AbstractAuthorizerAction


1   /*
2    * Copyright  1999-2004 The Apache Software Foundation
3    *
4    *  Licensed under the Apache License, Version 2.0 (the "License");
5    *  you may not use this file except in compliance with the License.
6    *  You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   *  Unless required by applicable law or agreed to in writing, software
11   *  distributed under the License is distributed on an "AS IS" BASIS,
12   *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   *  See the License for the specific language governing permissions and
14   *  limitations under the License.
15   *
16   */
17  
18  /* $Id: AbstractAuthorizerAction.java 42616 2004-03-03 12:56:33Z gregor $  */
19  
20  package org.apache.lenya.cms.cocoon.acting;
21  
22  import java.util.HashMap  ;
23  import java.util.Map  ;
24  
25  import org.apache.avalon.framework.configuration.Configurable;
26  import org.apache.avalon.framework.configuration.Configuration;
27  import org.apache.avalon.framework.configuration.ConfigurationException;
28  import org.apache.avalon.framework.parameters.Parameters;
29  import org.apache.cocoon.acting.AbstractComplementaryConfigurableAction;
30  import org.apache.cocoon.environment.ObjectModelHelper;
31  import org.apache.cocoon.environment.Redirector;
32  import org.apache.cocoon.environment.Request;
33  import org.apache.cocoon.environment.Session;
34  import org.apache.cocoon.environment.SourceResolver;
35  import org.apache.cocoon.sitemap.PatternException;
36  import org.apache.lenya.util.Stack;
37  import org.apache.regexp.RE;
38  import org.apache.regexp.RECompiler;
39  import org.apache.regexp.REProgram;
40  import org.apache.regexp.RESyntaxException;
41  
42  public abstract class AbstractAuthorizerAction extends AbstractComplementaryConfigurableAction
43      implements Configurable {
44      REProgram[] public_matchers;
45      boolean logRequests = false;
46      String   authenticator_type = null;
47  
48      /**
49       * DOCUMENT ME!
50       *
51       * @param conf DOCUMENT ME!
52       *
53       * @throws ConfigurationException DOCUMENT ME!
54       */
55      public void configure(Configuration conf) throws ConfigurationException {
56          super.configure(conf);
57  
58          Configuration authenticatorConf = conf.getChild("authenticator");
59          authenticator_type = authenticatorConf.getAttribute("type");
60  
61          if (getLogger().isDebugEnabled()) {
62              getLogger().debug(".configure(): authenticator type=" + authenticator_type);
63          }
64  
65          Configuration[] publics = conf.getChildren("public");
66          public_matchers = new REProgram[publics.length];
67  
68          for (int i = 0; i < publics.length; i++) {
69              String   public_href = publics[i].getValue(null);
70  
71              try {
72                  public_matchers[i] = preparePattern(public_href);
73              } catch (PatternException pe) {
74                  throw new ConfigurationException("invalid pattern for public hrefs", pe);
75              }
76  
77              if (getLogger().isDebugEnabled()) {
78                  getLogger().debug("CONFIGURATION: public: " + public_href);
79              }
80          }
81  
82          Configuration log = conf.getChild("log");
83  
84          if (log.getValue("off").equals("on")) {
85              logRequests = true;
86          }
87  
88          if (logRequests) {
89              if (getLogger().isDebugEnabled()) {
90                  getLogger().debug("CONFIGURATION: log requests: on");
91              }
92          } else {
93              if (getLogger().isDebugEnabled()) {
94                  getLogger().debug("CONFIGURATION: log requests: off");
95              }
96          }
97      }
98  
99      /**
100      * DOCUMENT ME!
101      *
102      * @param redirector DOCUMENT ME!
103      * @param resolver DOCUMENT ME!
104      * @param objectModel DOCUMENT ME!
105      * @param src DOCUMENT ME!
106      * @param parameters DOCUMENT ME!
107      *
108      * @return DOCUMENT ME!
109      *
110      * @throws Exception DOCUMENT ME!
111      */
112     public Map   act(Redirector redirector, SourceResolver resolver, Map   objectModel, String   src,
113         Parameters parameters) throws Exception   {
114         // Get request object
115         Request req = ObjectModelHelper.getRequest(objectModel);
116 
117         if (req == null) {
118             getLogger().error("No request object");
119 
120             return null;
121         }
122 
123         Session session = req.getSession(true);
124 
125         if (session == null) {
126             getLogger().error("No session object");
127 
128             return null;
129         }
130 
131         // Get uri
132         String   request_uri = req.getRequestURI();
133         String   sitemap_uri = req.getSitemapURI();
134 
135         if (getLogger().isDebugEnabled()) {
136             getLogger().debug("request-uri=" + request_uri);
137             getLogger().debug("sitemap-uri=" + sitemap_uri);
138         }
139 
140         // Set history
141         Stack history = (Stack) session.getAttribute("org.apache.lenya.cms.cocoon.acting.History");
142 
143         if (history == null) {
144             history = new Stack(10);
145             session.setAttribute("org.apache.lenya.cms.cocoon.acting.History", history);
146         }
147 
148         history.push(sitemap_uri);
149 
150         // Check public uris from configuration above. Should only be used during development before the implementation of a concrete authorizer.
151         for (int i = 0; i < public_matchers.length; i++) {
152             if (preparedMatch(public_matchers[i], sitemap_uri)) {
153                 if (getLogger().isDebugEnabled()) {
154                     getLogger().debug("Permission granted for free: " + request_uri);
155                 }
156 
157                 HashMap   actionMap = new HashMap  ();
158 
159                 return actionMap;
160             }
161         }
162 
163         String   query_string = req.getQueryString();
164 
165         if (query_string != null) {
166             session.setAttribute("protected_destination", request_uri + "?" + req.getQueryString());
167         } else {
168             session.setAttribute("protected_destination", request_uri);
169         }
170 
171         // FIXME: Can't be here. Please see comment within PMLAuthorizerAction
172 
173         /*
174                 String authenticator_type = (String) session.getAttribute("org.apache.lenya.cms.cocoon.acting.Authenticator.id");
175                 if (!this.authenticator_type.equals(authenticator_type)) {
176                     if (authenticator_type == null) {
177                         getLogger().debug(".act(): No authenticator yet");
178                     } else {
179                         getLogger().warn(".act(): Authenticators do not match: " + authenticator_type + " (Authorizer's authenticator: " + this.authenticator_type + ")");
180                     }
181 
182                     return null;
183                 }
184         */
185         HashMap   actionMap = new HashMap  ();
186 
187         if (authorize(req, actionMap)) {
188             if (getLogger().isDebugEnabled()) {
189                 getLogger().debug("Permission granted dues to authorisation: " + request_uri);
190             }
191 
192             return actionMap;
193         }
194 
195         if (getLogger().isDebugEnabled()) {
196             getLogger().debug("Permission denied: " + request_uri);
197         }
198 
199         return null;
200     }
201 
202     /**
203      * Compile the pattern in a <code>org.apache.regexp.REProgram</code>.
204      *
205      * @param pattern DOCUMENT ME!
206      *
207      * @return DOCUMENT ME!
208      *
209      * @throws PatternException DOCUMENT ME!
210      */
211     protected REProgram preparePattern(String   pattern)
212         throws PatternException {
213         if (pattern == null) {
214             throw new PatternException("null passed as a pattern", null);
215         }
216 
217         if (pattern.length() == 0) {
218             pattern = "^$";
219 
220             if (getLogger().isWarnEnabled()) {
221                 getLogger().warn("The empty pattern string was rewritten to '^$'" +
222                     " to match for empty strings.  If you intended" +
223                     " to match all strings, please change your" + " pattern to '.*'");
224             }
225         }
226 
227         try {
228             RECompiler compiler = new RECompiler();
229             REProgram program = compiler.compile(pattern);
230 
231             return program;
232         } catch (RESyntaxException rse) {
233             getLogger().debug("Failed to compile the pattern '" + pattern + "'", rse);
234             throw new PatternException(rse.getMessage(), rse);
235         }
236     }
237 
238     protected boolean preparedMatch(REProgram preparedPattern, String   match) {
239         RE re = new RE(preparedPattern);
240 
241         if (match == null) {
242             return false;
243         }
244 
245         return re.match(match);
246     }
247 
248     /**
249      * Should be implemented by a concrete authorizer
250      *
251      * @return DOCUMENT ME!
252      */
253     public abstract boolean authorize(Request request, Map   map)
254         throws Exception  ;
255 }
256
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags