Mercurial > hg > digilib-old
comparison servlet/src/digilib/auth/XMLAuthOps.java @ 1:0ff3ede32060
Initial revision
| author | robcast |
|---|---|
| date | Thu, 17 Jan 2002 15:25:46 +0100 |
| parents | |
| children | 3b8797fc3e90 9cedd170b581 |
comparison
equal
deleted
inserted
replaced
| 0:ffd2df307e81 | 1:0ff3ede32060 |
|---|---|
| 1 /* XMLAuthOps -- Authentication class implementation using XML files | |
| 2 | |
| 3 Digital Image Library servlet components | |
| 4 | |
| 5 Copyright (C) 2001, 2002 Robert Casties (robcast@mail.berlios.de) | |
| 6 | |
| 7 This program is free software; you can redistribute it and/or modify it | |
| 8 under the terms of the GNU General Public License as published by the | |
| 9 Free Software Foundation; either version 2 of the License, or (at your | |
| 10 option) any later version. | |
| 11 | |
| 12 Please read license.txt for the full details. A copy of the GPL | |
| 13 may be found at http://www.gnu.org/copyleft/lgpl.html | |
| 14 | |
| 15 You should have received a copy of the GNU General Public License | |
| 16 along with this program; if not, write to the Free Software | |
| 17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
| 18 | |
| 19 */ | |
| 20 | |
| 21 package digilib.auth; | |
| 22 | |
| 23 import javax.servlet.http.HttpServletRequest; | |
| 24 import java.util.*; | |
| 25 import java.io.*; | |
| 26 | |
| 27 import digilib.*; | |
| 28 import digilib.io.*; | |
| 29 | |
| 30 | |
| 31 public class XMLAuthOps extends AuthOpsImpl { | |
| 32 | |
| 33 private String configFile = "/docuserver/www/digitallibrary/WEB-INF/digilib-auth.xml"; | |
| 34 private HashTree authPaths; | |
| 35 private HashTree authIPs; | |
| 36 | |
| 37 public XMLAuthOps(Utils u, String confFile) throws AuthOpException { | |
| 38 util = u; | |
| 39 configFile = confFile; | |
| 40 init(); | |
| 41 } | |
| 42 | |
| 43 public void setConfig(String confFile) throws AuthOpException { | |
| 44 configFile = confFile; | |
| 45 init(); | |
| 46 } | |
| 47 | |
| 48 public void init() throws AuthOpException { | |
| 49 util.dprintln(10, "xmlauthops.init ("+configFile+")"); | |
| 50 Hashtable pathList = null; | |
| 51 Hashtable ipList = null; | |
| 52 try { | |
| 53 // create data loader for auth-path file | |
| 54 File confFile = new File(configFile); | |
| 55 // load authPaths | |
| 56 XMLListLoader pathLoader = new XMLListLoader("digilib-paths", "path", "name", "role"); | |
| 57 pathList = pathLoader.loadURL(confFile.toURL().toString()); | |
| 58 // load authIPs | |
| 59 XMLListLoader ipLoader = new XMLListLoader("digilib-addresses", "address", "ip", "role"); | |
| 60 ipList = ipLoader.loadURL(confFile.toURL().toString()); | |
| 61 } | |
| 62 catch (Exception e) { | |
| 63 throw new AuthOpException("ERROR loading authorization config file: "+e); | |
| 64 } | |
| 65 if ((pathList == null)||(ipList == null)) { | |
| 66 throw new AuthOpException("ERROR unable to load authorization config file!"); | |
| 67 } | |
| 68 // setup path tree | |
| 69 authPaths = new HashTree(pathList, "/", ","); | |
| 70 // setup ip tree | |
| 71 authIPs = new HashTree(ipList, ".", ","); | |
| 72 } | |
| 73 | |
| 74 public List rolesForPath(String filepath, HttpServletRequest request) throws digilib.auth.AuthOpException { | |
| 75 util.dprintln(4, "rolesForPath ("+filepath+") by ["+request.getRemoteAddr()+"]"); | |
| 76 | |
| 77 // check if the requests address provides a role | |
| 78 List provided = authIPs.match(request.getRemoteAddr()); | |
| 79 if ((provided != null)&&(provided.contains("ALL"))) { | |
| 80 // ALL switches off checking; | |
| 81 return null; | |
| 82 } | |
| 83 // which roles are required? | |
| 84 List required = authPaths.match(filepath); | |
| 85 // do any provided roles match? | |
| 86 if ((provided != null)&&(required != null)) { | |
| 87 for (int i = 0; i < provided.size(); i++) { | |
| 88 if (required.contains(provided.get(i))) { | |
| 89 // satisfied | |
| 90 return null; | |
| 91 } | |
| 92 } | |
| 93 } | |
| 94 return required; | |
| 95 } | |
| 96 | |
| 97 } |