Apache Geronimo Development List

John Field | 14 Jun 2013 18:13

JACC PolicyContextHandlers

Hi all,

I have a question about using the PolicyContextHandler for EJB policy enforcement.

I am using Geronimo 3 and I have an application with a requirement to make an access control decision on an EJB method invocation, based upon the values of the EJB method arguments.

I have attempted to access the EJB method arguments from within the implies() method of the GeronimoPolicy class, i.e. org.apache.geronimo.security.jacc.mappingprovider.GeronimoPolicy.java

Inside the implies() method of this class (after the declarative-based principal permission checks) I am doing:

ThreadData threadData = ContextManager.getThreadData();

EnterpriseBean aBean = threadData.getBean();

...however the result is that the value of aBean is null.

I also tried:

PolicyContextHandler aPCH = (PolicyContextHandler) PolicyContext.getContext("javax.ejb.EnterpriseBean");

But this also returned null.

Curious as to why this was not populated, so I searched the code base and this failed to identify any caller invoking the corresponding push, i.e. a call to PolicyContextHandlerEnterpriseBean.pushContextData()

Note that I am able to successfully access the servlet context using

ThreadData threadData = ContextManager.getThreadData();

HttpServletRequest aRequest = threadData.getRequest();

And in a search of the code I do see that both Jetty and Tomcat containers are indeed making use of the pushContextData() method.

So, I am wondering whether this EJB context is available. Am I doing something incorrectly here?, Or, perhaps this is just not yet implemented on the OpenEJB container?

Any help appreciated.

Thanks,

John

--

John P. Field | Security Architect | Pivotal

goPivotal.com

headers

Andy McCright (JIRA | 12 Jun 2013 17:02

[jira] [Resolved] (GERONIMO-6462) API jar for JSR 356 - WebSockets 1.0


     [
https://issues.apache.org/jira/browse/GERONIMO-6462?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andy McCright resolved GERONIMO-6462.
-------------------------------------

    Resolution: Fixed

> API jar for JSR 356 - WebSockets 1.0
> ------------------------------------
>
>                 Key: GERONIMO-6462
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-6462
>             Project: Geronimo
>          Issue Type: Sub-task
>      Security Level: public(Regular issues) 
>            Reporter: Kevin Sutter
>            Assignee: Andy McCright
>         Attachments: websockets-patch.txt
>
>
> New jar file for Java EE 7.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

headers

Jarek Gawor (JIRA | 12 Jun 2013 06:27

[jira] [Commented] (GERONIMO-6462) API jar for JSR 356 - WebSockets 1.0


    [
https://issues.apache.org/jira/browse/GERONIMO-6462?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13680934#comment-13680934
] 

Jarek Gawor commented on GERONIMO-6462:
---------------------------------------

Committed your patch in revision 1492048. Thanks! Snapshot published at: https://repository.apache.org/content/groups/snapshots/org/apache/geronimo/specs/geronimo-websockets_1.0_spec/1.0-SNAPSHOT/

                
> API jar for JSR 356 - WebSockets 1.0
> ------------------------------------
>
>                 Key: GERONIMO-6462
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-6462
>             Project: Geronimo
>          Issue Type: Sub-task
>      Security Level: public(Regular issues) 
>            Reporter: Kevin Sutter
>            Assignee: Andy McCright
>         Attachments: websockets-patch.txt
>
>
> New jar file for Java EE 7.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

headers

Andy McCright (JIRA | 11 Jun 2013 21:04

[jira] [Updated] (GERONIMO-6462) API jar for JSR 356 - WebSockets 1.0


     [
https://issues.apache.org/jira/browse/GERONIMO-6462?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andy McCright updated GERONIMO-6462:
------------------------------------

    Attachment: websockets-patch.txt

This patch creates a new project for web sockets 1.0.

> API jar for JSR 356 - WebSockets 1.0
> ------------------------------------
>
>                 Key: GERONIMO-6462
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-6462
>             Project: Geronimo
>          Issue Type: Sub-task
>      Security Level: public(Regular issues) 
>            Reporter: Kevin Sutter
>            Assignee: Andy McCright
>         Attachments: websockets-patch.txt
>
>
> New jar file for Java EE 7.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

headers

Andy McCright (JIRA | 11 Jun 2013 20:48

[jira] [Assigned] (GERONIMO-6450) API jar for JSR 236 - Concurrency Utils 1.0


     [
https://issues.apache.org/jira/browse/GERONIMO-6450?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andy McCright reassigned GERONIMO-6450:
---------------------------------------

    Assignee: Andy McCright

> API jar for JSR 236 - Concurrency Utils 1.0
> -------------------------------------------
>
>                 Key: GERONIMO-6450
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-6450
>             Project: Geronimo
>          Issue Type: Sub-task
>      Security Level: public(Regular issues) 
>            Reporter: Kevin Sutter
>            Assignee: Andy McCright
>
> JSR 236 is new for Java EE 7.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

headers

Andy McCright (JIRA | 11 Jun 2013 20:48

[jira] [Assigned] (GERONIMO-6461) API jar for JSR 353 - JSON-P 1.0


     [
https://issues.apache.org/jira/browse/GERONIMO-6461?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andy McCright reassigned GERONIMO-6461:
---------------------------------------

    Assignee: Andy McCright

> API jar for JSR 353 - JSON-P 1.0
> --------------------------------
>
>                 Key: GERONIMO-6461
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-6461
>             Project: Geronimo
>          Issue Type: Sub-task
>      Security Level: public(Regular issues) 
>            Reporter: Kevin Sutter
>            Assignee: Andy McCright
>
> New jar file for Java EE 7.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

headers

Andy McCright (JIRA | 11 Jun 2013 20:48

[jira] [Assigned] (GERONIMO-6452) API jar for JSR 339 - JAX-RS 2.0


     [
https://issues.apache.org/jira/browse/GERONIMO-6452?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andy McCright reassigned GERONIMO-6452:
---------------------------------------

    Assignee: Andy McCright

> API jar for JSR 339 - JAX-RS 2.0
> --------------------------------
>
>                 Key: GERONIMO-6452
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-6452
>             Project: Geronimo
>          Issue Type: Sub-task
>      Security Level: public(Regular issues) 
>            Reporter: Kevin Sutter
>            Assignee: Andy McCright
>
> Update jar file for Java EE 7.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

headers

Jarek Gawor | 11 Jun 2013 16:56

Java 7 genesis and specs

Hi all,

Some of the new Java EE 7 spec API (as for example servlet 3.1)
requires Java 7 to build. For that I created genesis-java7-flava in
genesis with Java 7 settings and updated the specs module to compile
with Java 7. Buildbot was updated as well to use Java 7 for the
genesis and specs modules. Even though Java 7 is used to compile some
of the older spec jars, the compiler is configured with the right
-source/-target options so that everything should be still fine on the
older JVMs.

Let me know if there are any concerns with this,
Jarek

headers

Andy McCright (JIRA | 10 Jun 2013 23:28

[jira] [Assigned] (GERONIMO-6462) API jar for JSR 356 - WebSockets 1.0


     [
https://issues.apache.org/jira/browse/GERONIMO-6462?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andy McCright reassigned GERONIMO-6462:
---------------------------------------

    Assignee: Andy McCright

> API jar for JSR 356 - WebSockets 1.0
> ------------------------------------
>
>                 Key: GERONIMO-6462
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-6462
>             Project: Geronimo
>          Issue Type: Sub-task
>      Security Level: public(Regular issues) 
>            Reporter: Kevin Sutter
>            Assignee: Andy McCright
>
> New jar file for Java EE 7.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

headers

Jarek Gawor (JIRA | 10 Jun 2013 19:40

[jira] [Commented] (GERONIMO-6453) API jar for JSR 340 - Servlet 3.1


    [
https://issues.apache.org/jira/browse/GERONIMO-6453?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13679667#comment-13679667
] 

Jarek Gawor commented on GERONIMO-6453:
---------------------------------------

Btw, for now I manually published a snapshot of the spec jar: https://repository.apache.org/content/groups/snapshots/org/apache/geronimo/specs/geronimo-servlet_3.1_spec/1.0-SNAPSHOT/

                
> API jar for JSR 340 - Servlet 3.1
> ---------------------------------
>
>                 Key: GERONIMO-6453
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-6453
>             Project: Geronimo
>          Issue Type: Sub-task
>      Security Level: public(Regular issues) 
>            Reporter: Kevin Sutter
>            Assignee: Andy McCright
>         Attachments: patch.txt
>
>
> Update jar file for Java EE 7.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

headers

Andy McCright (JIRA | 10 Jun 2013 18:01

[jira] [Resolved] (GERONIMO-6453) API jar for JSR 340 - Servlet 3.1


     [
https://issues.apache.org/jira/browse/GERONIMO-6453?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andy McCright resolved GERONIMO-6453.
-------------------------------------

    Resolution: Fixed

> API jar for JSR 340 - Servlet 3.1
> ---------------------------------
>
>                 Key: GERONIMO-6453
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-6453
>             Project: Geronimo
>          Issue Type: Sub-task
>      Security Level: public(Regular issues) 
>            Reporter: Kevin Sutter
>            Assignee: Andy McCright
>         Attachments: patch.txt
>
>
> Update jar file for Java EE 7.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

39	June 2013
244	May 2013
126	April 2013
104	March 2013
39	February 2013
46	January 2013
39	December 2012
96	November 2012
114	October 2012
50	September 2012
70	August 2012
238	July 2012
163	June 2012
317	May 2012
205	April 2012
255	March 2012
255	February 2012
183	January 2012
242	December 2011
154	November 2011
217	October 2011
486	September 2011
701	August 2011
727	July 2011
632	June 2011
451	May 2011
536	April 2011
561	March 2011
474	February 2011
675	January 2011
552	December 2010
783	November 2010
649	October 2010
700	September 2010
844	August 2010
624	July 2010
683	June 2010
1118	May 2010
794	April 2010
761	March 2010
765	February 2010
699	January 2010
632	December 2009
559	November 2009
685	October 2009
1088	September 2009
615	August 2009
939	July 2009
798	June 2009
493	May 2009
335	April 2009
758	March 2009
602	February 2009
793	January 2009
813	December 2008
672	November 2008
829	October 2008
938	September 2008
1160	August 2008
1215	July 2008
1346	June 2008
954	May 2008
951	April 2008
1168	March 2008
1407	February 2008
1164	January 2008
831	December 2007
921	November 2007
1154	October 2007
1174	September 2007
1284	August 2007
1115	July 2007
1024	June 2007
692	May 2007
1035	April 2007
1830	March 2007
1800	February 2007
1522	January 2007
1599	December 2006
1540	November 2006
1149	October 2006
1821	September 2006
2654	August 2006
2167	July 2006
2428	June 2006
1471	May 2006
1484	April 2006
1346	March 2006
1500	February 2006
1900	January 2006
2012	December 2005
1577	November 2005
1258	October 2005
1092	September 2005
1426	August 2005
1842	July 2005
529	June 2005
425	May 2005
268	April 2005
339	March 2005
471	February 2005
329	January 2005
430	December 2004
825	November 2004
714	October 2004
577	September 2004
291	August 2004
424	July 2004
240	June 2004
265	May 2004
328	April 2004
184	March 2004
344	February 2004
406	January 2004
522	December 2003
724	November 2003
666	October 2003
1184	September 2003
2263	August 2003
1	December 2002

Mon	Tue	Wed	Thu	Fri	Sat	Sun

					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30