SecurityContext


1   /*
2    * Copyright (c) 1998-2006 Caucho Technology -- all rights reserved
3    *
4    * This file is part of Resin(R) Open Source
5    *
6    * Each copy or derived work must preserve the copyright notice and this
7    * notice unmodified.
8    *
9    * Resin Open Source is free software; you can redistribute it and/or modify
10   * it under the terms of the GNU General Public License as published by
11   * the Free Software Foundation; either version 2 of the License, or
12   * (at your option) any later version.
13   *
14   * Resin Open Source is distributed in the hope that it will be useful,
15   * but WITHOUT ANY WARRANTY; without even the implied warranty of
16   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE, or any warranty
17   * of NON-INFRINGEMENT.  See the GNU General Public License for more
18   * details.
19   *
20   * You should have received a copy of the GNU General Public License
21   * along with Resin Open Source; if not, write to the
22   *
23   *   Free Software Foundation, Inc.
24   *   59 Temple Place, Suite 330
25   *   Boston, MA 02111-1307  USA
26   *
27   * @author Scott Ferguson
28   */
29  
30  package com.caucho.security;
31  
32  import com.caucho.log.Log;
33  import com.caucho.util.L10N;
34  
35  import java.security.Principal  ;
36  import java.util.logging.Logger  ;
37  
38  /**
39   * Defines a proxy for the current security context.
40   */
41  public class SecurityContext {
42    static final Logger   log = Log.open(SecurityContext.class);
43    static final L10N L = new L10N(SecurityContext.class);
44  
45    /**
46     * Mapping from threads to providers.
47     */
48    private static ThreadLocal  <SecurityContextProvider> _providers
49      = new ThreadLocal  <SecurityContextProvider>();
50  
51    /**
52     * The context cannot be instantiated.
53     */
54    private SecurityContext()
55    {
56    }
57  
58    /**
59     * Returns the principal for this security context.
60     *
61     * @return the principal or null of no provider for the thread.
62     */
63    public static Principal   getUserPrincipal()
64      throws SecurityContextException
65    {
66      SecurityContextProvider provider = getProvider();
67  
68      if (provider != null)
69        return provider.getUserPrincipal();
70      else
71        return null;
72    }
73  
74    /**
75     * Returns true if the user principal is in the specified role.
76     *
77     * @param roleName the name of the role to test.
78     */
79    public static boolean isUserInRole(String   roleName)
80    {
81      SecurityContextProvider provider = getProvider();
82  
83      if (provider != null)
84        return provider.isUserInRole(roleName);
85      else
86        return false;
87    }
88  
89    /**
90     * Returns true if the user principal is in the specified role.
91     *
92     * @param roleSet a set of roles to test.
93     */
94    public static boolean isUserInRole(String   []roleSet)
95    {
96      SecurityContextProvider provider = getProvider();
97  
98      if (provider != null && roleSet != null) {
99        for (int i = 0; i < roleSet.length; i++) {
100     if (provider.isUserInRole(roleSet[i]))
101       return true;
102       }
103     }
104 
105     return false;
106   }
107 
108   /**
109    * Returns true if the context is secure (SSL).
110    */
111   public static boolean isTransportSecure()
112     throws SecurityContextException
113   {
114     SecurityContextProvider provider = getProvider();
115 
116     if (provider != null)
117       return provider.isTransportSecure();
118     else
119       return false;
120   }
121 
122   /**
123    * Logs the principal out.
124    */
125   public static void logout()
126     throws SecurityContextException
127   {
128     SecurityContextProvider provider = getProvider();
129 
130     if (provider != null)
131       provider.logout();
132   }
133 
134   /**
135    * Gets the provider for the current thread.
136    *
137    * @return the provider for the thread
138    */
139   public static SecurityContextProvider getProvider()
140   {
141     return _providers.get();
142   }
143 
144   /**
145    * Sets the provider for the current thread.
146    *
147    * @param provider the new provider
148    */
149   public static SecurityContextProvider setProvider(SecurityContextProvider provider)
150   {
151     SecurityContextProvider oldProvider = _providers.get();
152     
153     _providers.set(provider);
154 
155     return oldProvider;
156   }
157 }
158
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags