KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > caucho > server > security > ContainerConstraint


1 /*
2  * Copyright (c) 1998-2006 Caucho Technology -- all rights reserved
3  *
4  * This file is part of Resin(R) Open Source
5  *
6  * Each copy or derived work must preserve the copyright notice and this
7  * notice unmodified.
8  *
9  * Resin Open Source is free software; you can redistribute it and/or modify
10  * it under the terms of the GNU General Public License as published by
11  * the Free Software Foundation; either version 2 of the License, or
12  * (at your option) any later version.
13  *
14  * Resin Open Source is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE, or any warranty
17  * of NON-INFRINGEMENT. See the GNU General Public License for more
18  * details.
19  *
20  * You should have received a copy of the GNU General Public License
21  * along with Resin Open Source; if not, write to the
22  * Free SoftwareFoundation, Inc.
23  * 59 Temple Place, Suite 330
24  * Boston, MA 02111-1307 USA
25  *
26  * @author Scott Ferguson
27  */

28
29 package com.caucho.server.security;
30
31 import javax.servlet.ServletContext JavaDoc;
32 import javax.servlet.ServletException JavaDoc;
33 import javax.servlet.http.HttpServletRequest JavaDoc;
34 import javax.servlet.http.HttpServletResponse JavaDoc;
35 import java.io.IOException JavaDoc;
36 import java.util.ArrayList JavaDoc;
37
38 public class ContainerConstraint extends AbstractConstraint {
39   private boolean _needsAuthentication;
40   
41   private ArrayList JavaDoc<AbstractConstraint> _constraints =
42     new ArrayList JavaDoc<AbstractConstraint>();
43
44   /**
45    * Adds a constraint.
46    */

47   public void addConstraint(AbstractConstraint constraint)
48   {
49     for (AbstractConstraint subConstraint : constraint.toArray()) {
50       _constraints.add(subConstraint);
51
52       if (subConstraint.needsAuthentication())
53     _needsAuthentication = true;
54     }
55   }
56   
57   /**
58    * Returns true if the constraint requires authentication.
59    */

60   public boolean needsAuthentication()
61   {
62     return _needsAuthentication;
63   }
64   
65   /**
66    * Returns true if the user is authorized for the resource.
67    *
68    * <p>isAuthorized must provide the response if the user is not
69    * authorized. Typically this will just call sendError.
70    *
71    * <p>isAuthorized will be called after all the other filters, but
72    * before the servlet.service().
73    *
74    * @param request the servlet request
75    * @param response the servlet response
76    *
77    * @return true if the request is authorized.
78    */

79   public boolean isAuthorized(HttpServletRequest JavaDoc request,
80                   HttpServletResponse JavaDoc response,
81                   ServletContext JavaDoc application)
82     throws ServletException JavaDoc, IOException JavaDoc
83   {
84     for (int i = 0; i < _constraints.size(); i++) {
85       AbstractConstraint constraint = _constraints.get(i);
86
87       if (! constraint.isAuthorized(request, response, application))
88     return false;
89     }
90
91     return true;
92   }
93
94   /**
95    * converts the sub constraints to an array.
96    */

97   protected AbstractConstraint []toArray()
98   {
99     return _constraints.toArray(new AbstractConstraint[_constraints.size()]);
100   }
101 }
102
Popular Tags