KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > caucho > server > security > RoleConstraint


1 /*
2  * Copyright (c) 1998-2006 Caucho Technology -- all rights reserved
3  *
4  * This file is part of Resin(R) Open Source
5  *
6  * Each copy or derived work must preserve the copyright notice and this
7  * notice unmodified.
8  *
9  * Resin Open Source is free software; you can redistribute it and/or modify
10  * it under the terms of the GNU General Public License as published by
11  * the Free Software Foundation; either version 2 of the License, or
12  * (at your option) any later version.
13  *
14  * Resin Open Source is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE, or any warranty
17  * of NON-INFRINGEMENT. See the GNU General Public License for more
18  * details.
19  *
20  * You should have received a copy of the GNU General Public License
21  * along with Resin Open Source; if not, write to the
22  *
23  * Free Software Foundation, Inc.
24  * 59 Temple Place, Suite 330
25  * Boston, MA 02111-1307 USA
26  *
27  * @author Scott Ferguson
28  */

29
30 package com.caucho.server.security;
31
32 import com.caucho.util.CharBuffer;
33
34 import javax.servlet.ServletContext JavaDoc;
35 import javax.servlet.ServletException JavaDoc;
36 import javax.servlet.http.HttpServletRequest JavaDoc;
37 import javax.servlet.http.HttpServletResponse JavaDoc;
38 import java.io.IOException JavaDoc;
39
40 public class RoleConstraint extends AbstractConstraint {
41   private String JavaDoc []_roles;
42
43   public void addRoleName(String JavaDoc role)
44   {
45     if (_roles == null)
46       _roles = new String JavaDoc[] { role };
47     else {
48       String JavaDoc []newRoles = new String JavaDoc[_roles.length + 1];
49       System.arraycopy(_roles, 0, newRoles, 0, _roles.length);
50       newRoles[_roles.length] = role;
51       _roles = newRoles;
52     }
53   }
54   
55   /**
56    * Returns true if the constraint requires authentication.
57    */

58   public boolean needsAuthentication()
59   {
60     return _roles != null && _roles.length > 0;
61   }
62
63   /**
64    * Returns true if the user is authorized for the resource.
65    */

66   public boolean isAuthorized(HttpServletRequest JavaDoc request,
67                               HttpServletResponse JavaDoc response,
68                               ServletContext JavaDoc application)
69     throws ServletException JavaDoc, IOException JavaDoc
70   {
71     for (int i = 0; _roles != null && i < _roles.length; i++) {
72       if (_roles[i].equals("*"))
73         return true;
74       if (request.isUserInRole(_roles[i])) {
75         return true;
76       }
77     }
78     
79     response.sendError(HttpServletResponse.SC_FORBIDDEN, null);
80
81     return false;
82   }
83
84   public String JavaDoc toString()
85   {
86     CharBuffer cb = new CharBuffer();
87
88     cb.append("RoleConstraint[");
89     for (int i = 0; i < _roles.length; i++) {
90       if (i != 0)
91         cb.append(',');
92       cb.append(_roles[i]);
93     }
94     cb.append("]");
95     
96     return cb.close();
97   }
98 }
99
Popular Tags