Examples of org.jboss.security.RealmMapping

• org.jboss.security.RealmMapping
  The interface for Principal mapping. It defines the mapping from the operational environment Principal to the application domain principal via the {@link #getPrincipal(Principal) getPrincipal} method. It also definesthe method for validating the application domain roles to which the operational environment Principal belongs via the {@link #getPrincipal(Principal) getPrincipal}method. @author Scott.Stark@jboss.org @version $Revision: 57203 $

   }

   public Object createPerClass(Advisor advisor)
   {
      AuthenticationManager manager = (AuthenticationManager)advisor.getDefaultMetaData().getMetaData("security", "authentication-manager");
      RealmMapping mapping = (RealmMapping)advisor.getDefaultMetaData().getMetaData("security", "realm-mapping");
      if (manager == null)
      {
         SecurityDomain domain = (SecurityDomain)advisor.resolveAnnotation(SecurityDomain.class);
         if (domain == null) throw new RuntimeException("Unable to determine security domain");
         try

      return isInRole(getCurrentPrincipal(), roleName);
   }

   private static boolean isInRole(Principal principal, String roleName)
   {
      RealmMapping rm = (RealmMapping)currentDomain.get();
      if (rm == null) return false;

      HashSet set = new HashSet();
      set.add(new SimplePrincipal(roleName));

      if (principal instanceof RunAsIdentity)
      {
         return ((RunAsIdentity)principal).doesUserHaveRole(set);
      }
      else
      {
         return rm.doesUserHaveRole(principal, set);
      }
   }

   }

   public Object createPerClass(Advisor advisor)
   {
      AuthenticationManager manager = (AuthenticationManager)advisor.getDefaultMetaData().getMetaData("security", "authentication-manager");
      RealmMapping mapping = (RealmMapping)advisor.getDefaultMetaData().getMetaData("security", "realm-mapping");
      if (manager == null)
      {
         SecurityDomain domain = (SecurityDomain)advisor.resolveAnnotation(SecurityDomain.class);
         if (domain == null) throw new RuntimeException("Unable to determine security domain");
         try

/*     */   public AuthenticationManager getSecurityManager() {
/* 109 */     return this.securityMgr;
/*     */   }
/*     */
/*     */   public RealmMapping getRealmMapping() {
/* 113 */     RealmMapping realmMapping = null;
/* 114 */     if ((this.authorizationMgr != null) && ((this.authorizationMgr instanceof RealmMapping)))
/*     */     {
/* 116 */       realmMapping = (RealmMapping)this.authorizationMgr;
/*     */     }
/* 119 */     else if ((this.securityMgr instanceof RealmMapping))

/*  852 */         String domainCtx = "java:/jaas/" + unprefixed + "/domainContext";
/*  853 */         SecurityDomainContext sdc = (SecurityDomainContext)iniCtx.lookup(domainCtx);
/*  854 */         Object securityMgr = sdc.getSecurityManager();
/*      */
/*  857 */         AuthenticationManager ejbS = (AuthenticationManager)securityMgr;
/*  858 */         RealmMapping rM = (RealmMapping)securityMgr;
/*  859 */         container.setSecurityManager(ejbS);
/*  860 */         container.setRealmMapping(rM);
/*      */
/*  862 */         container.setSecurityManagement((ISecurityManagement)unit.getAttachment("EJB.securityManagement"));
/*      */

/*     */
/*     */     Principal getCallerPrincipalInternal()
/*     */     {
/* 368 */       if (EnterpriseContext.this.beanPrincipal == null)
/*     */       {
/* 370 */         RealmMapping rm = EnterpriseContext.this.con.getRealmMapping();
/* 371 */         EJBAuthorizationHelper helper = new EJBAuthorizationHelper(EnterpriseContext.this.securityContext);
/* 372 */         Principal caller = helper.getCallerPrincipal(rm);
/* 373 */         if (caller == null)
/*     */         {
/* 379 */           if (EnterpriseContext.this.principal != null)
/*     */           {
/* 381 */             if (rm != null)
/* 382 */               caller = rm.getPrincipal(EnterpriseContext.this.principal);
/*     */             else {
/* 384 */               caller = EnterpriseContext.this.principal;
/*     */             }
/*     */           }
/*     */           else

/*  87 */     return isInRole(getCurrentPrincipal(), roleName);
/*     */   }
/*     */
/*     */   private static boolean isInRole(Principal principal, String roleName)
/*     */   {
/*  92 */     RealmMapping rm = (RealmMapping)currentDomain.get();
/*  93 */     if (rm == null) return false;
/*     */
/*  95 */     HashSet set = new HashSet();
/*  96 */     set.add(new SimplePrincipal(roleName));
/*     */
/*  98 */     if ((principal instanceof RunAsIdentity))
/*     */     {
/* 100 */       return ((RunAsIdentity)principal).doesUserHaveRole(set);
/*     */     }
/*     */
/* 104 */     return rm.doesUserHaveRole(principal, set);
/*     */   }

/*    */   }
/*    */
/*    */   public Object createPerClass(Advisor advisor)
/*    */   {
/* 50 */     AuthenticationManager manager = (AuthenticationManager)advisor.getDefaultMetaData().getMetaData("security", "authentication-manager");
/* 51 */     RealmMapping mapping = (RealmMapping)advisor.getDefaultMetaData().getMetaData("security", "realm-mapping");
/* 52 */     if (manager == null)
/*    */     {
/* 54 */       SecurityDomain domain = (SecurityDomain)advisor.resolveAnnotation(SecurityDomain.class);
/* 55 */       if (domain == null) throw new RuntimeException("Unable to determine security domain");
/*    */       try

/*     */     {
/* 154 */       EJBContainer ec = (EJBContainer)this.container;
/*     */
/* 156 */       Principal callerPrincipal = null;
/*     */
/* 158 */       RealmMapping rm = (RealmMapping)this.container.getSecurityManager(RealmMapping.class);
/*     */
/* 160 */       SecurityContext sc = SecurityContextAssociation.getSecurityContext();
/* 161 */       if (sc == null)
/*     */       {
/* 163 */         SecurityDomain domain = (SecurityDomain)ec.resolveAnnotation(SecurityDomain.class);
/* 164 */         String unauth = domain.unauthenticatedPrincipal();
/* 165 */         if ((unauth != null) && (unauth.length() > 0) &&
/* 166 */           (domain.unauthenticatedPrincipal() != null))
/* 167 */           callerPrincipal = new SimplePrincipal(unauth);
/*     */       }
/*     */       else
/*     */       {
/* 171 */         EJBAuthorizationHelper helper = new EJBAuthorizationHelper(sc);
/* 172 */         callerPrincipal = helper.getCallerPrincipal(rm);
/*     */       }
/*     */
/* 175 */       if (callerPrincipal == null)
/*     */       {
/* 178 */         callerPrincipal = sc.getUtil().getUserPrincipal();
/* 179 */         if (rm != null) {
/* 180 */           callerPrincipal = rm.getPrincipal(callerPrincipal);
/*     */         }
/*     */       }
/* 183 */       if (callerPrincipal == null)
/*     */       {
/* 185 */         SecurityDomain domain = (SecurityDomain)ec.resolveAnnotation(SecurityDomain.class);

/*    */     catch (NamingException e)
/*    */     {
/* 65 */       throw new RuntimeException(e);
/*    */     }
/* 67 */     AuthenticationManager manager = (AuthenticationManager)domain;
/* 68 */     RealmMapping mapping = (RealmMapping)domain;
/* 69 */     if (manager == null) throw new RuntimeException("Unable to find Security Domain");
/*    */
/* 71 */     CodeSource ejbCS = advisor.getClazz().getProtectionDomain().getCodeSource();
/* 72 */     String ejbName = ((EJBContainer)advisor).getEjbName();
/* 73 */     return new RoleBasedAuthorizationInterceptorv2(container, ejbCS, ejbName);