Mercurial > hg > digilib

changeset 1166:00662a0439fc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
small cleanups.
author robcast
date Tue, 26 Mar 2013 11:35:43 +0100
parents f2ac01ddebf1
children 4c7ee297e860
files common/src/main/java/digilib/auth/AuthOpsImpl.java common/src/main/java/digilib/auth/XMLAuthOps.java common/src/main/java/digilib/util/XMLListLoader.java servlet3/src/main/java/digilib/servlet/DigilibServletConfiguration.java servlet3/src/main/java/digilib/servlet/Scaler.java webapp/src/main/webapp/WEB-INF/web-additional.xml webapp/src/main/webapp/server/dlConfig.jsp
diffstat 7 files changed, 137 insertions(+), 130 deletions(-) [+]
line wrap: on
line diff
--- a/common/src/main/java/digilib/auth/AuthOpsImpl.java	Tue Feb 26 17:42:45 2013 +0100
+++ b/common/src/main/java/digilib/auth/AuthOpsImpl.java	Tue Mar 26 11:35:43 2013 +0100
@@ -34,104 +34,124 @@
 
 import digilib.servlet.DigilibRequest;
 
-/** Basic implementation of AuthOps interface.
- *
- * Provides basic implementations. Only rolesForPath needs to be implemented
- * by specific implementations.
+/**
+ * Basic implementation of AuthOps interface.
+ * 
+ * Provides basic implementations. Only rolesForPath needs to be implemented by
+ * specific implementations.
  */
 public abstract class AuthOpsImpl implements AuthOps {
 
-	/** general logger for this class */
-	protected Logger logger = Logger.getLogger(this.getClass());
-	
-  /** Default constructor. */  
-  public AuthOpsImpl() {
-    try {
-      init();
-    } catch (AuthOpException e) {
+    /** general logger for this class */
+    protected Logger logger = Logger.getLogger(this.getClass());
+
+    /** Default constructor. */
+    public AuthOpsImpl() {
+        try {
+            init();
+        } catch (AuthOpException e) {
+        }
     }
-  }
-
 
-  /** Test if the request is allowed to access filepath.
-   * @param filepath filepath to be acessed.
-   * @param request Request with user information.
-   * @throws AuthOpException Exception thrown on error.
-   * @return true if the request is allowed.
-   */
-  public boolean isAuthRequired(String filepath, HttpServletRequest request) throws AuthOpException {
-    // check permissions
-    List<String> rolesRequired = rolesForPath(filepath, request);
-    return (rolesRequired != null);
-  }
+    /**
+     * Test if the request is allowed to access filepath.
+     * 
+     * @param filepath
+     *            filepath to be acessed.
+     * @param request
+     *            Request with user information.
+     * @throws AuthOpException
+     *             Exception thrown on error.
+     * @return true if the request is allowed.
+     */
+    public boolean isAuthRequired(String filepath, HttpServletRequest request) throws AuthOpException {
+        // check permissions
+        List<String> rolesRequired = rolesForPath(filepath, request);
+        return (rolesRequired != null);
+    }
 
-  /**
-   * @see digilib.auth.AuthOps#isAuthRequired(digilib.servlet.DigilibRequest)
-   */
-  public boolean isAuthRequired(DigilibRequest request)
-	  throws AuthOpException {
-		// check permissions
-		List<String> rolesRequired = rolesForPath(request);
-		return (rolesRequired != null);
-  }
+    /**
+     * @see digilib.auth.AuthOps#isAuthRequired(digilib.servlet.DigilibRequest)
+     */
+    public boolean isAuthRequired(DigilibRequest request) throws AuthOpException {
+        // check permissions
+        List<String> rolesRequired = rolesForPath(request);
+        return (rolesRequired != null);
+    }
 
-  /** Return authorization roles needed for request.
-   *
-   * Returns a list of authorization roles that would be allowed to access the
-   * specified path. The location information of the request is considered also.
-   * @param filepath filepath to be accessed.
-   * @param request ServletRequest with address information.
-   * @throws AuthOpException Exception thrown on error.
-   * @return List of Strings with role names.
-   */
-  public boolean isAuthorized(String filepath, HttpServletRequest request) throws AuthOpException {
-    List<String> rolesAllowed = rolesForPath(filepath, request);
-    return isRoleAuthorized(rolesAllowed, request);
-  }
+    /**
+     * Return authorization roles needed for request.
+     * 
+     * Returns a list of authorization roles that would be allowed to access the
+     * specified path. The location information of the request is considered
+     * also.
+     * 
+     * @param filepath
+     *            filepath to be accessed.
+     * @param request
+     *            ServletRequest with address information.
+     * @throws AuthOpException
+     *             Exception thrown on error.
+     * @return List of Strings with role names.
+     */
+    public boolean isAuthorized(String filepath, HttpServletRequest request) throws AuthOpException {
+        List<String> rolesAllowed = rolesForPath(filepath, request);
+        return isRoleAuthorized(rolesAllowed, request);
+    }
 
-  /**
-   * @see digilib.auth.AuthOps#isAuthorized(digilib.servlet.DigilibRequest)
-   */
-  public boolean isAuthorized(DigilibRequest request)
-	  throws AuthOpException {
-		List<String> rolesAllowed = rolesForPath(request);
-		return isRoleAuthorized(rolesAllowed, request);
-  }
+    /**
+     * @see digilib.auth.AuthOps#isAuthorized(digilib.servlet.DigilibRequest)
+     */
+    public boolean isAuthorized(DigilibRequest request) throws AuthOpException {
+        List<String> rolesAllowed = rolesForPath(request);
+        return isRoleAuthorized(rolesAllowed, request);
+    }
 
-  /** Test request authorization against a list of roles.
-   * @param roles List of Strings with role names.
-   * @param request ServletRequest with address information.
-   * @return true if the user information in the request authorizes one of the roles.
-   */
-  public boolean isRoleAuthorized(List<String> roles, HttpServletRequest request) {
-    for (String s: roles) {
-      logger.debug("Testing role: "+s);
-      if (request.isUserInRole(s)) {
-      	logger.debug("Role Authorized");
-        return true;
-      }
+    /**
+     * Test request authorization against a list of roles.
+     * 
+     * @param roles
+     *            List of Strings with role names.
+     * @param request
+     *            ServletRequest with address information.
+     * @return true if the user information in the request authorizes one of the
+     *         roles.
+     */
+    public boolean isRoleAuthorized(List<String> roles, HttpServletRequest request) {
+        for (String s : roles) {
+            logger.debug("Testing role: " + s);
+            if (request.isUserInRole(s)) {
+                logger.debug("Role Authorized");
+                return true;
+            }
+        }
+        return false;
     }
-    return false;
-  }
 
-  /**
-   * @see digilib.auth.AuthOps#isRoleAuthorized(java.util.List, digilib.servlet.DigilibRequest)
-   */
-  public boolean isRoleAuthorized(List<String> roles, DigilibRequest request) {
-	for (String s: roles) {
-	  logger.debug("Testing role: "+s);
-	  if (((HttpServletRequest)request.getServletRequest()).isUserInRole(s)) {
-	  	logger.debug("Role Authorized");
-		return true;
-	  }
-	}
-	return false;
-  }
+    /**
+     * @see digilib.auth.AuthOps#isRoleAuthorized(java.util.List,
+     *      digilib.servlet.DigilibRequest)
+     */
+    public boolean isRoleAuthorized(List<String> roles, DigilibRequest request) {
+        for (String s : roles) {
+            logger.debug("Testing role: " + s);
+            if (request.getServletRequest().isUserInRole(s)) {
+                logger.debug("Role Authorized");
+                return true;
+            }
+        }
+        return false;
+    }
 
-  public abstract void init() throws AuthOpException;
+    public abstract void init() throws AuthOpException;
+
+    public abstract List<String> rolesForPath(String filepath, HttpServletRequest request) throws AuthOpException;
 
-  public abstract List<String> rolesForPath(String filepath, HttpServletRequest request) throws AuthOpException;
-
-  public abstract List<String> rolesForPath(DigilibRequest request) throws AuthOpException;
+    /**
+     * @see digilib.auth.AuthOps#rolesForPath(digilib.servlet.DigilibRequest)
+     */
+    public List<String> rolesForPath(DigilibRequest request) throws AuthOpException {
+        return rolesForPath(request.getFilePath(), request.getServletRequest());
+    }
 
 }
--- a/common/src/main/java/digilib/auth/XMLAuthOps.java	Tue Feb 26 17:42:45 2013 +0100
+++ b/common/src/main/java/digilib/auth/XMLAuthOps.java	Tue Mar 26 11:35:43 2013 +0100
@@ -32,7 +32,6 @@
 
 import javax.servlet.http.HttpServletRequest;
 
-import digilib.servlet.DigilibRequest;
 import digilib.util.HashTree;
 import digilib.util.XMLListLoader;
 
@@ -82,11 +81,11 @@
 			// load authPaths
 			XMLListLoader pathLoader =
 				new XMLListLoader("digilib-paths", "path", "name", "role");
-			pathList = pathLoader.loadURL(configFile.toURL().toString());
+			pathList = pathLoader.loadUri(configFile.toURI());
 			// load authIPs
 			XMLListLoader ipLoader =
 				new XMLListLoader("digilib-addresses", "address", "ip", "role");
-			ipList = ipLoader.loadURL(configFile.toURL().toString());
+			ipList = ipLoader.loadUri(configFile.toURI());
 		} catch (Exception e) {
 			throw new AuthOpException(
 				"ERROR loading authorization config file: " + e);
@@ -140,35 +139,4 @@
 		return required;
 	}
 
-	/**
-	 * @see digilib.auth.AuthOps#rolesForPath(digilib.servlet.DigilibRequest)
-	 */
-	public List<String> rolesForPath(DigilibRequest request) throws AuthOpException {
-		logger.debug("rolesForPath ("
-				+ request.getFilePath()
-				+ ") by ["
-				+ request.getServletRequest().getRemoteAddr()
-				+ "]");
-
-		// check if the requests address provides a role
-		List<String> provided =
-			authIPs.match(request.getServletRequest().getRemoteAddr());
-		if ((provided != null) && (provided.contains("ALL"))) {
-			// ALL switches off checking;
-			return null;
-		}
-		// which roles are required?
-		List<String> required = authPaths.match(request.getFilePath());
-		// do any provided roles match?
-		if ((provided != null) && (required != null)) {
-			for (int i = 0; i < provided.size(); i++) {
-				if (required.contains(provided.get(i))) {
-					// satisfied
-					return null;
-				}
-			}
-		}
-		return required;
-	}
-
 }
--- a/common/src/main/java/digilib/util/XMLListLoader.java	Tue Feb 26 17:42:45 2013 +0100
+++ b/common/src/main/java/digilib/util/XMLListLoader.java	Tue Mar 26 11:35:43 2013 +0100
@@ -28,6 +28,8 @@
 
 // JAXP packages
 import java.io.IOException;
+import java.net.URI;
+import java.net.URISyntaxException;
 import java.util.HashMap;
 import java.util.LinkedList;
 import java.util.Map;
@@ -105,7 +107,7 @@
 			// open a new namespace
 			tagSpace.addLast(qName);
 
-			// ist it an entry tag?
+			// is it an entry tag?
 			if (qName.equals(entryTag)) {
 				// is it inside a list tag?
 				if ((listTag.length() > 0) && (!tagSpace.contains(listTag))) {
@@ -154,10 +156,24 @@
 	}
 
 	/**
+     *  load and parse a file (as URL)
+     *    returns HashMap with list data
+     * @deprecated Use {@link #loadUri(URI)} instead
+     */
+    public Map<String, String> loadURL(String uri) throws SAXException, IOException {
+        try {
+            return loadUri(new URI(uri));
+        } catch (URISyntaxException e) {
+            logger.error("Unable to convert URI!");
+            throw new IOException(e);
+        }
+    }
+
+    /**
 	 *  load and parse a file (as URL)
 	 *    returns HashMap with list data
 	 */
-	public Map<String, String> loadURL(String path) throws SAXException, IOException {
+	public Map<String, String> loadUri(URI uri) throws SAXException, IOException {
 		//System.out.println("loadurl ("+path+")");
 		// Create a JAXP SAXParserFactory and configure it
 		SAXParserFactory spf = SAXParserFactory.newInstance();
@@ -176,7 +192,7 @@
 		XMLListParser listParser = new XMLListParser();
 
 		// Tell the SAXParser to parse the XML document
-		parser.parse(path, listParser);
+		parser.parse(uri.toString(), listParser);
 
 		return listParser.getData();
 	}
--- a/servlet3/src/main/java/digilib/servlet/DigilibServletConfiguration.java	Tue Feb 26 17:42:45 2013 +0100
+++ b/servlet3/src/main/java/digilib/servlet/DigilibServletConfiguration.java	Tue Mar 26 11:35:43 2013 +0100
@@ -188,7 +188,7 @@
             // setup config file list reader
             XMLListLoader lilo = new XMLListLoader("digilib-config", "parameter", "name", "value");
             // read config file into HashMap
-            Map<String, String> confTable = lilo.loadURL(f.toURL().toString());
+            Map<String, String> confTable = lilo.loadUri(f.toURI());
 
             // set config file path parameter
             setValue("servlet.config.file", f.getCanonicalPath());
--- a/servlet3/src/main/java/digilib/servlet/Scaler.java	Tue Feb 26 17:42:45 2013 +0100
+++ b/servlet3/src/main/java/digilib/servlet/Scaler.java	Tue Mar 26 11:35:43 2013 +0100
@@ -103,7 +103,7 @@
     protected DigilibConfiguration dlConfig;
 
     /** use authorization database */
-    protected boolean useAuthorization = true;
+    protected boolean useAuthorization = false;
 
     /** AuthOps instance */
     protected AuthOps authOp;
@@ -115,6 +115,7 @@
      * 
      * @see javax.servlet.Servlet#init(javax.servlet.ServletConfig)
      */
+    @SuppressWarnings("unchecked")
     public void init(ServletConfig config) throws ServletException {
         super.init(config);
 
--- a/webapp/src/main/webapp/WEB-INF/web-additional.xml	Tue Feb 26 17:42:45 2013 +0100
+++ b/webapp/src/main/webapp/WEB-INF/web-additional.xml	Tue Mar 26 11:35:43 2013 +0100
@@ -54,7 +54,6 @@
     <login-config>
         <auth-method>BASIC</auth-method>
         <realm-name>digilib</realm-name>
-        <auth-method>FORM</auth-method>
         <form-login-config>
             <form-login-page>/digilib-login.html</form-login-page>
             <form-error-page>/digilib-fail.html</form-error-page>
--- a/webapp/src/main/webapp/server/dlConfig.jsp	Tue Feb 26 17:42:45 2013 +0100
+++ b/webapp/src/main/webapp/server/dlConfig.jsp	Tue Mar 26 11:35:43 2013 +0100
@@ -19,7 +19,7 @@
   <http://www.gnu.org/licenses/lgpl-3.0.html>.
   #L%
   Author: Robert Casties (robcast@berlios.de)
-  --%><%@page language="java" import="digilib.util.DigilibJobCenter"%>
+  --%><%@page language="java" import="digilib.util.DigilibJobCenter,java.io.File"%>
 <%!
 // authentication stuff - robert
 // -----------------------------
@@ -80,15 +80,18 @@
             java.io.File f = (java.io.File) param.getValue();
             if (!f.isAbsolute()) {
                 // relative path -> use getRealPath to resolve
-                val = pageContext.getServletContext().getRealPath(f.getPath());
+                f = new File(pageContext.getServletContext().getRealPath(f.getPath()));
+            }
+            if (f.canRead()) {
+                val = f.toString();
             } else {
-                val = f.toString();
+                val = "[missing file] "+f.toString();
             }
         } else {
             val = param.getAsString();
         }
         if (val.length() == 0) {
-            val = "(none)";
+            val = "[none]";
         }
 %>
   <tr>