java/classes/org/w3c/jigsaw/acl/AclRealm.java - diff

Return to AclRealm.java CVS log

Up to [Public] / java / classes / org / w3c / jigsaw / acl

Diff for /java/classes/org/w3c/jigsaw/acl/AclRealm.java between versions 1.11 and 1.12

version 1.11, 2007/02/10 12:51:18	version 1.12, 2012/06/16 15:48:44
Line 30 import org.w3c.tools.resources.StringAtt	Line 30 import org.w3c.tools.resources.StringAtt
import org.w3c.tools.resources.StringArrayAttribute;	import org.w3c.tools.resources.StringArrayAttribute;

/**	/**
	* @author Benoît Mahé (bmahe@w3.org)
* @version $Revision$	* @version $Revision$
* @author Benoît Mahé (bmahe@w3.org)
*/	*/
public class AclRealm extends JAcl {	public class AclRealm extends JAcl {
/**	/**
Line 41 public class AclRealm extends JAcl {	Line 41 public class AclRealm extends JAcl {
/**	/**
* Attribute index - The list of allowed users.	* Attribute index - The list of allowed users.
*/	*/
protected static int ATTR_ALLOWED_USERS = -1 ;	protected static int ATTR_ALLOWED_USERS = -1;
/**	/**
* Attribute index - The methods protected by the filter.	* Attribute index - The methods protected by the filter.
*/	*/
protected static int ATTR_METHODS = -1 ;	protected static int ATTR_METHODS = -1;

static {	static {
Attribute a = null ;	Attribute a = null;
Class c = null ;	Class c = null;
try {	try {
c = Class.forName("org.w3c.jigsaw.acl.AclRealm");	c = Class.forName("org.w3c.jigsaw.acl.AclRealm");
} catch (Exception ex) {	} catch (Exception ex) {
ex.printStackTrace() ;	ex.printStackTrace();
System.exit(1) ;	System.exit(1);
}	}
// The realm name (to be resolved by the RealmFactory).	// The realm name (to be resolved by the RealmFactory).
a = new StringAttribute("realm"	a = new StringAttribute("realm"
, null	, null
, Attribute.EDITABLE\|Attribute.MANDATORY);	, Attribute.EDITABLE \| Attribute.MANDATORY);
ATTR_REALM = AttributeRegistry.registerAttribute(c, a) ;	ATTR_REALM = AttributeRegistry.registerAttribute(c, a);
// The list of allowed users	// The list of allowed users
a = new StringArrayAttribute("users"	a = new StringArrayAttribute("users"
, null	, null
, Attribute.EDITABLE) ;	, Attribute.EDITABLE);
ATTR_ALLOWED_USERS = AttributeRegistry.registerAttribute(c, a) ;	ATTR_ALLOWED_USERS = AttributeRegistry.registerAttribute(c, a);
// The protected methods	// The protected methods
a = new StringArrayAttribute("methods"	a = new StringArrayAttribute("methods"
, null	, null
, Attribute.EDITABLE) ;	, Attribute.EDITABLE);
ATTR_METHODS = AttributeRegistry.registerAttribute(c, a) ;	ATTR_METHODS = AttributeRegistry.registerAttribute(c, a);
}	}

/**	/**
* The IPMatcher to match IP templates to user records.	* The IPMatcher to match IP templates to user records.
*/	*/
protected IPMatcher ipmatcher = null ;	protected IPMatcher ipmatcher = null;
/**	/**
* The catalog of realms that make our scope.	* The catalog of realms that make our scope.
*/	*/
protected RealmsCatalog catalog = null ;	protected RealmsCatalog catalog = null;
/**	/**
* Our associated realm.	* Our associated realm.
*/	*/
protected ResourceReference rr_realm = null ;	protected ResourceReference rr_realm = null;
/**	/**
* The nam of the realm we cache in <code>realm</code>.	* The nam of the realm we cache in <code>realm</code>.
*/	*/
protected String loaded_realm = null ;	protected String loaded_realm = null;

protected Vector entries = null;	protected Vector entries = null;

/**	/**
* Get the list of methods that this filter protect	* Get the list of methods that this filter protect
	*
* @return An array of String giving the name of the protected methods,	* @return An array of String giving the name of the protected methods,
* or <strong>null</strong>, in wich case <em>all</em> methods are	* or <strong>null</strong>, in wich case <em>all</em> methods are
* to be protected.	* to be protected.
*/	*/
public String[] getMethods() {	public String[] getMethods() {
return (String[]) getValue(ATTR_METHODS, null) ;	return (String[]) getValue(ATTR_METHODS, null);
}	}

/**	/**
* Get the realm of this filter.	* Get the realm of this filter.
*/	*/
public String getRealm() {	public String getRealm() {
return (String) getValue(ATTR_REALM, null) ;	return (String) getValue(ATTR_REALM, null);
}	}

/**	/**
* Get the list of allowed users.	* Get the list of allowed users.
*/	*/
public String[] getAllowedUsers() {	public String[] getAllowedUsers() {
return (String[]) getValue(ATTR_ALLOWED_USERS, null) ;	return (String[]) getValue(ATTR_ALLOWED_USERS, null);
}	}

/**	/**
* Get a pointer to our realm, and initialize our ipmatcher.	* Get a pointer to our realm, and initialize our ipmatcher.
*/	*/
protected synchronized void acquireRealm() {	protected synchronized void acquireRealm() {
entries = new Vector(10);	entries = new Vector(10);
// Get our catalog:	// Get our catalog:
if ( catalog == null ) {	if (catalog == null) {
httpd server = (httpd)	httpd server = (httpd)
((FramedResource) getTargetResource()).getServer() ;	((FramedResource) getTargetResource()).getServer();
catalog = server.getRealmsCatalog() ;	catalog = server.getRealmsCatalog();
}	}
// Check that our realm name is valid:	// Check that our realm name is valid:
String name = getRealm() ;	String name = getRealm();
if ( name == null )	if (name == null)
return ;	return;
if ((rr_realm != null) && name.equals(loaded_realm))	if ((rr_realm != null) && name.equals(loaded_realm))
return ;	return;
// Load the realm and create the ipmtacher object	// Load the realm and create the ipmtacher object
rr_realm = catalog.loadRealm(name) ;	rr_realm = catalog.loadRealm(name);
if (rr_realm != null) {	if (rr_realm != null) {
try {	try {
AuthRealm realm = (AuthRealm) rr_realm.lock();	AuthRealm realm = (AuthRealm) rr_realm.lock();
Enumeration e = realm.enumerateUserNames() ;	Enumeration e = realm.enumerateUserNames();
while (e.hasMoreElements()) {	while (e.hasMoreElements()) {
String uname = (String) e.nextElement() ;	String uname = (String) e.nextElement();
ResourceReference rr_user = realm.loadUser(uname) ;	ResourceReference rr_user = realm.loadUser(uname);
try {	try {
AuthUser user = (AuthUser) rr_user.lock();	AuthUser user = (AuthUser) rr_user.lock();
createEntry(user);	createEntry(user);
} catch (InvalidResourceException ex) {	} catch (InvalidResourceException ex) {
System.out.println("Invalid user reference : "+uname);	System.out.println("Invalid user reference : " + uname);
} finally {	} finally {
rr_user.unlock();	rr_user.unlock();
}	}
}	}
} catch (InvalidResourceException ex) {	} catch (InvalidResourceException ex) {

} finally {	} finally {
rr_realm.unlock();	rr_realm.unlock();
}	}
}	}
}	}

/**	/**
* Is this user allowed in the realm ?	* Is this user allowed in the realm ?
	*
* @return A boolean <strong>true</strong> if access allowed.	* @return A boolean <strong>true</strong> if access allowed.
*/	*/
protected boolean checkUser(AuthUser user) {	protected boolean checkUser(AuthUser user) {
String allowed_users[] = getAllowedUsers() ;	String allowed_users[] = getAllowedUsers();
// Check in the list of allowed users:	// Check in the list of allowed users:
if ( allowed_users != null ) {	if (allowed_users != null) {
for (int i = 0 ; i < allowed_users.length ; i++) {	String uname = user.getName();
if (allowed_users[i].equals(user.getName()))	for (String user_name : allowed_users) {
return true ;	if (user_name.equals(uname))
}	return true;
} else {	}
//all users allowed	} else {
return true;	//all users allowed
}	return true;
return false;	}
	return false;
}	}

protected void createEntry(AuthUser user) {	protected void createEntry(AuthUser user) {
if (checkUser(user))	if (checkUser(user))
entries.addElement(new AuthUserPrincipal(user, getName()));	entries.addElement(new AuthUserPrincipal(user, getName()));
}	}

protected boolean hasPrincipal(Principal p) {	protected boolean hasPrincipal(Principal p) {
//test with equals...	//test with equals...
int idx = entries.indexOf(p);	int idx = entries.indexOf(p);
return (idx != -1);	return (idx != -1);
}	}

public boolean addOwner(Principal caller, Principal owner)	public boolean addOwner(Principal caller, Principal owner)
throws NotOwnerException	throws NotOwnerException {
{	throw new NotOwnerException();
throw new NotOwnerException();
}	}

public boolean deleteOwner(Principal caller, Principal owner)	public boolean deleteOwner(Principal caller, Principal owner)
throws NotOwnerException, LastOwnerException	throws NotOwnerException, LastOwnerException {
{	throw new NotOwnerException();
throw new NotOwnerException();
}	}

public boolean isOwner(Principal owner) {	public boolean isOwner(Principal owner) {
return false;	return false;
}	}

public void setName(Principal caller, String name)	public void setName(Principal caller, String name)
throws NotOwnerException	throws NotOwnerException {
{	throw new NotOwnerException();
throw new NotOwnerException();
}	}

public String getName() {	public String getName() {
return getRealm();	return getRealm();
}	}

public boolean addEntry(Principal caller, AclEntry entry)	public boolean addEntry(Principal caller, AclEntry entry)
throws NotOwnerException	throws NotOwnerException {
{	throw new NotOwnerException();
throw new NotOwnerException();
}	}

public boolean removeEntry(Principal caller, AclEntry entry)	public boolean removeEntry(Principal caller, AclEntry entry)
throws NotOwnerException	throws NotOwnerException {
{	throw new NotOwnerException();
throw new NotOwnerException();
}	}

public Enumeration getPermissions(Principal user) {	public Enumeration getPermissions(Principal user) {
return null;	return null;
}	}

public Enumeration entries() {	public Enumeration entries() {
return null;	return null;
}	}

public boolean checkPermission(Principal principal, Permission permission)	public boolean checkPermission(Principal principal, Permission permission) {
{	acquireRealm();
acquireRealm();	String methods[] = getMethods();
String methods[] = getMethods();	boolean methodprotected = false;
boolean methodprotected = false;	if (methods != null) {
if (methods != null) {	if (permission instanceof HTTPPermission) {
for (int i = 0 ; i < methods.length ; i++) {	HTTPPermission httpPermission = (HTTPPermission) permission;
if (permission.equals(methods[i]))	for (String method : methods) {
methodprotected = true;	if (httpPermission.equalsString(method)) {
}	methodprotected = true;
} else {	break;
methodprotected = true;	}
}	}
if (! methodprotected)	} else {
return true;	for (String method : methods) {
boolean granted = hasPrincipal(principal);	if (permission.equals(method)) {
if (granted) {	methodprotected = true;
// let's add the username there	break;
String username = principal.getName();	}
if (username != null) {	}
try {	}
HTTPPrincipal htp = (HTTPPrincipal)principal;	} else {
Request request = htp.getRequest();	methodprotected = true;
if (username != null) {	}
request.setState(AuthFilter.STATE_AUTHUSER, username);	if (!methodprotected) {
}	return true;
} catch (Exception ex) {	}
// was not an HTTPPrincipal	boolean granted = hasPrincipal(principal);
}	if (granted) {
}	// let's add the username there
}	String username = principal.getName();
return granted;	if (username != null) {
	try {
	HTTPPrincipal htp = (HTTPPrincipal) principal;
	Request request = htp.getRequest();
	request.setState(AuthFilter.STATE_AUTHUSER, username);
	} catch (Exception ex) {
	// was not an HTTPPrincipal
	}
	}
	}
	return granted;
}	}

public String toString() {	public String toString() {
return getName();	return getName();
}	}

/**	/**
* Initialize the Acl.	* Initialize the Acl.
*/	*/
public void initialize(Object values[]) {	public void initialize(Object values[]) {
super.initialize(values) ;	super.initialize(values);
}	}

}	}

Webmaster

Removed from v.1.11
changed lines
	Added in v.1.12