1
|
1 /* DBAuthOpsImpl -- Authentication class using database
|
|
2
|
|
3 Digital Image Library servlet components
|
|
4
|
|
5 Copyright (C) 2001, 2002 Robert Casties (robcast@mail.berlios.de)
|
|
6
|
|
7 This program is free software; you can redistribute it and/or modify it
|
|
8 under the terms of the GNU General Public License as published by the
|
|
9 Free Software Foundation; either version 2 of the License, or (at your
|
|
10 option) any later version.
|
|
11
|
|
12 Please read license.txt for the full details. A copy of the GPL
|
|
13 may be found at http://www.gnu.org/copyleft/lgpl.html
|
|
14
|
|
15 You should have received a copy of the GNU General Public License
|
|
16 along with this program; if not, write to the Free Software
|
|
17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
18
|
|
19 */
|
|
20
|
|
21 package digilib.auth;
|
|
22
|
|
23 import javax.servlet.http.*;
|
|
24 import java.util.*;
|
|
25 import com.borland.dx.dataset.*;
|
|
26
|
|
27 import digilib.*;
|
|
28
|
|
29 public class DBAuthOpsImpl implements AuthOps {
|
|
30
|
|
31 private Utils util = null;
|
|
32 private dlDataModule dlDataModule1;
|
|
33
|
|
34 public DBAuthOpsImpl() {
|
|
35 util = new Utils();
|
|
36 dbInit();
|
|
37 }
|
|
38
|
|
39 public DBAuthOpsImpl(Utils u) {
|
|
40 util = u;
|
|
41 dbInit();
|
|
42 }
|
|
43
|
|
44 void dbInit() {
|
|
45 try {
|
|
46 dlDataModule1 = new dlDataModule();
|
|
47 dlDataModule1.getAuthPathsQuery().open();
|
|
48 }
|
|
49 catch(Exception e) {
|
|
50 e.printStackTrace();
|
|
51 }
|
|
52 }
|
|
53
|
|
54 public void setUtils(Utils u) {
|
|
55 util = u;
|
|
56 }
|
|
57
|
|
58 public boolean isAuthRequired(String filepath, HttpServletRequest request) throws AuthOpException {
|
|
59 // check permissions
|
|
60 List rolesRequired = rolesForPath(filepath, request);
|
|
61 return (rolesRequired != null);
|
|
62 }
|
|
63
|
|
64 public boolean isAuthorized(String filepath, HttpServletRequest request) throws AuthOpException {
|
|
65 List rolesAllowed = rolesForPath(filepath, request);
|
|
66 return isRoleAuthorized(rolesAllowed, request);
|
|
67 };
|
|
68
|
|
69 public List rolesForPath(String filepath, HttpServletRequest request) throws AuthOpException {
|
|
70 util.dprintln(4, "rolesForPath ("+filepath+")");
|
|
71 String p = "";
|
|
72 List r;
|
|
73 LinkedList roles = new LinkedList();
|
|
74
|
|
75 // split path in directories
|
|
76 StringTokenizer path = new StringTokenizer(filepath, "/");
|
|
77 // walk directories and check with db
|
|
78 while (path.hasMoreTokens()) {
|
|
79 p += "/" + path.nextToken();
|
|
80 r = dbRolesForPath(p);
|
|
81 if (r != null) {
|
|
82 roles.addAll(r);
|
|
83 }
|
|
84 }
|
|
85 if (roles.size() > 0) {
|
|
86 return roles;
|
|
87 } else {
|
|
88 return null;
|
|
89 }
|
|
90 }
|
|
91
|
|
92 public boolean isRoleAuthorized(List roles, HttpServletRequest request) {
|
|
93 ListIterator r = roles.listIterator();
|
|
94 String s = "";
|
|
95 while (r.hasNext()) {
|
|
96 s = (String)r.next();
|
|
97 util.dprintln(5, "Testing role: "+s);
|
|
98 if (request.isUserInRole(s)) {
|
|
99 util.dprintln(5, "Role Authorized");
|
|
100 return true;
|
|
101 }
|
|
102 }
|
|
103 return false;
|
|
104 }
|
|
105
|
|
106 private List dbRolesForPath(String filepath) throws AuthOpException {
|
|
107 util.dprintln(4, "dbRolesForPath ("+filepath+")");
|
|
108
|
|
109 LinkedList roles = new LinkedList();
|
|
110 DataSet query = dlDataModule1.getAuthPathsQuery();
|
|
111 if (query == null) {
|
|
112 throw new AuthOpException("Unable to access database!");
|
|
113 }
|
|
114 // search for PATH_NAME == filepath
|
|
115 DataRow lookupRow = new DataRow(query, "PATH_NAME");
|
|
116 lookupRow.setString("PATH_NAME", filepath);
|
|
117
|
|
118 if (query.locate(lookupRow, Locate.FIRST)) {
|
|
119 roles.add(query.getString("ROLE_NAME"));
|
|
120 util.dprintln(5, "role found: "+query.getString("ROLE_NAME"));
|
|
121 // any more matches?
|
|
122 while (query.locate(lookupRow, Locate.NEXT_FAST)) {
|
|
123 roles.add(query.getString("ROLE_NAME"));
|
|
124 util.dprintln(5, "role found: "+query.getString("ROLE_NAME"));
|
|
125 }
|
|
126 }
|
|
127 if (roles.size() > 0) {
|
|
128 return roles;
|
|
129 } else {
|
|
130 return null;
|
|
131 }
|
|
132 }
|
|
133
|
|
134 }
|