Merge pull request #4621 from dmatej/CUSTCOM-133-fix-metrics-AND-jaspic

CUSTCOM-133 Fixed jaspic on domain nodes
payara · Apr 16, 2020 · 59906e0 · 59906e0
2 parents c252039 + 6a151e2
commit 59906e0
Show file tree

Hide file tree

Showing 4 changed files with 198 additions and 185 deletions.
diff --git a/appserver/ejb/ejb-container/src/main/java/org/glassfish/ejb/startup/EjbApplication.java b/appserver/ejb/ejb-container/src/main/java/org/glassfish/ejb/startup/EjbApplication.java
@@ -49,11 +49,13 @@
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
+import javax.inject.Inject;
+
 import com.sun.ejb.Container;
 import com.sun.ejb.ContainerFactory;
 import com.sun.ejb.containers.AbstractSingletonContainer;
 import com.sun.enterprise.deployment.Application;
-import com.sun.enterprise.security.PolicyLoader;
+import com.sun.enterprise.security.SecurityLifecycle;
 import com.sun.logging.LogDomains;
 import org.glassfish.api.deployment.ApplicationContainer;
 import org.glassfish.api.deployment.ApplicationContext;
@@ -88,6 +90,11 @@ public class EjbApplication
     private static final Logger _logger =
                 LogDomains.getLogger(EjbApplication.class, LogDomains.EJB_LOGGER);
 
+    // must be already set before using this service.
+    @SuppressWarnings("unused")
+    @Inject
+    private SecurityLifecycle securityLifecycle;
+
     private EjbBundleDescriptorImpl ejbBundle;
     private Collection<EjbDescriptor> ejbs;
     private Collection<Container> containers = new ArrayList<>();
@@ -98,8 +105,6 @@ public class EjbApplication
 
     private SingletonLifeCycleManager singletonLCM;
 
-    private PolicyLoader policyLoader;
-
     private boolean initializeInOrder;
 
     private volatile boolean started;
@@ -120,7 +125,6 @@ public EjbApplication(
         this.ejbAppClassLoader = cl;
         this.dc = dc;
         this.services = services;
-        this.policyLoader = services.getService(PolicyLoader.class);
         Application app = ejbBundle.getApplication();
         initializeInOrder = (app != null) && (app.isInitializeInOrder());
     }
@@ -208,8 +212,6 @@ boolean loadContainers(ApplicationContext startupContext) {
         }
 
         try {
-            policyLoader.loadPolicy();
-
             for (EjbDescriptor desc : ejbs) {
 
                 // Initialize each ejb container (setup component environment, register JNDI objects, etc.)

diff --git a/...ecurity/core-ee/src/main/java/com/sun/enterprise/security/ee/JavaEESecurityLifecycle.java b/...ecurity/core-ee/src/main/java/com/sun/enterprise/security/ee/JavaEESecurityLifecycle.java
@@ -37,66 +37,76 @@
  * only if the new code is made subject to such option by the copyright
  * holder.
  */
-// Portions Copyright [2018-2019] [Payara Foundation and/or its affiliates]
+// Portions Copyright [2018-2020] [Payara Foundation and/or its affiliates]
 package com.sun.enterprise.security.ee;
 
-import static java.util.logging.Level.WARNING;
-import static javax.security.auth.message.config.AuthConfigFactory.DEFAULT_FACTORY_SECURITY_PROPERTY;
+import com.sun.enterprise.security.ContainerSecurityLifecycle;
+import com.sun.enterprise.security.jaspic.config.GFAuthConfigFactory;
+import com.sun.logging.LogDomains;
 
 import java.security.Security;
 import java.util.logging.Logger;
 
 import javax.inject.Singleton;
 
+import org.glassfish.common.util.Constants;
 import org.glassfish.hk2.api.PostConstruct;
+import org.glassfish.hk2.api.Rank;
+import org.glassfish.internal.api.InitRunLevel;
 import org.jvnet.hk2.annotations.Service;
 
-import com.sun.enterprise.security.ContainerSecurityLifecycle;
-import com.sun.enterprise.security.jaspic.config.GFAuthConfigFactory;
-import com.sun.logging.LogDomains;
+import static java.util.logging.Level.WARNING;
+import static javax.security.auth.message.config.AuthConfigFactory.DEFAULT_FACTORY_SECURITY_PROPERTY;
+
 
 /**
- *
  * @author vbkumarjayanti
+ * @author David Matejcek
  */
+@InitRunLevel
+@Rank(Constants.IMPORTANT_RUN_LEVEL_SERVICE)
 @Service
 @Singleton
 public class JavaEESecurityLifecycle implements ContainerSecurityLifecycle, PostConstruct {
 
-    private static final Logger _logger = LogDomains.getLogger(JavaEESecurityLifecycle.class, LogDomains.SECURITY_LOGGER);
+    private static final Logger LOG = LogDomains.getLogger(JavaEESecurityLifecycle.class, LogDomains.SECURITY_LOGGER);
+
+    @Override
+    public void postConstruct() {
+        onInitialization();
+    }
+
 
     @Override
     public void onInitialization() {
-        java.lang.SecurityManager systemSecurityManager = System.getSecurityManager();
+        LOG.finest(() -> "Initializing " + getClass());
 
         // TODO: Need some way to not override the security manager if the EmbeddedServer was
         // run with a different non-default security manager.
         //
         // Right now there seems no way to find out if the security manager is the VM's default security manager.
+        final SecurityManager systemSecurityManager = System.getSecurityManager();
         if (systemSecurityManager != null && !(J2EESecurityManager.class.equals(systemSecurityManager.getClass()))) {
             J2EESecurityManager eeSecurityManager = new J2EESecurityManager();
             try {
                 System.setSecurityManager(eeSecurityManager);
+                LOG.config(() -> "System security manager has been set to " + eeSecurityManager);
             } catch (SecurityException ex) {
-                _logger.log(WARNING, "security.secmgr.could.not.override");
+                LOG.log(WARNING, "security.secmgr.could.not.override", ex);
             }
         }
-
         initializeJASPIC();
     }
 
     private void initializeJASPIC() {
         // Define default factory if it is not already defined.
         // The factory will be constructed on the first getFactory call.
-
-        String defaultFactory = Security.getProperty(DEFAULT_FACTORY_SECURITY_PROPERTY);
+        final String defaultFactory = Security.getProperty(DEFAULT_FACTORY_SECURITY_PROPERTY);
         if (defaultFactory == null) {
-            Security.setProperty(DEFAULT_FACTORY_SECURITY_PROPERTY, GFAuthConfigFactory.class.getName());
+            final String defaultAuthConfigProvideFactoryClassName = GFAuthConfigFactory.class.getName();
+            Security.setProperty(DEFAULT_FACTORY_SECURITY_PROPERTY, defaultAuthConfigProvideFactoryClassName);
+            LOG.config(() -> String.format("System JVM option '%s' has been set to '%s'",
+                DEFAULT_FACTORY_SECURITY_PROPERTY, defaultAuthConfigProvideFactoryClassName));
         }
     }
-
-    @Override
-    public void postConstruct() {
-        onInitialization();
-    }
 }