List of usage examples for javax.interceptor InvocationContext getTarget
public Object getTarget();
From source file:org.openhie.openempi.ejb.SpringInjectionInterceptor.java
@AroundInvoke public Object myBeanInterceptor(InvocationContext ctx) throws Exception { log.debug("Doing the AroundInvoke for bean: " + ctx.getTarget().getClass()); BaseSpringInjectableBean bean = (BaseSpringInjectableBean) ctx.getTarget(); bean.init();/*from w w w . jav a2s . c o m*/ return ctx.proceed(); }
From source file:org.rhq.enterprise.server.rest.ReportsInterceptor.java
@AroundInvoke public Object setCaller(final InvocationContext ctx) throws Exception { AbstractRestBean target = (AbstractRestBean) ctx.getTarget(); boolean fromRest = false; // If we are "forwarded" from the "normal" rest-api, we have a principal, that we can use java.security.Principal p = ejbContext.getCallerPrincipal(); if (p != null) { target.caller = subjectManager.getSubjectByName(p.getName()); fromRest = true;/*from www .jav a 2s . c om*/ } // If no caller was set from the "normal" api, we need to check if it is // available in cookies, as in this case we were invoked // from the Coregui reports function if (target.caller == null) { HttpServletRequest request = getRequest(ctx.getParameters()); if (request == null) { // TODO should we throw a different exception? String msg = "No " + HttpServletRequest.class.getName() + " parameter was found for " + getMethodName(ctx) + ". An " + HttpServletRequest.class.getName() + " parameter must be specified in order to support authentication"; log.error(msg); throw new OperationNotSupportedException(msg); } Subject subject = getSubject(request); if (subject == null) { throw new IllegalAccessException( "Failed to validate request: could not access subject for request URL " + request.getRequestURL()); } target.caller = subject; } // Invoke the target method Object result = ctx.proceed(); if (result instanceof StreamingOutput) { return new LoggingStreamingOutput((StreamingOutput) result, getMethodName(ctx)); } // TODO invalidate session? return result; }
From source file:org.rhq.enterprise.server.rest.ReportsInterceptor.java
private String getMethodName(InvocationContext ctx) { return ctx.getTarget().getClass().getName() + "." + ctx.getMethod().getName(); }
From source file:org.rhq.enterprise.server.rest.SetCallerInterceptor.java
/** * We need to take the Principal that was passed through the web-integration, * get an RHQ Subject and set a session for it. When the call was made, we need * to invalidate the session again./* www . java 2 s.c o m*/ * @param ctx InvocationContext from the EJB invocation chain * @return result of the method call * @throws Exception from method call or if no (valid) principal was provided */ @AroundInvoke public Object setCaller(InvocationContext ctx) throws Exception { Subject caller = null; java.security.Principal p = ejbContext.getCallerPrincipal(); if (!startupBean.isInitialized()) { String notInitMessage = "Tried to call REST endpoint but the server is not ready - still booting up"; log.debug(notInitMessage); return Response.status(Response.Status.SERVICE_UNAVAILABLE).header("Retry-After", "30") .entity(notInitMessage).build(); } if (p != null) { caller = subjectManager.getSubjectByName(p.getName()); } if (caller == null) { throw new IllegalAccessException("No calling principal provided"); } // Get Subject with a session caller = sessionManager.put(caller); // Provide it to the EJB AbstractRestBean target = (AbstractRestBean) ctx.getTarget(); target.caller = caller; // Call the EJBs Object result = ctx.proceed(); // if result is StreamingOutput, we do not want to invalidate the session until it // is finished writing the output; otherwise, any secure SLSB calls will fail. We // instead wrap the result in an instance of SecureStreamingOutput which // invalidates the session after the output has been written. if (result instanceof StreamingOutput) { return new SecureStreamingOutput((StreamingOutput) result, caller); } // Invalidate the session again. sessionManager.invalidate(caller.getSessionId()); return result; }
From source file:org.xlcloud.iam.EntitlementInterceptor.java
/** * It authorizes request, if the request is kind of * {@link RequestAwareResource}. See:/*from w ww. j a v a2 s .c o m*/ * {@link #authorizeRequest(InvocationContext)} * * @param invocationContext * invocation context * @return original invocation value * @throws Exception */ @AroundInvoke public Object setupEntitlement(InvocationContext invocationContext) throws Exception { if (invocationContext.getTarget() instanceof RequestAwareResource) { authorizeRequest(invocationContext); } return invocationContext.proceed(); }
From source file:org.xlcloud.iam.EntitlementInterceptor.java
/** * It authorizes the request within entitlement context. This method * retrieves following options from the session: - access token - action * name - resource path. Then it verifies if the user is allowed to access * the resource described by the retrieved options using: * {@link EntitlementValidator#validate()}. * // w ww .j a v a 2s .c o m * @param invocationContext * invocation context */ private void authorizeRequest(InvocationContext invocationContext) { LOG.debug("Intercepted request on resource - request will be authorized."); RequestAwareResource target = (RequestAwareResource) invocationContext.getTarget(); // set Auth Token if no header, throws exception entitlementCtx.setAccessToken(authTokenResolver.get(target)); String relativeRequestPath = target.getRelativeRequestPath(); if (relativeRequestPath.endsWith("/")) { relativeRequestPath = relativeRequestPath.substring(0, relativeRequestPath.length() - 1); } // set HTTP method String method = target.getHttpMethod(); entitlementCtx.setAction(method); // set Resource String predefinedPath = predefinedPaths.get(relativeRequestPath); if (StringUtils.isNotBlank(predefinedPath)) { entitlementCtx.setResource(predefinedPath); } else { entitlementCtx.setResource(target.normalizePath()); } try { // authorize the request within entitlement context entitlementValidator.validate(); } catch (ForbiddenException e) { // we don't want to expose the entitlement path // TODO ((ExceptionDetails) e.getResponse().getEntity()).setResource(target.getRelativeRequestPath()); throw e; } }
From source file:pl.setblack.airomem.direct.impl.ClassContext.java
public Object performTransaction(InvocationContext ctx) { final Method method = ctx.getMethod(); final OperationType opType = findRegistry().sayTypeOfMethod(method); if (opType == OperationType.WRITE) { return this.performTransaction(ctx.getTarget(), method, ctx.getParameters()); } else {/*from w w w . j a v a 2s . c o m*/ try { final SimpleController controller = PrevaylerRegister.getInstance() .getController(elem.getTargetType(), elem.getName()); inject(ctx.getTarget(), controller.query(immutable -> immutable)); return Politician.beatAroundTheBush(() -> ctx.proceed()); } finally { clean(ctx.getTarget()); } } }