+ * {@code
+ *
+ *
+ *
+ *
+ * }
+ *
+ * A computer with an ip address that matches "ip" is automatically granted all roles under "role".
+ * The ip address is matched from the left (in full quads). Roles under "role" must be separated by comma only (no spaces).
+ *
+ */
+public class IpAuthnOps implements AuthnOps {
+
+ /** general logger for this class */
+ protected Logger logger = Logger.getLogger(this.getClass());
+
+ protected File configFile;
+ protected HashTree authIPs;
+
+ /**
+ * Initialize authentication operations.
+ *
+ * Reads tag "digilib-adresses" from configuration file
+ * and sets up authentication arrays.
+ *
+ * @throws AuthOpException
+ * Exception thrown on error.
+ */
+ @Override
+ public void init(DigilibConfiguration dlConfig) throws AuthOpException {
+ configFile = dlConfig.getAsFile("auth-file");
+ logger.debug("ipauthnops.init (" + configFile + ")");
+ Map
+ * {@code
+ *
+ *
+ *
+ *
+ * }
+ *
+ * A computer with an ip address that matches "ip" is automatically granted all roles under "role".
+ * The ip address is matched from the left (in full quads). Roles under "role" must be separated by comma only (no spaces).
+ *
+ * Uses ServletRequest.isUserInRole() if roles provided by IP are not sufficient.
+ */
+public class IpServletAuthnOps extends IpAuthnOps {
+
+ /* (non-Javadoc)
+ * @see digilib.auth.IpAuthnOps#isUserInRole(digilib.conf.DigilibRequest, java.lang.String)
+ */
+ @Override
+ public boolean isUserInRole(DigilibRequest dlRequest, String role) throws AuthOpException {
+ // check if the requests address provides a role
+ HttpServletRequest request = ((DigilibServletRequest) dlRequest).getServletRequest();
+ String ip = request.getRemoteAddr();
+ List
+ * {@code
+ *
+ *
+ * }
+ *
+ * A user must supply one of the roles under "role" to access any object with the metadata "access" type of "type".
+ * Roles under "role" must be separated by comma only (no spaces).
+ *
+ */
+public class MetaAccessAuthzOps extends AuthzOpsImpl {
+
+ private File configFile;
+ private Map
- * {@code
- *
- *
- * }
- *
- * A user must supply one of the roles under "role" to access any object with the metadata "access" type of "type".
- * Roles under "role" must be separated by comma only (no spaces).
- *
- * {@code
- *
- *
- *
- *
- * }
- *
- * A computer with an ip address that matches "ip" is automatically granted all roles under "role".
- * The ip address is matched from the left (in full quads). Roles under "role" must be separated by comma only (no spaces).
- *
- */
-public class MetaAccessServletAuthOps extends ServletAuthOpsImpl {
-
- private File configFile;
- private HashTree authIPs;
- private Map
+ * {@code
+ *
+ *
+ * }
+ *
+ * A user must supply one of the roles under "role" to access the directory "name".
+ * Roles under "role" must be separated by comma only (no spaces).
+ *
+ *
+ */
+public class PathAuthzOps extends AuthzOpsImpl {
+
+ private File configFile;
+ private HashTree authPaths;
+
+ /**
+ * Initialize authentication operations.
+ *
+ * Reads tag "digilib-paths" from configuration file
+ * and sets up authentication arrays.
+ *
+ * @throws AuthOpException
+ * Exception thrown on error.
+ */
+ @Override
+ public void init(DigilibConfiguration dlConfig) throws AuthOpException {
+ configFile = dlConfig.getAsFile("auth-file");
+ logger.debug("xmlauthops.init (" + configFile + ")");
+ Map pathList = null;
+ try {
+ // load authPaths
+ XMLListLoader pathLoader = new XMLListLoader("digilib-paths", "path", "name", "role");
+ pathList = pathLoader.loadUri(configFile.toURI());
+ } catch (Exception e) {
+ throw new AuthOpException("ERROR loading authorization config file: " + e);
+ }
+ if (pathList == null) {
+ throw new AuthOpException("ERROR unable to load authorization config file!");
+ }
+ // setup path tree
+ authPaths = new HashTree(pathList, "/", ",");
+ // set authentication
+ this.authnOps = (AuthnOps) dlConfig.getValue(DigilibServletConfiguration.AUTHN_OP_KEY);
+ }
+
+ /**
+ * Return authorization roles needed for request.
+ *
+ * Returns the list of authorization roles that are required to access the
+ * specified path. No list means the path is free.
+ *
+ * @param dlRequest
+ * DigilibServletRequest with image path and remote address information.
+ * @throws AuthOpException
+ * Exception thrown on error.
+ * @return List of Strings with role names.
+ */
+ public List rolesForPath(DigilibServletRequest dlRequest) throws digilib.auth.AuthOpException {
+ String filepath = dlRequest.getFilePath();
+ HttpServletRequest request = dlRequest.getServletRequest();
+ logger.debug("rolesForPath (" + filepath + ") by [" + request.getRemoteAddr() + "]");
+
+ // which roles are required?
+ List required = authPaths.match(filepath);
+ return required;
+ }
+
+}
diff -r 8128cbff0dac -r 2197975ec945 servlet/src/main/java/digilib/auth/PathServletAuthOps.java
--- a/servlet/src/main/java/digilib/auth/PathServletAuthOps.java Tue Mar 29 11:39:32 2016 +0200
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,154 +0,0 @@
-package digilib.auth;
-
-/*
- * #%L
- * XMLAuthOps -- Authentication class implementation using XML files
- *
- * Digital Image Library servlet components
- *
- * %%
- * Copyright (C) 2001 - 2013 MPIWG Berlin
- * %%
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Lesser Public License for more details.
- *
- * You should have received a copy of the GNU General Lesser Public
- * License along with this program. If not, see
- * .
- * #L%
- * Author: Robert Casties (robcast@berlios.de)
- */
-
-import java.io.File;
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-import digilib.conf.DigilibServletRequest;
-import digilib.util.HashTree;
-import digilib.util.XMLListLoader;
-
-/**
- * Implements AuthOps using paths defined in an XML config file.
- *
- * Tags "digilib-paths" and "digilib-adresses" are read from the configuration file:
- *
- * {@code
- *
- *
- * }
- *
- * A user must supply one of the roles under "role" to access the directory "name".
- * Roles under "role" must be separated by comma only (no spaces).
- *
- * {@code
- *
- *
- *
- *
- * }
- *
- * A computer with an ip address that matches "ip" is automatically granted all roles under "role".
- * The ip address is matched from the left (in full quads). Roles under "role" must be separated by comma only (no spaces).
- *
- */
-public class PathServletAuthOps extends ServletAuthOpsImpl {
-
- private File configFile;
- private HashTree authPaths;
- private HashTree authIPs;
-
- /**
- * Set configuration file.
- *
- * @param confFile
- * XML config file.
- * @throws AuthOpException
- * Exception thrown on error.
- */
- public void setConfig(File confFile) throws AuthOpException {
- configFile = confFile;
- init();
- }
-
- /**
- * Initialize authentication operations.
- *
- * Reads tags "digilib-paths" and "digilib-adresses" from configuration file
- * and sets up authentication arrays.
- *
- * @throws AuthOpException
- * Exception thrown on error.
- */
- public void init() throws AuthOpException {
- logger.debug("xmlauthops.init (" + configFile + ")");
- Map pathList = null;
- Map ipList = null;
- try {
- // load authPaths
- XMLListLoader pathLoader = new XMLListLoader("digilib-paths", "path", "name", "role");
- pathList = pathLoader.loadUri(configFile.toURI());
- // load authIPs
- XMLListLoader ipLoader = new XMLListLoader("digilib-addresses", "address", "ip", "role");
- ipList = ipLoader.loadUri(configFile.toURI());
- } catch (Exception e) {
- throw new AuthOpException("ERROR loading authorization config file: " + e);
- }
- if ((pathList == null) || (ipList == null)) {
- throw new AuthOpException("ERROR unable to load authorization config file!");
- }
- // setup path tree
- authPaths = new HashTree(pathList, "/", ",");
- // setup ip tree
- authIPs = new HashTree(ipList, ".", ",");
- }
-
- /**
- * Return authorization roles needed for request.
- *
- * Returns the list of authorization roles that are required to access the
- * specified path. No list means the path is free.
- *
- * The location information of the request is determined by ServletRequest.getRemoteAddr().
- *
- * @param dlRequest
- * DigilibServletRequest with image path and remote address information.
- * @throws AuthOpException
- * Exception thrown on error.
- * @return List of Strings with role names.
- */
- public List rolesForPath(DigilibServletRequest dlRequest) throws digilib.auth.AuthOpException {
- String filepath = dlRequest.getFilePath();
- HttpServletRequest request = dlRequest.getServletRequest();
- logger.debug("rolesForPath (" + filepath + ") by [" + request.getRemoteAddr() + "]");
-
- // check if the requests address provides a role
- List provided = authIPs.match(request.getRemoteAddr());
- if ((provided != null) && (provided.contains("ALL"))) {
- // ALL switches off checking;
- return null;
- }
- // which roles are required?
- List required = authPaths.match(filepath);
- // do any provided roles match?
- if ((provided != null) && (required != null)) {
- for (int i = 0; i < provided.size(); i++) {
- if (required.contains(provided.get(i))) {
- // satisfied
- return null;
- }
- }
- }
- return required;
- }
-
-}
diff -r 8128cbff0dac -r 2197975ec945 servlet/src/main/java/digilib/auth/ServletAuthOpsImpl.java
--- a/servlet/src/main/java/digilib/auth/ServletAuthOpsImpl.java Tue Mar 29 11:39:32 2016 +0200
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,105 +0,0 @@
-package digilib.auth;
-
-/*
- * #%L
- * AuthOps -- Authentication class implementation
- *
- * Digital Image Library servlet components
- *
- * %%
- * Copyright (C) 2001 - 2013 MPIWG Berlin
- * %%
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Lesser Public License for more details.
- *
- * You should have received a copy of the GNU General Lesser Public
- * License along with this program. If not, see
- * .
- * #L%
- * Author: Robert Casties (robcast@berlios.de)
- */
-
-import java.util.List;
-
-import org.apache.log4j.Logger;
-
-import digilib.conf.DigilibRequest;
-import digilib.conf.DigilibServletRequest;
-
-/**
- * Basic implementation of AuthOps interface.
- *
- * Provides basic implementations. Only rolesForPath needs to be implemented by
- * specific implementations.
- */
-public abstract class ServletAuthOpsImpl implements AuthOps {
-
- /** general logger for this class */
- protected Logger logger = Logger.getLogger(this.getClass());
-
- public abstract void init() throws AuthOpException;
-
- /**
- * @see digilib.auth.AuthOps#isAuthRequired(digilib.conf.DigilibRequest)
- */
- public boolean isAuthRequired(DigilibRequest request) throws AuthOpException {
- // check permissions
- List rolesRequired = rolesForPath((DigilibServletRequest) request);
- return (rolesRequired != null);
- }
-
- /**
- * @see digilib.auth.AuthOps#isAuthorized(digilib.conf.DigilibRequest)
- */
- public boolean isAuthorized(DigilibRequest request) throws AuthOpException {
- List rolesRequired = rolesForPath((DigilibServletRequest) request);
- if (rolesRequired == null) return true;
- return isRoleAuthorized(rolesRequired, (DigilibServletRequest) request);
- }
-
- /**
- * Test request authorization against a list of roles.
- *
- * @param rolesRequired
- * List of Strings with role names.
- * @param request
- * ServletRequest with address information.
- * @return true if the user information in the request authorizes one of the
- * roles.
- */
- public boolean isRoleAuthorized(List rolesRequired, DigilibServletRequest request) {
- if (rolesRequired == null) return true;
- for (String s : rolesRequired) {
- logger.debug("Testing role: " + s);
- if (request.getServletRequest().isUserInRole(s)) {
- logger.debug("Role Authorized");
- return true;
- }
- }
- return false;
- }
-
- /**
- * Authorization roles needed for request.
- *
- * Returns the list of authorization roles that are needed to access the
- * specified path. No list means the path is free.
- *
- * The location information of the request is also considered.
- *
- * @param request
- * DigilibRequest with address information.
- * @throws AuthOpException
- * Exception thrown on error.
- * @return List of Strings with role names.
- */
- public abstract List rolesForPath(DigilibServletRequest request) throws AuthOpException;
-
-}
diff -r 8128cbff0dac -r 2197975ec945 servlet/src/main/java/digilib/conf/DigilibServletConfiguration.java
--- a/servlet/src/main/java/digilib/conf/DigilibServletConfiguration.java Tue Mar 29 11:39:32 2016 +0200
+++ b/servlet/src/main/java/digilib/conf/DigilibServletConfiguration.java Tue Mar 29 17:30:39 2016 +0200
@@ -42,8 +42,10 @@
import org.apache.log4j.xml.DOMConfigurator;
import org.xml.sax.SAXException;
-import digilib.auth.AuthOps;
-import digilib.auth.AuthOpsFactory;
+import digilib.auth.AuthnOps;
+import digilib.auth.AuthnOpsFactory;
+import digilib.auth.AuthzOps;
+import digilib.auth.AuthzOpsFactory;
import digilib.image.DocuImage;
import digilib.io.AliasingDocuDirCache;
import digilib.io.DocuDirCache;
@@ -76,7 +78,9 @@
*/
public class DigilibServletConfiguration extends DigilibConfiguration implements ServletContextListener {
- public static final String AUTH_OP_KEY = "servlet.auth.op";
+ public static final String AUTHN_OP_KEY = "servlet.authn.op";
+
+ public static final String AUTHZ_OP_KEY = "servlet.authz.op";
public static final String IMAGEEXECUTOR_KEY = "servlet.worker.imageexecutor";
@@ -114,12 +118,15 @@
newParameter(DIR_CACHE_KEY, null, null, 's');
// Executor for image operations
newParameter(IMAGEEXECUTOR_KEY, null, null, 's');
- // AuthOps instance
- newParameter(AUTH_OP_KEY, null, null, 's');
+ // AuthnOps instance
+ newParameter(AUTHN_OP_KEY, null, null, 's');
+ // AuthzOps instance
+ newParameter(AUTHZ_OP_KEY, null, null, 's');
// classes TODO: do we need these as parameters?
newParameter("servlet.filemeta.class", null, null, 's');
newParameter("servlet.dirmeta.class", null, null, 's');
- newParameter("servlet.authops.class", null, null, 's');
+ newParameter("servlet.authnops.class", null, null, 's');
+ newParameter("servlet.authzops.class", null, null, 's');
newParameter("servlet.docudirectory.class", null, null, 's');
newParameter("servlet.version", getVersion(), null, 's');
@@ -156,8 +163,10 @@
newParameter("filemeta-class", "digilib.meta.IndexMetaFileMeta", null, 'f');
// DirMeta implementation
newParameter("dirmeta-class", "digilib.meta.IndexMetaDirMeta", null, 'f');
- // AuthOps implementation
- newParameter("authops-class", "digilib.auth.PathServletAuthOps", null, 'f');
+ // AuthnOps implementation
+ newParameter("authnops-class", "digilib.auth.IpAuthnOps", null, 'f');
+ // AuthzOps implementation
+ newParameter("authzops-class", "digilib.auth.PathAuthzOps", null, 'f');
// DocuDirectory implementation
newParameter("docudirectory-class", "digilib.io.BaseDirDocuDirectory", null, 'f');
@@ -293,13 +302,23 @@
} catch (ClassNotFoundException e) {
logger.error("Error setting Metadata classes!");
}
- try {
- // initialise AuthOpsFactory
- Class authOpsClass = (Class) Class.forName(config.getAsString("authops-class"));
- config.setValue("servlet.authops.class", authOpsClass);
- AuthOpsFactory.setAuthOpsClass(authOpsClass);
- } catch (ClassNotFoundException e) {
- logger.error("Error setting AuthOps class!");
+ if (config.getAsBoolean("use-authorization")) {
+ try {
+ // initialise AuthnOpsFactory
+ Class authnOpsClass = (Class) Class.forName(config.getAsString("authnops-class"));
+ config.setValue("servlet.authzops.class", authnOpsClass);
+ AuthnOpsFactory.setAuthnOpsClass(authnOpsClass);
+ } catch (ClassNotFoundException e) {
+ logger.error("Error setting AuthnOps class!");
+ }
+ try {
+ // initialise AuthzOpsFactory
+ Class authzOpsClass = (Class) Class.forName(config.getAsString("authzops-class"));
+ config.setValue("servlet.authzops.class", authzOpsClass);
+ AuthzOpsFactory.setAuthzOpsClass(authzOpsClass);
+ } catch (ClassNotFoundException e) {
+ logger.error("Error setting AuthzOps class!");
+ }
}
try {
// initialise DocuDirectoryFactory
@@ -334,16 +353,19 @@
dirCache = new DocuDirCache(FileClass.IMAGE, this);
}
config.setValue(DIR_CACHE_KEY, dirCache);
- // useAuthentication
+ // useAuthorization
if (config.getAsBoolean("use-authorization")) {
- AuthOps authOp = AuthOpsFactory.getAuthOpsInstance();
- // get config file
+ // set auth config file
File authConf = ServletOps.getConfigFile((File) config.getValue("auth-file"), context);
- if (authConf != null) {
- authOp.setConfig(authConf);
- }
- config.setValue(AUTH_OP_KEY, authOp);
config.setValue("auth-file", authConf);
+ // initialise AuthnOps
+ AuthnOps authnOps = AuthnOpsFactory.getAuthnOpsInstance();
+ authnOps.init(this);
+ config.setValue(AUTHN_OP_KEY, authnOps);
+ // initialise AuthzOps (requires AuthnOps)
+ AuthzOps authzOps = AuthzOpsFactory.getAuthzOpsInstance();
+ authzOps.init(this);
+ config.setValue(AUTHZ_OP_KEY, authzOps);
}
// digilib worker threads
int nt = config.getAsInt("worker-threads");
diff -r 8128cbff0dac -r 2197975ec945 servlet/src/main/java/digilib/servlet/DocumentBean.java
--- a/servlet/src/main/java/digilib/servlet/DocumentBean.java Tue Mar 29 11:39:32 2016 +0200
+++ b/servlet/src/main/java/digilib/servlet/DocumentBean.java Tue Mar 29 17:30:39 2016 +0200
@@ -36,7 +36,7 @@
import org.apache.log4j.Logger;
import digilib.auth.AuthOpException;
-import digilib.auth.AuthOps;
+import digilib.auth.AuthzOps;
import digilib.conf.DigilibServletConfiguration;
import digilib.conf.DigilibServletRequest;
import digilib.io.DocuDirCache;
@@ -52,10 +52,10 @@
private static Logger logger = Logger.getLogger("digilib.docubean");
// AuthOps object to check authorization
- private AuthOps authOp;
+ private AuthzOps authzOp;
// use authorization database
- private boolean useAuthentication = true;
+ private boolean useAuthorization = true;
// path to add for authenticated access
private String authURLPath = "";
@@ -102,10 +102,10 @@
/*
* authentication
*/
- useAuthentication = dlConfig.getAsBoolean("use-authorization");
- authOp = (AuthOps) dlConfig.getValue("servlet.auth.op");
+ useAuthorization = dlConfig.getAsBoolean("use-authorization");
+ authzOp = (AuthzOps) dlConfig.getValue("servlet.authz.op");
authURLPath = dlConfig.getAsString("auth-url-path");
- if (useAuthentication && (authOp == null)) {
+ if (useAuthorization && (authzOp == null)) {
throw new ServletException(
"ERROR: use-authorization configured but no AuthOp!");
}
@@ -117,7 +117,7 @@
public boolean isAuthRequired(DigilibServletRequest request)
throws AuthOpException {
logger.debug("isAuthRequired");
- return useAuthentication ? authOp.isAuthRequired(request) : false;
+ return useAuthorization ? authzOp.isAuthorizationRequired(request) : false;
}
/**
@@ -125,7 +125,7 @@
*/
public boolean isAuthorized(DigilibServletRequest request) throws AuthOpException {
logger.debug("isAuthorized");
- return useAuthentication ? authOp.isAuthorized(request) : true;
+ return useAuthorization ? authzOp.isAuthorized(request) : true;
}
/**
@@ -143,8 +143,8 @@
public boolean doAuthentication(DigilibServletRequest request,
HttpServletResponse response) throws Exception {
logger.debug("doAuthentication");
- if (!useAuthentication) {
- // shortcut if no authentication
+ if (!useAuthorization) {
+ // shortcut if no authorization
return true;
}
// quick fix: add auth-url-path to base.url
diff -r 8128cbff0dac -r 2197975ec945 servlet2/pom.xml
--- a/servlet2/pom.xml Tue Mar 29 11:39:32 2016 +0200
+++ b/servlet2/pom.xml Tue Mar 29 17:30:39 2016 +0200
@@ -5,7 +5,7 @@
digilib
digilib
- 2.3-SNAPSHOT
+ 2.4-SNAPSHOT
digilib-servlet2
digilib-servlet2
diff -r 8128cbff0dac -r 2197975ec945 servlet2/src/main/java/digilib/servlet/Scaler.java
--- a/servlet2/src/main/java/digilib/servlet/Scaler.java Tue Mar 29 11:39:32 2016 +0200
+++ b/servlet2/src/main/java/digilib/servlet/Scaler.java Tue Mar 29 17:30:39 2016 +0200
@@ -40,7 +40,7 @@
import org.apache.log4j.Logger;
import digilib.auth.AuthOpException;
-import digilib.auth.AuthOps;
+import digilib.auth.AuthzOps;
import digilib.conf.DigilibServletConfiguration;
import digilib.conf.DigilibServletRequest;
import digilib.image.DocuImage;
@@ -106,8 +106,8 @@
/** use authorization database */
protected boolean useAuthorization = false;
- /** AuthOps instance */
- protected AuthOps authOp;
+ /** AuthzOps instance */
+ protected AuthzOps authzOp;
/**
* Initialisation on first run.
@@ -138,7 +138,7 @@
logger.info("Scaler uses " + dlConfig.getValue("servlet.docuimage.version"));
// set our AuthOps
useAuthorization = dlConfig.getAsBoolean("use-authorization");
- authOp = (AuthOps) dlConfig.getValue("servlet.auth.op");
+ authzOp = (AuthzOps) dlConfig.getValue(DigilibServletConfiguration.AUTHZ_OP_KEY);
// DocuDirCache instance
dirCache = (DocuDirCache) dlConfig.getValue("servlet.dir.cache");
@@ -245,7 +245,7 @@
// check permissions
if (useAuthorization) {
// is the current request/user authorized?
- if (!authOp.isAuthorized(dlRequest)) {
+ if (!authzOp.isAuthorized(dlRequest)) {
// send deny answer and abort
throw new AuthOpException();
}
diff -r 8128cbff0dac -r 2197975ec945 servlet2/src/main/java/digilib/servlet/ScalerNoThread.java
--- a/servlet2/src/main/java/digilib/servlet/ScalerNoThread.java Tue Mar 29 11:39:32 2016 +0200
+++ b/servlet2/src/main/java/digilib/servlet/ScalerNoThread.java Tue Mar 29 17:30:39 2016 +0200
@@ -36,7 +36,7 @@
import org.apache.log4j.Logger;
import digilib.auth.AuthOpException;
-import digilib.auth.AuthOps;
+import digilib.auth.AuthzOps;
import digilib.conf.DigilibServletConfiguration;
import digilib.conf.DigilibServletRequest;
import digilib.image.DocuImage;
@@ -98,7 +98,7 @@
protected boolean useAuthorization = true;
/** AuthOps instance */
- protected AuthOps authOp;
+ protected AuthzOps authzOp;
/**
* Initialisation on first run.
@@ -124,7 +124,7 @@
}
// set our AuthOps
useAuthorization = dlConfig.getAsBoolean("use-authorization");
- authOp = (AuthOps) dlConfig.getValue("servlet.auth.op");
+ authzOp = (AuthzOps) dlConfig.getValue(DigilibServletConfiguration.AUTHZ_OP_KEY);
// DocuDirCache instance
dirCache = (DocuDirCache) dlConfig.getValue("servlet.dir.cache");
@@ -227,7 +227,7 @@
// check permissions
if (useAuthorization) {
// is the current request/user authorized?
- if (!authOp.isAuthorized(dlRequest)) {
+ if (!authzOp.isAuthorized(dlRequest)) {
// send deny answer and abort
throw new AuthOpException();
}
diff -r 8128cbff0dac -r 2197975ec945 servlet3/pom.xml
--- a/servlet3/pom.xml Tue Mar 29 11:39:32 2016 +0200
+++ b/servlet3/pom.xml Tue Mar 29 17:30:39 2016 +0200
@@ -3,7 +3,7 @@
digilib
digilib
- 2.3-SNAPSHOT
+ 2.4-SNAPSHOT
digilib-servlet3
digilib-servlet3
diff -r 8128cbff0dac -r 2197975ec945 servlet3/src/main/java/digilib/servlet/Scaler.java
--- a/servlet3/src/main/java/digilib/servlet/Scaler.java Tue Mar 29 11:39:32 2016 +0200
+++ b/servlet3/src/main/java/digilib/servlet/Scaler.java Tue Mar 29 17:30:39 2016 +0200
@@ -41,9 +41,10 @@
import org.apache.log4j.Logger;
import digilib.auth.AuthOpException;
-import digilib.auth.AuthOps;
+import digilib.auth.AuthzOps;
import digilib.conf.DigilibConfiguration;
import digilib.conf.DigilibServlet3Configuration;
+import digilib.conf.DigilibServletConfiguration;
import digilib.conf.DigilibServletRequest;
import digilib.image.DocuImage;
import digilib.image.ImageJobDescription;
@@ -107,8 +108,8 @@
/** use authorization database */
protected boolean useAuthorization = false;
- /** AuthOps instance */
- protected AuthOps authOp;
+ /** AuthzOps instance */
+ protected AuthzOps authzOp;
/**
* Initialisation on first run.
@@ -137,7 +138,7 @@
logger.info("Scaler uses " + dlConfig.getValue("servlet.docuimage.version"));
// set our AuthOps
useAuthorization = dlConfig.getAsBoolean("use-authorization");
- authOp = (AuthOps) dlConfig.getValue("servlet.auth.op");
+ authzOp = (AuthzOps) dlConfig.getValue(DigilibServletConfiguration.AUTHZ_OP_KEY);
// DocuDirCache instance
dirCache = (DocuDirCache) dlConfig.getValue("servlet.dir.cache");
@@ -274,7 +275,7 @@
*/
if (useAuthorization) {
// is the current request/user authorized?
- if (!authOp.isAuthorized(dlRequest)) {
+ if (!authzOp.isAuthorized(dlRequest)) {
// send deny answer and abort
throw new AuthOpException();
}
diff -r 8128cbff0dac -r 2197975ec945 text/pom.xml
--- a/text/pom.xml Tue Mar 29 11:39:32 2016 +0200
+++ b/text/pom.xml Tue Mar 29 17:30:39 2016 +0200
@@ -4,7 +4,7 @@
digilib
digilib
- 2.3-SNAPSHOT
+ 2.4-SNAPSHOT
digilib-text
digilib-text
diff -r 8128cbff0dac -r 2197975ec945 text/src/main/java/digilib/servlet/Texter.java
--- a/text/src/main/java/digilib/servlet/Texter.java Tue Mar 29 11:39:32 2016 +0200
+++ b/text/src/main/java/digilib/servlet/Texter.java Tue Mar 29 17:30:39 2016 +0200
@@ -38,7 +38,7 @@
import org.apache.log4j.Logger;
-import digilib.auth.AuthOps;
+import digilib.auth.AuthzOps;
import digilib.conf.DigilibServletConfiguration;
import digilib.conf.DigilibServletRequest;
import digilib.conf.TextServletConfiguration;
@@ -74,7 +74,7 @@
FileOps fileOp;
/** AuthOps instance */
- AuthOps authOp;
+ AuthzOps authzOp;
/** ServletOps instance */
ServletOps servletOp;
@@ -83,7 +83,7 @@
DocuDirCache dirCache;
/** use authentication */
- boolean useAuthentication = false;
+ boolean useAuthorization = false;
/*
* (non-Javadoc)
@@ -109,8 +109,8 @@
+ tlVersion + ") *****");
// set our AuthOps
- useAuthentication = dlConfig.getAsBoolean("use-authorization");
- authOp = (AuthOps) dlConfig.getValue("servlet.auth.op");
+ useAuthorization = dlConfig.getAsBoolean("use-authorization");
+ authzOp = (AuthzOps) dlConfig.getValue(DigilibServletConfiguration.AUTHZ_OP_KEY);
// DocuDirCache instance
dirCache = (DocuDirCache) dlConfig.getValue(TextServletConfiguration.TEXT_DIR_CACHE_KEY);
}
diff -r 8128cbff0dac -r 2197975ec945 webapp/pom.xml
--- a/webapp/pom.xml Tue Mar 29 11:39:32 2016 +0200
+++ b/webapp/pom.xml Tue Mar 29 17:30:39 2016 +0200
@@ -6,7 +6,7 @@
digilib
digilib
- 2.3-SNAPSHOT
+ 2.4-SNAPSHOT
digilib-webapp
digilib-webapp
diff -r 8128cbff0dac -r 2197975ec945 webapp/src/main/webapp/WEB-INF/digilib-config.xml.template
--- a/webapp/src/main/webapp/WEB-INF/digilib-config.xml.template Tue Mar 29 11:39:32 2016 +0200
+++ b/webapp/src/main/webapp/WEB-INF/digilib-config.xml.template Tue Mar 29 17:30:39 2016 +0200
@@ -55,7 +55,10 @@
imageProcessor = (DigilibJobCenter) dlConfig.getValue("servlet.worker.imageexecutor");
%>
@@ -196,8 +196,8 @@
Supported image types
<%
- java.util.Iterator dlfs = DocuImageFactory.getInstance().getSupportedFormats();
- for (Object f = dlfs.next(); dlfs.hasNext(); f = dlfs.next()) {
+ java.util.Iterator dlfs = DocuImageFactory.getInstance().getSupportedFormats();
+ for (String f = dlfs.next(); dlfs.hasNext(); f = dlfs.next()) {
%>
- <%= (String)f %>
<%