String type = getType(method, args);
String vhost = getVirtualHost(method, args);
int impact = getImpact(method, args);
// Get the security manager for the virtual host (if set)
SecurityManager security;
if (vhost == null)
{
security = _appRegistry.getSecurityManager();
}
else
{
security = _appRegistry.getVirtualHostRegistry().getVirtualHost(vhost).getSecurityManager();
}
methodName = getMethodName(method, args);
if (isAccessMethod(methodName) || impact == MBeanOperationInfo.INFO)
{
// Check for read-only method invocation permission
if (!security.authoriseMethod(Operation.ACCESS, type, methodName))
{
throw new SecurityException("Permission denied: Access " + methodName);
}
}
else
{
// Check for setting properties permission
if (!security.authoriseMethod(Operation.UPDATE, type, methodName))
{
throw new SecurityException("Permission denied: Update " + methodName);
}
}