01: /*
02: * JBoss, Home of Professional Open Source.
03: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
04: * as indicated by the @author tags. See the copyright.txt file in the
05: * distribution for a full listing of individual contributors.
06: *
07: * This is free software; you can redistribute it and/or modify it
08: * under the terms of the GNU Lesser General Public License as
09: * published by the Free Software Foundation; either version 2.1 of
10: * the License, or (at your option) any later version.
11: *
12: * This software is distributed in the hope that it will be useful,
13: * but WITHOUT ANY WARRANTY; without even the implied warranty of
14: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15: * Lesser General Public License for more details.
16: *
17: * You should have received a copy of the GNU Lesser General Public
18: * License along with this software; if not, write to the Free
19: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21: */
22: package org.jboss.aspects.security;
23:
24: import org.jboss.security.RealmMapping;
25: import org.jboss.security.RunAsIdentity;
26: import org.jboss.security.SimplePrincipal;
27:
28: import java.security.Principal;
29: import java.util.HashSet;
30:
31: /**
32: * Obtain security information based on the current security domain.
33: *
34: *
35: * @author <a href="mailto:bill@jboss.org">Bill Burke</a>
36: * @version $Revision: 57186 $
37: */
38: public class SecurityContext {
39: protected static ThreadLocal currentDomain = new ThreadLocal();
40:
41: public static ThreadLocal getCurrentDomain() {
42: return currentDomain;
43: }
44:
45: /**
46: * Get the caller's principal
47: * @return
48: */
49: public static Principal getCallerPrincipal() {
50: return SecurityActions.getCallerPrincipal();
51: }
52:
53: /**
54: * Get the current principal. Could be run-as, or propagated
55: * @return
56: */
57: public static Principal getCurrentPrincipal() {
58: return SecurityActions.getPrincipal();
59: }
60:
61: /**
62: * Is the caller's security identity within the role
63: *
64: * Does not include current run-as
65: * @param roleName
66: * @return
67: */
68: public static boolean isCallerInRole(String roleName) {
69: return isInRole(getCallerPrincipal(), roleName);
70: }
71:
72: /**
73: * Checks current identity is within roleName
74: *
75: * Does include current run-as
76: *
77: * @param roleName
78: * @return
79: */
80: public static boolean isCurrentInRole(String roleName) {
81: return isInRole(getCurrentPrincipal(), roleName);
82: }
83:
84: private static boolean isInRole(Principal principal, String roleName) {
85: RealmMapping rm = (RealmMapping) currentDomain.get();
86: if (rm == null)
87: return false;
88:
89: HashSet set = new HashSet();
90: set.add(new SimplePrincipal(roleName));
91:
92: if (principal instanceof RunAsIdentity) {
93: return ((RunAsIdentity) principal).doesUserHaveRole(set);
94: } else {
95: return rm.doesUserHaveRole(principal, set);
96: }
97: }
98:
99: }
|