KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > test > security > proxy > ProjRepositorySecurityProxy2


1 /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10   * the License, or (at your option) any later version.
11   *
12   * This software is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this software; if not, write to the Free
19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21   */

22 package org.jboss.test.security.proxy;
23
24 import java.rmi.RemoteException JavaDoc;
25 import java.security.AccessController JavaDoc;
26 import java.security.Principal JavaDoc;
27 import javax.ejb.EJBContext JavaDoc;
28 import javax.naming.Name JavaDoc;
29 import javax.naming.NamingException JavaDoc;
30 import javax.naming.directory.Attribute JavaDoc;
31 import javax.naming.directory.Attributes JavaDoc;
32
33 import org.jboss.test.security.test.NamespacePermission;
34 import org.jboss.test.security.interfaces.IProjRepository;
35
36 /** A simple stateful security proxy example for the ProjRepository bean.
37
38 @see javax.naming.Name
39 @see javax.naming.directory.Attributes
40 @see org.jboss.test.security.test.ejbs.project.interfaces.IProjRepository
41
42 @author Scott_Stark@displayscape.com
43 @version $Revision: 58115 $
44 */

45 public class ProjRepositorySecurityProxy2 implements IProjRepository
46 {
47    org.jboss.logging.Logger log = org.jboss.logging.Logger.getLogger(getClass());
48    
49     /**
50      * @label bean
51      * @clientRole state sink
52      * @supplierRole state source
53      */

54     private IProjRepository projRepository;
55     private EJBContext JavaDoc ctx;
56
57     public void setEJBContext(EJBContext JavaDoc ctx)
58     {
59         this.ctx = ctx;
60         log.debug("ProjRepositorySecurityProxy2.setEJBContext, ctx="+ctx);
61     }
62     public void setBean(Object JavaDoc bean)
63     {
64         projRepository = (IProjRepository) bean;
65         log.debug("ProjRepositorySecurityProxy2.setBean, bean="+projRepository);
66     }
67
68     public void ejbCreate(Name JavaDoc projectName)
69     {
70         Principal JavaDoc user = ctx.getCallerPrincipal();
71         String JavaDoc userID = user.getName();
72         log.debug("ProjRepositorySecurityProxy2.ejbCreate, projectName="+projectName);
73         // Only scott or starksm can create project sessions
74
if( userID.equals("scott") == false && userID.equals("starksm") == false )
75             throw new SecurityException JavaDoc("Invalid project userID: "+userID);
76     }
77
78 // --- Begin IProjRepository interface methods
79
public void createFolder(Name JavaDoc folderPath)
80     {
81         log.debug("ProjRepositorySecurityProxy2.createFolder, folderPath="+folderPath);
82     }
83     
84     public void deleteFolder(Name JavaDoc folderPath,boolean recursive)
85     {
86         log.debug("ProjRepositorySecurityProxy2.deleteFolder, folderPath="+folderPath);
87     }
88     
89     public void createItem(Name JavaDoc itemPath,Attributes JavaDoc attributes)
90     {
91         log.debug("ProjRepositorySecurityProxy2.createItem, itemPath="+itemPath);
92     }
93     
94     public void updateItem(Name JavaDoc itemPath,Attributes JavaDoc attributes)
95     {
96         log.debug("ProjRepositorySecurityProxy2.updateItem, itemPath="+itemPath);
97     }
98     
99     public void deleteItem(Name JavaDoc itemPath)
100     {
101         Principal JavaDoc user = ctx.getCallerPrincipal();
102         String JavaDoc userID = user.getName();
103         log.debug("ProjRepositorySecurityProxy2.deleteItem, itemPath="+itemPath);
104         // Only the item owner can delete it
105
String JavaDoc owner = null;
106         try
107         {
108             Attributes JavaDoc attributes = projRepository.getItem(itemPath);
109             if( attributes != null )
110             {
111                 Attribute JavaDoc attr = attributes.get("owner");
112                 if( attr != null )
113                     owner = (String JavaDoc) attr.get();
114             }
115         }
116         catch(Exception JavaDoc e)
117         {
118             log.debug("failed", e);
119             throw new SecurityException JavaDoc("Failed to obtain owner for: "+itemPath);
120         }
121
122         if( owner == null )
123             throw new SecurityException JavaDoc("No owner assigned to: "+itemPath);
124         if( owner.equals(userID) == false )
125             throw new SecurityException JavaDoc("User: "+userID+" is not the owner of: "+itemPath);
126     }
127
128     public Attributes JavaDoc getItem(Name JavaDoc itemPath)
129     {
130         NamespacePermission p = new NamespacePermission(itemPath, "r---");
131         AccessController.checkPermission(p);
132         log.debug("ProjRepositorySecurityProxy2.getItem, itemPath="+itemPath);
133         return null;
134     }
135 // --- End IProjRepository interface methods
136

137 }
138
Popular Tags