1 package org.apache.beehive.wsm.axis.security.model; 2 3 22 23 import java.util.Collection ; 24 25 import org.apache.beehive.wsm.axis.security.SecurityModel ; 26 27 import org.apache.axis.MessageContext; 28 import org.apache.axis.components.logger.LogFactory; 29 import org.apache.axis.security.AuthenticatedUser; 30 import org.apache.axis.security.SecurityProvider; 31 import org.apache.axis.security.simple.SimpleSecurityProvider; 32 import org.apache.log4j.Logger; 33 34 public class ServletSecurityModel implements SecurityModel { 35 36 protected static Logger logger = Logger.getLogger(ServletSecurityModel.class); 37 38 public void init ( MessageContext msgContext ) 39 { 40 } 42 43 46 public boolean isUserInRole ( MessageContext msgContext, Collection <String > rolesAllowed ){ 47 48 if (logger.isDebugEnabled()) { 49 logger.debug("Enter: ServletSecurityModel::isUserInRole"); 50 } 51 52 SecurityProvider provider = (SecurityProvider)msgContext.getProperty(MessageContext.SECURITY_PROVIDER); 53 if (provider == null) { 54 provider = new SimpleSecurityProvider(); 55 msgContext.setProperty(MessageContext.SECURITY_PROVIDER, provider); 56 } 57 58 if (provider != null) { 59 String userID = msgContext.getUsername(); 60 if (logger.isDebugEnabled()) { 61 logger.debug("user : " + userID ); 62 } 63 64 if ( userID == null || userID.equals("") ) 66 { 67 logger.debug("userID is null"); 68 return false; 69 } 70 71 String passwd = msgContext.getPassword(); 72 if (logger.isDebugEnabled()) { 73 logger.debug("password : " + passwd ); 74 } 75 76 AuthenticatedUser authUser = provider.authenticate(msgContext); 77 78 if ( authUser == null) { 80 logger.debug("authuser is null"); 81 return false; 82 } 83 84 for ( String role : rolesAllowed ) 85 { 86 if (provider.userMatches( authUser, role ) ) 87 { 88 90 if (logger.isDebugEnabled()) { 91 logger.debug( "auth : " + userID + " is in role [" + role + "]"); 92 } 93 msgContext.setProperty(SecurityModel.BEEHIVE_AUTHUSER, authUser); 94 return true; 95 } 96 } 97 } 98 99 if (logger.isDebugEnabled()) { 100 logger.debug("Exit: ServletSecurityModel::isUserInRole"); 101 } 102 103 return false; 104 } 105 106 107 } 108 | Popular Tags |