The JBoss Security Model

The security model in JBoss is based on the server container architecture's pluggable method interceptors. JBossSX integrates into the JBoss server through the server container interceptor chain. Container security is handled by the org.jboss.ejb.plugins.SecurityInterceptor class. The SecurityInterceptor class relies on implementations of three security interfaces:

package org.jboss.security; public interface EJBSecurityManager
{
    public boolean isValid(java.security.Principal principal, Object credential);
}
package org.jboss.security; public interface RealmMapping
{
    public java.security.Principal getPrincipal(java.security.Principal principal);
    public boolean doesUserHaveRole(java.security.Principal principal, Set roleNames);
}
package org.jboss.security; public interface SecurityProxy
{
    public void init(Class beanHome, Class beanRemote, Object securityMgr) throws InstantiationException;
    public void setEJBContext(EJBContext ctx);
    public void invokeHome(Method m, Object[] args) throws SecurityException;
    public void invoke(Method m, Object[] args, Object bean) throws SecurityException;
}

Security Interfaces

org.jboss.security.EJBSecurityManager

An interface responsible for validating credentials associated with principals. Principals are identities and include things like usernames, employee numbers, social security numbers, etc. Credentials are proof of the identity and include things like passwords, session keys, digital signatures, etc.

org.jboss.security.RealmMapping

An interface responsible for Principal mapping and role mapping. The getPrincipal method takes a user indentity as known in the operational environment and returns the application domain identity. The doesUserHaveRole method validates that the user identity in the operation environment has been assigned the indicated role from the application domain.

org.jboss.security.SecurityProxy

An interface describing the requirements for a SecurityInterceptor proxy. A SecurityProxy allows for the externalization of custom security checks on a per-method basis for both the EJB home and remote interface methods.

These interfaces can be used to integrate any security infrastructure. An overview of the components of the SecurityInterceptor is given in Figure 9.2.. An alternate view of the SecurityInterceptor elements in the form of a class diagram is given in Figure 9.3..

Figure 9.2. The SecurityInterceptor Model

Figure 9.3. The SecurityInterceptor Model

JBossSX includes a default implementation of the EJBSecurityManager and RealmMapping interfaces in a single implementation class: org.jboss.security.plugins.JaasSecurityManager. It is a JAAS based implementation that relies on JAAS LoginModules to establish the Principal identity and roles in the authenticated Subject Principals set. When using the JaasSecurityManager, integration with your security environments authentication and role mapping logic is achieved by writing custom javax.security.auth.spi.LoginModule implementations. The JaasSecurityManager will be discussed in detail in the next section.

Note that the security interfaces have no reliance on JAAS specific classes. If you don't want to use JAAS for your security implementation or integration you are free to write your own security manager implementation.