Simple renaming of variables and additional cleanup
Signed-off-by: arjantijms <arjan.tijms@gmail.com>
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/RoleMapper.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/RoleMapper.java
index 463ee63..b517ff9 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/RoleMapper.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/RoleMapper.java
@@ -99,10 +99,10 @@
}
private synchronized void initDefaultRole() {
-// if (!SecurityServicesUtil.getInstance().isServer()) {
-// //do nothing if this is not an EJB or Web Container
-// return;
-// }
+ // if (!SecurityServicesUtil.getInstance().isServer()) {
+ // //do nothing if this is not an EJB or Web Container
+ // return;
+ // }
if (defaultRole == null) {
defaultRoleName = DEFAULT_ROLE_NAME;
try {
@@ -137,7 +137,7 @@
/**
* @param principal A principal that corresponds to the role
- * @param role A role corresponding to this principal
+ * @param role A role corresponding to this principal
*/
private void addRoleToPrincipal(final Principal principal, String role) {
assert roleToSubject != null;
@@ -157,7 +157,7 @@
/**
* Remove the given role-principal mapping
*
- * @param role, Role object
+ * @param role, Role object
* @param principal, the principal
*/
@Override
@@ -245,8 +245,8 @@
* The first time this is called, a new Mapping object is created to store the role mapping information. When called
* again from a different module, the old mapping information is checked and stored and a new Mapping object is created.
*
- * @param p The principal that needs to be assigned to the role.
- * @param r The Role the principal is being assigned to.
+ * @param p The principal that needs to be assigned to the role.
+ * @param r The Role the principal is being assigned to.
* @param rdd The descriptor of the module containing the role mapping
*/
@Override
@@ -374,7 +374,7 @@
/**
* @returns the class name used for default Principal to role mapping return null if default P2R mapping is not
- * supported.
+ * supported.
*/
private String getDefaultP2RMappingClassName() {
String className = null;
@@ -497,12 +497,12 @@
return true;
}
-// if role not previously mapped, no conflict
+ // if role not previously mapped, no conflict
if (!roleToSubject.keySet().contains(r.getName())) {
return false;
}
-// check number of mappings first
+ // check number of mappings first
int targetNumPrin = ps.size();
int actualNum = 0;
Set<Principal> pSet = roleToPrincipal.get(r.getName());
@@ -523,7 +523,7 @@
return true;
}
-// check the principals and groups
+ // check the principals and groups
boolean fail = false;
for (Principal p : ps) {
if (p instanceof Group) {
@@ -640,7 +640,7 @@
}
private void postConstruct() {
-// initDefaultRole();
+ // initDefaultRole();
}
}
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/RoleMapperFactory.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/RoleMapperFactory.java
index b401293..7e36f21 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/RoleMapperFactory.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/acl/RoleMapperFactory.java
@@ -67,7 +67,7 @@
*
* @param the application name for this RoleMapper
*
- * public void removeRoleMapper(String appName) { RoleMapper.removeRoleMapper(appName); }
+ * public void removeRoleMapper(String appName) { RoleMapper.removeRoleMapper(appName); }
*/
/**
@@ -76,8 +76,7 @@
* @param the application name
* @param the new role mapper
*
- * public void setRoleMapper(String appName, SecurityRoleMapper rmap) { RoleMapper.setRoleMapper(appName,
- * rmap); }
+ * public void setRoleMapper(String appName, SecurityRoleMapper rmap) { RoleMapper.setRoleMapper(appName, rmap); }
*/
@Override
@@ -114,7 +113,7 @@
* Set a RoleMapper for the application
*
* @param appName Application or module name
- * @param rmap <I>SecurityRoleMapper</I> for the application or the module
+ * @param rmap <I>SecurityRoleMapper</I> for the application or the module
*/
@Override
public void setRoleMapper(String appName, SecurityRoleMapper rmap) {
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/realm/jdbc/JDBCRealm.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/realm/jdbc/JDBCRealm.java
index b5be85d..edef81a 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/realm/jdbc/JDBCRealm.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/realm/jdbc/JDBCRealm.java
@@ -118,7 +118,7 @@
* method may only be called a single time.
*
* @param props Initialization parameters used by this realm.
- * @exception BadRealmException If the configuration parameters identify a corrupt realm.
+ * @exception BadRealmException If the configuration parameters identify a corrupt realm.
* @exception NoSuchRealmException If the configuration parameters specify a realm which doesn't exist.
*/
@Override
@@ -229,7 +229,7 @@
* @param username Name of the user in this realm whose group listing is needed.
* @return Enumeration of group names (strings).
* @exception InvalidOperationException thrown if the realm does not support this operation - e.g. Certificate realm
- * does not support this operation.
+ * does not support this operation.
*/
@Override
public Enumeration getGroupNames(String username) throws InvalidOperationException, NoSuchUserException {
@@ -343,7 +343,7 @@
/**
* Test if a user is valid
*
- * @param user user's identifier
+ * @param user user's identifier
* @param password user's password
* @return true if valid
*/
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/realm/pam/PamRealm.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/realm/pam/PamRealm.java
index b959922..e237401 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/realm/pam/PamRealm.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/auth/realm/pam/PamRealm.java
@@ -54,7 +54,7 @@
* method may only be called a single time.
*
* @param props Initialization parameters used by this realm.
- * @exception BadRealmException If the configuration parameters identify a corrupt realm.
+ * @exception BadRealmException If the configuration parameters identify a corrupt realm.
* @exception NoSuchRealmException If the configuration parameters specify a realm which doesn't exist.
*
*/
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/Audit.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/Audit.java
index 29ae7fb..7d5f8ef 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/Audit.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/Audit.java
@@ -95,8 +95,8 @@
/**
* Invoked post authentication request for a user in a given realm
*
- * @param user username for whom the authentication request was made
- * @param realm the realm name under which the user is authenticated.
+ * @param user username for whom the authentication request was made
+ * @param realm the realm name under which the user is authenticated.
* @param success the status of the authentication
*/
@Override
@@ -113,9 +113,9 @@
/**
* Invoked post web authorization request.
*
- * @param user the username for whom the authorization was performed
- * @param req the HttpRequest object for the web request
- * @param type either hasResourcePermission, hasUserDataPermission or hasRoleRefPermission
+ * @param user the username for whom the authorization was performed
+ * @param req the HttpRequest object for the web request
+ * @param type either hasResourcePermission, hasUserDataPermission or hasRoleRefPermission
* @param success the status of the web authorization request
*/
@Override
@@ -131,9 +131,9 @@
/**
* Invoked post ejb authorization request.
*
- * @param user the username for whom the authorization was performed
- * @param ejb the ejb name for which this authorization was performed
- * @param method the method name for which this authorization was performed
+ * @param user the username for whom the authorization was performed
+ * @param ejb the ejb name for which this authorization was performed
+ * @param method the method name for which this authorization was performed
* @param success the status of the ejb authorization request
*/
@Override
@@ -150,18 +150,18 @@
/**
* Invoked post ejb authorization request.
*
- * @param user the username for whom the authorization was performed
- * @param ejb the ejb name for which this authorization was performed
- * @param method the method name for which this authorization was performed
+ * @param user the username for whom the authorization was performed
+ * @param ejb the ejb name for which this authorization was performed
+ * @param method the method name for which this authorization was performed
* @param success the status of the ejb authorization request
*/
/**
* Invoked during validation of the web service request
*
- * @param uri The URL representation of the web service endpoint
+ * @param uri The URL representation of the web service endpoint
* @param endpoint The name of the endpoint representation
- * @param success the status of the web service request validation
+ * @param success the status of the web service request validation
*/
@Override
public void webServiceInvocation(String uri, String endpoint, boolean success) {
@@ -179,7 +179,7 @@
* Invoked during validation of the web service request
*
* @param endpoint The URL representation of the web service endpoint
- * @param success the status of the web service request validation
+ * @param success the status of the web service request validation
*/
@Override
public void ejbAsWebServiceInvocation(String endpoint, boolean success) {
@@ -239,9 +239,9 @@
/**
* Log an EJB method invocation.
*
- * @param user Effective user for the invocation.
- * @param ejb EJB name.
- * @param method Method name.
+ * @param user Effective user for the invocation.
+ * @param ejb EJB name.
+ * @param method Method name.
* @param success True if the invocation was allowed, false if denied.
*
*/
@@ -269,7 +269,7 @@
/**
* Log a servlet invocation.
*
- * @param req The HttpRequest.
+ * @param req The HttpRequest.
* @param success True if the invocation was allowed, false if denied.
*
*/
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/PermissionCacheFactory.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/PermissionCacheFactory.java
index a328a39..2782bed 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/PermissionCacheFactory.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/PermissionCacheFactory.java
@@ -82,16 +82,14 @@
/**
* Create a PermissionCache object. If the corresponding object exists, then it will overwrite the previous one.
*
- * @param pcID - a string identifying the policy context and which must be set when getPermissions is called
- * (internally). This value may be null, in which case the permisions of the default policy context
- * will be cached.
+ * @param pcID - a string identifying the policy context and which must be set when getPermissions is called
+ * (internally). This value may be null, in which case the permisions of the default policy context will be cached.
* @param codesource - the codesource argument to be used in the call to getPermissions. This value may be null.
- * @param perms - an array of Permission objects identifying the permission types that will be managed by the
- * cache. This value may be null, in which case all permissions obtained by the getPermissions call
- * will be cached.
- * @param name - a string corresponding to a value returned by Permission.getName() only permissions whose
- * getName() value matches the name parameter will be included in the cache. This value may be null,
- * in which case permission name dos not factor into the permission caching.
+ * @param perms - an array of Permission objects identifying the permission types that will be managed by the cache.
+ * This value may be null, in which case all permissions obtained by the getPermissions call will be cached.
+ * @param name - a string corresponding to a value returned by Permission.getName() only permissions whose getName()
+ * value matches the name parameter will be included in the cache. This value may be null, in which case permission name
+ * dos not factor into the permission caching.
*/
public static synchronized PermissionCache createPermissionCache(String pcID, CodeSource codesource, Permission[] perms, String name) {
@@ -109,15 +107,14 @@
/**
* Create a PermissionCache object. If the corresponding object exists, then it will overwrite the previous one.
*
- * @param pcID - a string identifying the policy context and which must be set when getPermissions is called
- * (internally). This value may be null, in which case the permisions of the default policy context
- * will be cached.
+ * @param pcID - a string identifying the policy context and which must be set when getPermissions is called
+ * (internally). This value may be null, in which case the permisions of the default policy context will be cached.
* @param codesource - the codesource argument to be used in the call to getPermissions. This value may be null.
- * @param clazz - a class object identifying the permission type that will be managed by the cache. This value may
- * be null, in which case all permissions obtained by the getPermissions call will be cached.
- * @param name - a string corresponding to a value returned by Permission.getName() only permissions whose
- * getName() value matches the name parameter will be included in the cache. This value may be null,
- * in which case permission name dos not factor into the permission caching.
+ * @param clazz - a class object identifying the permission type that will be managed by the cache. This value may be
+ * null, in which case all permissions obtained by the getPermissions call will be cached.
+ * @param name - a string corresponding to a value returned by Permission.getName() only permissions whose getName()
+ * value matches the name parameter will be included in the cache. This value may be null, in which case permission name
+ * dos not factor into the permission caching.
*/
public static synchronized PermissionCache createPermissionCache(String pcID, CodeSource codesource, Class clazz, String name) {
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecurityContainer.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecurityContainer.java
index 865ccd7..67e015e 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecurityContainer.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecurityContainer.java
@@ -119,11 +119,11 @@
// SecurityRoleMapperFactory"));
}
} catch (Exception cnfe) {
-// _logger.log(Level.SEVERE,
-// _localStrings.getLocalString("j2ee.norolemapper", "Cannot instantiate the SecurityRoleMapperFactory"),
-// cnfe);
-// cnfe.printStackTrace();
-// throw new RuntimeException(cnfe);
+ // _logger.log(Level.SEVERE,
+ // _localStrings.getLocalString("j2ee.norolemapper", "Cannot instantiate the SecurityRoleMapperFactory"),
+ // cnfe);
+ // cnfe.printStackTrace();
+ // throw new RuntimeException(cnfe);
// throw cnfe;
}
}
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecuritySniffer.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecuritySniffer.java
index 1f0535a..270d916 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecuritySniffer.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecuritySniffer.java
@@ -96,7 +96,7 @@
* loaded in the associated container.
*
* @param containerHome is where the container implementation resides
- * @param logger the logger to use
+ * @param logger the logger to use
* @return the module definition of the core container implementation.
* @throws java.io.IOException exception if something goes sour
*/
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecurityUtil.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecurityUtil.java
index 545a74f..1c6c685 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecurityUtil.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/SecurityUtil.java
@@ -63,11 +63,11 @@
* generated code needs to do, to invoke a particular ejb method. The method is invoked under a security Subject. This
* method is called from the generated code.
*
- * @param Method beanClassMethod, the bean class method to be invoked
+ * @param Method beanClassMethod, the bean class method to be invoked
* @param Invocation inv, the current invocation object
- * @param Object o, the object on which this method needs to be invoked,
- * @param Object[] oa, the parameters to the methods,
- * @param Container c, the container from which the appropriate subject is queried from.
+ * @param Object o, the object on which this method needs to be invoked,
+ * @param Object[] oa, the parameters to the methods,
+ * @param Container c, the container from which the appropriate subject is queried from.
*/
/*
* This method is now in EJBSecurityUtil in ejb/ejb-container module of V3 public static Object runMethod(Method
@@ -92,13 +92,13 @@
* the exception is caused due to reflection, it returns the InvocationTargetException. This method is called from the
* containers for ejbTimeout, WebService and MDBs.
*
- * @param Method beanClassMethod, the bean class method to be invoked
- * @param Invocation inv, the current invocation
- * @param Object o, the object on which this method is to be invoked in this case the ejb,
- * @param Object[] oa, the parameters for the method,
- * @param Container c, the container instance,
+ * @param Method beanClassMethod, the bean class method to be invoked
+ * @param Invocation inv, the current invocation
+ * @param Object o, the object on which this method is to be invoked in this case the ejb,
+ * @param Object[] oa, the parameters for the method,
+ * @param Container c, the container instance,
* @param SecurityManager sm, security manager for this container, can be a null value, where in the container will be
- * queried to find its security manager.
+ * queried to find its security manager.
* @return Object, the result of the execution of the method.
*/
/*
@@ -129,9 +129,8 @@
* contexts. Note that policy statements have already been added to the pc, this method works to put them in Service.
*
* @param String name - the module id which serves to identify the corresponding policy context. The name shall not be
- * null. If the underlying PolicyModule is the RI PolicyModule, A SecurityRoleMapper must have been bound
- * to the policy context before this method is called or the embedded call to pc.commit will throw an
- * exception.
+ * null. If the underlying PolicyModule is the RI PolicyModule, A SecurityRoleMapper must have been bound to the policy
+ * context before this method is called or the embedded call to pc.commit will throw an exception.
*/
public static void generatePolicyFile(String name) throws IASSecurityException {
assert name != null;
@@ -171,7 +170,7 @@
* file in the repository is how we persistently remember which policy contexts are in service.
*
* @param String name - the module id which serves to identify the corresponding policy context. The name shall not be
- * null.
+ * null.
*/
public static void removePolicy(String name) throws IASSecurityException {
assert name != null;
@@ -201,14 +200,14 @@
* This method obtains the policy configuration object corresponding to the name, and links it, for roleMapping purposes
* to another. If the pc is already InService when this method is called, this method does nothing.
*
- * @param String name - the module id which serves to identify the corresponding policy context. The name shall not be
- * null.
- * @param String linkName - the module id of the module being linked to this context. This value may be null, in which
- * case, no link is done, but the inService state of the named PC is returned.
+ * @param String name - the module id which serves to identify the corresponding policy context. The name shall not be
+ * null.
+ * @param String linkName - the module id of the module being linked to this context. This value may be null, in which
+ * case, no link is done, but the inService state of the named PC is returned.
* @param boolean lastInService - the inService state returned by the previous call to this method. The value of this
- * argument is only significant when linkName is not null.
+ * argument is only significant when linkName is not null.
* @return boolean if linkName is null, returns the inService state of the PC identified in the name argument. Otherwise
- * returns the value passed to lastInService.
+ * returns the value passed to lastInService.
*/
public static boolean linkPolicyFile(String name, String linkName, boolean lastInService) throws IASSecurityException {
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/ProgrammaticLogin.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/ProgrammaticLogin.java
index 303628f..110e310 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/ProgrammaticLogin.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/login/ProgrammaticLogin.java
@@ -110,11 +110,11 @@
* established identity will be propagated to EJB calls but will not be used for web container manager authorization. In
* general servlets should use the servlet-specific version of login instead.
*
- * @param user User name.
+ * @param user User name.
* @param password Password for user.
- * @param realm the realm name in which the user should be logged in.
- * @param errors errors=true, propagate any exception encountered to the user errors=false, no exceptions are
- * propagated.
+ * @param realm the realm name in which the user should be logged in.
+ * @param errors errors=true, propagate any exception encountered to the user errors=false, no exceptions are
+ * propagated.
* @return Boolean containing true or false to indicate success or failure of login.
* @throws Exception any exception encountered during Login.
*/
@@ -187,7 +187,7 @@
* established identity will be propagated to EJB calls but will not be used for web container manager authorization. In
* general servlets should use the servlet-specific version of login instead.
*
- * @param user User name.
+ * @param user User name.
* @param password Password for user.
* @return Boolean containing true or false to indicate success or failure of login.
*/
@@ -223,9 +223,9 @@
* @returns Boolean containing true or false to indicate success or failure of login.
* @param realm
* @param errors
- * @param user User name.
+ * @param user User name.
* @param password Password for user.
- * @param request HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
+ * @param request HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
* @param response HTTP response object provided by called application. It should be an instance of HttpServletResponse.
* @throws Exception any exceptions encountered during login
* @return Boolean indicating true for successful login and false otherwise
@@ -270,9 +270,9 @@
* In addition, the principal stored in the request is set to the user name. If a session is available, its principal is
* also set to the user provided.
*
- * @param user User name.
+ * @param user User name.
* @param password Password for user.
- * @param request HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
+ * @param request HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
* @param response HTTP response object provided by called application. It should be an instance of HttpServletResponse.
* @return Boolean containing true or false to indicate success or failure of login.
*
@@ -310,7 +310,7 @@
* Attempt to logout.
*
* @param errors, errors = true, the method will propagate the exceptions encountered while logging out, errors=false
- * will return a Boolean value of false indicating failure of logout
+ * will return a Boolean value of false indicating failure of logout
* @return Boolean containing true or false to indicate success or failure of logout.
* @throws Exception encountered while logging out, if errors==false
*
@@ -370,7 +370,7 @@
* Attempt to logout. Also removes principal from request (and session if available).
*
* @param errors, errors = true, the method will propagate the exceptions encountered while logging out, errors=false
- * will return a Boolean value of false indicating failure of logout
+ * will return a Boolean value of false indicating failure of logout
*
* @return Boolean containing true or false to indicate success or failure of logout.
* @throws Exception, exception encountered while logging out and if errors == true
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/realm/DigestRealmBase.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/realm/DigestRealmBase.java
index b4b943f..4a5a3ee 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/realm/DigestRealmBase.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/ee/auth/realm/DigestRealmBase.java
@@ -37,7 +37,7 @@
*/
public abstract class DigestRealmBase extends IASRealm implements DigestRealm {
-// private DigestValidatorImpl validator = null;
+ // private DigestValidatorImpl validator = null;
public DigestRealmBase() {
}
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/AuthConfig.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/AuthConfig.java
index 1df4d99..8cf8718 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/AuthConfig.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/AuthConfig.java
@@ -185,26 +185,25 @@
* (for example the order modules are to be invoked, and whether certain modules must succeed). Individual
* ClientAuthContext implementations may enforce custom module invocation semantics.
*
- * @param intercept the interception point used to determine the modules configured for the returned
- * ClientAuthContext. Standard values include:
- * <ul>
- * <li>HTTP
- * <li>EJB
- * <li>SOAP
- * </ul>
+ * @param intercept the interception point used to determine the modules configured for the returned ClientAuthContext.
+ * Standard values include:
+ * <ul>
+ * <li>HTTP
+ * <li>EJB
+ * <li>SOAP
+ * </ul>
*
- * @param id the provider id used to determine the modules configured for the returned ClientAuthContext, or
- * null. If null, a default ID may be used.
+ * @param id the provider id used to determine the modules configured for the returned ClientAuthContext, or null. If
+ * null, a default ID may be used.
*
- * @param requestPolicy the application request policy to be enfored by the modules, or null. If null, a default
- * request policy may be used.
+ * @param requestPolicy the application request policy to be enfored by the modules, or null. If null, a default request
+ * policy may be used.
*
* @param responsePolicy the application response policy to be enfored by the modules, or null. If null, a default
- * response policy may be used.
+ * response policy may be used.
*
- * @param handler the CallbackHandler to associate with the returned ClientAuthContext for use by configured
- * modules to request information from the caller, or null. If null, a default handler may be
- * used.
+ * @param handler the CallbackHandler to associate with the returned ClientAuthContext for use by configured modules to
+ * request information from the caller, or null. If null, a default handler may be used.
*
* @return a ClientAuthContext, or null.
*/
@@ -224,26 +223,25 @@
* (for example the order modules are to be invoked, and whether certain modules must succeed). Individual
* ServerAuthContext implementations may enforce custom module invocation semantics.
*
- * @param intercept the interception point used to determine the modules configured for the returned
- * ServerAuthContext. Standard values include:
- * <ul>
- * <li>HTTP
- * <li>EJB
- * <li>SOAP
- * </ul>
+ * @param intercept the interception point used to determine the modules configured for the returned ServerAuthContext.
+ * Standard values include:
+ * <ul>
+ * <li>HTTP
+ * <li>EJB
+ * <li>SOAP
+ * </ul>
*
- * @param id the provider id used to determine the modules configured for the returned ClientAuthContext, or
- * null. If null, a default id may be used.
+ * @param id the provider id used to determine the modules configured for the returned ClientAuthContext, or null. If
+ * null, a default id may be used.
*
- * @param requestPolicy the application request policy to be enfored by the modules, or null. If null, a default
- * request policy may be used.
+ * @param requestPolicy the application request policy to be enfored by the modules, or null. If null, a default request
+ * policy may be used.
*
* @param responsePolicy the application response policy to be enfored by the modules, or null. If null, a default
- * response policy may be used.
+ * response policy may be used.
*
- * @param handler the CallbackHandler to associate with the returned ClientAuthContext, which can be used by
- * configured modules to request information from the caller, or null. If null, a default handler
- * may be used.
+ * @param handler the CallbackHandler to associate with the returned ClientAuthContext, which can be used by configured
+ * modules to request information from the caller, or null. If null, a default handler may be used.
*
* @return a ServerAuthContext, or null.
*/
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ClientAuthContext.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ClientAuthContext.java
index 9e6effd..bf0a561 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ClientAuthContext.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ClientAuthContext.java
@@ -63,14 +63,14 @@
* <p>
* This method invokes configured modules to secure the request.
*
- * @param param an authentication parameter that encapsulates the client request and server response objects.
+ * @param param an authentication parameter that encapsulates the client request and server response objects.
*
- * @param subject the subject may be used by configured modules to obtain Principals and credentials necessary to
- * secure the request, or null. If null, the module may use a CallbackHandler to obtain any
- * information necessary to secure the request.
+ * @param subject the subject may be used by configured modules to obtain Principals and credentials necessary to secure
+ * the request, or null. If null, the module may use a CallbackHandler to obtain any information necessary to secure the
+ * request.
*
* @param sharedState a Map for modules to save state across a sequence of calls from <code>secureRequest</code> to
- * <code>validateResponse</code> to <code>disposeSubject</code>.
+ * <code>validateResponse</code> to <code>disposeSubject</code>.
*
* @exception AuthException if the operation failed.
*/
@@ -85,13 +85,13 @@
* <p>
* This method invokes configured modules to validate the response.
*
- * @param param an authentication parameter that encapsulates the client request and server response objects.
+ * @param param an authentication parameter that encapsulates the client request and server response objects.
*
- * @param subject the subject may be used by configured modules to store the Principals and credentials related to
- * the identity validated in the response.
+ * @param subject the subject may be used by configured modules to store the Principals and credentials related to the
+ * identity validated in the response.
*
* @param sharedState a Map for modules to save state across a sequence of calls from <code>secureRequest</code> to
- * <code>validateResponse</code> to <code>disposeSubject</code>.
+ * <code>validateResponse</code> to <code>disposeSubject</code>.
*
* @exception AuthException if the operation failed.
*/
@@ -104,10 +104,10 @@
* <p>
* This method invokes configured modules to dispose the Subject.
*
- * @param subject the subject to be disposed.
+ * @param subject the subject to be disposed.
*
* @param sharedState a Map for modules to save state across a sequence of calls from <code>secureRequest</code> to
- * <code>validateResponse</code> to <code>disposeSubject</code>.
+ * <code>validateResponse</code> to <code>disposeSubject</code>.
*
* @exception AuthException if the operation failed.
*/
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ClientAuthModule.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ClientAuthModule.java
index f01c65b..7077288 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ClientAuthModule.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ClientAuthModule.java
@@ -46,13 +46,13 @@
* <p>
* Either the the request policy or the response policy (or both) must be non-null.
*
- * @param requestPolicy the request policy this module is to enforce, which may be null.
+ * @param requestPolicy the request policy this module is to enforce, which may be null.
*
* @param responsePolicy the response policy this module is to enforce, which may be null.
*
- * @param handler CallbackHandler used to request information from the caller.
+ * @param handler CallbackHandler used to request information from the caller.
*
- * @param options administrative options.
+ * @param options administrative options.
*/
void initialize(AuthPolicy requestPolicy, AuthPolicy responsePolicy, CallbackHandler handler, Map options);
@@ -63,14 +63,14 @@
* Attach authentication credentials to an initial request, sign/encrypt a request, or respond to a server challenge,
* for example.
*
- * @param param an authentication parameter that encapsulates the client request and server response objects.
+ * @param param an authentication parameter that encapsulates the client request and server response objects.
*
- * @param subject the subject may be used by configured modules to obtain Principals and credentials necessary to
- * secure the request, or null. If null, the module may use a CallbackHandler to obtain any
- * information necessary to secure the request.
+ * @param subject the subject may be used by configured modules to obtain Principals and credentials necessary to secure
+ * the request, or null. If null, the module may use a CallbackHandler to obtain any information necessary to secure the
+ * request.
*
* @param sharedState a Map for modules to save state across a sequence of calls from <code>secureRequest</code> to
- * <code>validateResponse</code> to <code>disposeSubject</code>.
+ * <code>validateResponse</code> to <code>disposeSubject</code>.
*
* @exception AuthException if the operation failed.
*/
@@ -82,13 +82,13 @@
* <p>
* Validation may include verifying signature in response, or decrypting response contents, for example.
*
- * @param param an authentication parameter that encapsulates the client request and server response objects.
+ * @param param an authentication parameter that encapsulates the client request and server response objects.
*
- * @param subject the subject may be used by configured modules to store the Principals and credentials related to
- * the identity validated in the response.
+ * @param subject the subject may be used by configured modules to store the Principals and credentials related to the
+ * identity validated in the response.
*
* @param sharedState a Map for modules to save state across a sequence of calls from <code>secureRequest</code> to
- * <code>validateResponse</code> to <code>disposeSubject</code>.
+ * <code>validateResponse</code> to <code>disposeSubject</code>.
*
* @exception AuthException if the operation failed.
*/
@@ -100,10 +100,10 @@
* <p>
* Remove Principals or credentials from the Subject object that were stored during <code>validateResponse</code>.
*
- * @param subject Subject instance to be disposed.
+ * @param subject Subject instance to be disposed.
*
* @param sharedState a Map for modules to save state across a sequence of calls from <code>secureRequest</code> to
- * <code>validateResponse</code> to <code>disposeSubject</code>.
+ * <code>validateResponse</code> to <code>disposeSubject</code>.
*
* @exception AuthException if the operation failed.
*/
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ConfigFile.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ConfigFile.java
index b436c8f..68aa49c 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ConfigFile.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ConfigFile.java
@@ -233,12 +233,12 @@
// return the configured modules with the correct policies
-// ConfigFile.Entry[] entries = new Entry[idEntry.modules.size()];
+ // ConfigFile.Entry[] entries = new Entry[idEntry.modules.size()];
ConfigFile.Entry[] entries = new Entry[1];
for (int i = 0; i < entries.length; i++) {
-// Login Bridge profile?
-// AppConfigurationEntry aEntry =
-// (AppConfigurationEntry)idEntry.modules.get(i);
+ // Login Bridge profile?
+ // AppConfigurationEntry aEntry =
+ // (AppConfigurationEntry)idEntry.modules.get(i);
entries[i] = new ConfigFile.Entry(reqP, respP, idEntry.getModuleClassName(),
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, idEntry.getOptions());
}
@@ -371,16 +371,15 @@
* <p>
* An entry encapsulates a single module and its related information.
*
- * @param requestPolicy the request policy assigned to the module listed in this entry, which may be null.
+ * @param requestPolicy the request policy assigned to the module listed in this entry, which may be null.
*
* @param responsePolicy the response policy assigned to the module listed in this entry, which may be null.
*
- * @param moduleClass the fully qualified class name of the module.
+ * @param moduleClass the fully qualified class name of the module.
*
- * @param flag the module control flag. This value must either be REQUIRED, REQUISITE, SUFFICIENT, or
- * OPTIONAL.
+ * @param flag the module control flag. This value must either be REQUIRED, REQUISITE, SUFFICIENT, or OPTIONAL.
*
- * @param options the options configured for this module.
+ * @param options the options configured for this module.
*/
Entry(AuthPolicy requestPolicy, AuthPolicy responsePolicy, String moduleClass, AppConfigurationEntry.LoginModuleControlFlag flag,
Map options) {
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/HttpServletAuthParam.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/HttpServletAuthParam.java
index 7fbf603..dfb756f 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/HttpServletAuthParam.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/HttpServletAuthParam.java
@@ -56,7 +56,7 @@
/**
* Create an HttpServletAuthParam with HTTP request and response objects.
*
- * @param request the HTTP Servlet request object, or null.
+ * @param request the HTTP Servlet request object, or null.
* @param response the HTTP Servlet response object, or null.
*/
public HttpServletAuthParam(HttpServletRequest request, HttpServletResponse response) {
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ServerAuthContext.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ServerAuthContext.java
index 5fb5374..40774d8 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ServerAuthContext.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ServerAuthContext.java
@@ -63,21 +63,21 @@
* <p>
* This method invokes configured modules to authenticate the request.
*
- * @param param an authentication parameter that encapsulates the client request and server response objects.
+ * @param param an authentication parameter that encapsulates the client request and server response objects.
*
- * @param subject the subject may be used by configured modules to store and Principals and credentials validated in
- * the request.
+ * @param subject the subject may be used by configured modules to store and Principals and credentials validated in the
+ * request.
*
* @param sharedState a Map for modules to save state across a sequence of calls from <code>validateRequest</code> to
- * <code>secureResponse</code> to <code>disposeSubject</code>.
+ * <code>secureResponse</code> to <code>disposeSubject</code>.
*
* @exception PendingException if the operation is pending (for example, when a module issues a challenge). The module
- * must have updated the response object in the AuthParam input parameter.
+ * must have updated the response object in the AuthParam input parameter.
*
* @exception FailureException if the authentication failed. The module must have updated the response object in the
- * AuthParam input parameter.
+ * AuthParam input parameter.
*
- * @exception AuthException if the operation failed.
+ * @exception AuthException if the operation failed.
*/
void validateRequest(AuthParam param, javax.security.auth.Subject subject, java.util.Map sharedState) throws AuthException;
@@ -87,13 +87,13 @@
* <p>
* This method invokes configured modules to secure the response.
*
- * @param param an authentication parameter that encapsulates the client request and server response objects
+ * @param param an authentication parameter that encapsulates the client request and server response objects
*
- * @param subject the subject may be used by configured modules to obtain credentials needed to secure the response,
- * or null. If null, the module may use a CallbackHandler to obtain the necessary information.
+ * @param subject the subject may be used by configured modules to obtain credentials needed to secure the response, or
+ * null. If null, the module may use a CallbackHandler to obtain the necessary information.
*
* @param sharedState a Map for modules to save state across a sequence of calls from <code>validateRequest</code> to
- * <code>secureResponse</code> to <code>disposeSubject</code>.
+ * <code>secureResponse</code> to <code>disposeSubject</code>.
*
* @exception AuthException if the operation failed.
*/
@@ -106,10 +106,10 @@
* <p>
* This method invokes configured modules to dispose the Subject.
*
- * @param subject the subject to be disposed.
+ * @param subject the subject to be disposed.
*
* @param sharedState a Map for modules to save state across a sequence of calls from <code>validateRequest</code> to
- * <code>secureResponse</code> to <code>disposeSubject</code>.
+ * <code>secureResponse</code> to <code>disposeSubject</code>.
*
* @exception AuthException if the operation failed.
*/
@@ -128,7 +128,7 @@
* session.
*
* @return true if the context should be allowed to manage sessions, and false if session management (if it is to occur)
- * must be performed by the container.
+ * must be performed by the container.
*
* @exception AuthException if the operation failed.
*/
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ServerAuthModule.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ServerAuthModule.java
index c8e0e4a..c0919c5 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ServerAuthModule.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/ServerAuthModule.java
@@ -46,13 +46,13 @@
* <p>
* Either the the request policy or the response policy (or both) must be non-null.
*
- * @param requestPolicy the request policy this module is to enforce, which may be null.
+ * @param requestPolicy the request policy this module is to enforce, which may be null.
*
* @param responsePolicy the response policy this module is to enforce, which may be null.
*
- * @param handler CallbackHandler used to request information from the caller.
+ * @param handler CallbackHandler used to request information from the caller.
*
- * @param options administrative options.
+ * @param options administrative options.
*/
void initialize(AuthPolicy requestPolicy, AuthPolicy responsePolicy, CallbackHandler handler, Map options);
@@ -63,34 +63,34 @@
* The AuthParam input parameter encapsulates the client request and server response objects. This ServerAuthModule
* validates the client request object (decrypts content and verifies a signature, for example).
*
- * @param param an authentication parameter that encapsulates the client request and server response objects.
+ * @param param an authentication parameter that encapsulates the client request and server response objects.
*
- * @param subject the subject may be used by configured modules to store and Principals and credentials validated in
- * the request.
+ * @param subject the subject may be used by configured modules to store and Principals and credentials validated in the
+ * request.
*
* @param sharedState a Map for modules to save state across a sequence of calls from <code>validateRequest</code> to
- * <code>secureResponse</code> to <code>disposeSubject</code>.
+ * <code>secureResponse</code> to <code>disposeSubject</code>.
*
* @exception PendingException if the operation is pending (for example, when a module issues a challenge). The module
- * must have updated the response object in the AuthParam.
+ * must have updated the response object in the AuthParam.
*
* @exception FailureException if the authentication failed. The module must have updated the response object in the
- * AuthParam.
+ * AuthParam.
*
- * @exception AuthException if the operation failed.
+ * @exception AuthException if the operation failed.
*/
void validateRequest(AuthParam param, Subject subject, Map sharedState) throws AuthException;
/**
* Secure the response to the client (sign and encrypt the response, for example).
*
- * @param param an authentication parameter that encapsulates the client request and server response objects.
+ * @param param an authentication parameter that encapsulates the client request and server response objects.
*
- * @param subject the subject may be used by configured modules to obtain credentials needed to secure the response,
- * or null. If null, the module may use a CallbackHandler to obtain the necessary information.
+ * @param subject the subject may be used by configured modules to obtain credentials needed to secure the response, or
+ * null. If null, the module may use a CallbackHandler to obtain the necessary information.
*
* @param sharedState a Map for modules to save state across a sequence of calls from <code>validateRequest</code> to
- * <code>secureResponse</code> to <code>disposeSubject</code>.
+ * <code>secureResponse</code> to <code>disposeSubject</code>.
*
* @exception AuthException if the operation failed.
*/
@@ -102,10 +102,10 @@
* <p>
* Remove Principals or credentials from the Subject object that were stored during <code>validateRequest</code>.
*
- * @param subject the Subject instance to be disposed.
+ * @param subject the Subject instance to be disposed.
*
* @param sharedState a Map for modules to save state across a sequence of calls from <code>validateRequest</code> to
- * <code>secureResponse</code> to <code>disposeSubject</code>.
+ * <code>secureResponse</code> to <code>disposeSubject</code>.
*
* @exception AuthException if the operation failed.
*/
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/CertStoreCallback.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/CertStoreCallback.java
index d594241..f5b955a 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/CertStoreCallback.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/CertStoreCallback.java
@@ -34,7 +34,7 @@
* Set the CertStore.
*
* @param certStore the certificate store, which may be null If null, the requester is assumed to already have access to
- * the relevant certificate and/or chain.
+ * the relevant certificate and/or chain.
*/
public void setStore(CertStore certStore) {
setCertStore(certStore);
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/PrivateKeyCallback.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/PrivateKeyCallback.java
index a6c6a3e..053fc81 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/PrivateKeyCallback.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/PrivateKeyCallback.java
@@ -93,7 +93,7 @@
*
* If the issuer/serialNumber parameters are null, the handler of the callback relies on its own defaults.
*
- * @param issuer the X500Principal name of the certificate issuer, or null.
+ * @param issuer the X500Principal name of the certificate issuer, or null.
*
* @param serialNumber the serial number of the certificate, or null.
*/
@@ -122,7 +122,7 @@
* Get the Request object which identifies the private key to be returned.
*
* @return the Request object which identifies the private key to be returned, or null. If null, the handler of the
- * callback relies on its own default.
+ * callback relies on its own default.
*/
@Override
public Request getRequest() {
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/SecretKeyCallback.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/SecretKeyCallback.java
index 6406432..cfe27af 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/SecretKeyCallback.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/SecretKeyCallback.java
@@ -68,7 +68,7 @@
* Get the Request object which identifies the secret key to be returned.
*
* @return the Request object which identifies the private key to be returned, or null. If null, the handler of the
- * callback relies on its own deafult.
+ * callback relies on its own deafult.
*/
@Override
public Request getRequest() {
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/SignatureKeyCallback.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/SignatureKeyCallback.java
index 78a0800..374520c 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/SignatureKeyCallback.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jauth/callback/SignatureKeyCallback.java
@@ -59,7 +59,7 @@
/**
* Set the requested signing key.
*
- * @param key the signing key
+ * @param key the signing key
* @param chain the corresponding certificate chain
*/
public void setKey(PrivateKey key, Certificate[] chain) {
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/MessageSecurityConfigEventListenerImpl.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/MessageSecurityConfigEventListenerImpl.java
index d5b00d5..99a1acc 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/MessageSecurityConfigEventListenerImpl.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/MessageSecurityConfigEventListenerImpl.java
@@ -114,9 +114,9 @@
/**
* Notification of a change on a configuration object
*
- * @param type type of change : ADD mean the changedInstance was added to the parent REMOVE means the
- * changedInstance was removed from the parent, CHANGE means the changedInstance has mutated.
- * @param changedType type of the configuration object
+ * @param type type of change : ADD mean the changedInstance was added to the parent REMOVE means the changedInstance
+ * was removed from the parent, CHANGE means the changedInstance has mutated.
+ * @param changedType type of the configuration object
* @param changedInstance changed instance.
*/
@Override
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/WebServicesDelegate.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/WebServicesDelegate.java
index 95423f3..0321eb4 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/WebServicesDelegate.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/WebServicesDelegate.java
@@ -38,7 +38,7 @@
public interface WebServicesDelegate {
/**
*
- * @param svcRef The ServiceReferenceDescriptor
+ * @param svcRef The ServiceReferenceDescriptor
* @param properties The Properties Map passed to WebServices Code Via PipeCreator
* @return The MessageSecurityBindingDescriptor
*/
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/callback/BaseContainerCallbackHandler.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/callback/BaseContainerCallbackHandler.java
index 03e9dab..642545e 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/callback/BaseContainerCallbackHandler.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/callback/BaseContainerCallbackHandler.java
@@ -212,7 +212,7 @@
* @param wp WebPrincipal
*
* @return true when Security Context has been obtained from webPrincipal, and CB is finished. returns false when more
- * CB processing is required.
+ * CB processing is required.
*/
private boolean reuseWebPrincipal(final Subject fs, final WebPrincipal wp) {
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/ConfigHelper.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/ConfigHelper.java
index 2d893c2..4dd8b0b 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/ConfigHelper.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/ConfigHelper.java
@@ -47,7 +47,7 @@
public abstract class ConfigHelper /* implements RegistrationListener */ {
private static final String DEFAULT_HANDLER_CLASS = "com.sun.enterprise.security.jmac.callback.ContainerCallbackHandler";
-// private static String handlerClassName = null;
+ // private static String handlerClassName = null;
protected static final AuthConfigFactory factory = AuthConfigFactory.getFactory();
private ReadWriteLock rwLock;
@@ -315,11 +315,11 @@
}
if (factory != null) {
String[] ids = factory.detachListener(this.listener, layer, appCtxt);
-// if (ids != null) {
-// for (int i=0; i < ids.length; i++) {
-// factory.removeRegistration(ids[i]);
-// }
-// }
+ // if (ids != null) {
+ // for (int i=0; i < ids.length; i++) {
+ // factory.removeRegistration(ids[i]);
+ // }
+ // }
if (getJmacProviderRegisID() != null) {
factory.removeRegistration(getJmacProviderRegisID());
}
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/GFServerConfigProvider.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/GFServerConfigProvider.java
index 78626e5..6f5146a 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/GFServerConfigProvider.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/jmac/config/GFServerConfigProvider.java
@@ -388,11 +388,11 @@
* An entry encapsulates a single module and its related information.
*
* @param moduleClassName the module class name
- * @param requestPolicy the request policy assigned to the module listed in this entry, which may be null.
+ * @param requestPolicy the request policy assigned to the module listed in this entry, which may be null.
*
- * @param responsePolicy the response policy assigned to the module listed in this entry, which may be null.
+ * @param responsePolicy the response policy assigned to the module listed in this entry, which may be null.
*
- * @param options the options configured for this module.
+ * @param options the options configured for this module.
*/
Entry(String moduleClassName, MessagePolicy requestPolicy, MessagePolicy responsePolicy, Map options) {
this.moduleClassName = moduleClassName;
@@ -551,29 +551,28 @@
* The implementation of this method returns a ClientAuthConfig instance that describes the configuration of
* ClientAuthModules at a given message layer, and for use in an identified application context.
*
- * @param layer a String identifying the message layer for the returned ClientAuthConfig object. This argument must
- * not be null.
+ * @param layer a String identifying the message layer for the returned ClientAuthConfig object. This argument must not
+ * be null.
*
* @param appContext a String that identifies the messaging context for the returned ClientAuthConfig object. This
- * argument must not be null.
+ * argument must not be null.
*
- * @param handler a CallbackHandler to be passed to the ClientAuthModules encapsulated by ClientAuthContext objects
- * derived from the returned ClientAuthConfig. This argument may be null, in which case the
- * implementation may assign a default handler to the configuration.
+ * @param handler a CallbackHandler to be passed to the ClientAuthModules encapsulated by ClientAuthContext objects
+ * derived from the returned ClientAuthConfig. This argument may be null, in which case the implementation may assign a
+ * default handler to the configuration.
*
* @return a ClientAuthConfig Object that describes the configuration of ClientAuthModules at the message layer and
- * messaging context identified by the layer and appContext arguments. This method does not return null.
+ * messaging context identified by the layer and appContext arguments. This method does not return null.
*
- * @exception AuthException if this provider does not support the assignment of a default CallbackHandler to the
- * returned ClientAuthConfig.
+ * @exception AuthException if this provider does not support the assignment of a default CallbackHandler to the
+ * returned ClientAuthConfig.
*
* @exception SecurityException if the caller does not have permission to retrieve the configuration.
*
- * The CallbackHandler assigned to the configuration must support the Callback objects
- * required to be supported by the profile of this specification being followed by the
- * messaging runtime. The CallbackHandler instance must be initialized with any application
- * context needed to process the required callbacks on behalf of the corresponding
- * application.
+ * The CallbackHandler assigned to the configuration must support the Callback objects required to be supported by the
+ * profile of this specification being followed by the messaging runtime. The CallbackHandler instance must be
+ * initialized with any application context needed to process the required callbacks on behalf of the corresponding
+ * application.
*/
@Override
public ClientAuthConfig getClientAuthConfig(String layer, String appContext, CallbackHandler handler) throws AuthException {
@@ -587,29 +586,28 @@
* The implementation of this method returns a ServerAuthConfig instance that describes the configuration of
* ServerAuthModules at a given message layer, and for a particular application context.
*
- * @param layer a String identifying the message layer for the returned ServerAuthConfig object. This argument must
- * not be null.
+ * @param layer a String identifying the message layer for the returned ServerAuthConfig object. This argument must not
+ * be null.
*
* @param appContext a String that identifies the messaging context for the returned ServerAuthConfig object. This
- * argument must not be null.
+ * argument must not be null.
*
- * @param handler a CallbackHandler to be passed to the ServerAuthModules encapsulated by ServerAuthContext objects
- * derived from thr returned ServerAuthConfig. This argument may be null, in which case the
- * implementation may assign a default handler to the configuration.
+ * @param handler a CallbackHandler to be passed to the ServerAuthModules encapsulated by ServerAuthContext objects
+ * derived from thr returned ServerAuthConfig. This argument may be null, in which case the implementation may assign a
+ * default handler to the configuration.
*
* @return a ServerAuthConfig Object that describes the configuration of ServerAuthModules at a given message layer, and
- * for a particular application context. This method does not return null.
+ * for a particular application context. This method does not return null.
*
- * @exception AuthException if this provider does not support the assignment of a default CallbackHandler to the
- * returned ServerAuthConfig.
+ * @exception AuthException if this provider does not support the assignment of a default CallbackHandler to the
+ * returned ServerAuthConfig.
*
* @exception SecurityException if the caller does not have permission to retrieve the configuration.
- * <p>
- * The CallbackHandler assigned to the configuration must support the Callback objects
- * required to be supported by the profile of this specification being followed by the
- * messaging runtime. The CallbackHandler instance must be initialized with any application
- * context needed to process the required callbacks on behalf of the corresponding
- * application.
+ * <p>
+ * The CallbackHandler assigned to the configuration must support the Callback objects required to be supported by the
+ * profile of this specification being followed by the messaging runtime. The CallbackHandler instance must be
+ * initialized with any application context needed to process the required callbacks on behalf of the corresponding
+ * application.
*/
@Override
public ServerAuthConfig getServerAuthConfig(String layer, String appContext, CallbackHandler handler) throws AuthException {
@@ -621,7 +619,7 @@
* reflected in the corresponding authentication context configuration objects previously created by the provider within
* the current process context.
*
- * @exception AuthException if an error occured during the refresh.
+ * @exception AuthException if an error occured during the refresh.
*
* @exception SecurityException if the caller does not have permission to refresh the provider.
*/
@@ -636,7 +634,7 @@
* changed. It relies on the slaves, since it is a static method.
*
* @param config a config object of type understood by the parser. NOTE: there appears to be a thread saftey problem,
- * and this method will fail if a slaveProvider has not been established prior to its call.
+ * and this method will fail if a slaveProvider has not been established prior to its call.
*/
public static void loadConfigContext(Object config) {
@@ -732,7 +730,7 @@
protected String providerID = null;
protected boolean init = false;
protected boolean onePolicy = false;
-// protected boolean newHandler = false;
+ // protected boolean newHandler = false;
protected MessageSecurityBindingDescriptor binding = null;
protected SunWebApp sunWebApp = null;
@@ -743,7 +741,7 @@
this.type = type;
if (handler == null) {
handler = AuthMessagePolicy.getDefaultCallbackHandler();
-// this.newHandler = true;
+ // this.newHandler = true;
}
this.handler = handler;
}
@@ -752,7 +750,7 @@
* Get the message layer name of this authentication context configuration object.
*
* @return the message layer name of this configuration object, or null if the configuration object pertains to an
- * unspecified message layer.
+ * unspecified message layer.
*/
@Override
public String getMessageLayer() {
@@ -763,7 +761,7 @@
* Get the application context identifier of this authentication context configuration object.
*
* @return the String identifying the application context of this configuration object or null if the configuration
- * object pertains to an unspecified application context.
+ * object pertains to an unspecified application context.
*/
@Override
public String getAppContext() {
@@ -780,12 +778,11 @@
* @param messageInfo a contextual Object that encapsulates the client request and server response objects.
*
* @return the authentication context identifier corresponding to the encapsulated request and response objects, or
- * null.
+ * null.
*
*
* @throws IllegalArgumentException if the type of the message objects incorporated in messageInfo are not compatible
- * with the message types supported by this authentication context configuration
- * object.
+ * with the message types supported by this authentication context configuration object.
*/
@Override
public String getAuthContextID(MessageInfo messageInfo) {
@@ -807,7 +804,7 @@
* Causes a dynamic anthentication context configuration object to update the internal state that it uses to process
* calls to its <code>getAuthContext</code> method.
*
- * @exception AuthException if an error occured during the update.
+ * @exception AuthException if an error occured during the update.
*
* @exception SecurityException if the caller does not have permission to refresh the configuration object.
*/
@@ -821,7 +818,7 @@
* will return null for all possible values of authentication context identifier.
*
* @return false when <code>getAuthContext</code> will return null for all possible values of authentication context
- * identifier. Otherwise, this method returns true.
+ * identifier. Otherwise, this method returns true.
*/
@Override
public boolean isProtected() {
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/perms/PermissionXMLParser.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/perms/PermissionXMLParser.java
index dedeb19..fd21f28 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/perms/PermissionXMLParser.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/perms/PermissionXMLParser.java
@@ -205,7 +205,8 @@
}
pc.add(pm);
}
- } catch (ClassNotFoundException | NoSuchMethodException | InstantiationException | IllegalAccessException | InvocationTargetException e) {
+ } catch (ClassNotFoundException | NoSuchMethodException | InstantiationException | IllegalAccessException
+ | InvocationTargetException e) {
throw new SecurityException(e);
}
}
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/perms/PermsArchiveDelegate.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/perms/PermsArchiveDelegate.java
index 1f0e63e..b5eeb5f 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/perms/PermsArchiveDelegate.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/perms/PermsArchiveDelegate.java
@@ -33,7 +33,7 @@
/**
* Get the application or module packaged permissions
*
- * @param type the type of the module, this is used to check the configured restriction for the type
+ * @param type the type of the module, this is used to check the configured restriction for the type
* @param context the deployment context
* @return the module or app declared permissions
* @throws SecurityException if permissions.xml has syntax failure, or failed for restriction check
@@ -64,7 +64,7 @@
* Get the EE permissions for the spcified module type
*
* @param type module type
- * @param dc the deployment context
+ * @param dc the deployment context
* @return the ee permissions
*/
public static PermissionCollection processEEPermissions(SMGlobalPolicyUtil.CommponentType type, DeploymentContext dc) {
@@ -79,8 +79,8 @@
/**
* Get the declared permissions and EE permissions, then add them to the classloader
*
- * @param type module type
- * @param context deployment context
+ * @param type module type
+ * @param context deployment context
* @param classloader throws AccessControlException if caller has no privilege
*/
public static void processModuleDeclaredAndEEPemirssions(SMGlobalPolicyUtil.CommponentType type, DeploymentContext context,
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebPermissionUtil.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebPermissionUtil.java
index 9df8d9d..f94a660 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebPermissionUtil.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebPermissionUtil.java
@@ -198,7 +198,8 @@
case PT_PREFIX:
if ((otherUrlType == PT_PREFIX || otherUrlType == PT_EXACT) && implies(url, otherUrl)) {
mValue.addQualifier(otherUrl);
- } else if ((otherUrlType == PT_PREFIX && implies(otherUrl, url)) || (otherUrlType == PT_EXTENSION || otherUrlType == PT_DEFAULT)) {
+ } else if ((otherUrlType == PT_PREFIX && implies(otherUrl, url))
+ || (otherUrlType == PT_EXTENSION || otherUrlType == PT_DEFAULT)) {
qpVal.getValue().addQualifier(url);
}
break;
@@ -234,7 +235,8 @@
// every path-prefix or extension pattern (in
// the map) that implies the new pattern.
case PT_EXACT:
- if (((otherUrlType == PT_PREFIX || otherUrlType == PT_EXTENSION) && implies(otherUrl, url)) || (otherUrlType == PT_DEFAULT)) {
+ if (((otherUrlType == PT_PREFIX || otherUrlType == PT_EXTENSION) && implies(otherUrl, url))
+ || (otherUrlType == PT_DEFAULT)) {
qpVal.getValue().addQualifier(url);
}
break;
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebProgrammaticLogin.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebProgrammaticLogin.java
index 94392eb..24322b9 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebProgrammaticLogin.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebProgrammaticLogin.java
@@ -48,13 +48,12 @@
* <P>
* Note also that this login does not hook up into SSO.
*
- * @param user User name to login.
+ * @param user User name to login.
* @param password User password.
- * @param request HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
+ * @param request HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
* @param response HTTP response object provided by called application. It should be an instance of HttpServletResponse.
- * This is not used currently.
- * @param realm the realm name to be authenticated to. If the realm is null, authentication takes place in default
- * realm
+ * This is not used currently.
+ * @param realm the realm name to be authenticated to. If the realm is null, authentication takes place in default realm
* @returns A Boolean object; true if login succeeded, false otherwise.
* @see com.sun.enterprise.security.ee.auth.login.ProgrammaticLogin
* @throws Exception on login failure.
@@ -65,9 +64,9 @@
/**
* Logout and remove principal in request and session.
*
- * @param request HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
+ * @param request HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
* @param response HTTP response object provided by called application. It should be an instance of HttpServletResponse.
- * This is not used currently.
+ * This is not used currently.
* @returns A Boolean object; true if login succeeded, false otherwise.
* @see com.sun.enterprise.security.ee.auth.login.ProgrammaticLogin
* @throws Exception any exception encountered during logout operation
diff --git a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebSecurityManager.java b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebSecurityManager.java
index 59ecd6a..65876c9 100644
--- a/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebSecurityManager.java
+++ b/appserver/security/core-ee/src/main/java/com/sun/enterprise/security/web/integration/WebSecurityManager.java
@@ -76,7 +76,7 @@
* @author Jean-Francois Arcand
* @author Harpreet Singh.
* @todo introduce a new class called AbstractSecurityManager. Move functionality from this class and EJBSecurityManager
- * class and extend this class from AbstractSecurityManager
+ * class and extend this class from AbstractSecurityManager
*/
public class WebSecurityManager {
private static final Logger logger = LogUtils.getLogger();
@@ -158,7 +158,7 @@
this.serverContext = svc;
this.wsmf = fact;
String appname = getAppId();
-// factory = SecurityRoleMapperFactoryGen.getSecurityRoleMapperFactory();
+ // factory = SecurityRoleMapperFactoryGen.getSecurityRoleMapperFactory();
postConstruct();
initialise(appname);
}
@@ -486,14 +486,14 @@
* the context path, and any colons occurring in the uri must be escaped.
*
* @return 1 if access is permitted (as is or without SSL). -1 if the the access will be permitted after a redirect to
- * SSL. return 0 if access will be denied independent of whether a redirect to SSL is done.
+ * SSL. return 0 if access will be denied independent of whether a redirect to SSL is done.
*
- * Note: this method is not intended to be called if the request is secure. it checks whether the resource can
- * be accessed over the current connection type (which is presumed to be insecure), and if an insecure
- * connection type is not permitted it checks if the resource can be accessed via a confidential transport.
+ * Note: this method is not intended to be called if the request is secure. it checks whether the resource can be
+ * accessed over the current connection type (which is presumed to be insecure), and if an insecure connection type is
+ * not permitted it checks if the resource can be accessed via a confidential transport.
*
- * If the request is secure, the second check is skipped, and the proper result is returned (but that is not the
- * intended use model).
+ * If the request is secure, the second check is skipped, and the proper result is returned (but that is not the
+ * intended use model).
*/
public int hasUserDataPermission(HttpServletRequest httpsr, String uri, String httpMethod) {
diff --git a/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/GlassfishRoleMapper.java b/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/GlassfishRoleMapper.java
index 1be4ff7..c337cb8 100644
--- a/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/GlassfishRoleMapper.java
+++ b/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/GlassfishRoleMapper.java
@@ -32,7 +32,10 @@
import org.glassfish.internal.api.Globals;
/**
- * Glassfish role mapper NB: mapper only supports disjunctive (as apposed to conjunctive principal 2 role mappings. IOW,
+ * Glassfish role mapper
+ *
+ * <p>
+ * NB: mapper only supports disjunctive (as apposed to conjunctive principal 2 role mappings. IOW,
* there is no way to require 2 or more principals to be in a Role.
*
* @author monzillo
@@ -50,10 +53,8 @@
}
}
- private SecurityRoleMapper getInternalMapper(String pcid) {
-
+ private SecurityRoleMapper getInternalMapper(String contextId) {
SecurityRoleMapperFactory factory = Globals.get(SecurityRoleMapperFactory.class);
- // SecurityRoleMapperFactoryMgr.getFactory();
if (factory == null) {
String msg = "RoleMapper.factory.lookup.failed";
@@ -61,14 +62,15 @@
throw new SecurityException(msg);
}
- SecurityRoleMapper srm = factory.getRoleMapper(pcid);
+ SecurityRoleMapper securityRoleMapper = factory.getRoleMapper(contextId);
- if (srm == null) {
+ if (securityRoleMapper == null) {
String msg = "RoleMapper.mapper.lookup.failed";
logger.log(Level.SEVERE, msg);
throw new SecurityException(msg);
}
- return srm;
+
+ return securityRoleMapper;
}
private Set<String> getDeclaredRoles(SecurityRoleMapper srm) {
@@ -93,24 +95,21 @@
return roleNameSet;
}
- private Set<Principal> getPrincipalsInRole(SecurityRoleMapper srm, String roleName)
- throws SecurityException, UnsupportedOperationException {
-
- Map<String, Subject> roleMap = srm.getRoleToSubjectMapping();
+ private Set<Principal> getPrincipalsInRole(SecurityRoleMapper securityRoleMapper, String roleName) throws SecurityException, UnsupportedOperationException {
+ Map<String, Subject> roleMap = securityRoleMapper.getRoleToSubjectMapping();
if (roleMap == null) {
return null;
}
- Subject s = roleMap.get(roleName);
- if (s == null) {
+ Subject subject = roleMap.get(roleName);
+ if (subject == null) {
return null;
}
- return s.getPrincipals();
+ return subject.getPrincipals();
}
public boolean arePrincipalsInRole(SecurityRoleMapper srm, Principal[] principals, String roleName) throws SecurityException {
-
if (principals == null || principals.length == 0) {
return false;
}
@@ -120,59 +119,53 @@
return false;
}
- for (Principal p : principals) {
- if (rolePrincipals.contains(p)) {
+ for (Principal principal : principals) {
+ if (rolePrincipals.contains(principal)) {
return true;
}
}
+
return false;
}
// public methods follow
@Override
- public Set<String> getDeclaredRoles(String pcid) {
- return getDeclaredRoles(getInternalMapper(pcid));
+ public Set<String> getDeclaredRoles(String contextId) {
+ return getDeclaredRoles(getInternalMapper(contextId));
}
@Override
- public boolean isSubjectInRole(String pcid, Subject s, String roleName) throws SecurityException {
- return arePrincipalsInRole(pcid, toArray(s.getPrincipals()), roleName);
+ public boolean isSubjectInRole(String contextId, Subject subject, String roleName) throws SecurityException {
+ return arePrincipalsInRole(contextId, toArray(subject.getPrincipals()), roleName);
}
@Override
- public boolean arePrincipalsInRole(String pcid, Principal[] principals, String roleName) throws SecurityException {
- return arePrincipalsInRole(getInternalMapper(pcid), principals, roleName);
+ public boolean arePrincipalsInRole(String contextId, Principal[] principals, String roleName) throws SecurityException {
+ return arePrincipalsInRole(getInternalMapper(contextId), principals, roleName);
}
@Override
- public Set<String> getRolesOfSubject(String pcid, Subject s) throws SecurityException, UnsupportedOperationException {
- return getRolesOfPrincipals(pcid, toArray(s.getPrincipals()));
+ public Set<String> getRolesOfSubject(String contextId, Subject subject) throws SecurityException, UnsupportedOperationException {
+ return getRolesOfPrincipals(contextId, toArray(subject.getPrincipals()));
}
@Override
- public Set<String> getRolesOfPrincipals(String pcid, Principal[] principals) throws SecurityException, UnsupportedOperationException {
-
+ public Set<String> getRolesOfPrincipals(String contextId, Principal[] principals) throws SecurityException, UnsupportedOperationException {
if (principals.length == 0) {
return null;
}
- SecurityRoleMapper srm = getInternalMapper(pcid);
- Set<String> roleNames = getDeclaredRoles(srm);
-
- // Comment out for now to supress FindBugs warning, getDeclaredRoles(srm) always throw UnsupportedOperationException
- // currently so roleNames cannot be null, when getDeclaredRoles is fixed we can uncomment this
- // if (roleNames == null) {
- // return null;
- // }
+ SecurityRoleMapper securityRoleMapper = getInternalMapper(contextId);
+ Set<String> roleNames = getDeclaredRoles(securityRoleMapper);
HashSet<String> roles = new HashSet<>();
Iterator<String> it = roleNames.iterator();
while (it.hasNext()) {
String roleName = it.next();
- Set<Principal> pSet = getPrincipalsInRole(srm, roleName);
- if (pSet != null) {
+ Set<Principal> principalsInRole = getPrincipalsInRole(securityRoleMapper, roleName);
+ if (principalsInRole != null) {
for (Principal p : principals) {
- if (pSet.contains(p)) {
+ if (principalsInRole.contains(p)) {
roles.add(roleName);
break;
}
@@ -184,11 +177,11 @@
}
@Override
- public BitSet getRolesOfSubject(String pcid, String[] roles, Subject s) throws SecurityException, UnsupportedOperationException {
- return getRolesOfPrincipals(pcid, roles, toArray(s.getPrincipals()));
+ public BitSet getRolesOfSubject(String contextId, String[] roles, Subject subject) throws SecurityException, UnsupportedOperationException {
+ return getRolesOfPrincipals(contextId, roles, toArray(subject.getPrincipals()));
}
- private Principal[] toArray(Set principals) {
+ private Principal[] toArray(Set<Principal> principals) {
Principal[] list = new Principal[principals.size()];
int i = 0;
for (Object obj : principals) {
@@ -196,17 +189,18 @@
list[i] = (Principal) obj;
}
}
+
return list;
}
@Override
- public BitSet getRolesOfPrincipals(String pcid, String[] roles, Principal[] principals)
- throws SecurityException, UnsupportedOperationException {
+ public BitSet getRolesOfPrincipals(String contextId, String[] roles, Principal[] principals) throws SecurityException, UnsupportedOperationException {
if (principals.length == 0 || roles == null || roles.length == 0) {
return null;
}
+
BitSet roleSet = new BitSet(roles.length);
- SecurityRoleMapper srm = getInternalMapper(pcid);
+ SecurityRoleMapper srm = getInternalMapper(contextId);
for (int i = 0; i < roles.length; i++) {
roleSet.set(i, arePrincipalsInRole(srm, principals, roles[i]));
}
@@ -214,7 +208,7 @@
}
@Override
- public Set<Principal> getPrincipalsInRole(String pcid, String roleName) throws SecurityException, UnsupportedOperationException {
- return getPrincipalsInRole(getInternalMapper(pcid), roleName);
+ public Set<Principal> getPrincipalsInRole(String contextId, String roleName) throws SecurityException, UnsupportedOperationException {
+ return getPrincipalsInRole(getInternalMapper(contextId), roleName);
}
}
diff --git a/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/JACCRoleMapper.java b/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/JACCRoleMapper.java
index 6a098b1..6daddb5 100644
--- a/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/JACCRoleMapper.java
+++ b/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/JACCRoleMapper.java
@@ -31,20 +31,19 @@
String HANDLER_KEY = "simple.jacc.provider.RoleMapper";
String CLASS_NAME = "simple.jacc.provider.JACCRoleMapper.class";
- Set<String> getDeclaredRoles(String pcid);
+ Set<String> getDeclaredRoles(String contextId);
- boolean isSubjectInRole(String pcid, Subject s, String roleName) throws SecurityException;
+ boolean isSubjectInRole(String contextId, Subject subject, String roleName) throws SecurityException;
- boolean arePrincipalsInRole(String pcid, Principal[] principals, String roleName) throws SecurityException;
+ boolean arePrincipalsInRole(String contextId, Principal[] principals, String roleName) throws SecurityException;
- Set<String> getRolesOfSubject(String pcid, Subject s) throws SecurityException, UnsupportedOperationException;
+ Set<String> getRolesOfSubject(String contextId, Subject subject) throws SecurityException, UnsupportedOperationException;
- Set<String> getRolesOfPrincipals(String pcid, Principal[] principals) throws SecurityException, UnsupportedOperationException;
+ Set<String> getRolesOfPrincipals(String contextId, Principal[] principals) throws SecurityException, UnsupportedOperationException;
- BitSet getRolesOfSubject(String pcid, String roles[], Subject s) throws SecurityException, UnsupportedOperationException;
+ BitSet getRolesOfSubject(String contextId, String roles[], Subject subject) throws SecurityException, UnsupportedOperationException;
- BitSet getRolesOfPrincipals(String pcid, String roles[], Principal[] principals)
- throws SecurityException, UnsupportedOperationException;
+ BitSet getRolesOfPrincipals(String contextId, String roles[], Principal[] principals) throws SecurityException, UnsupportedOperationException;
- Set<Principal> getPrincipalsInRole(String pcid, String roleName) throws SecurityException, UnsupportedOperationException;
+ Set<Principal> getPrincipalsInRole(String contextId, String roleName) throws SecurityException, UnsupportedOperationException;
}
diff --git a/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/Role.java b/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/Role.java
index 3d3dc93..c3ee005 100644
--- a/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/Role.java
+++ b/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/Role.java
@@ -29,15 +29,102 @@
*/
public class Role {
- String roleName;
- Permissions permissions;
- Set<Principal> principals;
- private boolean isAnyAuthenticatedUserRole = false;
+ private String roleName;
+ private Permissions permissions;
+ private Set<Principal> principals;
+ private boolean isAnyAuthenticatedUserRole;
public Role(String name) {
roleName = name;
}
+ public String getName() {
+ return roleName;
+ }
+
+ void addPermission(Permission permission) {
+ if (permissions == null) {
+ permissions = new Permissions();
+ }
+
+ permissions.add(permission);
+ }
+
+ void addPermissions(PermissionCollection permissionCollection) {
+ if (permissions == null) {
+ permissions = new Permissions();
+ }
+
+ for (Enumeration<Permission> e = permissionCollection.elements(); e.hasMoreElements();) {
+ permissions.add(e.nextElement());
+ }
+ }
+
+ Permissions getPermissions() {
+ return permissions;
+ }
+
+ void setPrincipals(Set<Principal> principals) {
+ if (principals != null) {
+ this.principals = principals;
+ }
+ }
+
+ boolean implies(Permission permission) {
+ if (permissions == null) {
+ return false;
+ }
+
+ return permissions.implies(permission);
+ }
+
+ void determineAnyAuthenticatedUserRole() {
+ isAnyAuthenticatedUserRole = false;
+ // If no princiapls are present then any authenticated user is possible
+ if ((principals == null) || principals.isEmpty()) {
+ isAnyAuthenticatedUserRole = true;
+ }
+ }
+
+ boolean isAnyAuthenticatedUserRole() {
+ return isAnyAuthenticatedUserRole;
+ }
+
+ boolean isPrincipalInRole(Principal principal) {
+ if (isAnyAuthenticatedUserRole && (principal != null)) {
+ return true;
+ }
+
+ if (principals == null) {
+ return false;
+ }
+
+ return principals.contains(principal);
+ }
+
+ boolean arePrincipalsInRole(Principal subject[]) {
+ if (subject == null || subject.length == 0) {
+ return false;
+ }
+
+ if (isAnyAuthenticatedUserRole) {
+ return true;
+ }
+
+ if (principals == null || principals.isEmpty()) {
+ return false;
+ }
+
+ boolean rvalue = false;
+ for (Principal principal : subject) {
+ if (principals.contains(principal)) {
+ rvalue = true;
+ break;
+ }
+ }
+ return rvalue;
+ }
+
/**
* NB: Class Overrides equals and hashCode Methods such that 2 Roles are equal simply based on having a common name.
*
@@ -56,87 +143,4 @@
hash = 29 * hash + (this.roleName != null ? this.roleName.hashCode() : 0);
return hash;
}
-
- public String getName() {
- return roleName;
- }
-
- void addPermission(Permission p) {
- if (permissions == null) {
- permissions = new Permissions();
- }
- permissions.add(p);
- }
-
- void addPermissions(PermissionCollection pc) {
- if (permissions == null) {
- permissions = new Permissions();
- }
- for (Enumeration<Permission> e = pc.elements(); e.hasMoreElements();) {
- permissions.add(e.nextElement());
- }
- }
-
- Permissions getPermissions() {
- return permissions;
- }
-
- void setPrincipals(Set<Principal> pSet) {
- if (pSet != null) {
- principals = pSet;
- }
- }
-
- boolean implies(Permission p) {
- boolean rvalue = false;
- if (permissions != null) {
- rvalue = permissions.implies(p);
- }
- return rvalue;
- }
-
- void determineAnyAuthenticatedUserRole() {
- isAnyAuthenticatedUserRole = false;
- // If no princiapls are present then any authenticated user is possible
- if ((principals == null) || principals.isEmpty()) {
- isAnyAuthenticatedUserRole = true;
- }
- }
-
- boolean isAnyAuthenticatedUserRole() {
- return isAnyAuthenticatedUserRole;
- }
-
- boolean isPrincipalInRole(Principal p) {
- if (isAnyAuthenticatedUserRole && (p != null)) {
- return true;
- }
-
- boolean rvalue = false;
- if (principals != null) {
- rvalue = principals.contains(p);
- }
- return rvalue;
- }
-
- boolean arePrincipalsInRole(Principal subject[]) {
- if (subject == null || subject.length == 0) {
- return false;
- }
- if (isAnyAuthenticatedUserRole) {
- return true;
- }
- if (principals == null || principals.isEmpty()) {
- return false;
- }
-
- boolean rvalue = false;
- for (Principal p : subject) {
- if (principals.contains(p)) {
- rvalue = true;
- break;
- }
- }
- return rvalue;
- }
}
diff --git a/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SharedState.java b/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SharedState.java
index d9c2020..d5ac9a3 100644
--- a/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SharedState.java
+++ b/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SharedState.java
@@ -16,9 +16,12 @@
package com.sun.enterprise.security.jacc.provider;
+import static java.util.logging.Level.WARNING;
+
import java.util.HashMap;
import java.util.HashSet;
-import java.util.Iterator;
+import java.util.Map;
+import java.util.Set;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import java.util.logging.Level;
@@ -32,84 +35,80 @@
* @author monzillo
*/
public class SharedState {
+
+ private static final Logger logger = Logger.getLogger(SharedState.class.getPackage().getName());
// lock on the shared configTable and linkTable
private static ReentrantReadWriteLock rwLock = new ReentrantReadWriteLock(true);
private static Lock rLock = rwLock.readLock();
private static Lock wLock = rwLock.writeLock();
- private static HashMap<String, SimplePolicyConfiguration> configTable = new HashMap<>();
- private static HashMap<String, HashSet<String>> linkTable = new HashMap<>();
- private static final Logger logger = Logger.getLogger(SharedState.class.getPackage().getName());
-
- private SharedState() {
- }
+ private static Map<String, SimplePolicyConfiguration> configTable = new HashMap<>();
+ private static Map<String, Set<String>> linkTable = new HashMap<>();
+
static Logger getLogger() {
return logger;
}
static SimplePolicyConfiguration lookupConfig(String pcid) {
-
- SimplePolicyConfiguration pc = null;
wLock.lock();
try {
- pc = configTable.get(pcid);
+ return configTable.get(pcid);
} finally {
wLock.unlock();
}
- return pc;
}
static SimplePolicyConfiguration getConfig(String pcid, boolean remove) {
-
- SimplePolicyConfiguration pc = null;
+ SimplePolicyConfiguration simplePolicyConfiguration = null;
wLock.lock();
try {
- pc = configTable.get(pcid);
- if (pc == null) {
- pc = new SimplePolicyConfiguration(pcid);
+ simplePolicyConfiguration = configTable.get(pcid);
+ if (simplePolicyConfiguration == null) {
+ simplePolicyConfiguration = new SimplePolicyConfiguration(pcid);
SharedState.initLinks(pcid);
- configTable.put(pcid, pc);
+ configTable.put(pcid, simplePolicyConfiguration);
} else if (remove) {
SharedState.removeLinks(pcid);
}
} finally {
wLock.unlock();
}
- return pc;
+
+ return simplePolicyConfiguration;
}
static SimplePolicyConfiguration getActiveConfig() throws PolicyContextException {
- String pcid = PolicyContext.getContextID();
- SimplePolicyConfiguration pc = null;
- if (pcid != null) {
+ String contectId = PolicyContext.getContextID();
+ SimplePolicyConfiguration simplePolicyConfiguration = null;
+ if (contectId != null) {
rLock.lock();
try {
- pc = configTable.get(pcid);
- if (pc == null) {
+ simplePolicyConfiguration = configTable.get(contectId);
+ if (simplePolicyConfiguration == null) {
/*
* unknown policy context set on thread return null to allow checking to be performed with default context. Should
* repair improper setting of context by encompassing runtime.
*/
- SimplePolicyConfiguration.logException(Level.WARNING, "invalid policy context id", new PolicyContextException());
+ SimplePolicyConfiguration.logException(WARNING, "invalid policy context id", new PolicyContextException());
}
} finally {
rLock.unlock();
}
- if (pc != null) {
- if (!pc.inService()) {
+ if (simplePolicyConfiguration != null) {
+ if (!simplePolicyConfiguration.inService()) {
/*
* policy context set on thread is not in service return null to allow checking to be performed with default context.
* Should repair improper setting of context by encompassing runtime.
*/
SimplePolicyConfiguration.logException(Level.FINEST, "invalid policy context state", new PolicyContextException());
- pc = null;
+ simplePolicyConfiguration = null;
}
}
}
- return pc;
+ return simplePolicyConfiguration;
}
/**
@@ -127,68 +126,58 @@
* @throws jakarta.security.jacc.PolicyContextException If otherID equals receiverID. no relationship is formed.
*/
static void link(String id, String otherId) throws jakarta.security.jacc.PolicyContextException {
-
wLock.lock();
try {
-
if (otherId.equals(id)) {
- String msg = "Operation attempted to link PolicyConfiguration to itself.";
- throw new IllegalArgumentException(msg);
+ throw new IllegalArgumentException("Operation attempted to link PolicyConfiguration to itself.");
}
-// get the linkSet corresponding to this context
- HashSet<String> linkSet = linkTable.get(id);
+ // Get the linkSet corresponding to this context
+ Set<String> linkSet = linkTable.get(id);
- // get the linkSet corresponding to the context being linked to this
- HashSet otherLinkSet = linkTable.get(otherId);
+ // Get the linkSet corresponding to the context being linked to this
+ Set<String> otherLinkSet = linkTable.get(otherId);
if (otherLinkSet == null) {
- String msg = "Linked policy configuration (" + otherId + ") does not exist";
- throw new RuntimeException(msg);
+ throw new RuntimeException("Linked policy configuration (" + otherId + ") does not exist");
}
-
- Iterator it = otherLinkSet.iterator();
-
- // for each context (id) linked to the context being linked to this
- while (it.hasNext()) {
- String nextid = (String) it.next();
-
- // add the id to this linkSet
+
+ for (String nextid : otherLinkSet) {
+ // Add the id to this linkSet
linkSet.add(nextid);
-
- // replace the linkset mapped to all the contexts being linked
+
+ // Replace the linkset mapped to all the contexts being linked
// to this context, with this linkset.
linkTable.put(nextid, linkSet);
}
-
} finally {
wLock.unlock();
}
}
- static void initLinks(String id) {
- // create a new linkSet with only this context id, and put in the table.
- HashSet linkSet = new HashSet();
- linkSet.add(id);
- linkTable.put(id, linkSet);
+ static void initLinks(String contextId) {
+ // Create a new linkSet with only this context id, and put in the table.
+ Set<String> linkSet = new HashSet<>();
+ linkSet.add(contextId);
+ linkTable.put(contextId, linkSet);
}
- static void removeLinks(String id) {
+ static void removeLinks(String contextId) {
wLock.lock();
try { // get the linkSet corresponding to this context.
- HashSet linkSet = linkTable.get(id);
- // remove this context id from the linkSet (which may be shared
+ Set<String> linkSet = linkTable.get(contextId);
+
+ // Remove this context id from the linkSet (which may be shared
// with other contexts), and unmap the linkSet from this context.
if (linkSet != null) {
- linkSet.remove(id);
- linkTable.remove(id);
+ linkSet.remove(contextId);
+ linkTable.remove(contextId);
}
- initLinks(id);
+ initLinks(contextId);
} finally {
wLock.unlock();
}
-
}
}
diff --git a/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SimplePolicyConfiguration.java b/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SimplePolicyConfiguration.java
index 7ab8c7c..7b67bd5 100644
--- a/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SimplePolicyConfiguration.java
+++ b/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SimplePolicyConfiguration.java
@@ -44,13 +44,13 @@
import jakarta.security.jacc.WebUserDataPermission;
/**
+ * The methods of this interface are used by containers to create policy statements in a Policy provider.
+ *
+ * <p>
+ * An object that implements the PolicyConfiguration interface provides the policy statement configuration interface for
+ * a corresponding policy context within the corresponding Policy provider.
*
* @author monzillo
- *
- * The methods of this interface are used by containers to create policy statements in a Policy provider. An
- * object that implements the PolicyConfiguration interface provides the policy statement configuration
- * interface for a corresponding policy context within the corresponding Policy provider.
- *
*/
public class SimplePolicyConfiguration implements PolicyConfiguration {
@@ -58,22 +58,25 @@
public static final int INSERVICE_STATE = 2;
public static final int DELETED_STATE = 3;
private static final Permission setPolicyPermission = new java.security.SecurityPermission("setPolicy");
- private String id;
+ private String contextId;
private int state = OPEN_STATE;
// Excluded permissions
- private PermissionCollection excludedPermissions = null;
+ private PermissionCollection excludedPermissions;
+
// Unchecked permissions
- private PermissionCollection uncheckedPermissions = null;
+ private PermissionCollection uncheckedPermissions;
+
// roleTbale mapps permissions and principals to roles.
private ArrayList<Role> roleTable = null;
+
// Lock on this PolicyConfiguration onject
private ReentrantReadWriteLock pcLock = new ReentrantReadWriteLock(true);
private Lock pcrLock = pcLock.readLock();
private Lock pcwLock = pcLock.writeLock();
static {
- // register a role mapper
+ // Register a role mapper
try {
String className = System.getProperty(JACCRoleMapper.CLASS_NAME);
if (className != null || !PolicyContext.getHandlerKeys().contains(JACCRoleMapper.HANDLER_KEY)) {
@@ -82,9 +85,8 @@
className = packageName + "." + "GlassfishRoleMapper";
}
- ClassLoader loader = Thread.currentThread().getContextClassLoader();
- Class clazz = loader.loadClass(className);
- final Constructor ctx = clazz.getConstructor(new Class[] { Logger.class });
+ Constructor<?> constructor = Thread.currentThread().getContextClassLoader().loadClass(className)
+ .getConstructor(new Class[] { Logger.class });
PolicyContext.registerHandler(JACCRoleMapper.HANDLER_KEY, new PolicyContextHandler() {
@@ -92,7 +94,7 @@
public Object getContext(String key, Object data) throws PolicyContextException {
if (key.equals(JACCRoleMapper.HANDLER_KEY)) {
try {
- return ctx.newInstance(new Object[] { SharedState.getLogger() });
+ return constructor.newInstance(new Object[] { SharedState.getLogger() });
} catch (Throwable t) {
throw new PolicyContextException(t);
}
@@ -121,27 +123,26 @@
* Creates a new instance of SimplePolicyConfiguration
*/
protected SimplePolicyConfiguration(String contextID) {
- id = contextID;
+ this.contextId = contextID;
}
-// Public Policy Configuration Interfaces Start here
+ // ### Public Policy Configuration Interfaces Start here ###
+
/**
* This method returns this object's policy context identifier.
*
* @return this object's policy context identifier.
*
- * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
* @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the getContextID method signature. The
- * exception thrown by the implementation class will be
- * encapsulated (during construction) in the thrown
- * PolicyContextException.
+ * been accounted for by the getContextID method signature. The exception thrown by the implementation class will be
+ * encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
public String getContextID() throws jakarta.security.jacc.PolicyContextException {
- return id;
+ return contextId;
}
/**
@@ -152,23 +153,20 @@
* "mapped to the role".
* <P>
*
- * @param roleName the name of the Role to which the permissions are to be added.
- * <P>
+ * @param roleName the name of the Role to which the permissions are to be added.
+ * <P>
* @param permissions the collection of permissions to be added to the role. The collection may be either a homogenous
- * or heterogenous collection.
+ * or heterogenous collection.
*
- * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
- * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
- * PolicyConfiguration Object is "deleted" or "inService" when this
- * method is called.
+ * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
+ * PolicyConfiguration Object is "deleted" or "inService" when this method is called.
*
* @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the addToRole method signature. The
- * exception thrown by the implementation class will be
- * encapsulated (during construction) in the thrown
- * PolicyContextException.
+ * been accounted for by the addToRole method signature. The exception thrown by the implementation class will be
+ * encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
public void addToRole(String roleName, PermissionCollection permissions) throws jakarta.security.jacc.PolicyContextException {
@@ -177,8 +175,7 @@
try {
assertStateIsOpen();
if (roleName != null && permissions != null) {
- Role role = getRole(roleName);
- role.addPermissions(permissions);
+ getRole(roleName).addPermissions(permissions);
}
} finally {
pcwLock.unlock();
@@ -194,22 +191,19 @@
* "mapped to the role".
* <P>
*
- * @param roleName the name of the Role to which the permission is to be added.
- * <P>
+ * @param roleName the name of the Role to which the permission is to be added.
+ * <P>
* @param permission the permission to be added to the role.
*
- * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
- * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
- * PolicyConfiguration Object is "deleted" or "inService" when this
- * method is called.
+ * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
+ * PolicyConfiguration Object is "deleted" or "inService" when this method is called.
*
* @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the addToRole method signature. The
- * exception thrown by the implementation class will be
- * encapsulated (during construction) in the thrown
- * PolicyContextException.
+ * been accounted for by the addToRole method signature. The exception thrown by the implementation class will be
+ * encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
public void addToRole(String roleName, Permission permission) throws jakarta.security.jacc.PolicyContextException {
@@ -218,8 +212,7 @@
try {
assertStateIsOpen();
if (roleName != null && permission != null) {
- Role role = getRole(roleName);
- role.addPermission(permission);
+ getRole(roleName).addPermission(permission);
}
} finally {
pcwLock.unlock();
@@ -232,20 +225,17 @@
* <P>
*
* @param permissions the collection of permissions to be added as unchecked policy statements. The collection may be
- * either a homogenous or heterogenous collection.
+ * either a homogenous or heterogenous collection.
*
- * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
- * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
- * PolicyConfiguration Object is "deleted" or "inService" when this
- * method is called.
+ * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
+ * PolicyConfiguration Object is "deleted" or "inService" when this method is called.
*
* @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the addToUncheckedPolicy method signature.
- * The exception thrown by the implementation class will be
- * encapsulated (during construction) in the thrown
- * PolicyContextException.
+ * been accounted for by the addToUncheckedPolicy method signature. The exception thrown by the implementation class
+ * will be encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
public void addToUncheckedPolicy(PermissionCollection permissions) throws jakarta.security.jacc.PolicyContextException {
@@ -271,18 +261,15 @@
*
* @param permission the permission to be added to the unchecked policy statements.
*
- * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
- * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
- * PolicyConfiguration Object is "deleted" or "inService" when this
- * method is called.
+ * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
+ * PolicyConfiguration Object is "deleted" or "inService" when this method is called.
*
* @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the addToUncheckedPolicy method signature.
- * The exception thrown by the implementation class will be
- * encapsulated (during construction) in the thrown
- * PolicyContextException.
+ * been accounted for by the addToUncheckedPolicy method signature. The exception thrown by the implementation class
+ * will be encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
public void addToUncheckedPolicy(Permission permission) throws jakarta.security.jacc.PolicyContextException {
@@ -305,20 +292,17 @@
* <P>
*
* @param permissions the collection of permissions to be added to the excluded policy statements. The collection may be
- * either a homogenous or heterogenous collection.
+ * either a homogenous or heterogenous collection.
*
- * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
- * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
- * PolicyConfiguration Object is "deleted" or "inService" when this
- * method is called.
+ * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
+ * PolicyConfiguration Object is "deleted" or "inService" when this method is called.
*
* @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the addToExcludedPolicy method signature.
- * The exception thrown by the implementation class will be
- * encapsulated (during construction) in the thrown
- * PolicyContextException.
+ * been accounted for by the addToExcludedPolicy method signature. The exception thrown by the implementation class will
+ * be encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
public void addToExcludedPolicy(PermissionCollection permissions) throws jakarta.security.jacc.PolicyContextException {
@@ -344,18 +328,15 @@
*
* @param permission the permission to be added to the excluded policy statements.
*
- * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
- * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
- * PolicyConfiguration Object is "deleted" or "inService" when this
- * method is called.
+ * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
+ * PolicyConfiguration Object is "deleted" or "inService" when this method is called.
*
* @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the addToExcludedPolicy method signature.
- * The exception thrown by the implementation class will be
- * encapsulated (during construction) in the thrown
- * PolicyContextException.
+ * been accounted for by the addToExcludedPolicy method signature. The exception thrown by the implementation class will
+ * be encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
public void addToExcludedPolicy(Permission permission) throws jakarta.security.jacc.PolicyContextException {
@@ -379,18 +360,15 @@
*
* @param roleName the name of the Role to remove from this PolicyConfiguration.
*
- * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
- * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
- * PolicyConfiguration Object is "deleted" or "inService" when this
- * method is called.
+ * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
+ * PolicyConfiguration Object is "deleted" or "inService" when this method is called.
*
* @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the removeRole method signature. The
- * exception thrown by the implementation class will be
- * encapsulated (during construction) in the thrown
- * PolicyContextException.
+ * been accounted for by the removeRole method signature. The exception thrown by the implementation class will be
+ * encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
public void removeRole(String roleName) throws jakarta.security.jacc.PolicyContextException {
@@ -418,18 +396,15 @@
/**
* Used to remove any unchecked policy statements from this PolicyConfiguration.
*
- * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
- * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
- * PolicyConfiguration Object is "deleted" or "inService" when this
- * method is called.
+ * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
+ * PolicyConfiguration Object is "deleted" or "inService" when this method is called.
*
* @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the removeUncheckedPolicy method
- * signature. The exception thrown by the implementation class will
- * be encapsulated (during construction) in the thrown
- * PolicyContextException.
+ * been accounted for by the removeUncheckedPolicy method signature. The exception thrown by the implementation class
+ * will be encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
public void removeUncheckedPolicy() throws jakarta.security.jacc.PolicyContextException {
@@ -447,18 +422,15 @@
/**
* Used to remove any excluded policy statements from this PolicyConfiguration.
*
- * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
- * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
- * PolicyConfiguration Object is "deleted" or "inService" when this
- * method is called.
+ * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
+ * PolicyConfiguration Object is "deleted" or "inService" when this method is called.
*
* @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the removeExcludedPolicy method signature.
- * The exception thrown by the implementation class will be
- * encapsulated (during construction) in the thrown
- * PolicyContextException.
+ * been accounted for by the removeExcludedPolicy method signature. The exception thrown by the implementation class
+ * will be encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
public void removeExcludedPolicy() throws jakarta.security.jacc.PolicyContextException {
@@ -483,26 +455,23 @@
* <P>
*
* @param link a reference to a different PolicyConfiguration than this PolicyConfiguration.
- * <P>
- * The relationship formed by this method is symetric, transitive and idempotent. If the argument
- * PolicyConfiguration does not have a different Policy context identifier than this PolicyConfiguration no
- * relationship is formed, and an exception, as described below, is thrown.
+ * <P>
+ * The relationship formed by this method is symetric, transitive and idempotent. If the argument PolicyConfiguration
+ * does not have a different Policy context identifier than this PolicyConfiguration no relationship is formed, and an
+ * exception, as described below, is thrown.
*
- * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
- * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
- * PolicyConfiguration Object is "deleted" or "inService" when this
- * method is called.
+ * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
+ * PolicyConfiguration Object is "deleted" or "inService" when this method is called.
*
- * @throws java.lang.IllegalArgumentException if called with an argument PolicyConfiguration whose Policy
- * context is equivalent to that of this PolicyConfiguration.
+ * @throws java.lang.IllegalArgumentException if called with an argument PolicyConfiguration whose Policy context is
+ * equivalent to that of this PolicyConfiguration.
*
* @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the linkConfiguration method signature.
- * The exception thrown by the implementation class will be
- * encapsulated (during construction) in the thrown
- * PolicyContextException.
+ * been accounted for by the linkConfiguration method signature. The exception thrown by the implementation class will
+ * be encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
public void linkConfiguration(PolicyConfiguration link) throws jakarta.security.jacc.PolicyContextException {
@@ -519,7 +488,7 @@
* table. Niether event is likely, but we should try to properly serialize those events.
*/
- SharedState.link(id, link.getContextID());
+ SharedState.link(contextId, link.getContextID());
}
/**
@@ -530,19 +499,17 @@
* This operation has no affect on any linked PolicyConfigurations other than removing any links involving the deleted
* PolicyConfiguration.
*
- * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
* @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the delete method signature. The exception
- * thrown by the implementation class will be encapsulated (during
- * construction) in the thrown PolicyContextException.
+ * been accounted for by the delete method signature. The exception thrown by the implementation class will be
+ * encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
public void delete() throws jakarta.security.jacc.PolicyContextException {
-
checkSetPolicyPermission();
- SharedState.removeLinks(id);
+ SharedState.removeLinks(contextId);
/*
* final state will be unlinked and deleted
@@ -571,17 +538,15 @@
* When the state of a policy context is "inService", calling any method other than commit, delete, getContextID, or
* inService on its PolicyConfiguration Object will cause an UnsupportedOperationException to be thrown.
*
- * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
- * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
- * PolicyConfiguration Object is "deleted" when this method is
- * called.
+ * @throws java.lang.UnsupportedOperationException if the state of the policy context whose interface is this
+ * PolicyConfiguration Object is "deleted" when this method is called.
*
* @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the commit method signature. The exception
- * thrown by the implementation class will be encapsulated (during
- * construction) in the thrown PolicyContextException.
+ * been accounted for by the commit method signature. The exception thrown by the implementation class will be
+ * encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
public void commit() throws jakarta.security.jacc.PolicyContextException {
@@ -616,14 +581,12 @@
*
* @return true if the state of the associated policy context is "inService"; false otherwise.
*
- * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws java.lang.SecurityException if called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
* @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the inService method signature. The
- * exception thrown by the implementation class will be
- * encapsulated (during construction) in the thrown
- * PolicyContextException.
+ * been accounted for by the inService method signature. The exception thrown by the implementation class will be
+ * encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
public boolean inService() throws jakarta.security.jacc.PolicyContextException {
@@ -633,38 +596,38 @@
} finally {
pcrLock.unlock();
}
-
}
// Internal Policy Configuration interfaces start here
protected static SimplePolicyConfiguration getPolicyConfig(String pcid, boolean remove) throws PolicyContextException {
- SimplePolicyConfiguration pc = SharedState.getConfig(pcid, remove);
- pc.pcwLock.lock();
+ SimplePolicyConfiguration simplePolicyConfiguration = SharedState.getConfig(pcid, remove);
+ simplePolicyConfiguration.pcwLock.lock();
try {
if (remove) {
- pc.removePolicy();
+ simplePolicyConfiguration.removePolicy();
}
- pc.setState(OPEN_STATE);
+ simplePolicyConfiguration.setState(OPEN_STATE);
} finally {
- pc.pcwLock.unlock();
+ simplePolicyConfiguration.pcwLock.unlock();
}
- return pc;
+ return simplePolicyConfiguration;
}
protected static boolean inService(String pcid) throws jakarta.security.jacc.PolicyContextException {
- SimplePolicyConfiguration pc = SharedState.lookupConfig(pcid);
- if (pc == null) {
+ SimplePolicyConfiguration simplePolicyConfiguration = SharedState.lookupConfig(pcid);
+ if (simplePolicyConfiguration == null) {
return false;
}
- return pc.inService();
+
+ return simplePolicyConfiguration.inService();
}
protected static void checkSetPolicyPermission() {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(setPolicyPermission);
+ SecurityManager securityManager = System.getSecurityManager();
+ if (securityManager != null) {
+ securityManager.checkPermission(setPolicyPermission);
}
}
@@ -679,15 +642,13 @@
private void assertStateIsOpen() throws UnsupportedOperationException {
if (!stateIs(OPEN_STATE)) {
- String msg = "Operation invoked on closed or deleted PolicyConfiguration.";
- throw new UnsupportedOperationException(msg);
+ throw new UnsupportedOperationException("Operation invoked on closed or deleted PolicyConfiguration.");
}
}
private void assertStateIsInService() throws UnsupportedOperationException {
if (!stateIs(INSERVICE_STATE)) {
- String msg = "Operation invoked on open or deleted PolicyConfiguration.";
- throw new UnsupportedOperationException(msg);
+ throw new UnsupportedOperationException("Operation invoked on open or deleted PolicyConfiguration.");
}
}
@@ -695,6 +656,7 @@
if (uncheckedPermissions == null) {
uncheckedPermissions = new Permissions();
}
+
return uncheckedPermissions;
}
@@ -702,6 +664,7 @@
if (excludedPermissions == null) {
excludedPermissions = new Permissions();
}
+
return excludedPermissions;
}
@@ -752,6 +715,7 @@
if (t instanceof PolicyContextException) {
throw (PolicyContextException) t;
}
+
throw new PolicyContextException(t);
}
@@ -759,16 +723,17 @@
try {
if (roleTable != null) {
for (Role role : roleTable) {
- role.setPrincipals(roleMapper.getPrincipalsInRole(id, role.getName()));
+ role.setPrincipals(roleMapper.getPrincipalsInRole(contextId, role.getName()));
}
+
/**
* JACC MR8 add handling for the any authenticated user role '**'
*/
- Role rvalue = new Role("**");
- int index = roleTable.indexOf(rvalue);
+ Role anyAuthRole = new Role("**");
+ int index = roleTable.indexOf(anyAuthRole);
if (index != -1) {
- rvalue = roleTable.get(index);
- rvalue.determineAnyAuthenticatedUserRole();
+ anyAuthRole = roleTable.get(index);
+ anyAuthRole.determineAnyAuthenticatedUserRole();
}
}
} finally {
@@ -776,21 +741,24 @@
}
}
-// Public Policy Enforcement Interfaces Start here
+
+ // ### Public Policy Enforcement Interfaces Start here ###
+
+
/**
* Evaluates the global policy and returns a PermissionCollection object specifying the set of permissions allowed for
* code from the specified code source.
*
* @param codeSource the CodeSource associated with the caller. This encapsulates the original location of the code
- * (where the code came from) and the public key(s) of its signer.
+ * (where the code came from) and the public key(s) of its signer.
*
* @return the set of permissions allowed for code from <i>codesource</i> according to the policy.The returned set of
- * permissions must be a new mutable instance and it must support heterogeneous Permission types.
+ * permissions must be a new mutable instance and it must support heterogeneous Permission types.
*
*/
public static PermissionCollection getPermissions(PermissionCollection basePerms, CodeSource codesource) throws PolicyContextException {
- SimplePolicyConfiguration pc = SharedState.getActiveConfig();
- return pc == null ? basePerms : pc.getPermissions(basePerms, (PermissionCollection) null, new Principal[0]);
+ SimplePolicyConfiguration policyConfiguration = SharedState.getActiveConfig();
+ return policyConfiguration == null ? basePerms : policyConfiguration.getPermissions(basePerms, (PermissionCollection) null, new Principal[0]);
}
/**
@@ -800,44 +768,48 @@
* @param domain the ProtectionDomain associated with the caller.
*
* @return the set of permissions allowed for the <i>domain</i> according to the policy.The returned set of permissions
- * must be a new mutable instance and it must support heterogeneous Permission types.
+ * must be a new mutable instance and it must support heterogeneous Permission types.
*
* @see java.security.ProtectionDomain
* @see java.security.SecureClassLoader
* @since 1.4
*/
- public static PermissionCollection getPermissions(PermissionCollection basePerms, ProtectionDomain domain)
- throws PolicyContextException {
- SimplePolicyConfiguration pc = SharedState.getActiveConfig();
- return pc == null ? basePerms : pc.getPermissions(basePerms, domain.getPermissions(), domain.getPrincipals());
+ public static PermissionCollection getPermissions(PermissionCollection basePerms, ProtectionDomain domain) throws PolicyContextException {
+ SimplePolicyConfiguration policyConfiguration = SharedState.getActiveConfig();
+ return policyConfiguration == null ? basePerms : policyConfiguration.getPermissions(basePerms, domain.getPermissions(), domain.getPrincipals());
}
/**
* Evaluates the policy to determine whether the permissions is granted to the ProtectionDomain.
*
- * @param domain the ProtectionDomain to test
+ * @param domain the ProtectionDomain to test
* @param permission the Permission object to be tested for implication.
*
* @return integer -1 if excluded, 0 if not implied, 1 if implied granted to this ProtectionDomain.
*
*/
public static int implies(ProtectionDomain domain, Permission p) throws PolicyContextException {
- SimplePolicyConfiguration pc = SharedState.getActiveConfig();
- return (pc == null ? 0 : pc.doImplies(domain, p));
+ SimplePolicyConfiguration policyConfiguration = SharedState.getActiveConfig();
+ return policyConfiguration == null ? 0 : policyConfiguration.doImplies(domain, p);
}
-// Internal Policy Enforcement Interfaces Start here
- private boolean permIsExcluded(Permission p) {
+
+
+ // ### Internal Policy Enforcement Interfaces Start here ###
+
+
+ private boolean permissionIsExcluded(Permission testedPermission) {
boolean isExcluded = false;
+
if (hasExcludedPermissions()) {
- if (!getExcludedPermissions().implies(p)) {
+ if (!getExcludedPermissions().implies(testedPermission)) {
/*
* this loop ensures that the tested perm does not imply an excluded perm; in which case it must be excluded
*/
- Enumeration e = excludedPermissions.elements();
+ Enumeration<Permission> e = excludedPermissions.elements();
while (e.hasMoreElements()) {
Permission excludedPerm = (Permission) e.nextElement();
- if (p.implies(excludedPerm)) {
+ if (testedPermission.implies(excludedPerm)) {
isExcluded = true;
break;
}
@@ -848,30 +820,31 @@
}
}
+
return isExcluded;
}
/**
- * @param d
- * @param p
+ * @param protectionDomain
+ * @param permission
* @return integer -1 if excluded, 0 if not implied, 1 if implied.
* @throws jakarta.security.jacc.PolicyContextException
*/
- private int doImplies(ProtectionDomain d, Permission p) throws PolicyContextException {
+ private int doImplies(ProtectionDomain protectionDomain, Permission permission) throws PolicyContextException {
pcrLock.lock();
int rvalue = 0;
try {
assertStateIsInService();
- if (permIsExcluded(p)) {
+ if (permissionIsExcluded(permission)) {
rvalue = -1;
- } else if (getUncheckedPermissions().implies(p)) {
+ } else if (getUncheckedPermissions().implies(permission)) {
rvalue = 1;
} else if (roleTable != null) {
- Principal principals[] = d.getPrincipals();
+ Principal principals[] = protectionDomain.getPrincipals();
if (principals.length == 0) {
rvalue = 0;
@@ -879,7 +852,7 @@
} else {
for (Role role : roleTable) {
- if (role.arePrincipalsInRole(principals) && role.implies(p)) {
+ if (role.arePrincipalsInRole(principals) && role.implies(permission)) {
rvalue = 1;
break;
}
@@ -913,76 +886,75 @@
pcrLock.lock();
try {
assertStateIsInService();
- Permissions c = null;
+ Permissions permissions = null;
boolean hasExcludes = hasExcludedPermissions();
if (basePerms != null) {
- for (Enumeration e = basePerms.elements(); e.hasMoreElements();) {
- Permission p = (Permission) e.nextElement();
- if (!hasExcludes || !permIsExcluded(p)) {
- if (c == null) {
- c = new Permissions();
+ for (Enumeration<Permission> e = basePerms.elements(); e.hasMoreElements();) {
+ Permission permission = e.nextElement();
+ if (!hasExcludes || !permissionIsExcluded(permission)) {
+ if (permissions == null) {
+ permissions = new Permissions();
}
- c.add(p);
+ permissions.add(permission);
}
}
}
if (domainPerms != null) {
- for (Enumeration e = domainPerms.elements(); e.hasMoreElements();) {
- Permission p = (Permission) e.nextElement();
- if (!hasExcludes || !permIsExcluded(p)) {
- if (c == null) {
- c = new Permissions();
+ for (Enumeration<Permission> e = domainPerms.elements(); e.hasMoreElements();) {
+ Permission permission = e.nextElement();
+ if (!hasExcludes || !permissionIsExcluded(permission)) {
+ if (permissions == null) {
+ permissions = new Permissions();
}
- c.add(p);
+ permissions.add(permission);
}
}
}
- for (Enumeration e = getUncheckedPermissions().elements(); e.hasMoreElements();) {
- Permission p = (Permission) e.nextElement();
- if (!hasExcludes || !permIsExcluded(p)) {
- if (c == null) {
- c = new Permissions();
+ for (Enumeration<Permission> e = getUncheckedPermissions().elements(); e.hasMoreElements();) {
+ Permission permission = e.nextElement();
+ if (!hasExcludes || !permissionIsExcluded(permission)) {
+ if (permissions == null) {
+ permissions = new Permissions();
}
- c.add(p);
+ permissions.add(permission);
}
}
if (principals.length == 0 || roleTable == null) {
- return c;
+ return permissions;
}
for (Role role : roleTable) {
if (role.arePrincipalsInRole(principals)) {
- PermissionCollection rc = role.getPermissions();
- for (Enumeration e = rc.elements(); e.hasMoreElements();) {
- Permission p = (Permission) e.nextElement();
- if (!hasExcludes || !permIsExcluded(p)) {
- if (c == null) {
- c = new Permissions();
+ PermissionCollection permissionCollection = role.getPermissions();
+ for (Enumeration<Permission> e = permissionCollection.elements(); e.hasMoreElements();) {
+ Permission permission = e.nextElement();
+ if (!hasExcludes || !permissionIsExcluded(permission)) {
+ if (permissions == null) {
+ permissions = new Permissions();
}
- c.add(p);
+ permissions.add(permission);
}
}
}
}
- return c;
+ return permissions;
} catch (UnsupportedOperationException uso) {
throw new PolicyContextException(uso);
} finally {
pcrLock.unlock();
}
-
}
/**
@@ -1037,23 +1009,24 @@
}
private static boolean permissionShouldBeLogged(Permission p) {
- return !(p instanceof WebResourcePermission) && !(p instanceof WebUserDataPermission) && !(p instanceof MBeanPermission)
- && !(p instanceof WebRoleRefPermission) && !(p instanceof EJBRoleRefPermission);
+ return
+ !(p instanceof WebResourcePermission) &&
+ !(p instanceof WebUserDataPermission) &&
+ !(p instanceof MBeanPermission) &&
+ !(p instanceof WebRoleRefPermission) &&
+ !(p instanceof EJBRoleRefPermission);
}
static void logAccessFailure(ProtectionDomain d, Permission p) {
-
if (permissionShouldBeLogged(p) || SharedState.getLogger().isLoggable(Level.FINE)) {
-
- String id = PolicyContext.getContextID();
- doPrivilegedLog(Level.FINE, "Domain.that.failed", new Object[] { id, p, d });
+ String contextId = PolicyContext.getContextID();
+ doPrivilegedLog(Level.FINE, "Domain.that.failed", new Object[] { contextId, p, d });
}
-
}
static void logException(Level l, String msg, Throwable t) {
- String id = PolicyContext.getContextID();
- doPrivilegedLog(l, msg, new Object[] { id });
+ String contextId = PolicyContext.getContextID();
+ doPrivilegedLog(l, msg, new Object[] { contextId });
doPrivilegedLog(l, msg, t);
}
}
diff --git a/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SimplePolicyConfigurationFactory.java b/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SimplePolicyConfigurationFactory.java
index cddf011..489ae7b 100644
--- a/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SimplePolicyConfigurationFactory.java
+++ b/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SimplePolicyConfigurationFactory.java
@@ -18,12 +18,14 @@
import jakarta.security.jacc.PolicyConfiguration;
import jakarta.security.jacc.PolicyConfigurationFactory;
+import jakarta.security.jacc.PolicyContextException;
/**
* Abstract factory and finder class for obtaining the instance of the class that implements the
* PolicyConfigurationFactory of a provider. The factory will be used to instantiate PolicyConfiguration objects that
* will be used by the deployment tools of the container to create and manage policy contexts within the Policy
* Provider.
+ *
* <P>
* Implementation classes must have a public no argument constructor that may be used to create an operational instance
* of the factory implementation class.
@@ -35,76 +37,66 @@
*/
public class SimplePolicyConfigurationFactory extends PolicyConfigurationFactory {
- /** Creates a new instance of SimplePolicyConfigurationFactory */
- public SimplePolicyConfigurationFactory() {
- }
-
/**
* This method is used to obtain an instance of the provider specific class that implements the PolicyConfiguration
* interface that corresponds to the identified policy context within the provider. The methods of the
* PolicyConfiguration interface are used to define the policy statements of the identified policy context.
+ *
* <P>
* If at the time of the call, the identified policy context does not exist in the provider, then the policy context
* will be created in the provider and the Object that implements the context's PolicyConfiguration Interface will be
* returned. If the state of the identified context is "deleted" or "inService" it will be transitioned to the "open"
* state as a result of the call. The states in the lifecycle of a policy context are defined by the PolicyConfiguration
* interface.
+ *
* <P>
* For a given value of policy context identifier, this method must always return the same instance of
* PolicyConfiguration and there must be at most one actual instance of a PolicyConfiguration with a given policy
* context identifier (during a process context).
+ *
* <P>
* To preserve the invariant that there be at most one PolicyConfiguration object for a given policy context, it may be
* necessary for this method to be thread safe.
- * <P>
*
* @param contextID A String identifying the policy context whose PolicyConfiguration interface is to be returned. The
- * value passed to this parameter must not be null.
- * <P>
- * @param remove A boolean value that establishes whether or not the policy statements of an existing policy context
- * are to be removed before its PolicyConfiguration object is returned. If the value passed to this
- * parameter is true, the policy statements of an existing policy context will be removed. If the value
- * is false, they will not be removed.
+ * value passed to this parameter must not be null.
+ * @param remove A boolean value that establishes whether or not the policy statements of an existing policy context are
+ * to be removed before its PolicyConfiguration object is returned. If the value passed to this parameter is true, the
+ * policy statements of an existing policy context will be removed. If the value is false, they will not be removed.
*
* @return an Object that implements the PolicyConfiguration Interface matched to the Policy provider and corresponding
- * to the identified policy context.
+ * to the identified policy context.
*
- * @throws java.lang.SecurityException when called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws SecurityException when called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
- * @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the getPolicyConfiguration method
- * signature. The exception thrown by the implementation class will
- * be encapsulated (during construction) in the thrown
- * PolicyContextException.
+ * @throws PolicyContextException if the implementation throws a checked exception that has not
+ * been accounted for by the getPolicyConfiguration method signature. The exception thrown by the implementation class
+ * will be encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
- public PolicyConfiguration getPolicyConfiguration(String contextID, boolean remove)
- throws jakarta.security.jacc.PolicyContextException {
+ public PolicyConfiguration getPolicyConfiguration(String contextID, boolean remove) throws PolicyContextException {
return SimplePolicyConfiguration.getPolicyConfig(contextID, remove);
}
/**
* This method determines if the identified policy context exists with state "inService" in the Policy provider
* associated with the factory.
- * <P>
*
* @param contextID A string identifying a policy context
*
* @return true if the identified policy context exists within the provider and its state is "inService", false
- * otherwise.
+ * otherwise.
*
- * @throws java.lang.SecurityException when called by an AccessControlContext that has not been granted
- * the "setPolicy" SecurityPermission.
+ * @throws SecurityException when called by an AccessControlContext that has not been granted the "setPolicy"
+ * SecurityPermission.
*
- * @throws jakarta.security.jacc.PolicyContextException if the implementation throws a checked exception that has not
- * been accounted for by the inService method signature. The
- * exception thrown by the implementation class will be
- * encapsulated (during construction) in the thrown
- * PolicyContextException.
+ * @throws PolicyContextException if the implementation throws a checked exception that has not
+ * been accounted for by the inService method signature. The exception thrown by the implementation class will be
+ * encapsulated (during construction) in the thrown PolicyContextException.
*/
@Override
- public boolean inService(String contextID) throws jakarta.security.jacc.PolicyContextException {
+ public boolean inService(String contextID) throws PolicyContextException {
return SimplePolicyConfiguration.inService(contextID);
}
}
diff --git a/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SimplePolicyProvider.java b/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SimplePolicyProvider.java
index 146f441..d2f36f9 100644
--- a/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SimplePolicyProvider.java
+++ b/appserver/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/SimplePolicyProvider.java
@@ -34,23 +34,20 @@
public class SimplePolicyProvider extends Policy {
private static final String REUSE = "java.security.Policy.supportsReuse";
- Policy basePolicy;
+ private Policy basePolicy;
+
/**
* ThreadLocal object to keep track of the reentrancy status of each thread. It contains a byte[] object whose single
* element is either 0 (initial value or no reentrancy), or 1 (current thread is reentrant). When a thread exists the
* implies method, byte[0] is alwasy reset to 0.
*/
- private static ThreadLocal reentrancyStatus;
+ private static ThreadLocal<Object> reentrancyStatus = new ThreadLocal<>() {
+ @Override
+ protected synchronized Object initialValue() {
+ return new byte[] { 0 };
+ }
+ };
- static {
- reentrancyStatus = new ThreadLocal() {
-
- @Override
- protected synchronized Object initialValue() {
- return new byte[] { 0 };
- }
- };
- }
/**
* Create a new instance of SimplePolicyProvider delegates to existing policy provider unless one is not defined, in
@@ -72,21 +69,21 @@
* code from the specified code source.
*
* @param codesource the CodeSource associated with the caller. This encapsulates the original location of the code
- * (where the code came from) and the public key(s) of its signer.
+ * (where the code came from) and the public key(s) of its signer.
*
* @return the set of permissions allowed for code from <i>codesource</i> according to the policy.The returned set of
- * permissions must be a new mutable instance and it must support heterogeneous Permission types.
+ * permissions must be a new mutable instance and it must support heterogeneous Permission types.
*
*/
@Override
public PermissionCollection getPermissions(CodeSource codesource) {
- PermissionCollection pC = basePolicy.getPermissions(codesource);
+ PermissionCollection permissionCollection = basePolicy.getPermissions(codesource);
try {
- pC = SimplePolicyConfiguration.getPermissions(pC, codesource);
+ permissionCollection = SimplePolicyConfiguration.getPermissions(permissionCollection, codesource);
} catch (PolicyContextException pce) {
SimplePolicyConfiguration.logGetPermissionsFailure(codesource, pce);
}
- return pC;
+ return permissionCollection;
}
/**
@@ -96,7 +93,7 @@
* @param domain the ProtectionDomain associated with the caller.
*
* @return the set of permissions allowed for the <i>domain</i> according to the policy.The returned set of permissions
- * must be a new mutable instance and it must support heterogeneous Permission types.
+ * must be a new mutable instance and it must support heterogeneous Permission types.
*
* @see java.security.ProtectionDomain
* @see java.security.SecureClassLoader
@@ -104,20 +101,20 @@
*/
@Override
public PermissionCollection getPermissions(ProtectionDomain domain) {
- PermissionCollection pC = basePolicy.getPermissions(domain);
+ PermissionCollection permissionCollection = basePolicy.getPermissions(domain);
try {
- pC = SimplePolicyConfiguration.getPermissions(pC, domain);
+ permissionCollection = SimplePolicyConfiguration.getPermissions(permissionCollection, domain);
} catch (PolicyContextException pce) {
SimplePolicyConfiguration.logGetPermissionsFailure(domain, pce);
}
- return pC;
+ return permissionCollection;
}
/**
* Evaluates the global policy for the permissions granted to the ProtectionDomain and tests whether the permission is
* granted.
*
- * @param domain the ProtectionDomain to test
+ * @param domain the ProtectionDomain to test
* @param permission the Permission object to be tested for implication.
*
* @return true if "permission" is a proper subset of a permission granted to this ProtectionDomain.
@@ -139,7 +136,7 @@
}
}
- private boolean doImplies(final ProtectionDomain domain, final Permission permission) {
+ private boolean doImplies(ProtectionDomain domain, Permission permission) {
int result = -1;
try {
result = SimplePolicyConfiguration.implies(domain, permission);
@@ -186,6 +183,7 @@
throw new IllegalStateException(pce);
}
}
+
/*
* NB: Excluded perms should be removed from the collections returned by getPermissions. Permissions that imply excluded
* permissions should also be excluded. There is a potential semantic integrity issue if the exluded perms have been
diff --git a/appserver/security/webintegration/src/main/java/com/sun/web/security/RealmAdapter.java b/appserver/security/webintegration/src/main/java/com/sun/web/security/RealmAdapter.java
index 938f342..0289611 100644
--- a/appserver/security/webintegration/src/main/java/com/sun/web/security/RealmAdapter.java
+++ b/appserver/security/webintegration/src/main/java/com/sun/web/security/RealmAdapter.java
@@ -251,44 +251,42 @@
/**
* Create the realm adapter. Extracts the role to user/group mapping from the runtime deployment descriptor.
*
- * @param the web bundle deployment descriptor.
+ * @param the web bundle deployment descriptor.
* @param isSystemApp if the app is a system app.
*
- * public RealmAdapter(WebBundleDescriptor descriptor, boolean isSystemApp) { this(descriptor,
- * isSystemApp, null); }
+ * public RealmAdapter(WebBundleDescriptor descriptor, boolean isSystemApp) { this(descriptor, isSystemApp, null); }
*/
/**
* Create the realm adapter. Extracts the role to user/group mapping from the runtime deployment descriptor.
*
- * @param the web bundle deployment descriptor.
+ * @param the web bundle deployment descriptor.
* @param isSystemApp if the app is a system app.
- * @param realmName The realm name to use if the app does not specify its own
+ * @param realmName The realm name to use if the app does not specify its own
*
- * public RealmAdapter(WebBundleDescriptor descriptor, boolean isSystemApp, String realmName) {
+ * public RealmAdapter(WebBundleDescriptor descriptor, boolean isSystemApp, String realmName) {
*
- * this.isSystemApp = isSystemApp; webDesc = descriptor; Application app =
- * descriptor.getApplication(); mapper = app.getRoleMapper(); LoginConfiguration loginConfig =
- * descriptor.getLoginConfiguration(); _realmName = app.getRealm(); if (_realmName == null &&
- * loginConfig != null) { _realmName = loginConfig.getRealmName(); } if (realmName != null &&
- * (_realmName == null || _realmName.equals(""))) { _realmName = realmName; }
+ * this.isSystemApp = isSystemApp; webDesc = descriptor; Application app = descriptor.getApplication(); mapper =
+ * app.getRoleMapper(); LoginConfiguration loginConfig = descriptor.getLoginConfiguration(); _realmName =
+ * app.getRealm(); if (_realmName == null && loginConfig != null) { _realmName = loginConfig.getRealmName(); } if
+ * (realmName != null && (_realmName == null || _realmName.equals(""))) { _realmName = realmName; }
*
- * // BEGIN IASRI 4747594 CONTEXT_ID = WebSecurityManager.getContextID(descriptor); runAsPrincipals =
- * new HashMap(); Iterator bundle = webDesc.getWebComponentDescriptors().iterator();
+ * // BEGIN IASRI 4747594 CONTEXT_ID = WebSecurityManager.getContextID(descriptor); runAsPrincipals = new HashMap();
+ * Iterator bundle = webDesc.getWebComponentDescriptors().iterator();
*
- * while (bundle.hasNext()) {
+ * while (bundle.hasNext()) {
*
- * WebComponentDescriptor wcd = (WebComponentDescriptor) bundle.next(); RunAsIdentityDescriptor
- * runAsDescriptor = wcd.getRunAsIdentity();
+ * WebComponentDescriptor wcd = (WebComponentDescriptor) bundle.next(); RunAsIdentityDescriptor runAsDescriptor =
+ * wcd.getRunAsIdentity();
*
- * if (runAsDescriptor != null) { String principal = runAsDescriptor.getPrincipal(); String servlet =
- * wcd.getCanonicalName();
+ * if (runAsDescriptor != null) { String principal = runAsDescriptor.getPrincipal(); String servlet =
+ * wcd.getCanonicalName();
*
- * if (principal == null || servlet == null) { _logger.warning("web.realmadapter.norunas"); } else {
- * runAsPrincipals.put(servlet, principal); _logger.fine("Servlet " + servlet + " will run-as: " +
- * principal); } } } // END IASRI 4747594
+ * if (principal == null || servlet == null) { _logger.warning("web.realmadapter.norunas"); } else {
+ * runAsPrincipals.put(servlet, principal); _logger.fine("Servlet " + servlet + " will run-as: " + principal); } } } //
+ * END IASRI 4747594
*
- * this.appID = app.getRegistrationName(); // helper are set until setVirtualServer is invoked }
+ * this.appID = app.getRegistrationName(); // helper are set until setVirtualServer is invoked }
*/
@Override
@@ -356,10 +354,10 @@
* otherwise.
*
* @return true if the principal has the specified role.
- * @param request Request we are processing
+ * @param request Request we are processing
* @param response Response we are creating
- * @param the principal
- * @param the role
+ * @param the principal
+ * @param the role
*/
// START OF SJSAS 6232464
// public boolean hasRole(Principal principal, String role) {
@@ -867,10 +865,10 @@
* Perform access control based on the specified authorization constraint. Return <code>true</code> if this constraint
* is satisfied and processing should continue, or <code>false</code> otherwise.
*
- * @param request Request we are processing
- * @param response Response we are creating
+ * @param request Request we are processing
+ * @param response Response we are creating
* @param constraint Security constraint we are enforcing
- * @param The Context to which client of this class is attached.
+ * @param The Context to which client of this class is attached.
*
* @exception IOException if an input/output error occurs
*/
@@ -903,8 +901,8 @@
* Invokes WebSecurityManager to perform access control check. Return <code>true</code> if permission is granted, or
* <code>false</code> otherwise.
*
- * @param request Request we are processing
- * @param response Response we are creating
+ * @param request Request we are processing
+ * @param response Response we are creating
* @param constraints Security constraint we are enforcing
*
* @exception IOException if an input/output error occurs
@@ -985,14 +983,14 @@
/**
* Enforce any user data constraint required by the security constraint guarding this request URI.
*
- * @param request Request we are processing
- * @param response Response we are creating
+ * @param request Request we are processing
+ * @param response Response we are creating
* @param constraints Security constraint being checked
*
* @exception IOException if an input/output error occurs
*
* @return <code>true</code> if this constraint was not violated and processing should continue, or <code>false</code>
- * if we have created a response already
+ * if we have created a response already
*/
@Override
public boolean hasUserDataPermission(HttpRequest request, HttpResponse response, SecurityConstraint[] constraints) throws IOException {
@@ -1007,15 +1005,15 @@
*
* If a user-data-constraint exists that is not satisfied, then the given <tt>request</tt> will be redirected to HTTPS.
*
- * @param request the request that may be redirected
- * @param response the response that may be redirected
+ * @param request the request that may be redirected
+ * @param response the response that may be redirected
* @param constraints the security constraints to check against
- * @param uri the request URI (minus the context path) to check
- * @param method the request method to check
+ * @param uri the request URI (minus the context path) to check
+ * @param method the request method to check
*
* @return true if the request URI and method are not the target of any unsatisfied user-data-constraint with a
- * transport-guarantee of CONFIDENTIAL, and false if they are (in which case the given request will have been
- * redirected to HTTPS)
+ * transport-guarantee of CONFIDENTIAL, and false if they are (in which case the given request will have been redirected
+ * to HTTPS)
*/
@Override
public boolean hasUserDataPermission(HttpRequest request, HttpResponse response, SecurityConstraint[] constraints, String uri,
@@ -1236,15 +1234,15 @@
return "";
}
-// Function not required anymore.
-// private String getExtension(String uri) {
-// int index=uri.lastIndexOf(".");
-// if(index >= 0) {
-// return uri.substring(index);
-// } else {
-// return "";
-// }
-// }
+ // Function not required anymore.
+ // private String getExtension(String uri) {
+ // int index=uri.lastIndexOf(".");
+ // if(index >= 0) {
+ // return uri.substring(index);
+ // } else {
+ // return "";
+ // }
+ // }
/**
* Return a short name for this Realm Adapter implementation.
@@ -1318,13 +1316,13 @@
* Checks whether or not authentication is needed. Returns an int, one of AUTHENTICATE_NOT_NEEDED, AUTHENTICATE_NEEDED,
* or AUTHENTICATED_NOT_AUTHORIZED
*
- * @param request Request we are processing
- * @param response Response we are creating
- * @param constraints Security constraint we are enforcing
- * @param disableProxyCaching whether or not to disable proxy caching for protected resources.
+ * @param request Request we are processing
+ * @param response Response we are creating
+ * @param constraints Security constraint we are enforcing
+ * @param disableProxyCaching whether or not to disable proxy caching for protected resources.
* @param securePagesWithPragma true if we add headers which are incompatible with downloading office documents in IE
- * under SSL but which fix a caching problem in Mozilla.
- * @param ssoEnabled true if sso is enabled
+ * under SSL but which fix a caching problem in Mozilla.
+ * @param ssoEnabled true if sso is enabled
*
* @exception IOException if an input/output error occurs
*/
@@ -1390,9 +1388,9 @@
* any specified requirements have been satisfied, or <code>false</code> if we have created a response challenge
* already.
*
- * @param request Request we are processing
- * @param response Response we are creating
- * @param context The Context to which client of this class is attached.
+ * @param request Request we are processing
+ * @param response Response we are creating
+ * @param context The Context to which client of this class is attached.
* @param authenticantion the current authenticator.
* @exception IOException if an input/output error occurs
*/
@@ -1431,9 +1429,9 @@
/**
* Post authentication for given request and response.
*
- * @param request Request we are processing
+ * @param request Request we are processing
* @param response Response we are creating
- * @param context The Context to which client of this class is attached.
+ * @param context The Context to which client of this class is attached.
* @exception IOException if an input/output error occurs
*/
@Override
@@ -1763,7 +1761,7 @@
webDesc = (WebBundleDescriptor) descriptor;
Application app = webDesc.getApplication();
-// mapper = app.getRoleMapper();
+ // mapper = app.getRoleMapper();
LoginConfiguration loginConfig = webDesc.getLoginConfiguration();
_realmName = app.getRealm();
if (_realmName == null && loginConfig != null) {
diff --git a/appserver/security/webintegration/src/main/java/com/sun/web/security/SSLSocketFactory.java b/appserver/security/webintegration/src/main/java/com/sun/web/security/SSLSocketFactory.java
index b0ecded..3afe99d 100644
--- a/appserver/security/webintegration/src/main/java/com/sun/web/security/SSLSocketFactory.java
+++ b/appserver/security/webintegration/src/main/java/com/sun/web/security/SSLSocketFactory.java
@@ -144,10 +144,10 @@
}
// V3: to break dependency of SSLUtils on this class
-// public static void setManagers(KeyManager[] kmgrs, TrustManager[] tmgrs) {
-// keyManagers = kmgrs;
-// trustManagers = tmgrs;
-// }
+ // public static void setManagers(KeyManager[] kmgrs, TrustManager[] tmgrs) {
+ // keyManagers = kmgrs;
+ // trustManagers = tmgrs;
+ // }
// V3: Copied from SSLUtils to break dependency of SSLUtils on this class
public static synchronized void initStoresAtStartup() throws Exception {
if (initialized) {
diff --git a/appserver/security/webintegration/src/main/java/com/sun/web/security/WebProgrammaticLoginImpl.java b/appserver/security/webintegration/src/main/java/com/sun/web/security/WebProgrammaticLoginImpl.java
index b5ecb4e..01b4c22 100644
--- a/appserver/security/webintegration/src/main/java/com/sun/web/security/WebProgrammaticLoginImpl.java
+++ b/appserver/security/webintegration/src/main/java/com/sun/web/security/WebProgrammaticLoginImpl.java
@@ -69,13 +69,12 @@
* <P>
* Note also that this login does not hook up into SSO.
*
- * @param user User name to login.
+ * @param user User name to login.
* @param password User password.
- * @param request HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
+ * @param request HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
* @param response HTTP response object provided by called application. It should be an instance of HttpServletResponse.
- * This is not used currently.
- * @param realm the realm name to be authenticated to. If the realm is null, authentication takes place in default
- * realm
+ * This is not used currently.
+ * @param realm the realm name to be authenticated to. If the realm is null, authentication takes place in default realm
* @returns A Boolean object; true if login succeeded, false otherwise.
* @see com.sun.enterprise.security.ee.auth.login.ProgrammaticLogin
* @throws Exception on login failure.
@@ -153,9 +152,9 @@
/**
* Logout and remove principal in request and session.
*
- * @param request HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
+ * @param request HTTP request object provided by caller application. It should be an instance of HttpRequestFacade.
* @param response HTTP response object provided by called application. It should be an instance of HttpServletResponse.
- * This is not used currently.
+ * This is not used currently.
* @returns A Boolean object; true if login succeeded, false otherwise.
* @see com.sun.enterprise.security.ee.auth.login.ProgrammaticLogin
* @throws Exception any exception encountered during logout operation
