001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022:
023: package org.jboss.ejb3.security;
024:
025: import java.security.CodeSource;
026:
027: import javax.naming.InitialContext;
028: import javax.naming.NamingException;
029:
030: import org.jboss.annotation.security.SecurityDomain;
031: import org.jboss.aop.Advisor;
032: import org.jboss.aop.InstanceAdvisor;
033: import org.jboss.aop.advice.AspectFactory;
034: import org.jboss.aop.joinpoint.Joinpoint;
035: import org.jboss.ejb3.Container;
036: import org.jboss.ejb3.EJBContainer;
037: import org.jboss.security.AuthenticationManager;
038: import org.jboss.security.RealmMapping;
039: import org.jboss.security.SubjectSecurityManager;
040:
041: /**
042: * @author <a href="mailto:kabir.khan@jboss.org">Kabir Khan</a>
043: * @author Anil.Saldhana@jboss.org
044: * @version $Revision$
045: */
046: public class JaccAuthorizationInterceptorFactory implements
047: AspectFactory {
048: public Object createPerVM() {
049: throw new RuntimeException(
050: "PER_VM not supported for this interceptor factory, only PER_CLASS");
051: }
052:
053: public Object createPerClass(Advisor advisor) {
054: try {
055: String contextID = (String) advisor.getDefaultMetaData()
056: .getMetaData("JACC", "ctx");
057:
058: //TODO: Get codesource
059:
060: CodeSource ejbCS = advisor.getClazz().getProtectionDomain()
061: .getCodeSource();
062:
063: String ejbName = ((EJBContainer) advisor).getEjbName();
064: JaccAuthorizationInterceptor jai = new JaccAuthorizationInterceptor(
065: ejbName, ejbCS);
066: jai.setRealmMapping(getSecurityManager(advisor));
067: return jai;
068: } catch (Exception e) {
069: throw new RuntimeException(e);
070: }
071: }
072:
073: public Object createPerInstance(Advisor advisor,
074: InstanceAdvisor instanceAdvisor) {
075: throw new RuntimeException(
076: "PER_VM not supported for this interceptor factory, only PER_CLASS");
077: }
078:
079: public Object createPerJoinpoint(Advisor advisor, Joinpoint jp) {
080: throw new RuntimeException(
081: "PER_VM not supported for this interceptor factory, only PER_CLASS");
082: }
083:
084: public Object createPerJoinpoint(Advisor advisor,
085: InstanceAdvisor instanceAdvisor, Joinpoint jp) {
086: throw new RuntimeException(
087: "PER_VM not supported for this interceptor factory, only PER_CLASS");
088: }
089:
090: public String getName() {
091: return getClass().getName();
092: }
093:
094: public RealmMapping getSecurityManager(Advisor advisor) {
095: Object domain = null;
096: Container container = (Container) advisor;
097: try {
098: InitialContext ctx = container.getInitialContext();
099: SecurityDomain securityAnnotation = (SecurityDomain) advisor
100: .resolveAnnotation(SecurityDomain.class);
101: if (securityAnnotation != null) {
102: domain = SecurityDomainManager.getSecurityManager(
103: securityAnnotation.value(), ctx);
104: }
105: } catch (NamingException e) {
106: throw new RuntimeException(e);
107: }
108: return (RealmMapping) domain;
109: }
110: }
|