01: /*
02: * Copyright (c) 1998-2008 Caucho Technology -- all rights reserved
03: *
04: * This file is part of Resin(R) Open Source
05: *
06: * Each copy or derived work must preserve the copyright notice and this
07: * notice unmodified.
08: *
09: * Resin Open Source is free software; you can redistribute it and/or modify
10: * it under the terms of the GNU General Public License as published by
11: * the Free Software Foundation; either version 2 of the License, or
12: * (at your option) any later version.
13: *
14: * Resin Open Source is distributed in the hope that it will be useful,
15: * but WITHOUT ANY WARRANTY; without even the implied warranty of
16: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE, or any warranty
17: * of NON-INFRINGEMENT. See the GNU General Public License for more
18: * details.
19: *
20: * You should have received a copy of the GNU General Public License
21: * along with Resin Open Source; if not, write to the
22: * Free SoftwareFoundation, Inc.
23: * 59 Temple Place, Suite 330
24: * Boston, MA 02111-1307 USA
25: *
26: * @author Scott Ferguson
27: */
28:
29: package com.caucho.server.security;
30:
31: import javax.servlet.ServletContext;
32: import javax.servlet.ServletException;
33: import javax.servlet.http.HttpServletRequest;
34: import javax.servlet.http.HttpServletResponse;
35: import java.io.IOException;
36: import java.util.ArrayList;
37:
38: public class ContainerConstraint extends AbstractConstraint {
39: private boolean _needsAuthentication;
40:
41: private ArrayList<AbstractConstraint> _constraints = new ArrayList<AbstractConstraint>();
42:
43: /**
44: * Adds a constraint.
45: */
46: public void addConstraint(AbstractConstraint constraint) {
47: for (AbstractConstraint subConstraint : constraint.toArray()) {
48: _constraints.add(subConstraint);
49:
50: if (subConstraint.needsAuthentication())
51: _needsAuthentication = true;
52: }
53: }
54:
55: /**
56: * Returns true if the constraint requires authentication.
57: */
58: public boolean needsAuthentication() {
59: return _needsAuthentication;
60: }
61:
62: /**
63: * Returns true if the user is authorized for the resource.
64: *
65: * <p>isAuthorized must provide the response if the user is not
66: * authorized. Typically this will just call sendError.
67: *
68: * <p>isAuthorized will be called after all the other filters, but
69: * before the servlet.service().
70: *
71: * @param request the servlet request
72: * @param response the servlet response
73: *
74: * @return true if the request is authorized.
75: */
76: public boolean isAuthorized(HttpServletRequest request,
77: HttpServletResponse response, ServletContext application)
78: throws ServletException, IOException {
79: for (int i = 0; i < _constraints.size(); i++) {
80: AbstractConstraint constraint = _constraints.get(i);
81:
82: if (!constraint
83: .isAuthorized(request, response, application))
84: return false;
85: }
86:
87: return true;
88: }
89:
90: /**
91: * converts the sub constraints to an array.
92: */
93: protected AbstractConstraint[] toArray() {
94: return _constraints.toArray(new AbstractConstraint[_constraints
95: .size()]);
96: }
97: }
|