Annotation of java/classes/org/w3c/jigsaw/acl/AclRealm.java, revision 1.8
1.1 bmahe 1: // AclRealm.java
1.8 ! bmahe 2: // $Id: AclRealm.java,v 1.7 1999/04/27 14:20:43 bmahe Exp $
1.1 bmahe 3: // (c) COPYRIGHT MIT, INRIA and Keio, 1999.
4: // Please first read the full copyright statement in file COPYRIGHT.html
5:
6: package org.w3c.jigsaw.acl;
7:
8: import java.security.Principal;
9: import java.security.acl.AclEntry;
10: import java.security.acl.LastOwnerException;
11: import java.security.acl.NotOwnerException;
12: import java.security.acl.Permission;
1.3 bmahe 13: import java.util.Enumeration;
14: import java.util.Vector;
1.1 bmahe 15:
1.3 bmahe 16: import org.w3c.jigsaw.auth.AuthRealm;
17: import org.w3c.jigsaw.auth.AuthUser;
18: import org.w3c.jigsaw.auth.IPMatcher;
19: import org.w3c.jigsaw.auth.RealmsCatalog;
20: import org.w3c.jigsaw.http.httpd;
21:
22: import org.w3c.tools.resources.FramedResource;
23: import org.w3c.tools.resources.InvalidResourceException;
24: import org.w3c.tools.resources.ResourceReference;
25: import org.w3c.tools.resources.Attribute;
26: import org.w3c.tools.resources.AttributeRegistry;
27: import org.w3c.tools.resources.StringAttribute;
28: import org.w3c.tools.resources.StringArrayAttribute;
1.1 bmahe 29:
30: /**
1.8 ! bmahe 31: * @version $Revision: 1.7 $
1.1 bmahe 32: * @author Benoît Mahé (bmahe@w3.org)
33: */
34: public class AclRealm extends JAcl {
1.3 bmahe 35: /**
1.6 bmahe 36: * Attribute index - The realm name for this ACL.
37: */
38: protected static int ATTR_REALM = -1;
39: /**
40: * Attribute index - The list of allowed users.
41: */
42: protected static int ATTR_ALLOWED_USERS = -1 ;
43: /**
1.3 bmahe 44: * Attribute index - The methods protected by the filter.
45: */
46: protected static int ATTR_METHODS = -1 ;
1.2 bmahe 47:
1.3 bmahe 48: static {
49: Attribute a = null ;
50: Class c = null ;
51: try {
52: c = Class.forName("org.w3c.jigsaw.acl.AclRealm");
53: } catch (Exception ex) {
54: ex.printStackTrace() ;
55: System.exit(1) ;
56: }
1.6 bmahe 57: // The realm name (to be resolved by the RealmFactory).
58: a = new StringAttribute("realm"
59: , null
60: , Attribute.EDITABLE|Attribute.MANDATORY);
61: ATTR_REALM = AttributeRegistry.registerAttribute(c, a) ;
62: // The list of allowed users
63: a = new StringArrayAttribute("users"
64: , null
65: , Attribute.EDITABLE) ;
66: ATTR_ALLOWED_USERS = AttributeRegistry.registerAttribute(c, a) ;
1.3 bmahe 67: // The protected methods
68: a = new StringArrayAttribute("methods"
69: , null
70: , Attribute.EDITABLE) ;
71: ATTR_METHODS = AttributeRegistry.registerAttribute(c, a) ;
72: }
73:
74: /**
75: * The IPMatcher to match IP templates to user records.
76: */
77: protected IPMatcher ipmatcher = null ;
78: /**
79: * The catalog of realms that make our scope.
80: */
81: protected RealmsCatalog catalog = null ;
82: /**
83: * Our associated realm.
84: */
85: protected ResourceReference rr_realm = null ;
86: /**
87: * The nam of the realm we cache in <code>realm</code>.
88: */
89: protected String loaded_realm = null ;
90:
1.4 bmahe 91: protected Vector entries = null;
1.3 bmahe 92:
93: /**
94: * Get the list of methods that this filter protect
95: * @return An array of String giving the name of the protected methods,
96: * or <strong>null</strong>, in wich case <em>all</em> methods are
97: * to be protected.
98: */
99: public String[] getMethods() {
100: return (String[]) getValue(ATTR_METHODS, null) ;
101: }
102:
103: /**
104: * Get the realm of this filter.
105: */
106: public String getRealm() {
107: return (String) getValue(ATTR_REALM, null) ;
108: }
109:
110: /**
1.6 bmahe 111: * Get the list of allowed users.
112: */
113: public String[] getAllowedUsers() {
114: return (String[]) getValue(ATTR_ALLOWED_USERS, null) ;
115: }
116:
117: /**
1.3 bmahe 118: * Get a pointer to our realm, and initialize our ipmatcher.
119: */
1.4 bmahe 120: protected synchronized void acquireRealm() {
121: entries = new Vector(10);
1.3 bmahe 122: // Get our catalog:
123: if ( catalog == null ) {
124: httpd server = (httpd)
125: ((FramedResource) getTargetResource()).getServer() ;
126: catalog = server.getRealmsCatalog() ;
127: }
128: // Check that our realm name is valid:
129: String name = getRealm() ;
130: if ( name == null )
131: return ;
132: if ((rr_realm != null) && name.equals(loaded_realm))
133: return ;
134: // Load the realm and create the ipmtacher object
135: rr_realm = catalog.loadRealm(name) ;
136: if (rr_realm != null) {
137: try {
138: AuthRealm realm = (AuthRealm) rr_realm.lock();
139: Enumeration enum = realm.enumerateUserNames() ;
140: while (enum.hasMoreElements()) {
141: String uname = (String) enum.nextElement() ;
142: ResourceReference rr_user = realm.loadUser(uname) ;
143: try {
144: AuthUser user = (AuthUser) rr_user.lock();
1.4 bmahe 145: createEntry(user);
1.3 bmahe 146: } catch (InvalidResourceException ex) {
147: System.out.println("Invalid user reference : "+uname);
148: } finally {
149: rr_user.unlock();
150: }
151: }
152: } catch (InvalidResourceException ex) {
153:
154: } finally {
155: rr_realm.unlock();
156: }
157: }
158: }
159:
1.6 bmahe 160: /**
161: * Is this user allowed in the realm ?
162: * @return A boolean <strong>true</strong> if access allowed.
163: */
164: protected boolean checkUser(AuthUser user) {
165: String allowed_users[] = getAllowedUsers() ;
166: // Check in the list of allowed users:
167: if ( allowed_users != null ) {
168: for (int i = 0 ; i < allowed_users.length ; i++) {
169: if (allowed_users[i].equals(user.getName()))
170: return true ;
171: }
172: } else {
173: //all users allowed
174: return true;
175: }
176: return false;
177: }
178:
1.4 bmahe 179: protected void createEntry(AuthUser user) {
1.8 ! bmahe 180: if (checkUser(user))
! 181: entries.addElement(new AuthUserPrincipal(user, getName()));
1.4 bmahe 182: }
183:
184: protected boolean hasPrincipal(Principal p) {
185: //test with equals...
186: int idx = entries.indexOf(p);
187: return (idx != -1);
1.3 bmahe 188: }
1.1 bmahe 189:
190: public boolean addOwner(Principal caller, Principal owner)
191: throws NotOwnerException
192: {
1.7 bmahe 193: throw new NotOwnerException();
1.1 bmahe 194: }
195:
196: public boolean deleteOwner(Principal caller, Principal owner)
197: throws NotOwnerException, LastOwnerException
198: {
1.7 bmahe 199: throw new NotOwnerException();
1.1 bmahe 200: }
201:
202: public boolean isOwner(Principal owner) {
203: return false;
204: }
205:
206: public void setName(Principal caller, String name)
207: throws NotOwnerException
208: {
1.3 bmahe 209: throw new NotOwnerException();
1.1 bmahe 210: }
211:
212: public String getName() {
1.3 bmahe 213: return getRealm();
1.1 bmahe 214: }
215:
216: public boolean addEntry(Principal caller, AclEntry entry)
217: throws NotOwnerException
218: {
1.7 bmahe 219: throw new NotOwnerException();
1.1 bmahe 220: }
221:
222: public boolean removeEntry(Principal caller, AclEntry entry)
223: throws NotOwnerException
224: {
1.7 bmahe 225: throw new NotOwnerException();
1.1 bmahe 226: }
227:
228: public Enumeration getPermissions(Principal user) {
229: return null;
230: }
231:
232: public Enumeration entries() {
233: return null;
234: }
235:
236: public boolean checkPermission(Principal principal, Permission permission)
237: {
1.4 bmahe 238: acquireRealm();
1.3 bmahe 239: String methods[] = getMethods();
240: boolean methodprotected = false;
241: if (methods != null) {
242: for (int i = 0 ; i < methods.length ; i++) {
243: if (permission.equals(methods[i]))
244: methodprotected = true;
245: }
246: } else {
247: methodprotected = true;
248: }
249: if (! methodprotected)
250: return true;
1.4 bmahe 251: return hasPrincipal(principal);
1.1 bmahe 252: }
253:
254: public String toString() {
1.3 bmahe 255: return getName();
256: }
257:
258: /**
259: * Initialize the Acl.
260: */
261: public void initialize(Object values[]) {
262: super.initialize(values) ;
1.1 bmahe 263: }
264:
265: }
Webmaster