KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > axis > handlers > SimpleAuthorizationHandler


1 /*
2  * Copyright 2001-2004 The Apache Software Foundation.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16
17 package org.apache.axis.handlers ;
18
19 import org.apache.axis.AxisFault;
20 import org.apache.axis.Handler;
21 import org.apache.axis.MessageContext;
22 import org.apache.axis.components.logger.LogFactory;
23 import org.apache.axis.security.AuthenticatedUser;
24 import org.apache.axis.security.SecurityProvider;
25 import org.apache.axis.utils.JavaUtils;
26 import org.apache.axis.utils.Messages;
27 import org.apache.commons.logging.Log;
28
29 import java.util.StringTokenizer JavaDoc;
30
31
32 /**
33  * Just a simple Authorization Handler to see if the user
34  * specified in the Bag in the MessageContext is allowed to preform this
35  * action.
36  *
37  * Look at the <code>allowedRoles</code> handler parameter to determine if
38  * user has rights to access the service
39  *
40  * The <code>allowByDefault</code> handler parameter can be used to authorize
41  * all users if the parameter is set to true and the <code>allowedRoles</code>
42  * access control list is not specified.
43  *
44  * Replace this with your 'real' Authorization code.
45  *
46  * @author Doug Davis (dug@us.ibm.com)
47  * @author Sam Ruby (rubys@us.ibm.com)
48  */
49 public class SimpleAuthorizationHandler extends BasicHandler {
50     protected static Log log =
51         LogFactory.getLog(SimpleAuthorizationHandler.class.getName());
52
53     /**
54      * Authorize the user and targetService from the msgContext
55      */
56     public void invoke(MessageContext msgContext) throws AxisFault {
57         if (log.isDebugEnabled()) {
58             log.debug("Enter: SimpleAuthorizationHandler::invoke");
59         }
60
61         boolean allowByDefault =
62             JavaUtils.isTrueExplicitly(getOption("allowByDefault"));
63
64         AuthenticatedUser user = (AuthenticatedUser)msgContext.
65                                          getProperty(MessageContext.AUTHUSER);
66
67         if (user == null)
68             throw new AxisFault("Server.NoUser",
69                     Messages.getMessage("needUser00"), null, null);
70
71         String JavaDoc userID = user.getName();
72         Handler serviceHandler = msgContext.getService();
73
74         if (serviceHandler == null)
75             throw new AxisFault(Messages.getMessage("needService00"));
76
77         String JavaDoc serviceName = serviceHandler.getName();
78
79         String JavaDoc allowedRoles = (String JavaDoc)serviceHandler.getOption("allowedRoles");
80         if (allowedRoles == null) {
81             if (allowByDefault) {
82                 if (log.isDebugEnabled()) {
83                     log.debug(Messages.getMessage( "noRoles00"));
84                 }
85             }
86             else {
87                 if (log.isDebugEnabled()) {
88                     log.debug(Messages.getMessage( "noRoles01"));
89                 }
90
91                 throw new AxisFault( "Server.Unauthorized",
92                     Messages.getMessage("notAuth00", userID, serviceName),
93                     null, null );
94             }
95
96             if (log.isDebugEnabled()) {
97                 log.debug("Exit: SimpleAuthorizationHandler::invoke");
98             }
99             return;
100         }
101
102         SecurityProvider provider = (SecurityProvider)msgContext.getProperty(MessageContext.SECURITY_PROVIDER);
103         if (provider == null)
104             throw new AxisFault(Messages.getMessage("noSecurity00"));
105
106         StringTokenizer JavaDoc st = new StringTokenizer JavaDoc(allowedRoles, ",");
107         while (st.hasMoreTokens()) {
108             String JavaDoc thisRole = st.nextToken();
109             if (provider.userMatches(user, thisRole)) {
110
111                 if (log.isDebugEnabled()) {
112                     log.debug(Messages.getMessage("auth01",
113                         userID, serviceName));
114                 }
115
116                 if (log.isDebugEnabled()) {
117                     log.debug("Exit: SimpleAuthorizationHandler::invoke");
118                 }
119                 return;
120             }
121         }
122
123         throw new AxisFault( "Server.Unauthorized",
124             Messages.getMessage("cantAuth02", userID, serviceName),
125             null, null );
126     }
127
128     /**
129      * Nothing to undo
130      */
131     public void onFault(MessageContext msgContext) {
132         if (log.isDebugEnabled()) {
133             log.debug("Enter: SimpleAuthorizationHandler::onFault");
134             log.debug("Exit: SimpleAuthorizationHandler::onFault");
135         }
136     }
137 };
138
Popular Tags