FileDocCategorySizeDatePackage
EJBMethodPermission.javaAPI DocGlassfish v2 API22226Fri May 04 22:36:00 BST 2007javax.security.jacc

EJBMethodPermission

public final class EJBMethodPermission extends Permission implements Serializable
Class for EJB method permissions.

The name of an EJBMethodPermission contains the value of the ejb-name element in the application's deployment descriptor that identifies the target EJB.

The actions of an EJBMethodPermission identifies the methods of the EJB to which the permission applies.

Implementations of this class MAY implement newPermissionCollection or inherit its implementation from the super class.

see
java.security.Permission
author
Ron Monzillo
author
Gary Ellison

Fields Summary
private static final String[]
interfaceKeys
private static HashMap
interfaceHash
private transient int
methodInterface
private transient String
otherMethodInterface
private transient String
methodName
private transient String
methodParams
private transient String
actions
private transient int
hashCodeValue
private static final long
serialVersionUID
private static final ObjectStreamField[]
serialPersistentFields
The serialized fields of this permission are defined below. Whether or not the serialized fields correspond to actual (private) fields is an implementation decision.
Constructors Summary
public EJBMethodPermission(String name, String actions)
Creates a new EJBMethodPermission with the specified name and actions.

The name contains the value of the ejb-name element corresponding to an EJB in the application's deployment descriptor.

The actions contains a methodSpec. The syntax of the actions parameter is defined as follows: 

methodNameSpec ::= methodName | emptyString

methodInterfaceName ::= String

methodInterfaceSpec ::= methodInterfaceName | emptyString

typeName ::= typeName | typeName []

methodParams ::= typeName | methodParams comma typeName

methodParamsSpec ::= emptyString | methodParams

methodSpec ::= null |
methodNameSpec |
methodNameSpec comma methodInterfaceName |
methodNameSpec comma methodInterfaceSpec comma methodParamsSpec

A MethodInterfaceName is a non-empty String and should contain a method-intf value as defined for use in EJB deployment descriptors. An implementation must be flexible such that it supports additional interface names especially if they are standardized by the EJB Specification. The EJB Specification currently defines the following method-intf values: 

{ "Home", "LocalHome", "Remote", "Local", "ServiceEndpoint" }

A null or empty string methodSpec indicates that the permission applies to all methods of the EJB. A methodSpec with a methodNameSpec of the empty string matches all methods of the EJB that match the methodInterface and methodParams elements of the methodSpec.

A methodSpec with a methodInterfaceSpec of the empty string matches all methods of the EJB that match the methodNameSpec and methodParamsSpec elements of the methodSpec.

A methodSpec without a methodParamsSpec matches all methods of the EJB that match the methodNameSpec and methodInterface elements of the methodSpec.

The order of the typeNames in methodParams array must match the order of occurence of the corresponding parameters in the method signature of the target method(s). Each typeName in the methodParams must contain the canonical form of the corresponding parameter's typeName as defined by the getActions method. A methodSpec with an empty methodParamsSpec matches all 0 argument methods of the EJB that match the methodNameSpec and methodInterfaceSpec elements of the methodSpec.

param
name of the EJB to which the permission pertains.

param
actions identifies the methods of the EJB to which the permission pertains.


                                                                                                                                                                                                                                                                                                                                                                                                                                       
    
        
    
	super(name);
	setMethodSpec(actions);
public EJBMethodPermission(String EJBName, String methodName, String methodInterface, String[] methodParams)
Creates a new EJBMethodPermission with name corresponding to the EJBName and actions composed from methodName, methodInterface, and methodParams.

param
EJBName The string representation of the name of the EJB as it appears in the corresponding ejb-name element in the deployment descriptor.

param
methodName A string that may be used to indicate the method of the EJB to which the permission pertains. A value of null or "" indicates that the permission pertains to all methods that match the other parameters of the permission specification without consideration of method name.

param
methodInterface A string that may be used to specify the EJB interface to which the permission pertains. A value of null or "", indicates that the permission pertains to all methods that match the other parameters of the permission specification without consideration of the interface they occur on.

param
methodParams An array of strings that may be used to specify (by typeNames) the parameter signature of the target methods. The order of the typeNames in methodParams array must match the order of occurence of the corresponding parameters in the method signature of the target method(s). Each typeName in the methodParams array must contain the canonical form of the corresponding parameter's typeName as defined by the getActions method. An empty methodParams array is used to represent a method signature with no arguments. A value of null indicates that the permission pertains to all methods that match the other parameters of the permission specification without consideration of method signature.

	super(EJBName);
	setMethodSpec(methodName,methodInterface,methodParams);
public EJBMethodPermission(String EJBName, String methodInterface, Method method)
Creates a new EJBMethodPermission with name corresponding to the EJBName and actions composed from methodInterface, and the Method object.

A container uses this constructor prior to checking if a caller has permission to call the method of an EJB.

param
EJBName The string representation of the name of the EJB as it appears in the corresponding ejb-name element in the deployment descriptor.

param
methodInterface A string that may be used to specify the EJB interface to which the permission pertains. A value of null or "", indicates that the permission pertains to all methods that match the other parameters of the permission specification without consideration of the interface they occur on.

param
method an instance of the Java.lang.reflect.Method class corresponding to the method that the container is trying to determine whether the caller has permission to access. This value must not be null.

	super(EJBName);
	setMethodSpec(methodInterface,method);
Methods Summary
public booleanequals(java.lang.Object o)
Checks two EJBMethodPermission objects for equality. EJBMethodPermission objects are equivalent if they have case sensitive equivalent name and actions values.

Two Permission objects, P1 and P2, are equivalent if and only if P1.implies(P2) && P2.implies(P1).

param
o the EJBMethodPermission object being tested for equality with this EJBMethodPermission

return
true if the argument EJBMethodPermission object is equivalent to this EJBMethodPermission.

	if (o == null || ! (o instanceof EJBMethodPermission)) return false;

	EJBMethodPermission that = (EJBMethodPermission) o;

	if (!this.getName().equals(that.getName())) return false;

	if (this.methodName != null) {
	    if (that.methodName == null || 
		!this.methodName.equals(that.methodName)) return false;
	}
	else if (that.methodName != null) return false;

	if (this.methodInterface != that.methodInterface) return false;

	if (this.methodInterface == -2 &&
	    !this.otherMethodInterface.equals(that.otherMethodInterface))
	    return false;

	if (this.methodParams != null) {
	    if (that.methodParams == null || 
		!this.methodParams.equals(that.methodParams)) return false;
	}
	else if (that.methodParams != null) return false;

	return true;
public java.lang.StringgetActions()
Returns a String containing a canonical representation of the actions of this EJBMethodPermission. The Canonical form of the actions of an EJBMethodPermission is described by the following syntax description. 

methodNameSpec ::= methodName | emptyString

methodInterfaceName ::= String

methodInterfaceSpec ::= methodInterfaceName | emptyString

typeName ::= typeName | typeName []

methodParams ::= typeName | methodParams comma typeName

methodParamsSpec ::= emptyString | methodParams

methodSpec ::= null |
methodName |
methodNameSpec comma methodInterfaceName |
methodNameSpec comma methodInterfaceSpec comma methodParamsSpec

The canonical form of each typeName must begin with the fully qualified Java name of the corresponding parameter's type. The canonical form of a typeName for an array parameter is the fully qualified Java name of the array's component type followed by as many instances of the string "[]" as there are dimensions to the array. No additional characters (e.g. blanks) may occur in the canonical form.

A MethodInterfaceName is a non-empty String and should contain a method-intf value as defined for use in EJB deployment descriptors. An implementation must be flexible such that it supports additional interface names especially if they are standardized by the EJB Specification. The EJB Specification currently defines the following method-intf values: 

{ "Home", "LocalHome", "Remote", "Local", "ServiceEndpoint" }

return
a String containing the canonicalized actions of this EJBMethodPermission.

	if (this.actions == null) {

	    String iSpec = (this.methodInterface == -1 ? null :
			    (this.methodInterface < 0 ? 
			     this.otherMethodInterface :
			     interfaceKeys[this.methodInterface]));
	    
	    if (this.methodName == null) {
		if (iSpec == null) {
		    if (this.methodParams != null)
			this.actions = "," + this.methodParams;
		}
		else if (this.methodParams == null)
		    this.actions = "," + iSpec; 
		else this.actions = "," + iSpec + this.methodParams;
	    }
	    else if (iSpec == null) { 
		if (this.methodParams == null) this.actions = this.methodName;
		else this.actions = this.methodName + "," + this.methodParams;
	    }
	    else if (this.methodParams == null) {
		this.actions = this.methodName + "," + iSpec; 
	    }
	    else this.actions = this.methodName + "," + iSpec + 
		     this.methodParams;
	}

	return this.actions;
public inthashCode()
Returns the hash code value for this EJBMethodPermission. The properties of the returned hash code must be as follows:

  • During the lifetime of a Java application, the hashCode method must return the same integer value every time it is called on a EJBMethodPermission object. The value returned by hashCode for a particular EJBMethodPermission need not remain consistent from one execution of an application to another.
  • If two EJBMethodPermission objects are equal according to the equals method, then calling the hashCode method on each of the two Permission objects must produce the same integer result (within an application).

return
the integer hash code value for this object.

	if (hashCodeValue == 0) {

	    String hashInput;
	    String actions = this.getActions();

	    if (actions == null) hashInput = this.getName();
	    else hashInput = new String(this.getName() + " " + actions);

	    hashCodeValue = hashInput.hashCode();
	}
	return this.hashCodeValue;
public booleanimplies(java.security.Permission permission)
Determines if the argument Permission is "implied by" this EJBMethodPermission. For this to be the case,

  • The argument must be an instanceof EJBMethodPermission
  • with name equivalent to that of this EJBMethodPermission, and
  • the methods to which the argument permission applies (as defined in its actions) must be a subset of the methods to which this EJBMethodPermission applies (as defined in its actions).

The argument permission applies to a subset of the methods to which this permission applies if all of the following conditions are met.

  • the method name component of the methodNameSpec of this permission is null, the empty string, or equivalent to the method name of the argument permission, and
  • the method interface component of the methodNameSpec of this permission is null, the empty string, or equivalent to the method interface of the argument permission, and
  • the method parameter list component of the methodNameSpec of this permission is null, the empty string, or equivalent to the method parameter list of the argument permission.

The name and actions comparisons described above are case sensitive.

param
permission "this" EJBMethodPermission is checked to see if it implies the argument permission.

return
true if the specified permission is implied by this object, false if not.

	if (permission == null ||
	    ! (permission instanceof EJBMethodPermission)) return false;

	EJBMethodPermission that = (EJBMethodPermission) permission;

	if (!this.getName().equals(that.getName())) return false;
	    
	if (this.methodName != null && 
	    (that.methodName == null || 
	     !this.methodName.equals(that.methodName))) return false;

	if (this.methodInterface != -1 &&
	    (that.methodInterface == -1 ||
	    this.methodInterface != that.methodInterface)) return false;

	if (this.methodInterface == -2 &&
	    !this.otherMethodInterface.equals(that.otherMethodInterface))
	    return false;

	if (this.methodParams != null &&
	    (that.methodParams == null ||
	    !this.methodParams.equals(that.methodParams))) return false;

	return true;
private synchronized voidreadObject(java.io.ObjectInputStream s)
readObject reads the serialized fields from the input stream and uses them to restore the permission. This method need not be implemented if establishing the values of the serialized fields (as is done by defaultReadObject) is sufficient to initialize the permission.

	setMethodSpec((String) s.readFields().get("actions",null));
private voidsetMethodSpec(java.lang.String actions)

	
        String mInterface = null;

	this.methodName = null;
	this.methodParams = null;

	if (actions != null) {

	    if (actions.length() > 0) {

		int i = actions.indexOf(',");
		if (i < 0) this.methodName = actions;
		else if (i >= 0) {

		    if (i != 0) this.methodName = actions.substring(0,i);

		    if (actions.length() == i+1)
			throw new 
			    IllegalArgumentException("illegal actions spec"); 

		    int j = actions.substring(i+1).indexOf(',");
		    if (j < 0) mInterface = actions.substring(i+1);
		    
		    else {
			if (j > 0) mInterface = actions.substring(i+1,i+j+1);
			this.methodParams = actions.substring(i+j+1);

			if (this.methodParams.length() > 1 && 
			    this.methodParams.endsWith(",")) 
			    throw new 
				IllegalArgumentException("illegal methodParam"); 
		    }
		}
	    } else {
		//canonical form of emptystring actions is null
		actions = null;
	    }
	}

	this.methodInterface = validateInterface(mInterface); 

	if (this.methodInterface < -1) 
	    this.otherMethodInterface = mInterface;

	this.actions = actions;
private voidsetMethodSpec(java.lang.String methodName, java.lang.String mInterface, java.lang.String[] methodParams)

	if (methodName != null && methodName.indexOf(',") >= 0)
	    throw new IllegalArgumentException("illegal methodName");
	
	this.methodInterface = validateInterface(mInterface);

	if (this.methodInterface < -1) 
	    this.otherMethodInterface = mInterface;

	if (methodParams != null) {

	    StringBuffer mParams = new StringBuffer(",");

	    for (int i=0; i<methodParams.length; i++) {
		if (methodParams[i] == null || 
		    methodParams[i].indexOf(',") >= 0)
		    throw new IllegalArgumentException("illegal methodParam");
		if (i == 0) mParams.append(methodParams[i]);
		else mParams.append("," + methodParams[i]);
	    }
	    this.methodParams = mParams.toString();
	}
	else this.methodParams = null;

	this.methodName = methodName;
private voidsetMethodSpec(java.lang.String mInterface, java.lang.reflect.Method method)

	this.methodInterface = validateInterface(mInterface);

	if (this.methodInterface < -1) 
	    this.otherMethodInterface = mInterface;

	this.methodName = method.getName();

	Class[] params = method.getParameterTypes();
 
        StringBuffer mParams = new StringBuffer(",");

	for (int i=0; i<params.length; i++) {

	    String pname = params[i].getName();
	    Class compType = params[i].getComponentType();

	    // Canonicalize parameter if it is an Array.
	    if (compType != null) {
		String brackets = "[]";
		while (compType.getComponentType() != null) {
		    compType = compType.getComponentType();
		    brackets = brackets + "[]";
		}
		pname = compType.getName() + brackets;
	    }

 	    if (i == 0) mParams.append(pname);
	    else mParams.append("," + pname);
	}

        this.methodParams = mParams.toString();
private static intvalidateInterface(java.lang.String methodInterface)

	int result = -1;
	if (methodInterface != null && methodInterface.length() > 0) {
	    Integer i = (Integer) interfaceHash.get(methodInterface);
	    if (i != null) result = i.intValue();
	    else result = -2;
	}
	return result;
private synchronized voidwriteObject(java.io.ObjectOutputStream s)
writeObject is used to establish the values of the serialized fields before they are written to the output stream and need not be implemented if the values of the serialized fields are always available and up to date. The serialized fields are written to the output stream in the same form as they would be written by defaultWriteObject.

	s.putFields().put("actions",this.getActions());
	s.writeFields();