01: /*
02: * JBoss, Home of Professional Open Source.
03: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
04: * as indicated by the @author tags. See the copyright.txt file in the
05: * distribution for a full listing of individual contributors.
06: *
07: * This is free software; you can redistribute it and/or modify it
08: * under the terms of the GNU Lesser General Public License as
09: * published by the Free Software Foundation; either version 2.1 of
10: * the License, or (at your option) any later version.
11: *
12: * This software is distributed in the hope that it will be useful,
13: * but WITHOUT ANY WARRANTY; without even the implied warranty of
14: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15: * Lesser General Public License for more details.
16: *
17: * You should have received a copy of the GNU Lesser General Public
18: * License along with this software; if not, write to the Free
19: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21: */
22: package org.jboss.test.web.ejb;
23:
24: import java.security.Principal;
25: import java.util.StringTokenizer;
26: import javax.ejb.CreateException;
27: import javax.ejb.SessionBean;
28: import javax.ejb.SessionContext;
29: import javax.ejb.EJBException;
30: import javax.naming.InitialContext;
31: import javax.naming.Context;
32: import javax.naming.NamingException;
33:
34: import org.jboss.logging.Logger;
35:
36: /** A simple session bean for testing declarative security.
37:
38: @author Scott.Stark@jboss.org
39: @version $Revision: 57211 $
40: */
41: public class RunAsTargetBean implements SessionBean {
42: static Logger log = Logger.getLogger(RunAsTargetBean.class);
43:
44: private SessionContext sessionContext;
45:
46: public void ejbCreate() throws CreateException {
47: log.debug("ejbCreate() called");
48: }
49:
50: public void ejbActivate() {
51: log.debug("ejbActivate() called");
52: }
53:
54: public void ejbPassivate() {
55: log.debug("ejbPassivate() called");
56: }
57:
58: public void ejbRemove() {
59: log.debug("ejbRemove() called");
60: }
61:
62: public void setSessionContext(SessionContext context) {
63: sessionContext = context;
64: }
65:
66: /**
67: * Validate the run-as principal and roles
68: */
69: public void checkRunAs() {
70: Principal caller = sessionContext.getCallerPrincipal();
71: String callerName = caller.getName();
72: log.debug("checkRunAs, caller=" + caller);
73: try {
74: // Check the expected principal name
75: InitialContext ctx = new InitialContext();
76: Context enc = (Context) ctx.lookup("java:comp/env");
77: String name = (String) enc.lookup("runAsName");
78: if (name.equals(callerName) == false)
79: throw new EJBException("runAsName mismatch, " + name
80: + "!=" + callerName);
81: // Check the expected roles
82: String roles = (String) enc.lookup("runAsRoles");
83: StringTokenizer st = new StringTokenizer(roles, ",");
84: while (st.hasMoreTokens()) {
85: String role = st.nextToken();
86: boolean inRole = sessionContext.isCallerInRole(role);
87: String msg = "isCallerInRole(" + role + "): " + inRole;
88: log.debug(msg);
89: if (inRole == false)
90: throw new EJBException("Failed check: " + msg);
91: }
92: } catch (NamingException e) {
93: throw new EJBException("Failed to access enc", e);
94: }
95: }
96:
97: }
|