1
|
1 /* XMLAuthOps -- Authentication class implementation using XML files
|
|
2
|
|
3 Digital Image Library servlet components
|
|
4
|
|
5 Copyright (C) 2001, 2002 Robert Casties (robcast@mail.berlios.de)
|
|
6
|
|
7 This program is free software; you can redistribute it and/or modify it
|
|
8 under the terms of the GNU General Public License as published by the
|
|
9 Free Software Foundation; either version 2 of the License, or (at your
|
|
10 option) any later version.
|
|
11
|
|
12 Please read license.txt for the full details. A copy of the GPL
|
|
13 may be found at http://www.gnu.org/copyleft/lgpl.html
|
|
14
|
|
15 You should have received a copy of the GNU General Public License
|
|
16 along with this program; if not, write to the Free Software
|
|
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
18
|
|
19 */
|
|
20
|
|
21 package digilib.auth;
|
|
22
|
|
23 import javax.servlet.http.HttpServletRequest;
|
|
24 import java.util.*;
|
|
25 import java.io.*;
|
|
26
|
|
27 import digilib.*;
|
|
28 import digilib.io.*;
|
|
29
|
|
30
|
|
31 public class XMLAuthOps extends AuthOpsImpl {
|
|
32
|
|
33 private String configFile = "/docuserver/www/digitallibrary/WEB-INF/digilib-auth.xml";
|
|
34 private HashTree authPaths;
|
|
35 private HashTree authIPs;
|
|
36
|
|
37 public XMLAuthOps(Utils u, String confFile) throws AuthOpException {
|
|
38 util = u;
|
|
39 configFile = confFile;
|
|
40 init();
|
|
41 }
|
|
42
|
|
43 public void setConfig(String confFile) throws AuthOpException {
|
|
44 configFile = confFile;
|
|
45 init();
|
|
46 }
|
|
47
|
|
48 public void init() throws AuthOpException {
|
|
49 util.dprintln(10, "xmlauthops.init ("+configFile+")");
|
|
50 Hashtable pathList = null;
|
|
51 Hashtable ipList = null;
|
|
52 try {
|
|
53 // create data loader for auth-path file
|
|
54 File confFile = new File(configFile);
|
|
55 // load authPaths
|
|
56 XMLListLoader pathLoader = new XMLListLoader("digilib-paths", "path", "name", "role");
|
|
57 pathList = pathLoader.loadURL(confFile.toURL().toString());
|
|
58 // load authIPs
|
|
59 XMLListLoader ipLoader = new XMLListLoader("digilib-addresses", "address", "ip", "role");
|
|
60 ipList = ipLoader.loadURL(confFile.toURL().toString());
|
|
61 }
|
|
62 catch (Exception e) {
|
|
63 throw new AuthOpException("ERROR loading authorization config file: "+e);
|
|
64 }
|
|
65 if ((pathList == null)||(ipList == null)) {
|
|
66 throw new AuthOpException("ERROR unable to load authorization config file!");
|
|
67 }
|
|
68 // setup path tree
|
|
69 authPaths = new HashTree(pathList, "/", ",");
|
|
70 // setup ip tree
|
|
71 authIPs = new HashTree(ipList, ".", ",");
|
|
72 }
|
|
73
|
|
74 public List rolesForPath(String filepath, HttpServletRequest request) throws digilib.auth.AuthOpException {
|
|
75 util.dprintln(4, "rolesForPath ("+filepath+") by ["+request.getRemoteAddr()+"]");
|
|
76
|
|
77 // check if the requests address provides a role
|
|
78 List provided = authIPs.match(request.getRemoteAddr());
|
|
79 if ((provided != null)&&(provided.contains("ALL"))) {
|
|
80 // ALL switches off checking;
|
|
81 return null;
|
|
82 }
|
|
83 // which roles are required?
|
|
84 List required = authPaths.match(filepath);
|
|
85 // do any provided roles match?
|
|
86 if ((provided != null)&&(required != null)) {
|
|
87 for (int i = 0; i < provided.size(); i++) {
|
|
88 if (required.contains(provided.get(i))) {
|
|
89 // satisfied
|
|
90 return null;
|
|
91 }
|
|
92 }
|
|
93 }
|
|
94 return required;
|
|
95 }
|
|
96
|
|
97 }
|