Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * JBoss, Home of Professional Open Source.
   * Copyright 2011, Red Hat, Inc., and individual contributors
   * as indicated by the @author tags. See the copyright.txt file in the
   * distribution for a full listing of individual contributors.
   *
   * This is free software; you can redistribute it and/or modify it
   * under the terms of the GNU Lesser General Public License as
   * published by the Free Software Foundation; either version 2.1 of
  * the License, or (at your option) any later version.
  *
  * This software is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public
  * License along with this software; if not, write to the Free
  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
  */
 
 package org.jboss.as.ejb3.security;
 
 import static org.jboss.as.ejb3.EjbMessages.MESSAGES;
 
 
 import  org.jboss.invocation.Interceptor;
 import  org.jboss.invocation.InterceptorContext;
EJB authorization interceptor responsible for handling invocation on EJB methods and doing the necessary authorization checks on the invoked method.

User: Jaikiran Pai

 
 public class AuthorizationInterceptor implements Interceptor {

    
EJB method security metadata
 
     private final EJBMethodSecurityAttribute ejbMethodSecurityMetaData;

    
The view class name to which this interceptor is applicable
 
     private final String viewClassName;

    
The view method to which this interceptor is applicable
 
     private final Method viewMethod;
 
     public AuthorizationInterceptor(final EJBMethodSecurityAttribute ejbMethodSecurityMetaDatafinal String viewClassNamefinal Method viewMethod) {
         if (ejbMethodSecurityMetaData == null) {
             throw .ejbMethodSecurityMetaDataIsNull();
         }
         if (viewClassName == null || viewClassName.trim().isEmpty()) {
             throw .viewClassNameIsNull();
         }
         if (viewMethod == null) {
             throw .viewMethodIsNull();
         }
         this. = ejbMethodSecurityMetaData;
         this. = viewClassName;
         this. = viewMethod;
     }
 
     @Override
     public Object processInvocation(InterceptorContext contextthrows Exception {
         final Component component = context.getPrivateData(Component.class);
         if (component instanceof EJBComponent == false) {
             throw .unexpectedComponent(component,EJBComponent.class);
         }
         final Method invokedMethod = context.getMethod();
         final ComponentView componentView = context.getPrivateData(ComponentView.class);
         final String viewClassOfInvokedMethod = componentView.getViewClass().getName();
         // shouldn't really happen if the interceptor was setup correctly. But let's be safe and do a check
         if (!this..equals(viewClassOfInvokedMethod) || !this..equals(invokedMethod)) {
             throw .failProcessInvocation(this.getClass().getName(), invokedMethod,viewClassOfInvokedMethod);
         }
         final EJBComponent ejbComponent = (EJBComponentcomponent;
         // check @DenyAll/exclude-list
         if (.isDenyAll()) {
             throw .invocationOfMethodNotAllowed(invokedMethod,ejbComponent.getComponentName());
         }
         // If @PermitAll isn't applicable for the method then check the allowed roles
         if (!.isPermitAll()) {
             // get allowed roles (if any) for this method invocation
             final Collection<StringallowedRoles = .getRolesAllowed();
             if (!allowedRoles.isEmpty()) {
                 // call the security API to do authorization check
                 final ServerSecurityManager securityManager = ejbComponent.getSecurityManager();
                 final EJBSecurityMetaData ejbSecurityMetaData = ejbComponent.getSecurityMetaData();
                if (!securityManager.isCallerInRole(ejbSecurityMetaData.getSecurityRoles(), ejbSecurityMetaData.getSecurityRoleLinks(), allowedRoles.toArray(new String[allowedRoles.size()]))) {
                    throw .invocationOfMethodNotAllowed(invokedMethod,ejbComponent.getComponentName());
                }
            }
        }
        // successful authorization, let the invocation proceed
        return context.proceed();
    }
New to GrepCode? Check out our FAQ X