Mercurial > hg > digilib-old
comparison common/src/main/java/digilib/auth/AuthOpsImpl.java @ 903:7779b37d1d05
refactored into maven modules per servlet type.
can build servlet-api 2.3 and 3.0 via profile now!
| author | robcast |
|---|---|
| date | Tue, 26 Apr 2011 20:24:31 +0200 |
| parents | servlet/src/main/java/digilib/auth/AuthOpsImpl.java@ba1eb2d821a2 |
| children |
comparison
equal
deleted
inserted
replaced
| 902:89ba3ffcf552 | 903:7779b37d1d05 |
|---|---|
| 1 /* AuthOps -- Authentication class implementation | |
| 2 | |
| 3 Digital Image Library servlet components | |
| 4 | |
| 5 Copyright (C) 2001, 2002 Robert Casties (robcast@mail.berlios.de) | |
| 6 | |
| 7 This program is free software; you can redistribute it and/or modify it | |
| 8 under the terms of the GNU General Public License as published by the | |
| 9 Free Software Foundation; either version 2 of the License, or (at your | |
| 10 option) any later version. | |
| 11 | |
| 12 Please read license.txt for the full details. A copy of the GPL | |
| 13 may be found at http://www.gnu.org/copyleft/lgpl.html | |
| 14 | |
| 15 You should have received a copy of the GNU General Public License | |
| 16 along with this program; if not, write to the Free Software | |
| 17 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
| 18 | |
| 19 */ | |
| 20 | |
| 21 package digilib.auth; | |
| 22 | |
| 23 import java.util.List; | |
| 24 | |
| 25 import javax.servlet.http.HttpServletRequest; | |
| 26 | |
| 27 import org.apache.log4j.Logger; | |
| 28 | |
| 29 import digilib.servlet.DigilibRequest; | |
| 30 | |
| 31 /** Basic implementation of AuthOps interface. | |
| 32 * | |
| 33 * Provides basic implementations. Only rolesForPath needs to be implemented | |
| 34 * by specific implementations. | |
| 35 */ | |
| 36 public abstract class AuthOpsImpl implements AuthOps { | |
| 37 | |
| 38 /** general logger for this class */ | |
| 39 protected Logger logger = Logger.getLogger(this.getClass()); | |
| 40 | |
| 41 /** Default constructor. */ | |
| 42 public AuthOpsImpl() { | |
| 43 try { | |
| 44 init(); | |
| 45 } catch (AuthOpException e) { | |
| 46 } | |
| 47 } | |
| 48 | |
| 49 | |
| 50 /** Test if the request is allowed to access filepath. | |
| 51 * @param filepath filepath to be acessed. | |
| 52 * @param request Request with user information. | |
| 53 * @throws AuthOpException Exception thrown on error. | |
| 54 * @return true if the request is allowed. | |
| 55 */ | |
| 56 public boolean isAuthRequired(String filepath, HttpServletRequest request) throws AuthOpException { | |
| 57 // check permissions | |
| 58 List<String> rolesRequired = rolesForPath(filepath, request); | |
| 59 return (rolesRequired != null); | |
| 60 } | |
| 61 | |
| 62 /** | |
| 63 * @see digilib.auth.AuthOps#isAuthRequired(digilib.servlet.DigilibRequest) | |
| 64 */ | |
| 65 public boolean isAuthRequired(DigilibRequest request) | |
| 66 throws AuthOpException { | |
| 67 // check permissions | |
| 68 List<String> rolesRequired = rolesForPath(request); | |
| 69 return (rolesRequired != null); | |
| 70 } | |
| 71 | |
| 72 /** Return authorization roles needed for request. | |
| 73 * | |
| 74 * Returns a list of authorization roles that would be allowed to access the | |
| 75 * specified path. The location information of the request is considered also. | |
| 76 * @param filepath filepath to be accessed. | |
| 77 * @param request ServletRequest with address information. | |
| 78 * @throws AuthOpException Exception thrown on error. | |
| 79 * @return List of Strings with role names. | |
| 80 */ | |
| 81 public boolean isAuthorized(String filepath, HttpServletRequest request) throws AuthOpException { | |
| 82 List<String> rolesAllowed = rolesForPath(filepath, request); | |
| 83 return isRoleAuthorized(rolesAllowed, request); | |
| 84 } | |
| 85 | |
| 86 /** | |
| 87 * @see digilib.auth.AuthOps#isAuthorized(digilib.servlet.DigilibRequest) | |
| 88 */ | |
| 89 public boolean isAuthorized(DigilibRequest request) | |
| 90 throws AuthOpException { | |
| 91 List<String> rolesAllowed = rolesForPath(request); | |
| 92 return isRoleAuthorized(rolesAllowed, request); | |
| 93 } | |
| 94 | |
| 95 /** Test request authorization against a list of roles. | |
| 96 * @param roles List of Strings with role names. | |
| 97 * @param request ServletRequest with address information. | |
| 98 * @return true if the user information in the request authorizes one of the roles. | |
| 99 */ | |
| 100 public boolean isRoleAuthorized(List<String> roles, HttpServletRequest request) { | |
| 101 for (String s: roles) { | |
| 102 logger.debug("Testing role: "+s); | |
| 103 if (request.isUserInRole(s)) { | |
| 104 logger.debug("Role Authorized"); | |
| 105 return true; | |
| 106 } | |
| 107 } | |
| 108 return false; | |
| 109 } | |
| 110 | |
| 111 /** | |
| 112 * @see digilib.auth.AuthOps#isRoleAuthorized(java.util.List, digilib.servlet.DigilibRequest) | |
| 113 */ | |
| 114 public boolean isRoleAuthorized(List<String> roles, DigilibRequest request) { | |
| 115 for (String s: roles) { | |
| 116 logger.debug("Testing role: "+s); | |
| 117 if (((HttpServletRequest)request.getServletRequest()).isUserInRole(s)) { | |
| 118 logger.debug("Role Authorized"); | |
| 119 return true; | |
| 120 } | |
| 121 } | |
| 122 return false; | |
| 123 } | |
| 124 | |
| 125 public abstract void init() throws AuthOpException; | |
| 126 | |
| 127 public abstract List<String> rolesForPath(String filepath, HttpServletRequest request) throws AuthOpException; | |
| 128 | |
| 129 public abstract List<String> rolesForPath(DigilibRequest request) throws AuthOpException; | |
| 130 | |
| 131 } |