📄 localauthorizationsessionbean.java
字号:
/************************************************************************* * * * EJBCA: The OpenSource Certificate Authority * * * * This software is free software; you can redistribute it and/or * * modify it under the terms of the GNU Lesser General Public * * License as published by the Free Software Foundation; either * * version 2.1 of the License, or any later version. * * * * See terms of license at gnu.org. * * * *************************************************************************/package org.ejbca.core.ejb.authorization;import java.security.cert.X509Certificate;import java.sql.Connection;import java.sql.PreparedStatement;import java.sql.ResultSet;import java.util.ArrayList;import java.util.Collection;import java.util.HashSet;import java.util.Iterator;import java.util.Random;import javax.ejb.CreateException;import javax.ejb.EJBException;import javax.ejb.FinderException;import org.apache.commons.lang.StringUtils;import org.ejbca.core.ejb.BaseSessionBean;import org.ejbca.core.ejb.JNDINames;import org.ejbca.core.ejb.ServiceLocator;import org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionLocal;import org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionLocalHome;import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocal;import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocalHome;import org.ejbca.core.ejb.log.ILogSessionLocal;import org.ejbca.core.ejb.log.ILogSessionLocalHome;import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionLocal;import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionLocalHome;import org.ejbca.core.model.InternalResources;import org.ejbca.core.model.authorization.AccessRule;import org.ejbca.core.model.authorization.AdminEntity;import org.ejbca.core.model.authorization.AdminGroup;import org.ejbca.core.model.authorization.AdminGroupExistsException;import org.ejbca.core.model.authorization.AuthenticationFailedException;import org.ejbca.core.model.authorization.AuthorizationDeniedException;import org.ejbca.core.model.authorization.Authorizer;import org.ejbca.core.model.authorization.AvailableAccessRules;import org.ejbca.core.model.log.Admin;import org.ejbca.core.model.log.LogConstants;import org.ejbca.core.model.log.LogEntry;import org.ejbca.util.JDBCUtil;/** * Stores data used by web server clients. * Uses JNDI name for datasource as defined in env 'Datasource' in ejb-jar.xml. * * @version $Id: LocalAuthorizationSessionBean.java,v 1.10.2.1 2007/05/09 08:11:03 anatom Exp $ * * @ejb.bean * description="Session bean handling interface with ra authorization" * display-name="AuthorizationSessionSB" * name="AuthorizationSession" * jndi-name="AuthorizationSession" * local-jndi-name="AuthorizationSessionLocal" * view-type="both" * type="Stateless" * transaction-type="Container" * * @ejb.transaction type="Required" * * @weblogic.enable-call-by-reference True * * @ejb.env-entry * name="DataSource" * type="java.lang.String" * value="${datasource.jndi-name-prefix}${datasource.jndi-name}" * * @ejb.env-entry * description="Custom Available Access Rules, use ';' to separate multiple accessrules" * name="CustomAvailableAccessRules" * type="java.lang.String" * value="" * * @ejb.ejb-external-ref * description="The log session bean" * view-type="local" * ref-name="ejb/LogSessionLocal" * type="Session" * home="org.ejbca.core.ejb.log.ILogSessionLocalHome" * business="org.ejbca.core.ejb.log.ILogSessionLocal" * link="LogSession" * * @ejb.ejb-external-ref * description="The RA Session Bean" * view-type="local" * ref-name="ejb/RaAdminSessionLocal" * type="Session" * home="org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionLocalHome" * business="org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionLocal" * link="RaAdminSession" * * @ejb.ejb-external-ref * description="The CAAdmin Session Bean" * view-type="local" * ref-name="ejb/CAAdminSessionLocal" * type="Session" * home="org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionLocalHome" * business="org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionLocal" * link="CAAdminSession" * * @ejb.ejb-external-ref * description="The Certificate Store Session bean" * view-type="local" * ref-name="ejb/CertificateStoreSessionLocal" * type="Session" * home="org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocalHome" * business="org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocal" * link="CertificateStoreSession" * * @ejb.ejb-external-ref * description="Authorization Tree Update Bean" * view-type="local" * ref-name="ejb/AuthorizationTreeUpdateDataLocal" * type="Entity" * home="org.ejbca.core.ejb.authorization.AuthorizationTreeUpdateDataLocalHome" * business="org.ejbca.core.ejb.authorization.AuthorizationTreeUpdateDataLocal" * link="AuthorizationTreeUpdateData" * * @ejb.ejb-external-ref * description="Admin Groups" * view-type="local" * ref-name="ejb/AdminGroupDataLocal" * type="Entity" * home="org.ejbca.core.ejb.authorization.AdminGroupDataLocalHome" * business="org.ejbca.core.ejb.authorization.AdminGroupDataLocal" * link="AdminGroupData" * * @ejb.home * extends="javax.ejb.EJBHome" * local-extends="javax.ejb.EJBLocalHome" * local-class="org.ejbca.core.ejb.authorization.IAuthorizationSessionLocalHome" * remote-class="org.ejbca.core.ejb.authorization.IAuthorizationSessionHome" * * @ejb.interface * extends="javax.ejb.EJBObject" * local-extends="javax.ejb.EJBLocalObject" * local-class="org.ejbca.core.ejb.authorization.IAuthorizationSessionLocal" * remote-class="org.ejbca.core.ejb.authorization.IAuthorizationSessionRemote" * * @jonas.bean * ejb-name="AuthorizationSession" */public class LocalAuthorizationSessionBean extends BaseSessionBean { /** * Constant indicating minimum time between updates. In milliseconds */ public static final long MIN_TIME_BETWEEN_UPDATES = 60000 * 1; /** Internal localization of logs and errors */ private static final InternalResources intres = InternalResources.getInstance(); /** * The home interface of AdminGroupData entity bean */ private AdminGroupDataLocalHome admingrouphome = null; /** * The home interface of AuthorizationTreeUpdateData entity bean */ private AuthorizationTreeUpdateDataLocalHome authorizationtreeupdatehome = null; /** * help variable used to check that authorization trees is updated. */ private int authorizationtreeupdate = -1; /** * help variable used to control that update isn't performed to often. */ private long lastupdatetime = -1; /** * The local interface of log session bean */ private ILogSessionLocal logsession = null; /** * The local interface of raadmin session bean */ private IRaAdminSessionLocal raadminsession = null; /** * The local interface of ca admim session bean */ private ICAAdminSessionLocal caadminsession = null; /** * The local interface of certificate store session bean */ private ICertificateStoreSessionLocal certificatestoresession = null; private Authorizer authorizer = null; private String[] customaccessrules = null; private static final String DEFAULTGROUPNAME = "DEFAULT"; protected static final String PUBLICWEBGROUPNAME = "Public Web Users"; // protected so it's available for unit tests /** * Default create for SessionBean without any creation Arguments. * * @throws CreateException if bean instance can't be created */ public void ejbCreate() throws CreateException { debug(">ejbCreate()"); ServiceLocator locator = ServiceLocator.getInstance(); admingrouphome = (AdminGroupDataLocalHome) locator.getLocalHome(AdminGroupDataLocalHome.COMP_NAME); authorizationtreeupdatehome = (AuthorizationTreeUpdateDataLocalHome) locator.getLocalHome(AuthorizationTreeUpdateDataLocalHome.COMP_NAME); String customrules = locator.getString("java:comp/env/CustomAvailableAccessRules"); if (customrules == null) { customrules = ""; } customaccessrules = StringUtils.split(customrules, ';'); try { authorizer = new Authorizer(getAdminGroups(), admingrouphome, getLogSession(), getCertificateStoreSession(), getRaAdminSession(), getCAAdminSession(), new Admin(Admin.TYPE_INTERNALUSER), LogEntry.MODULE_AUTHORIZATION); } catch (Exception e) { throw new EJBException(e); } debug("<ejbCreate()"); } /** * Gets connection to log session bean * * @return Connection */ private ILogSessionLocal getLogSession() { if (logsession == null) { try { ILogSessionLocalHome logsessionhome = (ILogSessionLocalHome) ServiceLocator.getInstance().getLocalHome(ILogSessionLocalHome.COMP_NAME); logsession = logsessionhome.create(); } catch (Exception e) { throw new EJBException(e); } } return logsession; } //getLogSession /** * Gets connection to ra admin session bean * * @return Connection */ private IRaAdminSessionLocal getRaAdminSession() { if (raadminsession == null) { try { IRaAdminSessionLocalHome home = (IRaAdminSessionLocalHome) ServiceLocator.getInstance() .getLocalHome(IRaAdminSessionLocalHome.COMP_NAME); raadminsession = home.create(); } catch (Exception e) { throw new EJBException(e); } } return raadminsession; } //getRaAdminSession /** * Gets connection to certificate store session bean *⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -