Package org.apache.openejb.spi

Examples of org.apache.openejb.spi.SecurityService


            req.readExternal(in);
        } catch (final Throwable t) {
            return setResponseError(res, version, t, "Bad request");
        }

        final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
        boolean failed = false;
        final CallContext call;

        try {
            try {
                final Object clientIdentity = req.getClientIdentity();
                if (clientIdentity != null) {//noinspection unchecked
                    securityService.associate(clientIdentity);
                }
            } catch (final LoginException t) {
                failed = true;
                return setResponseError(res, version, t, "Client identity is not valid - " + req);
            }

            final BeanContext di;

            try {
                di = this.daemon.getDeployment(req);
            } catch (final RemoteException e) {
                failed = true;
                return setResponseError(res, version, e, "No such deployment");
            } catch (final Throwable t) {
                failed = true;
                return setResponseError(res, version, t, "Unkown error occured while retrieving deployment: " + req);
            }

            try {

                //Need to set this for deserialization of the body - Will always be reset by EjbDaemon
                final ClassLoader classLoader = di.getBeanClass().getClassLoader();
                Thread.currentThread().setContextClassLoader(classLoader);

                res.start(EJBResponse.Time.DESERIALIZATION);

                req.getBody().readExternal(in);

                //Client version retrieved from body
                version = req.getVersion();

                res.stop(EJBResponse.Time.DESERIALIZATION);
            } catch (final Throwable t) {
                failed = true;
                return setResponseError(res, version, t, "Error caught during request body deserialization: " + req);
            }

            try {
                call = CallContext.getCallContext();
                call.setEJBRequest(req);
                call.setBeanContext(di);
            } catch (final Throwable t) {
                failed = true;
                return setResponseError(res, version, t, "Unable to set the thread call context for this request: " + req);
            }

        } finally {
            if (failed) {
                securityService.disassociate();
            }
        }

        res.start(EJBResponse.Time.CONTAINER);

        Object securityToken = null;
        try {
            final JNDIContext.AuthenticationInfo authentication = req.getBody().getAuthentication();
            if (authentication != null) {
                try {
                    securityToken = securityService.login(authentication.getRealm(), authentication.getUser(), new String(authentication.getPassword()));
                } catch (final Throwable t) {
                    res.setResponse(req.getVersion(), ResponseCodes.AUTH_DENIED, t);
                }
            }

            if (res.getResponseCode() != ResponseCodes.AUTH_DENIED) {
                switch (req.getRequestMethod()) {
                    // Remote interface methods
                    case EJB_OBJECT_BUSINESS_METHOD:
                        doEjbObject_BUSINESS_METHOD(req, res);
                        updateServer(req, res);
                        break;

                    // Home interface methods
                    case EJB_HOME_CREATE:
                        doEjbHome_CREATE(req, res);
                        updateServer(req, res);
                        break;

                    // Home interface methods
                    case EJB_HOME_METHOD:
                        doEjbHome_METHOD(req, res);
                        updateServer(req, res);
                        break;

                    case EJB_HOME_FIND:
                        doEjbHome_FIND(req, res);
                        updateServer(req, res);
                        break;

                    // javax.ejb.EJBObject methods
                    case EJB_OBJECT_GET_EJB_HOME:
                        doEjbObject_GET_EJB_HOME(req, res);
                        updateServer(req, res);
                        break;

                    case EJB_OBJECT_GET_HANDLE:
                        doEjbObject_GET_HANDLE(req, res);
                        updateServer(req, res);
                        break;

                    case EJB_OBJECT_GET_PRIMARY_KEY:
                        doEjbObject_GET_PRIMARY_KEY(req, res);
                        updateServer(req, res);
                        break;

                    case EJB_OBJECT_IS_IDENTICAL:
                        doEjbObject_IS_IDENTICAL(req, res);
                        updateServer(req, res);
                        break;

                    case EJB_OBJECT_REMOVE:
                        doEjbObject_REMOVE(req, res);
                        break;

                    // javax.ejb.EJBHome methods
                    case EJB_HOME_GET_EJB_META_DATA:
                        doEjbHome_GET_EJB_META_DATA(req, res);
                        updateServer(req, res);
                        break;

                    case EJB_HOME_GET_HOME_HANDLE:
                        doEjbHome_GET_HOME_HANDLE(req, res);
                        updateServer(req, res);
                        break;

                    case EJB_HOME_REMOVE_BY_HANDLE:
                        doEjbHome_REMOVE_BY_HANDLE(req, res);
                        break;

                    case EJB_HOME_REMOVE_BY_PKEY:
                        doEjbHome_REMOVE_BY_PKEY(req, res);
                        break;

                    case FUTURE_CANCEL:
                        doFUTURE_CANCEL_METHOD(req, res);
                        break;

                    default:
                        throw new org.apache.openejb.SystemException("Unexpected request method: " + req.getRequestMethod());
                }
            }

        } catch (final org.apache.openejb.InvalidateReferenceException e) {
            res.setResponse(version, ResponseCodes.EJB_SYS_EXCEPTION, new ThrowableArtifact(e.getRootCause()));
        } catch (final org.apache.openejb.ApplicationException e) {
            res.setResponse(version, ResponseCodes.EJB_APP_EXCEPTION, new ThrowableArtifact(e.getRootCause()));
        } catch (final org.apache.openejb.SystemException e) {
            res.setResponse(version, ResponseCodes.EJB_ERROR, new ThrowableArtifact(e.getRootCause()));
            logger.error("System error in container for request: " + req, e);
        } catch (final Throwable t) {

            return setResponseError(res, version, t, "Unknown error in container");

        } finally {
            if (securityToken != null) {
                try {
                    //noinspection unchecked
                    securityService.logout(securityToken);
                } catch (final LoginException e) {
                    // no-op
                }
            }
View Full Code Here


            final String securityRealm = req.getRealm();
            final String username = req.getUsername();
            final String password = req.getCredentials();

            final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
            final Object token = securityService.login(securityRealm, username, password);

            final ClientMetaData client = new ClientMetaData();
            client.setMetaData(metaData);
            client.setClientIdentity(token);
View Full Code Here

        } catch (Throwable t) {
            replyWithFatalError(out, t, "Unable to set the thread context for this request");
            return;
        }

        SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
        try {
            Object clientIdentity = req.getClientIdentity();
            if (clientIdentity != null) securityService.associate(clientIdentity);
        } catch (Throwable t) {
            replyWithFatalError(out, t, "Security system failed to associate thread with the thread");
            return;
        }

        try {
            switch (req.getRequestMethod()) {
            // Remote interface methods
                case RequestMethodConstants.EJB_OBJECT_BUSINESS_METHOD:
                    doEjbObject_BUSINESS_METHOD(req, res);
                    break;

                // Home interface methods
                case RequestMethodConstants.EJB_HOME_CREATE:
                    doEjbHome_CREATE(req, res);
                    break;

                // Home interface methods
                case RequestMethodConstants.EJB_HOME_METHOD:
                    doEjbHome_METHOD(req, res);
                    break;

                case RequestMethodConstants.EJB_HOME_FIND:
                    doEjbHome_FIND(req, res);
                    break;

                // javax.ejb.EJBObject methods
                case RequestMethodConstants.EJB_OBJECT_GET_EJB_HOME:
                    doEjbObject_GET_EJB_HOME(req, res);
                    break;

                case RequestMethodConstants.EJB_OBJECT_GET_HANDLE:
                    doEjbObject_GET_HANDLE(req, res);
                    break;

                case RequestMethodConstants.EJB_OBJECT_GET_PRIMARY_KEY:
                    doEjbObject_GET_PRIMARY_KEY(req, res);
                    break;

                case RequestMethodConstants.EJB_OBJECT_IS_IDENTICAL:
                    doEjbObject_IS_IDENTICAL(req, res);
                    break;

                case RequestMethodConstants.EJB_OBJECT_REMOVE:
                    doEjbObject_REMOVE(req, res);
                    break;

                // javax.ejb.EJBHome methods
                case RequestMethodConstants.EJB_HOME_GET_EJB_META_DATA:
                    doEjbHome_GET_EJB_META_DATA(req, res);
                    break;

                case RequestMethodConstants.EJB_HOME_GET_HOME_HANDLE:
                    doEjbHome_GET_HOME_HANDLE(req, res);
                    break;

                case RequestMethodConstants.EJB_HOME_REMOVE_BY_HANDLE:
                    doEjbHome_REMOVE_BY_HANDLE(req, res);
                    break;

                case RequestMethodConstants.EJB_HOME_REMOVE_BY_PKEY:
                    doEjbHome_REMOVE_BY_PKEY(req, res);
                    break;
            }

        } catch (org.apache.openejb.InvalidateReferenceException e) {
            res.setResponse(ResponseCodes.EJB_SYS_EXCEPTION, new ThrowableArtifact(e.getRootCause()));
        } catch (org.apache.openejb.ApplicationException e) {
            res.setResponse(ResponseCodes.EJB_APP_EXCEPTION, new ThrowableArtifact(e.getRootCause()));
        } catch (org.apache.openejb.SystemException e) {
            res.setResponse(ResponseCodes.EJB_ERROR, new ThrowableArtifact(e.getRootCause()));

            logger.fatal(req + ": OpenEJB encountered an unknown system error in container: ", e);
        } catch (java.lang.Throwable t) {
            // todo this causes the response to be written twice but the code below
            replyWithFatalError
                    (out, t, "Unknown error in container");
            return;
        } finally {
            if (logger.isDebugEnabled()){
                try {
                    logger.debug("EJB REQUEST: "+req+" -- RESPONSE: " + res);
                } catch (Exception justInCase) {}
            }
            try {
                res.writeExternal(out);
            } catch (java.io.IOException ie) {
                logger.fatal("Couldn't write EjbResponse to output stream", ie);
            }
            securityService.disassociate();
            call.reset();
            EJBHomeProxyHandle.resolver.set(null);
            EJBObjectProxyHandle.resolver.set(null);

        }
View Full Code Here

        String pass = (String) env.get(Context.SECURITY_CREDENTIALS);
        String realmName = (String) env.get("openejb.authentication.realmName");

        if (user != null && pass != null){
            try {
                SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
                Object identity = null;
                if (realmName == null) {
                    identity = securityService.login(user, pass);
                } else {
                    identity = securityService.login(realmName, user, pass);
                }
                securityService.associate(identity);
            } catch (LoginException e) {
                throw (AuthenticationException) new AuthenticationException("User could not be authenticated: "+user).initCause(e);
            }
        }
View Full Code Here

        final String pass = (String) env.get(Context.SECURITY_CREDENTIALS);
        final String realmName = (String) env.get("openejb.authentication.realmName");

        if (user != null && pass != null) {
            try {
                final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
                final Object identity;
                if (realmName == null) {
                    identity = securityService.login(user, pass);
                } else {
                    identity = securityService.login(realmName, user, pass);
                }
                securityService.associate(identity);
            } catch (final LoginException e) {
                throw (AuthenticationException) new AuthenticationException("User could not be authenticated: " + user).initCause(e);
            }
        }
View Full Code Here

                        logger.debug("startup.debugEntry", entry);
                    }
                }
            }

            final SecurityService securityService = assembler.getSecurityService();
            if (securityService == null) {
                final String msg = messages.message("startup.assemblerReturnedNullSecurityService");
                logger.fatal(msg);
                throw new OpenEJBException(msg);
            } else {
                logger.debug("startup.securityService", securityService.getClass().getName());
            }
            system.setComponent(SecurityService.class, securityService);

            final TransactionManager transactionManager = assembler.getTransactionManager();
            if (transactionManager == null) {
View Full Code Here

        if (user != null && pass != null) {
            try {
                if (logger.isDebugEnabled()) {
                    logger.debug("Logging in: " + user);
                }
                final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
                if (realmName == null) {
                    clientIdentity = securityService.login(user, pass);
                } else {
                    clientIdentity = securityService.login(realmName, user, pass);
                }
                ClientSecurity.setIdentity(clientIdentity);
            } catch (final LoginException e) {
                throw (AuthenticationException) new AuthenticationException("User could not be authenticated: " + user).initCause(e);
            }
View Full Code Here

    }

    @SuppressWarnings("unchecked")
    private void logout() {
        try {
            final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
            if (clientIdentity != null) {
                if (logger.isDebugEnabled()) {
                    logger.debug("Logging out: " + clientIdentity);
                }
                securityService.logout(clientIdentity);
                ClientSecurity.setIdentity(null);
            }
        } catch (final LoginException e) {
            throw new OpenEJBRuntimeException("User could not be logged out.", e);
        }
View Full Code Here

    }

    @SuppressWarnings("unchecked")
    @Override
    public void after(final SecurityContext securityContext) throws WorkCompletedException {
        final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
        final Object loginObj = securityService.disassociate();
        if (loginObj != null) {
            try {
                securityService.logout(loginObj);
            } catch (final LoginException e) {
                //Ignore
            }
        }
    }
View Full Code Here

            } else if (callback instanceof PasswordValidationCallback) {
                final PasswordValidationCallback passwordValidationCallback = (PasswordValidationCallback) callback;
                final String userName = passwordValidationCallback.getUsername();
                final char[] password = passwordValidationCallback.getPassword();

                final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
                try {
                    final Object loginObj = securityService.login(securityRealmName, userName, password == null ? "" : new String(password));
                    securityService.associate(loginObj);
                    callerPrincipal = securityService.getCallerPrincipal();
                    passwordValidationCallback.setResult(true);
                } catch (final LoginException e) {
                    passwordValidationCallback.setResult(false);
                }
            }
View Full Code Here

TOP

Related Classes of org.apache.openejb.spi.SecurityService

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.