From: Francisco R. <rev...@us...> - 2004-12-31 02:57:41
|
User: reverbel Date: 04/12/30 18:57:31 Modified: src/main/org/jboss/ejb/plugins SecurityInterceptor.java Log: Added "authentication observer" hook for the CSIv2 code. The hook allows the CSIv2 code to send out a ContextError message when an authentication fails, as required by the CSIv2 protocol. (Merged from Branch_4_0.) Revision Changes Path 1.50 +21 -1 jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java Index: SecurityInterceptor.java =================================================================== RCS file: /cvsroot/jboss/jboss/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java,v retrieving revision 1.49 retrieving revision 1.50 diff -u -r1.49 -r1.50 --- SecurityInterceptor.java 16 Dec 2004 15:05:24 -0000 1.49 +++ SecurityInterceptor.java 31 Dec 2004 02:57:31 -0000 1.50 @@ -18,6 +18,7 @@ import org.jboss.security.RealmMapping; import org.jboss.security.RunAsIdentity; import org.jboss.security.SecurityRolesAssociation; +import org.jboss.system.Registry; import java.security.Principal; import java.util.Map; @@ -30,10 +31,19 @@ * @author <a href="on...@ib...">Oleg Nitz</a> * @author <a href="mailto:Sco...@jb...">Scott Stark</a>. * @author <a href="mailto:Tho...@jb...">Thomas Diesler</a>. - * @version $Revision: 1.49 $ + * @version $Revision: 1.50 $ */ public class SecurityInterceptor extends AbstractInterceptor { + /** The interface of an observer that should be notified when principal + authentication fails. + */ + public interface AuthenticationObserver + { + final String KEY = "SecurityInterceptor.AuthenticationObserver"; + void authenticationFailed(); + } + /** The authentication manager plugin */ protected AuthenticationManager securityManager; @@ -48,6 +58,11 @@ // A map of SecurityRolesMetaData from jboss.xml protected Map securityRoles; + // The observer to be notified when principal authentication fails. + // This is a hook for the CSIv2 code. The authenticationObserver may + // send out a ContextError message, as required by the CSIv2 protocol. + protected AuthenticationObserver authenticationObserver; + /** Called by the super class to set the container to which this interceptor belongs. We obtain the security manager and runAs identity to use here. */ @@ -81,6 +96,8 @@ public void start() throws Exception { super.start(); + authenticationObserver = + (AuthenticationObserver) Registry.lookup(AuthenticationObserver.KEY); } public Object invokeHome(Invocation mi) throws Exception @@ -160,6 +177,9 @@ SecurityRolesAssociation.setSecurityRoles(securityRoles); if (securityManager.isValid(principal, credential) == false) { + // Notify authentication observer + if (authenticationObserver != null) + authenticationObserver.authenticationFailed(); // Check for the security association exception Exception ex = SecurityActions.getContextException(); if( ex != null ) |