Examples of org.jboss.security.javaee.SecurityRoleRef

• org.jboss.security.javaee.SecurityRoleRef
  Represents a Security Role Ref element in the deployment descriptor @author Anil Saldhana @since Jul 21, 2006 @version $Revision: 68749 $

      SecurityConfiguration.addApplicationPolicy(new ApplicationPolicy("other"));
   }

   private SecurityRoleRef getSecurityRoleRef(String roleName, String roleLink)
   {
      return new SecurityRoleRef(roleName, roleLink);
   }

      resource.setEjbMethod(DummyClass.class.getDeclaredMethods()[0]);
      resource.setEjbName(DummyClass.class.getCanonicalName());
      resource.setEjbMethodRoles( getRoleGroup(new String[] {"gooduser"}) );

      Set<SecurityRoleRef> roleRefSet = new HashSet<SecurityRoleRef>();
      roleRefSet.add(new SecurityRoleRef("employee", "gooduser"));
      resource.setSecurityRoleReferences(roleRefSet);

      int result = epmd.authorize(resource,
            new Subject(),
            getRoleGroup(new String[]{"gooduser", "validuser" }));

      resource.setEjbMethod(DummyClass.class.getDeclaredMethods()[0]);
      resource.setEjbName(DummyClass.class.getCanonicalName());
      resource.setEjbMethodRoles( getRoleGroup(new String[] {"gooduser"}) );

      Set<SecurityRoleRef> roleRefSet = new HashSet<SecurityRoleRef>();
      roleRefSet.add(new SecurityRoleRef("employee", "baduser")); //Bad user
      resource.setSecurityRoleReferences(roleRefSet);

      int result = epmd.authorize(resource,
            new Subject(),
            getRoleGroup(new String[]{"gooduser", "validuser" }));

      resource.setEjbName(DummyClass.class.getCanonicalName());
      resource.setEjbMethodRoles( getRoleGroup(new String[] {"gooduser"}) );
      resource.setEnforceEJBRestrictions(true); //Enforce EJB 1.1

      Set<SecurityRoleRef> roleRefSet = new HashSet<SecurityRoleRef>();
      roleRefSet.add(new SecurityRoleRef("employee", "gooduser"));
      resource.setSecurityRoleReferences(roleRefSet);

      int result = epmd.authorize(resource,
            new Subject(),
            getRoleGroup(new String[]{"gooduser", "validuser" }));

      resource.setEjbName(DummyClass.class.getCanonicalName());
      resource.setEjbMethodRoles( getRoleGroup(new String[] {"gooduser"}) );
      resource.setEnforceEJBRestrictions(true); //Enforce EJB 1.1

      Set<SecurityRoleRef> roleRefSet = new HashSet<SecurityRoleRef>();
      roleRefSet.add(new SecurityRoleRef("employee", "baduser")); //Bad user
      resource.setSecurityRoleReferences(roleRefSet);

      try
      {
          epmd.authorize(resource,

      //For Security Role Refs, we check that there is a principal
      ejbResource.setPrincipal(new SimplePrincipal("SomePrincipal"));

      //Additional entries needed for role ref
      Set<SecurityRoleRef> roleRefSet = new HashSet<SecurityRoleRef>();
      SecurityRoleRef srr = new SecurityRoleRef( "roleLink", "roleA", "something");
      roleRefSet.add(srr);
      ejbResource.setSecurityRoleReferences(roleRefSet);

      cmap.put(ResourceKeys.ROLEREF_PERM_CHECK, Boolean.TRUE);
      cmap.put(ResourceKeys.ROLENAME, "roleLink");

      Set<SecurityRoleRef> srset = new HashSet<SecurityRoleRef>();
      for(SecurityRoleRefMetaData srmd: roleRefs)
      {
         if (srmd.getRoleLink() == null)
            continue;
         srset.add(new SecurityRoleRef(srmd.getRoleName(),srmd.getRoleLink(),null));
      }
      Principal principal = getCallerPrincipal(sc, rm, domain);
      AbstractEJBAuthorizationHelper helper;
      try
      {