001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022: package org.jboss.metadata;
023:
024: import org.jboss.deployment.DeploymentException;
025: import org.w3c.dom.Element;
026:
027: /**
028: * The meta data object for the security-identity element.
029: * The security-identity element specifies whether the caller�s security
030: * identity is to be used for the execution of the methods of the enterprise
031: * bean or whether a specific run-as role is to be used. It
032: * contains an optional description and a specification of the security
033: * identity to be used.
034: * <p/>
035: * Used in: session, entity, message-driven
036: *
037: * @author <a href="mailto:Scott_Stark@displayscape.com">Scott Stark</a>.
038: * @author <a href="mailto:Thomas.Diesler@jboss.org">Thomas Diesler</a>.
039: * @version $Revision: 57209 $
040: */
041: public class SecurityIdentityMetaData extends MetaData {
042: private String description;
043: /**
044: * The use-caller-identity element specifies that the caller�s security
045: * identity be used as the security identity for the execution of the
046: * enterprise bean�s methods.
047: */
048: private boolean useCallerIdentity;
049: /**
050: * The run-as/role-name element specifies the run-as security role name
051: * to be used for the execution of the methods of an enterprise bean.
052: */
053: private String runAsRoleName;
054: /**
055: * The principal that corresponds to run-as role
056: */
057: private String runAsPrincipalName;
058:
059: public String getDescription() {
060: return description;
061: }
062:
063: public boolean getUseCallerIdentity() {
064: return useCallerIdentity;
065: }
066:
067: public void setUseCallerIdentity(boolean flag) {
068: this .useCallerIdentity = flag;
069: }
070:
071: public String getRunAsRoleName() {
072: return runAsRoleName;
073: }
074:
075: public void setRunAsRoleName(String runAsRoleName) {
076: this .runAsRoleName = runAsRoleName;
077: }
078:
079: public String getRunAsPrincipalName() {
080: return runAsPrincipalName;
081: }
082:
083: public void setRunAsPrincipalName(String principalName) {
084: this .runAsPrincipalName = principalName;
085: }
086:
087: /**
088: * @param element the security-identity element from the ejb-jar
089: */
090: public void importEjbJarXml(Element element)
091: throws DeploymentException {
092: description = getElementContent(getOptionalChild(element,
093: "description"));
094: Element callerIdent = getOptionalChild(element,
095: "use-caller-identity");
096: Element runAs = getOptionalChild(element, "run-as");
097: if (callerIdent == null && runAs == null)
098: throw new DeploymentException(
099: "security-identity: either use-caller-identity or run-as must be specified");
100: if (callerIdent != null && runAs != null)
101: throw new DeploymentException(
102: "security-identity: only one of use-caller-identity or run-as can be specified");
103: if (callerIdent != null) {
104: useCallerIdentity = true;
105: } else {
106: runAsRoleName = getElementContent(getUniqueChild(runAs,
107: "role-name"));
108: }
109: }
110: }
|