FileDocCategorySizeDatePackage
Ejb3AuthenticationInterceptor.javaAPI DocJBoss 4.2.14173Fri Jul 13 20:53:52 BST 2007org.jboss.ejb3.security

Ejb3AuthenticationInterceptor

public class Ejb3AuthenticationInterceptor extends org.jboss.aspects.security.AuthenticationInterceptor
Authentication Interceptor
author
Bill Burke
author
Anil.Saldhana@jboss.org
version
$Revision: 62545 $

Fields Summary
private static final Logger
log
private org.jboss.ejb3.EJBContainer
container
protected org.jboss.security.RealmMapping
realmMapping
Constructors Summary
public Ejb3AuthenticationInterceptor(org.jboss.security.AuthenticationManager manager, org.jboss.ejb3.Container container)


       
   
      super(manager);
      this.container = (EJBContainer)container;
      this.realmMapping = (RealmMapping)manager;
Methods Summary
protected voidhandleGeneralSecurityException(java.security.GeneralSecurityException gse)

      log.debug("Authentication failure", gse);
      throw new EJBAccessException("Authentication failure");
public java.lang.Objectinvoke(org.jboss.aop.joinpoint.Invocation invocation)

      MethodInvocation mi = (MethodInvocation)invocation;
      SecurityDomain domain = (SecurityDomain)container.resolveAnnotation(SecurityDomain.class);
      
      if (domain != null && domain.unauthenticatedPrincipal() != null && domain.unauthenticatedPrincipal().length() != 0)
      {
         Principal principal = (Principal)invocation.getMetaData("security", "principal");
         if (principal == null)
            principal = SecurityAssociation.getPrincipal();
           
         if (principal == null)
         {
            invocation.getMetaData().addMetaData("security", "principal", new SimplePrincipal(domain.unauthenticatedPrincipal()));
            
            Object oldDomain = SecurityContext.getCurrentDomain().get();
            
            try
            {
               SecurityContext.getCurrentDomain().set(authenticationManager);
               return invocation.invokeNext();
            }
            finally
            {
               SecurityContext.getCurrentDomain().set(oldDomain);
            }
         }
      }
      try
      {  
         //Set a map of principal-roles that may be configured at deployment level
         if(container.getAssemblyDescriptor() != null)
         {
            SecurityRolesAssociation.setSecurityRoles(container.getAssemblyDescriptor().getPrincipalVersusRolesMap());
         }
         return super.invoke(invocation);
      }
      finally
      { 
         SecurityRolesAssociation.setSecurityRoles(null);
      }