ContainerConstraint


1   /*
2    * Copyright (c) 1998-2006 Caucho Technology -- all rights reserved
3    *
4    * This file is part of Resin(R) Open Source
5    *
6    * Each copy or derived work must preserve the copyright notice and this
7    * notice unmodified.
8    *
9    * Resin Open Source is free software; you can redistribute it and/or modify
10   * it under the terms of the GNU General Public License as published by
11   * the Free Software Foundation; either version 2 of the License, or
12   * (at your option) any later version.
13   *
14   * Resin Open Source is distributed in the hope that it will be useful,
15   * but WITHOUT ANY WARRANTY; without even the implied warranty of
16   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE, or any warranty
17   * of NON-INFRINGEMENT.  See the GNU General Public License for more
18   * details.
19   *
20   * You should have received a copy of the GNU General Public License
21   * along with Resin Open Source; if not, write to the
22   *   Free SoftwareFoundation, Inc.
23   *   59 Temple Place, Suite 330
24   *   Boston, MA 02111-1307  USA
25   *
26   * @author Scott Ferguson
27   */
28  
29  package com.caucho.server.security;
30  
31  import javax.servlet.ServletContext  ;
32  import javax.servlet.ServletException  ;
33  import javax.servlet.http.HttpServletRequest  ;
34  import javax.servlet.http.HttpServletResponse  ;
35  import java.io.IOException  ;
36  import java.util.ArrayList  ;
37  
38  public class ContainerConstraint extends AbstractConstraint {
39    private boolean _needsAuthentication;
40    
41    private ArrayList  <AbstractConstraint> _constraints =
42      new ArrayList  <AbstractConstraint>();
43  
44    /**
45     * Adds a constraint.
46     */
47    public void addConstraint(AbstractConstraint constraint)
48    {
49      for (AbstractConstraint subConstraint : constraint.toArray()) {
50        _constraints.add(subConstraint);
51  
52        if (subConstraint.needsAuthentication())
53      _needsAuthentication = true;
54      }
55    }
56    
57    /**
58     * Returns true if the constraint requires authentication.
59     */
60    public boolean needsAuthentication()
61    {
62      return _needsAuthentication;
63    }
64    
65    /**
66     * Returns true if the user is authorized for the resource.
67     *
68     * <p>isAuthorized must provide the response if the user is not
69     * authorized.  Typically this will just call sendError.
70     *
71     * <p>isAuthorized will be called after all the other filters, but
72     * before the servlet.service().
73     *
74     * @param request the servlet request
75     * @param response the servlet response
76     *
77     * @return true if the request is authorized.
78     */
79    public boolean isAuthorized(HttpServletRequest   request,
80                    HttpServletResponse   response,
81                    ServletContext   application)
82      throws ServletException  , IOException  
83    {
84      for (int i = 0; i < _constraints.size(); i++) {
85        AbstractConstraint constraint = _constraints.get(i);
86  
87        if (! constraint.isAuthorized(request, response, application))
88      return false;
89      }
90  
91      return true;
92    }
93  
94    /**
95     * converts the sub constraints to an array.
96     */
97    protected AbstractConstraint []toArray()
98    {
99      return _constraints.toArray(new AbstractConstraint[_constraints.size()]);
100   }
101 }
102
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags