01: /*
02: * JBoss, Home of Professional Open Source.
03: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
04: * as indicated by the @author tags. See the copyright.txt file in the
05: * distribution for a full listing of individual contributors.
06: *
07: * This is free software; you can redistribute it and/or modify it
08: * under the terms of the GNU Lesser General Public License as
09: * published by the Free Software Foundation; either version 2.1 of
10: * the License, or (at your option) any later version.
11: *
12: * This software is distributed in the hope that it will be useful,
13: * but WITHOUT ANY WARRANTY; without even the implied warranty of
14: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15: * Lesser General Public License for more details.
16: *
17: * You should have received a copy of the GNU Lesser General Public
18: * License along with this software; if not, write to the Free
19: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21: */
22: package org.jboss.web.tomcat.security;
23:
24: import org.apache.catalina.InstanceEvent;
25: import org.apache.catalina.InstanceListener;
26: import org.apache.catalina.Wrapper;
27: import org.jboss.logging.Logger;
28: import org.jboss.metadata.WebMetaData;
29: import org.jboss.security.RunAsIdentity;
30:
31: /**
32: * An InstanceListener used to push/pop the servlet run-as identity for the
33: * init/destroy lifecycle events.
34: *
35: * @author Scott.Stark@jboss.org
36: * @version $Revision: 57206 $
37: */
38: public class RunAsListener implements InstanceListener {
39: /** There is no api to install an initialized listener so the
40: * WebMetaData had to be passed via a thread local.
41: */
42: public static ThreadLocal metaDataLocal = new ThreadLocal();
43:
44: private static Logger log = Logger.getLogger(RunAsListener.class);
45: private WebMetaData metaData;
46:
47: public RunAsListener() {
48: this .metaData = (WebMetaData) metaDataLocal.get();
49: }
50:
51: /**
52: * Push the run-as identity on the before init/destroy, pop it on the
53: * after init/destroy events.
54: *
55: * @param event - the type of instance event
56: */
57: public void instanceEvent(InstanceEvent event) {
58: Wrapper servlet = event.getWrapper();
59: String type = event.getType();
60: if (servlet != null && metaData != null) {
61: boolean trace = log.isTraceEnabled();
62: String name = servlet.getName();
63: RunAsIdentity identity = metaData.getRunAsIdentity(name);
64: if (trace)
65: log.trace(name + ", runAs: " + identity);
66: // Push the identity on the before init/destroy
67: if (type.equals(InstanceEvent.BEFORE_INIT_EVENT)
68: || type.equals(InstanceEvent.BEFORE_DESTROY_EVENT)) {
69: SecurityAssociationActions.pushRunAsIdentity(identity);
70: }
71: // Pop the identity on the after init/destroy
72: else if (type.equals(InstanceEvent.AFTER_INIT_EVENT)
73: || type.equals(InstanceEvent.AFTER_DESTROY_EVENT)) {
74: SecurityAssociationActions.popRunAsIdentity();
75: }
76: }
77: }
78: }
|