KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > test > web > servlets > UserInRoleServlet


1 /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10   * the License, or (at your option) any later version.
11   *
12   * This software is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this software; if not, write to the Free
19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21   */

22 package org.jboss.test.web.servlets;
23
24 import java.io.IOException JavaDoc;
25 import java.io.PrintWriter JavaDoc;
26 import java.security.Principal JavaDoc;
27 import java.util.ArrayList JavaDoc;
28 import javax.servlet.ServletConfig JavaDoc;
29 import javax.servlet.ServletException JavaDoc;
30 import javax.servlet.http.HttpServlet JavaDoc;
31 import javax.servlet.http.HttpServletRequest JavaDoc;
32 import javax.servlet.http.HttpServletResponse JavaDoc;
33
34 import org.jboss.util.Strings;
35
36 /** A servlet that calls isUserInRole for every role name defined in the
37  * expectedUserRoles init parameter and validates that each role is assigned
38  * to the user. Any role in the expectedUserRoles for which isUserInRole is
39  * false is added to the X-ExpectedUserRoles-Errors reply header. If the user
40  * has every role from the expectedUserRoles list, the X-ExpectedUserRoles-Errors
41  * header will not be in the reply.
42  *
43  * This servlet also calls isUserInRole for every role name defined in the
44  * unexpectedUserRoles init parameter and validates that each role is NOT
45  * assigned to the user. Any role in the unexpectedUserRoles for which
46  * isUserInRole is true is added to the X-UnexpectedUserRoles-Errors reply
47  * header. If the user has no roles from the unexpectedUserRoles list, the
48  * X-UnexpectedUserRoles-Errors header will not be in the reply.
49  *
50  * @author Scott.Stark@jboss.org
51  * @version $Revision: 37406 $
52  */

53 public class UserInRoleServlet extends HttpServlet JavaDoc
54 {
55    /** The roles for which isUserInRole should return true */
56    private String JavaDoc[] expectedUserRoles;
57    /** The roles for which isUserInRole should return false */
58    private String JavaDoc[] unexpectedUserRoles;
59
60    public void init(ServletConfig JavaDoc config) throws ServletException JavaDoc
61    {
62       super.init(config);
63       String JavaDoc param = config.getInitParameter("expectedUserRoles");
64       expectedUserRoles = Strings.split(param, ",");
65       param = config.getInitParameter("unexpectedUserRoles");
66       unexpectedUserRoles = Strings.split(param, ",");
67    }
68
69    protected void processRequest(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
70       throws ServletException JavaDoc, IOException JavaDoc
71    {
72       Principal JavaDoc user = request.getUserPrincipal();
73       response.setContentType("text/html");
74       PrintWriter JavaDoc out = response.getWriter();
75       out.println("<html>");
76       out.println("<head><title>UserInRoleServlet</title></head>");
77       out.println("<body>");
78       out.println("You have accessed this servlet as user:"+user);
79
80       out.println("<h1>ExpectedUserRoles</h1>");
81       out.println("<ul>");
82       ArrayList JavaDoc errors = new ArrayList JavaDoc();
83       for(int n = 0; n < expectedUserRoles.length; n ++)
84       {
85          String JavaDoc role = expectedUserRoles[n];
86          boolean inRole = request.isUserInRole(role);
87          out.println("<li>isUserInRole("+role+") = "+inRole+"</li>");
88          if( inRole == false )
89             errors.add(role);
90       }
91       out.println("</ul>");
92       if( errors.size() > 0 )
93       {
94          String JavaDoc value = errors.toString();
95          response.addHeader("X-ExpectedUserRoles-Errors", value);
96       }
97
98       errors.clear();
99       out.println("<h1>UnexpectedUserRoles</h1>");
100       out.println("<ul>");
101       for(int n = 0; n < unexpectedUserRoles.length; n ++)
102       {
103          String JavaDoc role = unexpectedUserRoles[n];
104          boolean inRole = request.isUserInRole(role);
105          out.println("<li>isUserInRole("+role+") = "+inRole+"</li>");
106          if( inRole == true )
107             errors.add(role);
108       }
109       if( errors.size() > 0 )
110       {
111          String JavaDoc value = errors.toString();
112          response.addHeader("X-UnexpectedUserRoles-Errors", value);
113       }
114       out.println("</ul>");
115
116       out.println("</body></html>");
117       out.close();
118    }
119
120    protected void doGet(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
121       throws ServletException JavaDoc, IOException JavaDoc
122    {
123       processRequest(request, response);
124    }
125
126    protected void doPost(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
127       throws ServletException JavaDoc, IOException JavaDoc
128    {
129       processRequest(request, response);
130    }
131
132 }
133
134
Popular Tags