KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > mortbay > http > handler > SecurityHandler


1 // ========================================================================
2 // $Id: SecurityHandler.java,v 1.32 2005/08/13 00:01:26 gregwilkins Exp $
3 // Copyright 199-2004 Mort Bay Consulting Pty. Ltd.
4 // ------------------------------------------------------------------------
5 // Licensed under the Apache License, Version 2.0 (the "License");
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
8 // http://www.apache.org/licenses/LICENSE-2.0
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 // ========================================================================
15
16 package org.mortbay.http.handler;
17
18 import java.io.IOException JavaDoc;
19
20 import org.apache.commons.logging.Log;
21 import org.mortbay.log.LogFactory;
22 import org.mortbay.http.BasicAuthenticator;
23 import org.mortbay.http.ClientCertAuthenticator;
24 import org.mortbay.http.HttpException;
25 import org.mortbay.http.HttpRequest;
26 import org.mortbay.http.HttpResponse;
27 import org.mortbay.http.SecurityConstraint;
28
29 /* ------------------------------------------------------------ */
30 /** Handler to enforce SecurityConstraints.
31  *
32  * @version $Id: SecurityHandler.java,v 1.32 2005/08/13 00:01:26 gregwilkins Exp $
33  * @author Greg Wilkins (gregw)
34  */
35 public class SecurityHandler extends AbstractHttpHandler
36 {
37     private static Log log = LogFactory.getLog(SecurityHandler.class);
38
39     /* ------------------------------------------------------------ */
40     private String JavaDoc _authMethod=SecurityConstraint.__BASIC_AUTH;
41
42     /* ------------------------------------------------------------ */
43     public String JavaDoc getAuthMethod()
44     {
45         return _authMethod;
46     }
47     
48     /* ------------------------------------------------------------ */
49     public void setAuthMethod(String JavaDoc method)
50     {
51         if (isStarted() && _authMethod!=null && !_authMethod.equals(method))
52             throw new IllegalStateException JavaDoc("Handler started");
53         _authMethod = method;
54     }
55
56     /* ------------------------------------------------------------ */
57     public void start()
58         throws Exception JavaDoc
59     {
60         if (getHttpContext().getAuthenticator()==null)
61         {
62             // Find out the Authenticator.
63 if (SecurityConstraint.__BASIC_AUTH.equalsIgnoreCase(_authMethod))
64                 getHttpContext().setAuthenticator(new BasicAuthenticator());
65             else if (SecurityConstraint.__CERT_AUTH.equalsIgnoreCase(_authMethod))
66                 getHttpContext().setAuthenticator(new ClientCertAuthenticator());
67             else
68                 log.warn("Unknown Authentication method:"+_authMethod);
69         }
70         
71         super.start();
72     }
73     
74     /* ------------------------------------------------------------ */
75     public void handle(String JavaDoc pathInContext,
76                        String JavaDoc pathParams,
77                        HttpRequest request,
78                        HttpResponse response)
79         throws HttpException, IOException JavaDoc
80     {
81         getHttpContext().checkSecurityConstraints(pathInContext,request,response);
82     }
83
84 }
85
86
Popular Tags