Source Code Cross Referenced for SecurityConstraint.java in  » EJB-Server-resin-3.1.5 » resin » com » caucho » server » security » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /*
002:         * Copyright (c) 1998-2008 Caucho Technology -- all rights reserved
003:         *
004:         * This file is part of Resin(R) Open Source
005:         *
006:         * Each copy or derived work must preserve the copyright notice and this
007:         * notice unmodified.
008:         *
009:         * Resin Open Source is free software; you can redistribute it and/or modify
010:         * it under the terms of the GNU General Public License as published by
011:         * the Free Software Foundation; either version 2 of the License, or
012:         * (at your option) any later version.
013:         *
014:         * Resin Open Source is distributed in the hope that it will be useful,
015:         * but WITHOUT ANY WARRANTY; without even the implied warranty of
016:         * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE, or any warranty
017:         * of NON-INFRINGEMENT.  See the GNU General Public License for more
018:         * details.
019:         *
020:         * You should have received a copy of the GNU General Public License
021:         * along with Resin Open Source; if not, write to the
022:         *
023:         *   Free Software Foundation, Inc.
024:         *   59 Temple Place, Suite 330
025:         *   Boston, MA 02111-1307  USA
026:         *
027:         * @author Scott Ferguson
028:         */
029:
030:        package com.caucho.server.security;
031:
032:        import com.caucho.log.Log;
033:        import com.caucho.server.dispatch.UrlMap;
034:        import com.caucho.server.util.CauchoSystem;
035:        import com.caucho.util.L10N;
036:
037:        import javax.annotation.PostConstruct;
038:        import java.util.ArrayList;
039:        import java.util.logging.Level;
040:        import java.util.logging.Logger;
041:        import java.util.regex.Pattern;
042:        import java.util.regex.PatternSyntaxException;
043:
044:        /**
045:         * Configuration for the security-constraint.
046:         */
047:        public class SecurityConstraint {
048:            static final Logger log = Log.open(SecurityConstraint.class);
049:            static L10N L = new L10N(SecurityConstraint.class);
050:
051:            private AbstractConstraint _constraint;
052:
053:            private ContainerConstraint _containerConstraint;
054:            private RoleConstraint _roleConstraint;
055:
056:            private Pattern _regexp;
057:            private IPConstraint _oldStyleIpConstraint;
058:
059:            private ArrayList<WebResourceCollection> _webResourceCollectionList;
060:
061:            /**
062:             * Creates the security-constraint.
063:             */
064:            public SecurityConstraint() {
065:            }
066:
067:            /**
068:             * Sets the description.
069:             */
070:            public void setDescription(String description) {
071:            }
072:
073:            /**
074:             * Sets the display-name.
075:             */
076:            public void setDisplayName(String displayName) {
077:            }
078:
079:            /**
080:             * Sets the url-pattern
081:             */
082:            public void setURLPattern(String pattern) {
083:                String regexpPattern = UrlMap
084:                        .urlPatternToRegexpPattern(pattern);
085:
086:                int flags = (CauchoSystem.isCaseInsensitive() ? Pattern.CASE_INSENSITIVE
087:                        : 0);
088:                try {
089:                    _regexp = Pattern.compile(regexpPattern, flags);
090:                } catch (PatternSyntaxException e) {
091:                    log.log(Level.WARNING, e.toString(), e);
092:                }
093:            }
094:
095:            /**
096:             * Adds a web-resource-collection
097:             */
098:            public void addWebResourceCollection(WebResourceCollection resource) {
099:                if (_webResourceCollectionList == null)
100:                    _webResourceCollectionList = new ArrayList<WebResourceCollection>();
101:
102:                _webResourceCollectionList.add(resource);
103:            }
104:
105:            /**
106:             * Sets the role-name
107:             */
108:            public void addRoleName(String roleName) {
109:                if (_roleConstraint == null) {
110:                    _roleConstraint = new RoleConstraint();
111:                    addConstraint(_roleConstraint);
112:                }
113:
114:                _roleConstraint.addRoleName(roleName);
115:            }
116:
117:            /**
118:             * Adds the auth-constraint
119:             */
120:            public void addAuthConstraint(AuthConstraint auth) {
121:                if (_roleConstraint == null) {
122:                    _roleConstraint = new RoleConstraint();
123:                    addConstraint(_roleConstraint);
124:                }
125:
126:                ArrayList<String> list = auth.getRoleList();
127:
128:                for (int i = 0; i < list.size(); i++)
129:                    addRoleName(list.get(i));
130:            }
131:
132:            /**
133:             * Sets the user-data-constraint
134:             */
135:            public void setUserDataConstraint(UserDataConstraint constraint) {
136:                String transportGuarantee = constraint.getTransportGuarantee();
137:
138:                if (transportGuarantee != null)
139:                    addConstraint(new TransportConstraint(transportGuarantee));
140:            }
141:
142:            /**
143:             * Add an ip-constraint
144:             */
145:            public void addIPConstraint(IPConstraint constraint) {
146:                if (!constraint.isOldStyle()) {
147:                    addConstraint(constraint);
148:                } else {
149:                    /**
150:                     * The old style was to simply allow:
151:                     * <security-constraint>
152:                     *   <ip-constraint>network</ip-constraint>
153:                     *   <ip-constraint>network</ip-constraint>
154:                     * </security-constraint>
155:                     *
156:                     * which was effectively the same as using allow.  The compiliction
157:                     * is that when the old style is used, there should be only one
158:                     * IPConstraint object 
159:                     */
160:                    if (_oldStyleIpConstraint == null) {
161:                        addConstraint(constraint);
162:                        _oldStyleIpConstraint = constraint;
163:                    } else {
164:                        constraint.copyInto(_oldStyleIpConstraint);
165:                    }
166:                }
167:            }
168:
169:            /**
170:             * Sets a custom constraint
171:             */
172:            public void addConstraint(AbstractConstraint constraint) {
173:                if (_constraint == null)
174:                    _constraint = constraint;
175:                else if (_containerConstraint == null) {
176:                    _containerConstraint = new ContainerConstraint();
177:                    _containerConstraint.addConstraint(_constraint);
178:                    _constraint = _containerConstraint;
179:
180:                    _containerConstraint.addConstraint(constraint);
181:                } else
182:                    _containerConstraint.addConstraint(constraint);
183:            }
184:
185:            /**
186:             * initialize
187:             */
188:            @PostConstruct
189:            public void init() {
190:            }
191:
192:            /**
193:             * Returns true if the URL matches.
194:             */
195:            public boolean isMatch(String url) {
196:                if (_regexp != null && _regexp.matcher(url).find()) {
197:                    return true;
198:                }
199:
200:                for (int i = 0; _webResourceCollectionList != null
201:                        && i < _webResourceCollectionList.size(); i++) {
202:                    WebResourceCollection resource = _webResourceCollectionList
203:                            .get(i);
204:
205:                    if (resource.isMatch(url))
206:                        return true;
207:                }
208:
209:                return false;
210:            }
211:
212:            /**
213:             * Returns the applicable methods if the URL matches.
214:             */
215:            public ArrayList<String> getMethods(String url) {
216:                for (int i = 0; _webResourceCollectionList != null
217:                        && i < _webResourceCollectionList.size(); i++) {
218:                    WebResourceCollection resource = _webResourceCollectionList
219:                            .get(i);
220:
221:                    if (resource.isMatch(url))
222:                        return resource.getMethods();
223:                }
224:
225:                return null;
226:            }
227:
228:            /**
229:             * return the constraint
230:             */
231:            public AbstractConstraint getConstraint() {
232:                return _constraint;
233:            }
234:        }