String roleName = runAs.value();
if(roleName == null) {
//FIXME handle monitor or error
}
SecurityIdentityPolicy policy = new SecurityIdentityPolicy();
policy.setRunAsRole(roleName);
PolicySet policySet = policyFactory.createPolicySet();
policySet.setName(RUN_AS);
policySet.getPolicies().add(policy);
policySet.setUnresolved(false);
((org.apache.tuscany.sca.policy.PolicySetAttachPoint)type).getPolicySets().add(policySet);
}
RolesAllowed rolesAllowed = clazz.getAnnotation(javax.annotation.security.RolesAllowed.class);
if(rolesAllowed != null) {
if(rolesAllowed.value().length == 0) {
//FIXME handle monitor or error
}
AuthorizationPolicy policy = new AuthorizationPolicy();
policy.setAccessControl(AuthorizationPolicy.AcessControl.allow);
for(String role : rolesAllowed.value()) {
policy.getRoleNames().add(role);
}
PolicySet policySet = policyFactory.createPolicySet();
policySet.setName(ALLOW);
policySet.getPolicies().add(policy);
policySet.setUnresolved(false);
((org.apache.tuscany.sca.policy.PolicySetAttachPoint)type).getPolicySets().add(policySet);
}
PermitAll permitAll = clazz.getAnnotation(javax.annotation.security.PermitAll.class);
if(permitAll != null) {
AuthorizationPolicy policy = new AuthorizationPolicy();
policy.setAccessControl(AuthorizationPolicy.AcessControl.permitAll);
PolicySet policySet = policyFactory.createPolicySet();
policySet.setName(PERMIT_ALL);
policySet.getPolicies().add(policy);
policySet.setUnresolved(false);