1
|
1 /* AuthOps -- Authentication class implementation
|
|
2
|
|
3 Digital Image Library servlet components
|
|
4
|
|
5 Copyright (C) 2001, 2002 Robert Casties (robcast@mail.berlios.de)
|
|
6
|
|
7 This program is free software; you can redistribute it and/or modify it
|
|
8 under the terms of the GNU General Public License as published by the
|
|
9 Free Software Foundation; either version 2 of the License, or (at your
|
|
10 option) any later version.
|
|
11
|
|
12 Please read license.txt for the full details. A copy of the GPL
|
|
13 may be found at http://www.gnu.org/copyleft/lgpl.html
|
|
14
|
|
15 You should have received a copy of the GNU General Public License
|
|
16 along with this program; if not, write to the Free Software
|
|
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
18
|
|
19 */
|
|
20
|
|
21 package digilib.auth;
|
|
22
|
181
|
23 import java.util.List;
|
|
24 import java.util.ListIterator;
|
|
25
|
1
|
26 import javax.servlet.http.HttpServletRequest;
|
|
27
|
181
|
28 import org.apache.log4j.Logger;
|
|
29
|
73
|
30 import digilib.servlet.DigilibRequest;
|
1
|
31
|
73
|
32 /** Basic implementation of AuthOps interface.
|
|
33 *
|
|
34 * Provides basic implementations. Only rolesForPath needs to be implemented
|
|
35 * by specific implementations.
|
|
36 */
|
1
|
37 public abstract class AuthOpsImpl implements AuthOps {
|
|
38
|
181
|
39 /** general logger for this class */
|
|
40 protected Logger logger = Logger.getLogger(this.getClass());
|
|
41
|
73
|
42 /** Default constructor. */
|
1
|
43 public AuthOpsImpl() {
|
|
44 try {
|
|
45 init();
|
|
46 } catch (AuthOpException e) {
|
|
47 }
|
|
48 }
|
|
49
|
|
50
|
73
|
51 /** Test if the request is allowed to access filepath.
|
|
52 * @param filepath filepath to be acessed.
|
|
53 * @param request Request with user information.
|
|
54 * @throws AuthOpException Exception thrown on error.
|
|
55 * @return true if the request is allowed.
|
|
56 */
|
1
|
57 public boolean isAuthRequired(String filepath, HttpServletRequest request) throws AuthOpException {
|
|
58 // check permissions
|
|
59 List rolesRequired = rolesForPath(filepath, request);
|
|
60 return (rolesRequired != null);
|
|
61 }
|
|
62
|
73
|
63 /**
|
|
64 * @see digilib.auth.AuthOps#isAuthRequired(digilib.servlet.DigilibRequest)
|
|
65 */
|
|
66 public boolean isAuthRequired(DigilibRequest request)
|
|
67 throws AuthOpException {
|
|
68 // check permissions
|
|
69 List rolesRequired = rolesForPath(request);
|
|
70 return (rolesRequired != null);
|
|
71 }
|
|
72
|
|
73 /** Return authorization roles needed for request.
|
|
74 *
|
|
75 * Returns a list of authorization roles that would be allowed to access the
|
|
76 * specified path. The location information of the request is considered also.
|
|
77 * @param filepath filepath to be accessed.
|
|
78 * @param request ServletRequest with address information.
|
|
79 * @throws AuthOpException Exception thrown on error.
|
|
80 * @return List of Strings with role names.
|
|
81 */
|
1
|
82 public boolean isAuthorized(String filepath, HttpServletRequest request) throws AuthOpException {
|
|
83 List rolesAllowed = rolesForPath(filepath, request);
|
|
84 return isRoleAuthorized(rolesAllowed, request);
|
|
85 }
|
|
86
|
73
|
87 /**
|
|
88 * @see digilib.auth.AuthOps#isAuthorized(digilib.servlet.DigilibRequest)
|
|
89 */
|
|
90 public boolean isAuthorized(DigilibRequest request)
|
|
91 throws AuthOpException {
|
|
92 List rolesAllowed = rolesForPath(request);
|
|
93 return isRoleAuthorized(rolesAllowed, request);
|
|
94 }
|
|
95
|
|
96 /** Test request authorization against a list of roles.
|
|
97 * @param roles List of Strings with role names.
|
|
98 * @param request ServletRequest with address information.
|
|
99 * @return true if the user information in the request authorizes one of the roles.
|
|
100 */
|
1
|
101 public boolean isRoleAuthorized(List roles, HttpServletRequest request) {
|
|
102 ListIterator r = roles.listIterator();
|
|
103 String s = "";
|
|
104 while (r.hasNext()) {
|
|
105 s = (String)r.next();
|
181
|
106 logger.debug("Testing role: "+s);
|
1
|
107 if (request.isUserInRole(s)) {
|
181
|
108 logger.debug("Role Authorized");
|
1
|
109 return true;
|
|
110 }
|
|
111 }
|
|
112 return false;
|
|
113 }
|
|
114
|
73
|
115 /**
|
|
116 * @see digilib.auth.AuthOps#isRoleAuthorized(java.util.List, digilib.servlet.DigilibRequest)
|
|
117 */
|
|
118 public boolean isRoleAuthorized(List roles, DigilibRequest request) {
|
|
119 ListIterator r = roles.listIterator();
|
|
120 String s = "";
|
|
121 while (r.hasNext()) {
|
|
122 s = (String)r.next();
|
181
|
123 logger.debug("Testing role: "+s);
|
73
|
124 if (((HttpServletRequest)request.getServletRequest()).isUserInRole(s)) {
|
181
|
125 logger.debug("Role Authorized");
|
73
|
126 return true;
|
|
127 }
|
|
128 }
|
|
129 return false;
|
|
130 }
|
|
131
|
1
|
132 public abstract void init() throws AuthOpException;
|
|
133
|
|
134 public abstract List rolesForPath(String filepath, HttpServletRequest request) throws AuthOpException;
|
|
135
|
73
|
136 public abstract List rolesForPath(DigilibRequest request) throws AuthOpException;
|
|
137
|
1
|
138 }
|