Package org.glassfish.security.common

Examples of org.glassfish.security.common.Role

351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
        // pc will always has a value which is provided by implementation
        // of PolicyConfigurationFactory
        assert pc != null;
        // Get the set of roles declared
        Set<Role> roleset = eDescriptor.getEjbBundleDescriptor().getRoles();
        Role anyAuthUserRole = new Role("**");
        boolean rolesetContainsAnyAuthUserRole = roleset.contains(anyAuthUserRole);
        List<Role> role = new ArrayList<Role>();
        String eName = eDescriptor.getName();
        for (RoleReference roleRef : eDescriptor.getRoleReferences()) {
            String rolename = roleRef.getRoleName();
            EJBRoleRefPermission ejbrr =
                    new EJBRoleRefPermission(eName, rolename);
            String rolelink = roleRef.getSecurityRoleLink().getName();

            role.add(new Role(rolename));
            pc.addToRole(rolelink, ejbrr);

            if (_logger.isLoggable(Level.FINE)) {
                _logger.fine("JACC: Converting role-ref -> " + roleRef.toString() +
                        " to permission with name(" + ejbrr.getName() +
                        ") and actions (" + ejbrr.getActions() +
                        ")" + "mapped to role (" + rolelink + ")");
            }
        }
        if (_logger.isLoggable(Level.FINE)){
          _logger.log(Level.FINE,"JACC: Converting role-ref: Going through the list of roles not present in RoleRef elements and creating EJBRoleRefPermissions ");
        }
        for (Role r : roleset) {
          if (_logger.isLoggable(Level.FINE)){
            _logger.log(Level.FINE,"JACC: Converting role-ref: Looking at Role =  "+r.getName());
          }
          if (!role.contains(r)) {
            String action = r.getName();
            EJBRoleRefPermission ejbrr = new EJBRoleRefPermission(eName, action);
            pc.addToRole(action, ejbrr);
            if (_logger.isLoggable(Level.FINE)) {
              _logger.fine("JACC: Converting role-ref: Role =  " + r.getName() +
                  " is added as a permission with name(" + ejbrr.getName() +
                  ") and actions (" + ejbrr.getActions() +
                  ")" + "mapped to role (" + action + ")");
            }
          }
        }
        /**
         * JACC MR8 add EJBRoleRefPermission for the any authenticated user role '**'
         */
        if ((!role.contains(anyAuthUserRole)) && !rolesetContainsAnyAuthUserRole) {
            String rolename = anyAuthUserRole.getName();
            EJBRoleRefPermission ejbrr =
                    new EJBRoleRefPermission(eName, rolename);
            pc.addToRole(rolename, ejbrr);
            if (_logger.isLoggable(Level.FINE)) {
                _logger.fine("JACC: Converting role-ref: Adding any authenticated user role-ref " +
View Full Code Here
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
                AuthorizationConstraintImpl ac = null;
                if (sc.getAuthConstraint() != null && sc.getAuthConstraint().length > 0) {
                    ac = new AuthorizationConstraintImpl();
                    for (String roleName : sc.getAuthConstraint()) {
                        Role role = new Role(roleName);
                        getWebBundleDescriptor().addRole(role);
                        ac.addSecurityRole(roleName);
                    }
                } else { // DENY
                    ac = new AuthorizationConstraintImpl();
View Full Code Here
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
        // Process DeclareRoles annotation
        if (clazz.isAnnotationPresent(DeclareRoles.class)) {
            DeclareRoles declareRoles = (DeclareRoles)
                clazz.getAnnotation(DeclareRoles.class);
            for (String roleName : declareRoles.value()) {
                webBundleDescriptor.addRole(new Role(roleName));
                webModule.declareRoles(roleName);
            }
        }
        // Process MultipartConfig annotation
        if (clazz.isAnnotationPresent(MultipartConfig.class)) {
View Full Code Here
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
                roleName = runAs.value();
            }
            if (roleName != null) {
                super.setRunAsRole(roleName);

                wbd.addRole(new Role(roleName));
                RunAsIdentityDescriptor runAsDesc =
                    new RunAsIdentityDescriptor();
                runAsDesc.setRoleName(roleName);
                wcd.setRunAsIdentity(runAsDesc);
            }
View Full Code Here
233
234
235
236
237
238
239
240
241
242
243
                        "One cannot specify DENY with an non-empty array of rolesAllowed in @ServletSecurity / ServletSecurityElement"));
            }

            ac = new AuthorizationConstraintImpl();
            for (String roleName : rolesAllowed) {
                Role role = new Role(roleName);
                webBundleDesc.addRole(role);
                ac.addSecurityRole(roleName);
            }
        } else if (emptyRoleSemantic == EmptyRoleSemantic.PERMIT) {
            // ac is null
View Full Code Here
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
     * Returns an Enumeration of my SecurityRole objects.
     */
    public Enumeration<SecurityRoleDescriptor> getSecurityRoles() {
        Vector<SecurityRoleDescriptor> securityRoles = new Vector<SecurityRoleDescriptor>();
        for (Iterator itr = super.getRoles().iterator(); itr.hasNext();) {
            Role r = (Role) itr.next();
            SecurityRoleDescriptor srd = new SecurityRoleDescriptor(r);
            securityRoles.add(srd);
        }
        return securityRoles.elements();
    }
View Full Code Here
1347
1348
1349
1350
1351
1352
1353
1354
1355
    /**
     * Add a new abstrct role to me.
     */
    public void addSecurityRole(SecurityRole securityRole) {
        Role r = new Role(securityRole.getName());
        r.setDescription(securityRole.getDescription());
        super.addRole(r);
    }
View Full Code Here
231
232
233
234
235
236
237
238
239
240
241
            SecurityRoleMapping srm = (SecurityRoleMapping) newDescriptor;
            sunWebApp.addSecurityRoleMapping(srm);
            // store it in the application using pure DOL descriptors...
            Application app = descriptor.getApplication();
            if (app!=null) {
                Role role = new Role(srm.getRoleName());
                SecurityRoleMapper rm = app.getRoleMapper();
                if (rm != null) {
                    List<PrincipalNameDescriptor> principals = srm.getPrincipalNames();
                    for (int i = 0; i < principals.size(); i++) {
                        rm.assignRole(principals.get(i).getPrincipal(),
View Full Code Here
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
                AuthorizationConstraintImpl ac = null;
                if (sc.getAuthConstraint() != null && sc.getAuthConstraint().length > 0) {
                    ac = new AuthorizationConstraintImpl();
                    for (String roleName : sc.getAuthConstraint()) {
                        Role role = new Role(roleName);
                        getWebBundleDescriptor().addRole(role);
                        ac.addSecurityRole(roleName);
                    }
                } else { // DENY
                    ac = new AuthorizationConstraintImpl();
View Full Code Here
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
      logger.entering("WebPermissionUtil", "createWebRoleRefPermission");
      logger.log(Level.FINE,"JACC: role-reference translation: Processing WebRoleRefPermission : CODEBASE = "+ pc.getContextID());
  }
  List role = new ArrayList();
  Set roleset = wbd.getRoles();
  Role anyAuthUserRole = new Role("**");
  boolean rolesetContainsAnyAuthUserRole = roleset.contains(anyAuthUserRole);
        Set<WebComponentDescriptor> descs = wbd.getWebComponentDescriptors();
  //V3 Commented for(Enumeration e = wbd.getWebComponentDescriptors(); e.hasMoreElements();){
        for (WebComponentDescriptor comp : descs) {
      //V3 Commented WebComponentDescriptor comp = (WebComponentDescriptor) e.nextElement();

      String name = comp.getCanonicalName();
      Enumeration  esrr = comp.getSecurityRoleReferences();

      for (; esrr.hasMoreElements();){
    SecurityRoleReference srr = (SecurityRoleReference)esrr.nextElement();
    if(srr != null){
        String action = srr.getRoleName();
        WebRoleRefPermission wrrp = new WebRoleRefPermission(name, action);
        role.add(new Role(action));
        pc.addToRole(srr.getSecurityRoleLink().getName(),wrrp);
        if (logger.isLoggable(Level.FINE)){
      logger.log(Level.FINE,"JACC: role-reference translation: RoleRefPermission created with name(servlet-name)  = "+ name  +
           " and action(Role-name tag) = " + action + " added to role(role-link tag) = "+ srr.getSecurityRoleLink().getName());
        }

    }
      }
      if (logger.isLoggable(Level.FINE)){
    logger.log(Level.FINE,"JACC: role-reference translation: Going through the list of roles not present in RoleRef elements and creating WebRoleRefPermissions ");
      }
      for(Iterator it = roleset.iterator(); it.hasNext();){
    Role r = (Role)it.next();
    if (logger.isLoggable(Level.FINE)){
        logger.log(Level.FINE,"JACC: role-reference translation: Looking at Role =  "+r.getName());
    }
    if(!role.contains(r)){
        String action = r.getName();
        WebRoleRefPermission wrrp = new WebRoleRefPermission(name, action);
        pc.addToRole(action ,wrrp);
        if (logger.isLoggable(Level.FINE)){
      logger.log(Level.FINE,"JACC: role-reference translation: RoleRef  = "+ action +
           " is added for servlet-resource = " + name);
      logger.log(Level.FINE, "JACC: role-reference translation: Permission added for above role-ref ="
           + wrrp.getName() +" "+ wrrp.getActions());
        }
    }
      }
        /**
         * JACC MR8 add WebRoleRefPermission for the any authenticated user role '**'
         */
        if ((!role.contains(anyAuthUserRole)) && !rolesetContainsAnyAuthUserRole) {
            addAnyAuthenticatedUserRoleRef(pc, name);
        }
  }
  if (logger.isLoggable(Level.FINE)){
      logger.exiting("WebPermissionUtil", "createWebRoleRefPermission");
  }
       
        // START S1AS8PE 4966609
        /**
         * For every security role in the web application add a
         * WebRoleRefPermission to the corresponding role. The name of all such
         * permissions shall be the empty string, and the actions of each
         * permission shall be the corresponding role name. When checking a
         * WebRoleRefPermission from a JSP not mapped to a servlet, use a
         * permission with the empty string as its name
         * and with the argument to isUserInRole as its actions
         */
        for(Iterator it = roleset.iterator(); it.hasNext();){
            Role r = (Role)it.next();
            if (logger.isLoggable(Level.FINE)){
                logger.log(Level.FINE,
                    "JACC: role-reference translation: Looking at Role =  "
                        + r.getName());
            }
            String action = r.getName();
            WebRoleRefPermission wrrp = new WebRoleRefPermission("", action);
            pc.addToRole(action ,wrrp);
            if (logger.isLoggable(Level.FINE)){
                logger.log(Level.FINE,
                    "JACC: role-reference translation: RoleRef  = "
View Full Code Here
TOP

Related Classes of org.glassfish.security.common.Role

  • com.sun.enterprise.deployment.annotation.handlers.DeclareRolesHandler
  • com.sun.enterprise.deployment.annotation.handlers.RolesAllowedHandler
  • com.sun.enterprise.deployment.annotation.handlers.RunAsHandler
  • com.sun.enterprise.deployment.Application
  • com.sun.enterprise.deployment.BundleDescriptor
  • com.sun.enterprise.deployment.node.runtime.application.gf.ApplicationRuntimeNode
  • com.sun.enterprise.deployment.RoleReference
  • com.sun.enterprise.security.acl.RoleMapper
  • com.sun.enterprise.security.ee.Audit
  • com.sun.enterprise.security.web.integration.WebPermissionUtil
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.