WebAppSecurityInterceptor


1   /*
2    * Copyright (C) 2005 Erik Swenson - erik@oreports.com
3    * 
4    * This program is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU General Public License as published by the Free Software
6    * Foundation; either version 2 of the License, or (at your option) any later
7    * version.
8    * 
9    * This program is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
12   * details.
13   * 
14   * You should have received a copy of the GNU General Public License along with
15   * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
16   * Place - Suite 330, Boston, MA 02111-1307, USA.
17   *  
18   */
19  
20  package org.efs.openreports.interceptors;
21  
22  import javax.servlet.http.HttpServletRequest  ;
23  
24  import org.apache.log4j.Logger;
25  import org.efs.openreports.ORStatics;
26  import org.efs.openreports.objects.ReportUser;
27  import org.efs.openreports.providers.UserProvider;
28  import org.efs.openreports.providers.UserProviderAware;
29  import org.efs.openreports.util.LocalStrings;
30  
31  import com.opensymphony.webwork.ServletActionContext;
32  import com.opensymphony.xwork.Action;
33  import com.opensymphony.xwork.ActionContext;
34  import com.opensymphony.xwork.ActionInvocation;
35  import com.opensymphony.xwork.ActionSupport;
36  import com.opensymphony.xwork.interceptor.Interceptor;
37  import com.opensymphony.xwork.interceptor.component.ComponentManager;
38  
39  public class WebAppSecurityInterceptor implements Interceptor, UserProviderAware
40  {
41      protected static Logger log = Logger.getLogger(WebAppSecurityInterceptor.class);
42  
43      private UserProvider userProvider;  
44  
45      public String   intercept(ActionInvocation actionInvocation) throws Exception  
46      {
47          ComponentManager container = (ComponentManager) ActionContext.getContext().get(
48  
49          "com.opensymphony.xwork.interceptor.component.ComponentManager");
50  
51          if (container != null)
52          {
53              container.initializeObject(this);
54          }               
55          
56          ReportUser user = (ReportUser) actionInvocation.getInvocationContext().getSession().get("user");
57  
58          if (user == null)
59          {
60              HttpServletRequest   httpServletRequest = ServletActionContext.getRequest();
61              if (httpServletRequest != null)
62              {
63                  String   userName = httpServletRequest.getRemoteUser();
64  
65                  user = userProvider.getUser(userName);
66                  if (user != null &&  httpServletRequest.isUserInRole(ORStatics.OPENREPORTS_ROLE))
67                  {                   
68                      actionInvocation.getInvocationContext().getSession().put("user", user);
69                  }
70                  else
71                  {
72                      ActionSupport action = (ActionSupport) actionInvocation.getAction();
73                      action.addActionError(LocalStrings.getString(LocalStrings.ERROR_INVALID_USER));
74  
75                      return Action.ERROR;
76                  }
77              }
78          }
79  
80          ActionContext.getContext().getValueStack().push(this);
81  
82          return actionInvocation.invoke();
83      }
84  
85      public void destroy()
86      {
87      }
88  
89      public void init()
90      {       
91      }
92  
93      public void setUserProvider(UserProvider userProvider)
94      {
95          this.userProvider = userProvider;
96      }   
97  }
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags