KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > lenya > ac > impl > BypassableAccessController


1 /*
2  * Copyright 1999-2004 The Apache Software Foundation
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  *
16  */
17
18 /* $Id: BypassableAccessController.java 43241 2004-08-16 16:36:57Z andreas $ */
19
20 package org.apache.lenya.ac.impl;
21
22 import java.util.ArrayList JavaDoc;
23 import java.util.List JavaDoc;
24
25 import org.apache.avalon.framework.configuration.Configuration;
26 import org.apache.avalon.framework.configuration.ConfigurationException;
27 import org.apache.cocoon.environment.Request;
28 import org.apache.cocoon.sitemap.PatternException;
29 import org.apache.lenya.ac.AccessControlException;
30 import org.apache.regexp.RE;
31 import org.apache.regexp.RECompiler;
32 import org.apache.regexp.REProgram;
33 import org.apache.regexp.RESyntaxException;
34
35 /**
36  * AccessController that can be bypassed for certain URL patterns.
37  */
38 public class BypassableAccessController extends DefaultAccessController {
39
40     /**
41      * Ctor.
42      */
43     public BypassableAccessController() {
44     }
45
46     private List JavaDoc publicMatchers = new ArrayList JavaDoc();
47
48     /**
49      * @see org.apache.avalon.framework.configuration.Configurable#configure(org.apache.avalon.framework.configuration.Configuration)
50      */
51     public void configure(Configuration conf) throws ConfigurationException {
52         super.configure(conf);
53         
54         getLogger().debug("Configuring bypass patterns");
55         
56         Configuration[] publics = conf.getChildren("public");
57
58         for (int i = 0; i < publics.length; i++) {
59             String JavaDoc publicHref = publics[i].getValue(null);
60
61             try {
62                 publicMatchers.add(preparePattern(publicHref));
63             } catch (PatternException pe) {
64                 throw new ConfigurationException("invalid pattern for public hrefs", pe);
65             }
66
67             if (getLogger().isDebugEnabled()) {
68                 getLogger().debug("CONFIGURATION: public: " + publicHref);
69             }
70         }
71
72     }
73
74     /**
75      * Compile the pattern in a <code>org.apache.regexp.REProgram</code>.
76      * @param pattern The pattern to compile.
77      * @return A RE program representing the pattern.
78      * @throws PatternException when something went wrong.
79      */
80     protected REProgram preparePattern(String JavaDoc pattern)
81         throws PatternException {
82         if (pattern == null) {
83             throw new PatternException("null passed as a pattern", null);
84         }
85
86         if (pattern.length() == 0) {
87             pattern = "^$";
88
89             if (getLogger().isWarnEnabled()) {
90                 getLogger().warn("The empty pattern string was rewritten to '^$'" +
91                     " to match for empty strings. If you intended" +
92                     " to match all strings, please change your" + " pattern to '.*'");
93             }
94         }
95
96         try {
97             RECompiler compiler = new RECompiler();
98             REProgram program = compiler.compile(pattern);
99
100             return program;
101         } catch (RESyntaxException rse) {
102             getLogger().debug("Failed to compile the pattern '" + pattern + "'", rse);
103             throw new PatternException(rse.getMessage(), rse);
104         }
105     }
106
107     /**
108      * Matches a string using a prepared pattern program.
109      * @param preparedPattern The pattern program.
110      * @param match The string to match.
111      * @return <code>true</code> if the string matched the pattern, <code>false</code> otherwise.
112      */
113     protected boolean preparedMatch(REProgram preparedPattern, String JavaDoc match) {
114         boolean result = false;
115         
116         if (match != null) {
117             RE re = new RE(preparedPattern);
118             result = re.match(match);
119         }
120         return result;
121     }
122
123     /**
124      * @see org.apache.lenya.ac.AccessController#authorize(org.apache.cocoon.environment.Request)
125      */
126     public boolean authorize(Request request)
127         throws AccessControlException {
128         
129         assert request != null;
130         
131         boolean authorized = false;
132         
133         String JavaDoc uri = request.getRequestURI();
134         String JavaDoc context = request.getContextPath();
135         if (context == null) {
136             context = "";
137         }
138         uri = uri.substring(context.length());
139         
140         // Check public uris from configuration above. Should only be used during development before the implementation of a concrete authorizer.
141 int i = 0;
142         while (!authorized && i < publicMatchers.size()) {
143             getLogger().debug("Trying pattern: [" + publicMatchers.get(i) + "] with URL [" + uri + "]");
144             if (preparedMatch((REProgram) publicMatchers.get(i), uri)) {
145                 if (getLogger().isDebugEnabled()) {
146                     getLogger().debug("Permission granted for free: [" + uri + "]");
147                 }
148                 authorized = true;
149             }
150             i++;
151         }
152         
153         if (!authorized) {
154             authorized = super.authorize(request);
155         }
156         
157         return authorized;
158     }
159
160 }
161
Popular Tags