Source Code Cross Referenced for SecurityRolesBase.java in  » J2EE » ow2-easybeans » org » ow2 » easybeans » tests » common » ejbs » base » security » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /**
002:         * EasyBeans
003:         * Copyright (C) 2006 Bull S.A.S.
004:         * Contact: easybeans@ow2.org
005:         *
006:         * This library is free software; you can redistribute it and/or
007:         * modify it under the terms of the GNU Lesser General Public
008:         * License as published by the Free Software Foundation; either
009:         * version 2.1 of the License, or any later version.
010:         *
011:         * This library is distributed in the hope that it will be useful,
012:         * but WITHOUT ANY WARRANTY; without even the implied warranty of
013:         * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014:         * Lesser General Public License for more details.
015:         *
016:         * You should have received a copy of the GNU Lesser General Public
017:         * License along with this library; if not, write to the Free Software
018:         * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
019:         * USA
020:         *
021:         * --------------------------------------------------------------------------
022:         * $Id: SecurityRolesBase.java 1970 2007-10-16 11:49:25Z benoitf $
023:         * --------------------------------------------------------------------------
024:         */package org.ow2.easybeans.tests.common.ejbs.base.security;
025:
026:        import java.security.Principal;
027:
028:        import javax.annotation.Resource;
029:        import javax.annotation.security.DeclareRoles;
030:        import javax.annotation.security.DenyAll;
031:        import javax.annotation.security.PermitAll;
032:        import javax.annotation.security.RolesAllowed;
033:        import javax.ejb.EJB;
034:        import javax.ejb.SessionContext;
035:
036:        import org.ow2.easybeans.tests.common.ejbs.stateful.containermanaged.security.ItfEJBContextMethods;
037:
038:        /**
039:         * Containes different types of polices. In this class, the methods do nothing,
040:         * but has different types of polices.
041:         * @author Gisele Pinheiro Souza
042:         * @author Eduardo Studzinski Estima de Castro
043:         */
044:        @DeclareRoles({"mainrole","secondaryrole"})
045:        @RolesAllowed({"mainrole"})
046:        public class SecurityRolesBase implements  ItfSecurityRoles {
047:
048:            /**
049:             * The context used to test the security methods in the EJBContext
050:             * interface.
051:             */
052:            @Resource
053:            private SessionContext sessionContext;
054:
055:            /**
056:             * Bean used to test the getCallerPrincipal.
057:             */
058:            @EJB
059:            private ItfEJBContextMethods bean;
060:
061:            /**
062:             * Method with the police permiteAll.
063:             */
064:            @PermitAll
065:            public void permitAllAttribute() {
066:
067:            }
068:
069:            /**
070:             * Method with the polcie denyAll.
071:             */
072:            @DenyAll
073:            public void denyAllAttribute() {
074:
075:            }
076:
077:            /**
078:             * Method that can be accessed only by the mainrole and the secondaryrole.
079:             */
080:            @RolesAllowed(value={"mainrole","secondaryrole"})
081:            public void permitTwoRoles() {
082:
083:            }
084:
085:            /**
086:             * Method that can be accessed only by the mainrole.
087:             */
088:            @RolesAllowed(value={"mainrole"})
089:            public void permitOneRole() {
090:
091:            }
092:
093:            /**
094:             * Test the Roles declared on the bean class.
095:             * This has to be inherited by the method if nothing is set.
096:             */
097:            public void permitRolesOnBean() {
098:
099:            }
100:
101:            /**
102:             * Calls a method in other bean that returns the callerPrincipal. It
103:             * compares its caller with the caller returned. The caller for the two
104:             * methods must be the same.
105:             * @return true if the bean caller and the bean callee are called by the
106:             *         same role, false otherwise.
107:             */
108:            @PermitAll
109:            public boolean testCallerPrincipal() {
110:                Principal principalCaller = sessionContext.getCallerPrincipal();
111:                return principalCaller.equals(bean.getCallerPrincipal());
112:            }
113:
114:            /**
115:             * Returns the bean caller principal.
116:             * @return the caller principal.
117:             */
118:            @PermitAll
119:            public Principal getCallerPrincipal() {
120:                return sessionContext.getCallerPrincipal();
121:            }
122:
123:            /**
124:             * Compares the role in the parameter with the caller in role.
125:             * @param role the role name.
126:             * @return true if the caller has the role in the parameter, false
127:             *         otherwise.
128:             */
129:            @PermitAll
130:            public boolean isCallerinRole(final String role) {
131:                return sessionContext.isCallerInRole(role);
132:            }
133:
134:        }