|| (permitAll != null && denyAll != null)) {
ejbModule.getValidation().fail(ejbName, "permitAllAndRolesAllowedOnClass", clazz.getName());
}
if (rolesAllowed != null) {
final MethodPermission methodPermission = new MethodPermission();
methodPermission.getRoleName().addAll(asList(rolesAllowed.value()));
methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, clazz.getName(), "*"));
assemblyDescriptor.getMethodPermission().add(methodPermission);
// Automatically add a role ref for any role listed in RolesAllowed
if (RemoteBean.class.isInstance(bean)) {
final RemoteBean remoteBean = RemoteBean.class.cast(bean);
final List<SecurityRoleRef> securityRoleRefs = remoteBean.getSecurityRoleRef();
for (final String role : rolesAllowed.value()) {
securityRoleRefs.add(new SecurityRoleRef(role));
}
}
}
/*
* @PermitAll
*/
if (permitAll != null) {
final MethodPermission methodPermission = new MethodPermission();
methodPermission.setUnchecked(true);
methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, clazz.getName(), "*"));
assemblyDescriptor.getMethodPermission().add(methodPermission);
}
/**
* @DenyAll
*/
if (denyAll != null) {
assemblyDescriptor.getExcludeList()
.addMethod(new org.apache.openejb.jee.Method(ejbName, clazz.getName(), "*"));
}
}
/*
* @RunAs
*/
final RunAs runAs = clazz.getAnnotation(RunAs.class);
if (runAs != null && bean.getSecurityIdentity() == null) {
final SecurityIdentity securityIdentity = new SecurityIdentity();
securityIdentity.setRunAs(runAs.value());
bean.setSecurityIdentity(securityIdentity);
}
/*
* @DeclareRoles
*/
final DeclareRoles declareRoles = clazz.getAnnotation(DeclareRoles.class);
if (declareRoles != null && bean instanceof RemoteBean) {
final RemoteBean remoteBean = (RemoteBean) bean;
final List<SecurityRoleRef> securityRoleRefs = remoteBean.getSecurityRoleRef();
for (final String role : declareRoles.value()) {
securityRoleRefs.add(new SecurityRoleRef(role));
}
}
}
/*
* Process annotations at the method level
*/
final List<Method> seen = new ArrayList<Method>();
/*
* @RolesAllowed
*/
for (final Annotated<Method> method : annotationFinder.findMetaAnnotatedMethods(RolesAllowed.class)) {
checkConflictingSecurityAnnotations(method, ejbName, ejbModule, seen);
final RolesAllowed rolesAllowed = method.getAnnotation(RolesAllowed.class);
final MethodPermission methodPermission = new MethodPermission();
methodPermission.getRoleName().addAll(asList(rolesAllowed.value()));
methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, method.get()));
assemblyDescriptor.getMethodPermission().add(methodPermission);
// Automatically add a role ref for any role listed in RolesAllowed
if (RemoteBean.class.isInstance(bean)) {
final RemoteBean remoteBean = RemoteBean.class.cast(bean);
final List<SecurityRoleRef> securityRoleRefs = remoteBean.getSecurityRoleRef();
for (final String role : rolesAllowed.value()) {
securityRoleRefs.add(new SecurityRoleRef(role));
}
}
}
/*
* @PermitAll
*/
for (final Annotated<Method> method : annotationFinder.findMetaAnnotatedMethods(PermitAll.class)) {
checkConflictingSecurityAnnotations(method, ejbName, ejbModule, seen);
final MethodPermission methodPermission = new MethodPermission();
methodPermission.setUnchecked(true);
methodPermission.getMethod().add(new org.apache.openejb.jee.Method(ejbName, method.get()));
assemblyDescriptor.getMethodPermission().add(methodPermission);
}
/*
* @DenyAll