Mercurial > hg > digilib-old

diff common/src/main/java/digilib/auth/AuthOpsImpl.java @ 903:7779b37d1d05

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
refactored into maven modules per servlet type. can build servlet-api 2.3 and 3.0 via profile now!
author robcast
date Tue, 26 Apr 2011 20:24:31 +0200
parents servlet/src/main/java/digilib/auth/AuthOpsImpl.java@ba1eb2d821a2
children
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/common/src/main/java/digilib/auth/AuthOpsImpl.java	Tue Apr 26 20:24:31 2011 +0200
@@ -0,0 +1,131 @@
+/*  AuthOps -- Authentication class implementation
+
+  Digital Image Library servlet components
+
+  Copyright (C) 2001, 2002 Robert Casties (robcast@mail.berlios.de)
+
+  This program is free software; you can redistribute  it and/or modify it
+  under  the terms of  the GNU General  Public License as published by the
+  Free Software Foundation;  either version 2 of the  License, or (at your
+  option) any later version.
+   
+  Please read license.txt for the full details. A copy of the GPL
+  may be found at http://www.gnu.org/copyleft/lgpl.html
+
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+
+*/
+
+package digilib.auth;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.log4j.Logger;
+
+import digilib.servlet.DigilibRequest;
+
+/** Basic implementation of AuthOps interface.
+ *
+ * Provides basic implementations. Only rolesForPath needs to be implemented
+ * by specific implementations.
+ */
+public abstract class AuthOpsImpl implements AuthOps {
+
+	/** general logger for this class */
+	protected Logger logger = Logger.getLogger(this.getClass());
+	
+  /** Default constructor. */  
+  public AuthOpsImpl() {
+    try {
+      init();
+    } catch (AuthOpException e) {
+    }
+  }
+
+
+  /** Test if the request is allowed to access filepath.
+   * @param filepath filepath to be acessed.
+   * @param request Request with user information.
+   * @throws AuthOpException Exception thrown on error.
+   * @return true if the request is allowed.
+   */
+  public boolean isAuthRequired(String filepath, HttpServletRequest request) throws AuthOpException {
+    // check permissions
+    List<String> rolesRequired = rolesForPath(filepath, request);
+    return (rolesRequired != null);
+  }
+
+  /**
+   * @see digilib.auth.AuthOps#isAuthRequired(digilib.servlet.DigilibRequest)
+   */
+  public boolean isAuthRequired(DigilibRequest request)
+	  throws AuthOpException {
+		// check permissions
+		List<String> rolesRequired = rolesForPath(request);
+		return (rolesRequired != null);
+  }
+
+  /** Return authorization roles needed for request.
+   *
+   * Returns a list of authorization roles that would be allowed to access the
+   * specified path. The location information of the request is considered also.
+   * @param filepath filepath to be accessed.
+   * @param request ServletRequest with address information.
+   * @throws AuthOpException Exception thrown on error.
+   * @return List of Strings with role names.
+   */
+  public boolean isAuthorized(String filepath, HttpServletRequest request) throws AuthOpException {
+    List<String> rolesAllowed = rolesForPath(filepath, request);
+    return isRoleAuthorized(rolesAllowed, request);
+  }
+
+  /**
+   * @see digilib.auth.AuthOps#isAuthorized(digilib.servlet.DigilibRequest)
+   */
+  public boolean isAuthorized(DigilibRequest request)
+	  throws AuthOpException {
+		List<String> rolesAllowed = rolesForPath(request);
+		return isRoleAuthorized(rolesAllowed, request);
+  }
+
+  /** Test request authorization against a list of roles.
+   * @param roles List of Strings with role names.
+   * @param request ServletRequest with address information.
+   * @return true if the user information in the request authorizes one of the roles.
+   */
+  public boolean isRoleAuthorized(List<String> roles, HttpServletRequest request) {
+    for (String s: roles) {
+      logger.debug("Testing role: "+s);
+      if (request.isUserInRole(s)) {
+      	logger.debug("Role Authorized");
+        return true;
+      }
+    }
+    return false;
+  }
+
+  /**
+   * @see digilib.auth.AuthOps#isRoleAuthorized(java.util.List, digilib.servlet.DigilibRequest)
+   */
+  public boolean isRoleAuthorized(List<String> roles, DigilibRequest request) {
+	for (String s: roles) {
+	  logger.debug("Testing role: "+s);
+	  if (((HttpServletRequest)request.getServletRequest()).isUserInRole(s)) {
+	  	logger.debug("Role Authorized");
+		return true;
+	  }
+	}
+	return false;
+  }
+
+  public abstract void init() throws AuthOpException;
+
+  public abstract List<String> rolesForPath(String filepath, HttpServletRequest request) throws AuthOpException;
+
+  public abstract List<String> rolesForPath(DigilibRequest request) throws AuthOpException;
+
+}