KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > raptus > owxv3 > api > securitymgr > tomcat > SecurityManager


1 /*
2  * SecurityManager.java
3  *
4  * Created on May 12, 2003, 2:54 PM
5  */

6
7 package com.raptus.owxv3.api.securitymgr.tomcat;
8
9 import java.util.*;
10
11 import javax.servlet.http.HttpServletRequest JavaDoc;
12
13 import com.raptus.owxv3.*;
14 import com.raptus.owxv3.api.securitymgr.SecurityMgrIF;
15
16 /**
17  *
18  * @author root
19  */

20 public class SecurityManager implements SecurityMgrIF
21 {
22     protected HttpServletRequest JavaDoc req = null;
23         
24     public SecurityManager()
25     {
26     }
27     
28     /**
29      * Creates a new instance of SecurityManager, based on the request
30      *
31      * @param req the Request containing all security info
32      */

33     public SecurityManager(HttpServletRequest JavaDoc req)
34     {
35         this.req = req;
36     }
37     
38     /**
39      * Update the requst object on an already existing security manager
40      *
41      * @param req the request containing all security info
42      */

43     public void setRequest(HttpServletRequest JavaDoc req)
44     {
45         this.req = req;
46     }
47     
48     /** Check to see if user has access to this element.
49      * The user and the required info should be taken from the object passed to
50      * factory, when this SecurityManager was created.
51      *
52      * @param element the element for wich we are checking access rights
53      * @return true if the user has access to this element
54      * false if user does not have access to this element
55      *
56      */

57     public boolean hasAccess(VModuleSectionElement element)
58     {
59         // first check if user has acces in section containing this element
60
// this will also check if user has access inside the vmodule
61
VModuleSection section = element.getSection();
62         if(!this.hasAccess(section))
63         {
64             return false;
65         }
66
67         LoggingManager.log("Checking access for element "+element.getIdentification(), this);
68         
69         String JavaDoc roles[] = element.getRoles();
70         if(roles != null)
71         {
72             for(int i=0;i<roles.length;i++)
73             {
74                 LoggingManager.log("Element role -> "+roles[i], this);
75             }
76         }
77         
78         if(roles == null)
79         {
80             // this section has no defined roles, so the implicit access roles
81
// are the ones for the vmodule
82
LoggingManager.log("No roles defined for element "+element.getIdentification()+
83                 " granted access through section's roles!", this);
84             return true;
85         }
86         else
87         {
88             return checkAccess(roles);
89         }
90     }
91     
92     /** Check to see if user has access to this section.
93      * The user and the required info should be taken from the object passed to
94      * factory, when this SecurityManager was created.
95      *
96      * @param section the section for wich we are checking access rights
97      * @return true if the user has access to this section
98      * false if user does not have access to this section
99      *
100      */

101     public boolean hasAccess(VModuleSection section)
102     {
103         // first check if user has access to vmodule containing this
104
// section
105
VModule vm = section.getVModule();
106         if(!this.hasAccess(vm))
107         {
108             return false;
109         }
110
111         LoggingManager.log("Checking access for section "+section.getIdentification(), this);
112         // check if user has access inside the section
113
String JavaDoc[] roles = section.getRoles();
114         if(roles == null)
115         {
116             // this section has no defined roles, so the implicit access roles
117
// are the ones for the vmodule
118
LoggingManager.log("No roles defined for section "+section.getIdentification()+
119                 " granted access thrugh vmodule's roles!", this);
120             return true;
121         }
122         else
123         {
124             return checkAccess(roles);
125         }
126     }
127
128     /**
129      * check if current user has access according to roles specified
130      *
131      * @roles the roles to check if user has access
132      */

133     protected boolean checkAccess(String JavaDoc[] roles)
134     {
135         // get the current user
136
String JavaDoc user = req.getRemoteUser();
137         if(user != null && user.length()<1)
138         {
139             user = null;
140         }
141         LoggingManager.log("User name='"+user+"'", this);
142         // if no roles defined, by default does not have access
143
if(roles == null)
144         {
145             LoggingManager.log("Access denied, no roles defined for user !"+user, this);
146             return false;
147         }
148         
149         // if user is not authenticated, check if guest role was specified
150
if(user == null)
151         {
152             LoggingManager.log("User is not logged in, checking for guest role", this);
153             for(int i=0;i<roles.length;i++)
154             {
155                 LoggingManager.log("guest <-> "+roles[i]);
156                 if("guest".equals(roles[i]))
157                 {
158                     LoggingManager.log("Allowing access, based on guest role", this);
159                     return true;
160                 }
161             }
162          
163             // user not logged in and guest role was not specified.
164
LoggingManager.log("Access denied, user not logged in and no guest role was found!", this);
165             return false;
166         }
167         
168         LoggingManager.log("User is logged in, checking for roles matching the user's role", this);
169         for(int i=0;i<roles.length;i++)
170         {
171             LoggingManager.log(user+" <-> "+roles[i]);
172             // verify if vmodule has specified a role in wich the current user
173
// is member
174
if(req.isUserInRole(roles[i]))
175             {
176                 // got a role
177
LoggingManager.log("Allowing access to "+user+" based on role "+roles[i], this);
178                 return true;
179             }
180             if("guest".equals(roles[i]))
181             {
182                 LoggingManager.log("Allowing access to "+user+" based on role "+roles[i], this);
183                 return true;
184             }
185         }
186         
187         LoggingManager.log("Access denied, no matching role for "+user+"!", this);
188         return false;
189     }
190     
191     /** Check to see if user has access to this vmodule.
192      * The user and the required info should be taken from the object passed to
193      * factory, when this SecurityManager was created.
194      *
195      * @param vm the vmodule for wich we are checking access rights
196      * @return true if the user has access to this vmodule
197      * false if user does not have access to this vmodule
198      *
199      */

200     public boolean hasAccess(VModule vm)
201     {
202         String JavaDoc[] roles = vm.getRoles();
203         LoggingManager.log("Checking access for vmodule "+vm.getIdentification(), this);
204         return checkAccess(roles);
205     }
206     
207     /**
208      * Return the current user's locale
209      *
210      * @return the Locale of the curent user
211      */

212     public Locale getLocale()
213     {
214         // load user's default locale, actually the locale defined to be default
215
// in config file, if this is not defined in session
216
// another implemenmtations could implement this in a different way
217
Locale l=null;
218         if(req == null)
219         {
220             // we don;t have a request, so no session, load data from config file
221
XMLConfigManager cm = XMLConfigManager.getInstance();
222             String JavaDoc slocale=cm.getPropertyByTree("/virtualhost/globalconfig/defaultlocale","value");
223             if(slocale == null)
224             {
225                 LoggingManager.log("Default locale not defined! Defaulting to en_GB", this);
226                 slocale = "en_GB";
227             }
228             
229             StringTokenizer st = new StringTokenizer(slocale);
230             String JavaDoc s1 = st.nextToken();
231             
232             if(st.hasMoreTokens())
233             {
234                 l = new Locale(s1, st.nextToken());
235             }
236             else
237             {
238                 l = new Locale(s1);
239             }
240             LoggingManager.log("Loaded locale from config file", this);
241         }
242         else
243         {
244             // we have request object.
245
// first check if is defined as request param. if not,
246
// check if we have locale defined in session. If not,
247
// then load it from config file
248
if(req.getParameter(Constants.HTTPGET_PARAM_LOCALE) != null &&
249             req.getParameter(Constants.HTTPGET_PARAM_LOCALE).length()>0)
250             {
251                 // load locale from parameters
252
String JavaDoc sl = (String JavaDoc)req.getParameter(Constants.HTTPGET_PARAM_LOCALE);
253                 LoggingManager.log("Locale:"+sl);
254                 String JavaDoc sres[] = split(sl, "_");
255                 if(sres.length==1)
256                 {
257                     l = new Locale(sres[0]);
258                 }
259                 else
260                 {
261                     l = new Locale(sres[0],sres[1]);
262                 }
263                 LoggingManager.log("Loaded locale from url params", this);
264             }
265             else
266             {
267                 // we don't have it as parameter, try session
268
l = (Locale)req.getSession().getAttribute(Constants.HTTPGET_PARAM_LOCALE);
269                 if(l == null)
270                 {
271                     // not in session either, load from config file
272
XMLConfigManager cm = XMLConfigManager.getInstance();
273                     String JavaDoc slocale=cm.getPropertyByTree("/virtualhost/globalconfig/defaultlocale","value");
274                     if(slocale == null)
275                     {
276                         LoggingManager.log("Default locale not defined! Defaulting to en_GB, this");
277                         slocale = "en_GB";
278                     }
279                     LoggingManager.log("Locale in cfgfile is "+slocale);
280                     StringTokenizer st = new StringTokenizer(slocale,"_");
281                     String JavaDoc s1 = st.nextToken();
282
283                     if(st.hasMoreTokens())
284                     {
285                         l = new Locale(s1, st.nextToken());
286                     }
287                     else
288                     {
289                         l = new Locale(s1);
290                     }
291                     LoggingManager.log("Loaded locale from config file", this);
292                 }
293                 else
294                 {
295                     LoggingManager.log("Loaded locale from session", this);
296                 }
297             }
298         }
299         
300         LoggingManager.log("Final locale:"+l.toString(), this);
301         // if we have request, then save the locale in session
302
if(req != null)
303         {
304             req.getSession().setAttribute(Constants.HTTPGET_PARAM_LOCALE, l);
305         }
306         return l;
307     }
308     
309     public String JavaDoc[] split(String JavaDoc str, String JavaDoc delim)
310     {
311         StringTokenizer st = new StringTokenizer(str, delim);
312         String JavaDoc[] res = new String JavaDoc[st.countTokens()];
313         int i=0;
314         while(st.hasMoreTokens())
315         {
316             res[i++] = st.nextToken();
317         }
318         
319         return res;
320     }
321     
322     /** return true if user needs to log in
323      *
324      * The user has to log in if:
325      * - does not have access, and is not loged in
326      *
327      * The user should not log in if:
328      * - it does have access
329      * - if is does not have access, and is loged in
330      *
331      * @return true if user has to log in
332      *
333      */

334     public boolean needLoginForRoles(String JavaDoc[] roles)
335     {
336         String JavaDoc user = req.getRemoteUser();
337
338         if(user != null && user.length()<1)
339         {
340             user = null;
341         }
342         
343         if(checkAccess(roles))
344         {
345             // already have access for roles, no need to login
346
return false;
347         }
348         
349         // if does not have access, and not logged in
350
// then should log in
351
if(user == null)
352         {
353             return true;
354         }
355         else
356         {
357             // is logged in, and does not have access
358
// does not need to login
359
return false;
360         }
361     }
362     
363     /** return true if user needs to log in
364      *
365      * The user has to log in if:
366      * - does not have access, and is not loged in
367      *
368      * The user should not log in if:
369      * - it does have access
370      * - if is does not have access, and is loged in
371      *
372      * @return true if user has to log in
373      *
374      */

375     public boolean needLogin(VModuleSectionElement element)
376     {
377         VModuleSection section = element.getSection();
378         VModule vm = section.getVModule();
379         if(needLoginForRoles(vm.getRoles()))
380         {
381             LoggingManager.log("Need login, based on vmodule's roles", this);
382             return true;
383         }
384         
385         if(needLoginForRoles(section.getRoles()))
386         {
387             LoggingManager.log("Need login, based on section's roles", this);
388             return true;
389         }
390         
391         if(needLoginForRoles(element.getRoles()))
392         {
393             LoggingManager.log("Need login, based on element's roles", this);
394             return true;
395         }
396
397         return false;
398     }
399     
400     /**
401      * Return the vmodules to which currently logged in (or guest, if not) user
402      * has access
403      */

404     public String JavaDoc[] getAllowedVModules()
405     {
406         Vector result=new Vector();
407         String JavaDoc[] vmodules=VModuleManager.getInstance().getVModules();
408         
409         for(int i=0;i<vmodules.length;i++)
410         {
411             VModule vm = VModuleManager.getInstance().getVModule(vmodules[i]);
412             if(hasAccess(vm))
413             {
414                 result.add(vm);
415             }
416         }
417         
418         String JavaDoc[] res = new String JavaDoc[result.size()];
419         for(int i=0;i<result.size();i++)
420         {
421             VModule vm = (VModule)result.get(i);
422             res[i] = vm.getIdentification();
423         }
424         
425         return res;
426     }
427 }
428
Popular Tags