigurationUtil.generateRealmPrincipal(principal, realm.getRealmName());

                        if (realmPrincipal == null) throw new GeronimoSecurityException("Unable to create realm principal");

                        principalSet.add(realmPrincipal);
                        if (principal.isDesignatedRunAs()) roleDesignate.getPrincipals().add(realmPrincipal);
                    }
                    roleMapper.addRoleMapping(roleName, principalSet);
                }

                if (roleDesignate.getPrincipals().size() > 0) context.setRoleDesignate(roleName, roleDesignate);
            }