001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022: package org.jboss.proxy;
023:
024: import java.security.Principal;
025: import java.security.PrivilegedAction;
026: import java.security.AccessController;
027:
028: import org.jboss.invocation.Invocation;
029: import org.jboss.security.SecurityAssociation;
030:
031: /**
032: * The client-side proxy for an EJB Home object.
033: *
034: * @author <a href="mailto:marc.fleury@jboss.org">Marc Fleury</a>
035: * @version $Revision: 57209 $
036: */
037: public class SecurityInterceptor extends Interceptor {
038: /** Serial Version Identifier. @since 1.4.2.1 */
039: private static final long serialVersionUID = -4206940878404525061L;
040:
041: /**
042: * No-argument constructor for externalization.
043: */
044: public SecurityInterceptor() {
045: }
046:
047: // Public --------------------------------------------------------
048:
049: public Object invoke(Invocation invocation) throws Throwable {
050: // Get Principal and credentials
051: SecurityActions sa = SecurityActions.UTIL.getSecurityActions();
052:
053: Principal principal = sa.getPrincipal();
054: if (principal != null) {
055: invocation.setPrincipal(principal);
056: }
057:
058: Object credential = sa.getCredential();
059: if (credential != null) {
060: invocation.setCredential(credential);
061: }
062:
063: return getNext().invoke(invocation);
064: }
065:
066: interface SecurityActions {
067: class UTIL {
068: static SecurityActions getSecurityActions() {
069: return System.getSecurityManager() == null ? NON_PRIVILEGED
070: : PRIVILEGED;
071: }
072: }
073:
074: SecurityActions NON_PRIVILEGED = new SecurityActions() {
075: public Principal getPrincipal() {
076: return SecurityAssociation.getPrincipal();
077: }
078:
079: public Object getCredential() {
080: return SecurityAssociation.getCredential();
081: }
082: };
083:
084: SecurityActions PRIVILEGED = new SecurityActions() {
085: private final PrivilegedAction getPrincipalAction = new PrivilegedAction() {
086: public Object run() {
087: return SecurityAssociation.getPrincipal();
088: }
089: };
090:
091: private final PrivilegedAction getCredentialAction = new PrivilegedAction() {
092: public Object run() {
093: return SecurityAssociation.getCredential();
094: }
095: };
096:
097: public Principal getPrincipal() {
098: return (Principal) AccessController
099: .doPrivileged(getPrincipalAction);
100: }
101:
102: public Object getCredential() {
103: return AccessController
104: .doPrivileged(getCredentialAction);
105: }
106: };
107:
108: Principal getPrincipal();
109:
110: Object getCredential();
111: }
112: }
|