AccessCheckingInitialContextFactoryBuilder (RHQ Enterprise Container Library 4.5.1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.rhq.jndi
Class AccessCheckingInitialContextFactoryBuilder

java.lang.Object
  org.rhq.jndi.AccessCheckingInitialContextFactoryBuilder

All Implemented Interfaces:: InitialContextFactoryBuilder

public class AccessCheckingInitialContextFactoryBuilder
extends Object
implements InitialContextFactoryBuilder
extends Object
implements InitialContextFactoryBuilder

This initial context factory builder is installed early on during the RHQ server startup and is later on used for obtaining the Contexts for all JNDI lookups in the RHQ server.

We use a custom initial context factory builder to prevent the potential malicious 3rd party code (like CLI alert scripts) from supplying custom environment variables to InitialContext that would modify the JNDI lookup to skip our security access checks.

By using a builder we effectively take control of the initial context creation process and are free to ignore whatever the script is trying to supply.

This builder makes sure to install the RHQ server's security access checks to whatever initial context that is configured by the standard environment variables (Context.INITIAL_CONTEXT_FACTORY, etc.)

This class is heavily inspired by the implementation of a similar builder in JBoss AS 7.

Author:: Lukas Krejci
See Also:: AllowRhqServerInternalsAccessPermission

Constructor Summary
`AccessCheckingInitialContextFactoryBuilder()`

Method Summary
`InitialContextFactory`	`createInitialContextFactory(Hashtable<?,?> environment)` Create a InitialContext factory.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail