001: /*
002: * ====================================================================
003: * JAFFA - Java Application Framework For All
004: *
005: * Copyright (C) 2002 JAFFA Development Group
006: *
007: * This library is free software; you can redistribute it and/or
008: * modify it under the terms of the GNU Lesser General Public
009: * License as published by the Free Software Foundation; either
010: * version 2.1 of the License, or (at your option) any later version.
011: *
012: * This library is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this library; if not, write to the Free Software
019: * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020: *
021: * Redistribution and use of this software and associated documentation ("Software"),
022: * with or without modification, are permitted provided that the following conditions are met:
023: * 1. Redistributions of source code must retain copyright statements and notices.
024: * Redistributions must also contain a copy of this document.
025: * 2. Redistributions in binary form must reproduce the above copyright notice,
026: * this list of conditions and the following disclaimer in the documentation
027: * and/or other materials provided with the distribution.
028: * 3. The name "JAFFA" must not be used to endorse or promote products derived from
029: * this Software without prior written permission. For written permission,
030: * please contact mail to: jaffagroup@yahoo.com.
031: * 4. Products derived from this Software may not be called "JAFFA" nor may "JAFFA"
032: * appear in their names without prior written permission.
033: * 5. Due credit should be given to the JAFFA Project (http://jaffa.sourceforge.net).
034: *
035: * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
036: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
037: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
038: * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
039: * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
040: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
041: * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
042: * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
043: * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
044: * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
045: * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
046: * SUCH DAMAGE.
047: * ====================================================================
048: */
049:
050: package org.jaffa.applications.test.modules.security.components.test1.ui;
051:
052: import org.jaffa.presentation.portlet.ActionBase;
053: import org.jaffa.security.SecurityManager;
054: import org.jaffa.presentation.portlet.FormKey;
055: import java.security.PrivilegedAction;
056: import org.jaffa.presentation.portlet.session.UserSession;
057: import java.security.PrivilegedExceptionAction;
058: import java.security.PrivilegedActionException;
059: import java.security.AccessControlException;
060: import javax.servlet.http.HttpSession;
061: import org.jaffa.presentation.portlet.component.ComponentManager;
062: import org.jaffa.presentation.portlet.component.IComponent;
063: import org.jaffa.presentation.portlet.component.ComponentCreationRuntimeException;
064:
065: /**
066: * @author PaulE
067: * @version 1.0
068: */
069: public class Page1Action extends ActionBase {
070:
071: /** This button is protected by 'Function1' */
072: public FormKey do_Button1_Clicked() {
073:
074: System.out
075: .println("Trying to do something protected by Function1");
076:
077: SecurityManager.runFunction("Function1",
078: new PrivilegedAction() {
079: public Object run() {
080: String msg = "Doing Something Protected By Function1";
081: ((Page1Form) form).setMessage(msg);
082: System.out.println(msg);
083: return null;
084: }
085: });
086:
087: return new FormKey(Page1Form.NAME,
088: component != null ? component.getComponentId() : null);
089: }
090:
091: /** This button is protected by 'Function1', it throws an exception from the secured method */
092: public FormKey do_Button1b_Clicked() {
093:
094: System.out
095: .println("Trying to do something protected by Function1");
096: try {
097: SecurityManager.runFunction("Function1",
098: new PrivilegedExceptionAction() {
099: public Object run() {
100: throw new UnsupportedOperationException(
101: "Test Exception");
102: }
103: });
104: } catch (AccessControlException e) {
105: ((Page1Form) form)
106: .setMessage("You were not allowed access to Function1");
107: } catch (PrivilegedActionException e) {
108: ((Page1Form) form)
109: .setMessage("Caught Exception From Secured Function : "
110: + e.getException().getClass().getName()
111: + " - " + e.getException().getMessage());
112: }
113: return new FormKey(Page1Form.NAME,
114: component != null ? component.getComponentId() : null);
115: }
116:
117: /** This handles the fact that security access is denied. */
118: public FormKey do_Button2_Clicked() {
119: System.out
120: .println("Trying to do something protected by Function2");
121:
122: try {
123:
124: SecurityManager.runFunction("Function2",
125: new PrivilegedAction() {
126: public Object run() {
127: String msg = "Doing Something Protected By Function2";
128: ((Page1Form) form).setMessage(msg);
129: System.out.println(msg);
130: return null;
131: }
132: });
133: } catch (AccessControlException e) {
134: String msg = "You Were Not Allowed Access To Function 2";
135: ((Page1Form) form).setMessage(msg);
136: System.out.println(msg);
137: }
138: return new FormKey(Page1Form.NAME,
139: component != null ? component.getComponentId() : null);
140: }
141:
142: /** This tries to run a component that the user may, or may not have access to */
143: public FormKey do_Button3_Clicked() {
144:
145: System.out
146: .println("Trying to run component Test.Security.Test2");
147:
148: try {
149:
150: IComponent c = ComponentManager.run("Test.Security.Test2",
151: UserSession.getUserSession(request));
152: String msg = "Running Component : Create Succeeded";
153: ((Page1Form) form).setMessage(msg);
154: System.out.println(msg);
155: } catch (AccessControlException e) {
156: String msg = "No Access To Component";
157: ((Page1Form) form).setMessage(msg);
158: System.out.println(msg);
159: } catch (ComponentCreationRuntimeException e) {
160: String msg = "Running Component : Create Failed";
161: ((Page1Form) form).setMessage(msg);
162: System.out.println(msg);
163: }
164: return new FormKey(Page1Form.NAME,
165: component != null ? component.getComponentId() : null);
166: }
167:
168: /** Log this user out. */
169: public FormKey do_Logout_Clicked() {
170: return null;
171: }
172:
173: }
|