Package org.glassfish.security.common

Examples of org.glassfish.security.common.Role

2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
        // Process DeclareRoles annotation
        if (clazz.isAnnotationPresent(DeclareRoles.class)) {
            DeclareRoles declareRoles = (DeclareRoles)
                clazz.getAnnotation(DeclareRoles.class);
            for (String roleName : declareRoles.value()) {
                webBundleDescriptor.addRole(new Role(roleName));
                webModule.declareRoles(roleName);
            }
        }
        // Process MultipartConfig annotation
        if (clazz.isAnnotationPresent(MultipartConfig.class)) {
View Full Code Here
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
                roleName = runAs.value();
            }
            if (roleName != null) {
                super.setRunAsRole(roleName);

                wbd.addRole(new Role(roleName));
                RunAsIdentityDescriptor runAsDesc =
                    new RunAsIdentityDescriptor();
                runAsDesc.setRoleName(roleName);
                wcd.setRunAsIdentity(runAsDesc);
            }
View Full Code Here
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
        i = allRoles.iterator();
        logger.finest("--[ Configured roles and mappings ]--");
        HashMap allRoleMap = new HashMap();
       
        while (i.hasNext()) {
            Role r = (Role)i.next();
            logger.finest(" [" + r.getName() + "]");
            allRoleMap.put(r.getName(), new HashSet());
           
            sb = new StringBuffer();
            sb.append("  is mapped to groups: ");
            Enumeration grps = rmap.getGroupsAssignedTo(r);
            while (grps.hasMoreElements()) {
                sb.append(grps.nextElement());
                sb.append(" ");
            }
            logger.finest(sb.toString());

            sb = new StringBuffer();
            sb.append("  is mapped to principals: ");
            Enumeration users = rmap.getUsersAssignedTo(r);
            while (users.hasMoreElements()) {
                sb.append(users.nextElement());
                sb.append(" ");
            }
            logger.finest(sb.toString());
        }

        // Process all EJB modules

        Set ejbDescriptorSet = app.getBundleDescriptors(EjbBundleDescriptor.class) ;

        i = ejbDescriptorSet.iterator();
        while (i.hasNext()) {

            EjbBundleDescriptor bundle = (EjbBundleDescriptor)i.next();

            logger.finest("--[ EJB module: " + bundle.getName() + " ]--");
            Set ejbs = bundle.getEjbs();
            Iterator it = ejbs.iterator();
            while (it.hasNext()) {

                EjbDescriptor ejb = (EjbDescriptor)it.next();
                logger.finest("EJB: "+ejb.getEjbClassName());

                // check and show run-as if present
                if (!ejb.getUsesCallerIdentity()) {
                     RunAsIdentityDescriptor runas = ejb.getRunAsIdentity();
                     if (runas == null) {
                         logger.finest(" (ejb does not use caller "+
                                            "identity)");
                     } else {
                         String role = runas.getRoleName();
                         String user = runas.getPrincipal();
                         logger.finest(" Will run-as: Role: " + role +
                                            "  Principal: " + user);
                         if (role==null || "".equals(role) ||
                             user==null || "".equals(user)) {
                                 if(logger.isLoggable(Level.FINEST)){
                                    logger.finest("*** Configuration error!");
                                 }
                         }
                     }
                }

                // iterate through available methods
                logger.finest(" Method to Role restriction list:");
                Set methods = ejb.getMethodDescriptors();
                Iterator si = methods.iterator();
               
                while (si.hasNext()) {
                   
                    MethodDescriptor md = (MethodDescriptor)si.next();
                    logger.finest("   "+md.getFormattedString());

                    Set perms = ejb.getMethodPermissionsFor(md);
                    StringBuffer rbuf = new StringBuffer();
                    rbuf.append("     can only be invoked by: ");
                    Iterator sip = perms.iterator();
                    boolean unchecked=false,excluded=false,roleBased=false;
                   
                    while (sip.hasNext()) {
                        MethodPermission p = (MethodPermission)sip.next();
                        if (p.isExcluded()) {
                            excluded=true;
                            logger.finest("     excluded - can not "+
                                               "be invoked");
                        } else if (p.isUnchecked()) {
                            unchecked=true;
                            logger.finest("     unchecked - can be "+
                                               "invoked by all");
                        } else if (p.isRoleBased()) {
                            roleBased = true;
                            Role r = p.getRole();
                            rbuf.append(r.getName());
                            rbuf.append(" ");
                                // add to role's accessible list
                            HashSet ram = (HashSet)allRoleMap.get(r.getName());
                            ram.add(bundle.getName() + ":" +
                                    ejb.getEjbClassName() + "." +
                                    md.getFormattedString());
                        }
                    }
View Full Code Here
144
145
146
147
148
149
150
151
            }

            if (_logger.isLoggable(Level.FINE)) {
                _logger.log(Level.FINE, "Default role is: " + defaultRoleName);
            }
            defaultRole = new Role(defaultRoleName);
        }
    }
View Full Code Here
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
    public RoleMapper(RoleMapper r) {
        this.appName = r.getName();
        for (Iterator<String> it = r.getRoles(); it.hasNext();) {
            String role = it.next();
            // recover groups
            Enumeration<Group> groups = r.getGroupsAssignedTo(new Role(role));
            Set<Group> groupsToRole = new HashSet<Group>();
            for (; groups.hasMoreElements();) {
                Group gp = groups.nextElement();
                groupsToRole.add(new Group(gp.getName()));
                addRoleToPrincipal(gp, role);
            }
            this.roleToGroup.put(role, groupsToRole);

            // recover principles
            Enumeration<Principal> users = r.getUsersAssignedTo(new Role(role));
            Set<Principal> usersToRole = new HashSet<Principal>();
            for (; users.hasMoreElements();) {
                PrincipalImpl gp = (PrincipalImpl) users.nextElement();
                usersToRole.add(new PrincipalImpl(gp.getName()));
                addRoleToPrincipal(gp, role);
View Full Code Here
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
      for (; esrr.hasMoreElements();){
    SecurityRoleReference srr = (SecurityRoleReference)esrr.nextElement();
    if(srr != null){
        String action = srr.getRoleName();
        WebRoleRefPermission wrrp = new WebRoleRefPermission(name, action);
        role.add(new Role(action));
        pc.addToRole(srr.getSecurityRoleLink().getName(),wrrp);
        if (logger.isLoggable(Level.FINE)){
      logger.log(Level.FINE,"JACC: role-reference translation: RoleRefPermission created with name(servlet-name)  = "+ name  +
           " and action(Role-name tag) = " + action + " added to role(role-link tag) = "+ srr.getSecurityRoleLink().getName());
        }

    }
      }
      if (logger.isLoggable(Level.FINE)){
    logger.log(Level.FINE,"JACC: role-reference translation: Going through the list of roles not present in RoleRef elements and creating WebRoleRefPermissions ");
      }
      for(Iterator it = roleset.iterator(); it.hasNext();){
    Role r = (Role)it.next();
    if (logger.isLoggable(Level.FINE)){
        logger.log(Level.FINE,"JACC: role-reference translation: Looking at Role =  "+r.getName());
    }
    if(!role.contains(r)){
        String action = r.getName();
        WebRoleRefPermission wrrp = new WebRoleRefPermission(name, action);
        pc.addToRole(action ,wrrp);
        if (logger.isLoggable(Level.FINE)){
      logger.log(Level.FINE,"JACC: role-reference translation: RoleRef  = "+ action +
           " is added for servlet-resource = " + name);
      logger.log(Level.FINE, "JACC: role-reference translation: Permission added for above role-ref ="
           + wrrp.getName() +" "+ wrrp.getActions());
        }
    }
      }
  }
  if (logger.isLoggable(Level.FINE)){
      logger.exiting("WebPermissionUtil", "createWebRoleRefPermission");
  }
       
        // START S1AS8PE 4966609
        /**
         * For every security role in the web application add a
         * WebRoleRefPermission to the corresponding role. The name of all such
         * permissions shall be the empty string, and the actions of each
         * permission shall be the corresponding role name. When checking a
         * WebRoleRefPermission from a JSP not mapped to a servlet, use a
         * permission with the empty string as its name
         * and with the argument to isUserInRole as its actions
         */
        for(Iterator it = roleset.iterator(); it.hasNext();){
            Role r = (Role)it.next();
            if (logger.isLoggable(Level.FINE)){
                logger.log(Level.FINE,
                    "JACC: role-reference translation: Looking at Role =  "
                        + r.getName());
            }
            String action = r.getName();
            WebRoleRefPermission wrrp = new WebRoleRefPermission("", action);
            pc.addToRole(action ,wrrp);
            if (logger.isLoggable(Level.FINE)){
                logger.log(Level.FINE,
                    "JACC: role-reference translation: RoleRef  = "
View Full Code Here
463
464
465
466
467
468
469
470
471
472
473
474
    public boolean areResourceReferencesValid() {
    // run through each of the ejb's role references, checking that the roles exist in this bundle
    for (EjbDescriptor ejbDescriptor : getEjbs()) {
        for (Iterator roleRefs = ejbDescriptor.getRoleReferences().iterator(); roleRefs.hasNext();) {
        RoleReference roleReference = (RoleReference) roleRefs.next();
        Role referredRole = roleReference.getRole();
        if (!referredRole.getName().equals("")
            && !super.getRoles().contains(referredRole) ) {
           
            _logger.log(Level.FINE,localStrings.getLocalString(
               "enterprise.deployment.badrolereference",
               "Warning: Bad role reference to {0}", new Object[] {referredRole}));
View Full Code Here
144
145
146
147
148
149
150
151
            }

            if (_logger.isLoggable(Level.FINE)) {
                _logger.log(Level.FINE, "Default role is: " + defaultRoleName);
            }
            defaultRole = new Role(defaultRoleName);
        }
    }
View Full Code Here
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
    public RoleMapper(RoleMapper r) {
        this.appName = r.getName();
        for (Iterator<String> it = r.getRoles(); it.hasNext();) {
            String role = it.next();
            // recover groups
            Enumeration<Group> groups = r.getGroupsAssignedTo(new Role(role));
            Set<Group> groupsToRole = new HashSet<Group>();
            for (; groups.hasMoreElements();) {
                Group gp = groups.nextElement();
                groupsToRole.add(new Group(gp.getName()));
                addRoleToPrincipal(gp, role);
            }
            this.roleToGroup.put(role, groupsToRole);

            // recover principles
            Enumeration<Principal> users = r.getUsersAssignedTo(new Role(role));
            Set<Principal> usersToRole = new HashSet<Principal>();
            for (; users.hasMoreElements();) {
                PrincipalImpl gp = (PrincipalImpl) users.nextElement();
                usersToRole.add(new PrincipalImpl(gp.getName()));
                addRoleToPrincipal(gp, role);
View Full Code Here
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
     * Returns an Enumeration of my SecurityRole objects.
     */
    public Enumeration<SecurityRoleDescriptor> getSecurityRoles() {
        Vector<SecurityRoleDescriptor> securityRoles = new Vector<SecurityRoleDescriptor>();
        for (Iterator itr = super.getRoles().iterator(); itr.hasNext();) {
            Role r = (Role) itr.next();
            SecurityRoleDescriptor srd = new SecurityRoleDescriptor(r);
            securityRoles.add(srd);
        }
        return securityRoles.elements();
    }
View Full Code Here
TOP

Related Classes of org.glassfish.security.common.Role

  • com.sun.enterprise.deployment.annotation.handlers.DeclareRolesHandler
  • com.sun.enterprise.deployment.annotation.handlers.RolesAllowedHandler
  • com.sun.enterprise.deployment.annotation.handlers.RunAsHandler
  • com.sun.enterprise.deployment.Application
  • com.sun.enterprise.deployment.BundleDescriptor
  • com.sun.enterprise.deployment.node.runtime.application.gf.ApplicationRuntimeNode
  • com.sun.enterprise.deployment.RoleReference
  • com.sun.enterprise.security.acl.RoleMapper
  • com.sun.enterprise.security.ee.Audit
  • com.sun.enterprise.security.web.integration.WebPermissionUtil
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.