org.jboss.ejb.plugins
Class SecurityInterceptor

java.lang.Object
  extended by org.jboss.ejb.plugins.AbstractInterceptor
      extended by org.jboss.ejb.plugins.SecurityInterceptor
All Implemented Interfaces:
AllowedOperationsFlags, ContainerPlugin, Interceptor, Service

public class SecurityInterceptor
extends AbstractInterceptor

The SecurityInterceptor is where the EJB 2.0 declarative security model is enforced. This is where the caller identity propagation is controlled as well.

Version:
$Revision: 81577 $
Author:
Oleg Nitz, Scott Stark., Thomas Diesler., Anil Saldhana

Nested Class Summary
static interface SecurityInterceptor.AuthenticationObserver
          The interface of an observer that should be notified when principal authentication fails.
 
Field Summary
protected  String appSecurityDomain
          Security Domain configured as part of the application
protected  SecurityInterceptor.AuthenticationObserver authenticationObserver
           
protected  String defaultAuthorizationSecurityDomain
           
protected  Map<String,Set<String>> deploymentRoles
           
protected  CodeSource ejbCS
           
protected  String ejbName
           
protected  Method ejbTimeout
          The TimedObject.ejbTimeout callback
protected  boolean isUseCallerIdentity
          Specify whether is configured, mainly for the use case of caller identity coming with run-as
protected  RealmMapping realmMapping
          The authorization manager plugin
protected  RunAs runAsIdentity
           
protected  ISecurityManagement securityManagement
          Represents the holder of the various security managers configured at the container level
protected  AuthenticationManager securityManager
          The authentication manager plugin
protected  Map securityRoles
           
 
Fields inherited from class org.jboss.ejb.plugins.AbstractInterceptor
container, log, nextInterceptor
 
Fields inherited from interface org.jboss.ejb.AllowedOperationsFlags
IN_AFTER_BEGIN, IN_AFTER_COMPLETION, IN_BEFORE_COMPLETION, IN_BUSINESS_METHOD, IN_EJB_ACTIVATE, IN_EJB_CREATE, IN_EJB_FIND, IN_EJB_HOME, IN_EJB_LOAD, IN_EJB_PASSIVATE, IN_EJB_POST_CREATE, IN_EJB_REMOVE, IN_EJB_STORE, IN_EJB_TIMEOUT, IN_INTERCEPTOR_METHOD, IN_SERVICE_ENDPOINT_METHOD, IN_SET_ENTITY_CONTEXT, IN_SET_MESSAGE_DRIVEN_CONTEXT, IN_SET_SESSION_CONTEXT, IN_UNSET_ENTITY_CONTEXT, NOT_ALLOWED
 
Constructor Summary
SecurityInterceptor()
           
 
Method Summary
 Object invoke(Invocation mi)
          ???
 Object invokeHome(Invocation mi)
          ???
 void setContainer(Container container)
          Called by the super class to set the container to which this interceptor belongs.
 void start()
           
 
Methods inherited from class org.jboss.ejb.plugins.AbstractInterceptor
create, destroy, getContainer, getNext, isAppException, setNext, stop
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

securityManager

protected AuthenticationManager securityManager
The authentication manager plugin


realmMapping

protected RealmMapping realmMapping
The authorization manager plugin


runAsIdentity

protected RunAs runAsIdentity

securityRoles

protected Map securityRoles

deploymentRoles

protected Map<String,Set<String>> deploymentRoles

authenticationObserver

protected SecurityInterceptor.AuthenticationObserver authenticationObserver

ejbTimeout

protected Method ejbTimeout
The TimedObject.ejbTimeout callback


ejbName

protected String ejbName

ejbCS

protected CodeSource ejbCS

appSecurityDomain

protected String appSecurityDomain
Security Domain configured as part of the application


defaultAuthorizationSecurityDomain

protected String defaultAuthorizationSecurityDomain

isUseCallerIdentity

protected boolean isUseCallerIdentity
Specify whether is configured, mainly for the use case of caller identity coming with run-as


securityManagement

protected ISecurityManagement securityManagement
Represents the holder of the various security managers configured at the container level

Constructor Detail

SecurityInterceptor

public SecurityInterceptor()
Method Detail

setContainer

public void setContainer(Container container)
Called by the super class to set the container to which this interceptor belongs. We obtain the security manager and runAs identity to use here.

Specified by:
setContainer in interface ContainerPlugin
Overrides:
setContainer in class AbstractInterceptor
Parameters:
container - The container using this plugin. This may be null if the plugin is being disassociated from a container.

start

public void start()
           throws Exception
Specified by:
start in interface Service
Overrides:
start in class AbstractInterceptor
Throws:
Exception

invokeHome

public Object invokeHome(Invocation mi)
                  throws Exception
Description copied from interface: Interceptor
???

Specified by:
invokeHome in interface Interceptor
Overrides:
invokeHome in class AbstractInterceptor
Parameters:
mi - ???
Returns:
???
Throws:
Exception - ???

invoke

public Object invoke(Invocation mi)
              throws Exception
Description copied from interface: Interceptor
???

Specified by:
invoke in interface Interceptor
Overrides:
invoke in class AbstractInterceptor
Parameters:
mi - ???
Returns:
???
Throws:
Exception - ???


Copyright © 2009 JBoss, a division of Red Hat, Inc.. All Rights Reserved.