001: /*
002: * ====================================================================
003: * JAFFA - Java Application Framework For All
004: *
005: * Copyright (C) 2002 JAFFA Development Group
006: *
007: * This library is free software; you can redistribute it and/or
008: * modify it under the terms of the GNU Lesser General Public
009: * License as published by the Free Software Foundation; either
010: * version 2.1 of the License, or (at your option) any later version.
011: *
012: * This library is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this library; if not, write to the Free Software
019: * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020: *
021: * Redistribution and use of this software and associated documentation ("Software"),
022: * with or without modification, are permitted provided that the following conditions are met:
023: * 1. Redistributions of source code must retain copyright statements and notices.
024: * Redistributions must also contain a copy of this document.
025: * 2. Redistributions in binary form must reproduce the above copyright notice,
026: * this list of conditions and the following disclaimer in the documentation
027: * and/or other materials provided with the distribution.
028: * 3. The name "JAFFA" must not be used to endorse or promote products derived from
029: * this Software without prior written permission. For written permission,
030: * please contact mail to: jaffagroup@yahoo.com.
031: * 4. Products derived from this Software may not be called "JAFFA" nor may "JAFFA"
032: * appear in their names without prior written permission.
033: * 5. Due credit should be given to the JAFFA Project (http://jaffa.sourceforge.net).
034: *
035: * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
036: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
037: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
038: * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
039: * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
040: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
041: * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
042: * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
043: * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
044: * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
045: * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
046: * SUCH DAMAGE.
047: * ====================================================================
048: */
049:
050: /*
051: * CheckPolicy.java
052: *
053: * Created on July 25, 2002, 6:20 PM
054: */
055:
056: package org.jaffa.security;
057:
058: import javax.servlet.*;
059: import javax.servlet.http.*;
060: import java.util.List;
061: import java.util.ArrayList;
062: import java.util.Map;
063: import org.jaffa.presentation.portlet.component.ComponentManager;
064: import org.jaffa.util.URLHelper;
065: import java.util.Iterator;
066: import java.io.StringWriter;
067: import org.apache.log4j.Logger;
068: import java.util.HashMap;
069: import org.jaffa.util.StringHelper;
070: import java.io.PrintWriter;
071: import org.jaffa.security.businessfunctionsdomain.*;
072: import javax.xml.bind.JAXBContext;
073: import javax.xml.bind.JAXBException;
074: import javax.xml.bind.Unmarshaller;
075: import org.jaffa.util.XmlHelper;
076:
077: /**
078: * This servlet can be used on start-up to make ssure there are no rogue entries
079: * in the components and roles files.
080: *
081: * @author paule
082: * @version 1.0
083: */
084: public class CheckPolicy extends HttpServlet {
085:
086: /** Set up Logging for Log4J */
087: private static Logger log = Logger.getLogger(CheckPolicy.class);
088:
089: /** Stores the list of component errors for display */
090: private static HashMap m_compErrors = new HashMap();
091: /** Stores the list of role errors for display */
092: private static HashMap m_roleErrors = new HashMap();
093:
094: /** Initializes the servlet.
095: */
096: public void init(ServletConfig config) throws ServletException {
097: super .init(config);
098: // Check the policy by reading the busniess functions
099: checkPolicy();
100: }
101:
102: /** Destroys the servlet.
103: */
104: public void destroy() {
105:
106: }
107:
108: /** Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
109: * @param request servlet request
110: * @param response servlet response
111: */
112: protected void processRequest(HttpServletRequest request,
113: HttpServletResponse response) throws ServletException,
114: java.io.IOException {
115: response.setContentType("text/html");
116: java.io.PrintWriter out = response.getWriter();
117: out.println("<html>");
118: out.println("<head>");
119: out.println("<title>Validating Security Policy</title>");
120: out.println("<base href='" + URLHelper.getBase(request) + "'>");
121: out.println("</head>");
122: out.println("<body>");
123: out.println("<h1>Validating Security Policy</h1>");
124: out.println("<h2>Errors in 'components.xml'</h2>");
125: if (m_compErrors == null || m_compErrors.size() == 0) {
126: out.println("No Errors Detected!");
127: } else {
128: out.println("<ul>");
129: for (Iterator i = m_compErrors.keySet().iterator(); i
130: .hasNext();) {
131: String comp = (String) i.next();
132: out.println("<li>Component <b>" + comp
133: + "</b> has invalid business function <b>"
134: + m_compErrors.get(comp) + "</b> defined.");
135: }
136: out.println("</ul>");
137: }
138: out.println("<br>");
139: out.println("<h2>Errors in 'roles.xml'</h2>");
140: if (m_roleErrors == null || m_roleErrors.size() == 0) {
141: out.println("No Errors Detected!");
142: } else {
143: out.println("<ul>");
144: for (Iterator i = m_roleErrors.keySet().iterator(); i
145: .hasNext();) {
146: String role = (String) i.next();
147: out.println("<li>Role <b>" + role
148: + "</b> has invalid business function <b>"
149: + m_roleErrors.get(role) + "</b> specified.");
150: }
151: out.println("</ul>");
152: }
153: out.println("<br>");
154: out.println("<h2>Current Loaded Policy</h2>");
155: out.println("<pre>");
156: StringWriter sw = new StringWriter();
157: PolicyManager.printPolicy(new PrintWriter(sw, true));
158: out.println(StringHelper.convertToHTML(sw.toString()));
159: out.println("</pre>");
160: out.println("</body>");
161: out.println("</html>");
162: out.close();
163: }
164:
165: /** Handles the HTTP <code>GET</code> method.
166: * @param request servlet request
167: * @param response servlet response
168: */
169: protected void doGet(HttpServletRequest request,
170: HttpServletResponse response) throws ServletException,
171: java.io.IOException {
172: processRequest(request, response);
173: }
174:
175: /** Handles the HTTP <code>POST</code> method.
176: * @param request servlet request
177: * @param response servlet response
178: */
179: protected void doPost(HttpServletRequest request,
180: HttpServletResponse response) throws ServletException,
181: java.io.IOException {
182: processRequest(request, response);
183: }
184:
185: /** Returns a short description of the servlet.
186: */
187: public String getServletInfo() {
188: return "Check Security Policy";
189: }
190:
191: private static synchronized void checkPolicy() {
192: // Read the business function file
193: List bfuncs = readFunctions();
194:
195: // Get mandatory functions per component
196: Map compList = ComponentManager.getComponentRequirements();
197:
198: // For Each component make sure that the business functions are valid
199: for (Iterator it = compList.keySet().iterator(); it.hasNext();) {
200: String comp = (String) it.next();
201: String[] funcs = (String[]) compList.get(comp);
202: for (int i = 0; i < funcs.length; i++) {
203: if (!bfuncs.contains(funcs[i])) {
204: m_compErrors.put(comp, funcs[i]);
205: log.error("Function '" + funcs[i]
206: + "' on Component '" + comp
207: + "' is Not Valid!");
208: }
209: }
210: }
211:
212: // Get list of functions per role
213: Map roleMap = PolicyCache.getRoleMap();
214:
215: // For Each role make sure that the business functions are valid
216: for (Iterator it2 = roleMap.keySet().iterator(); it2.hasNext();) {
217: String role = (String) it2.next();
218: List roleList = (List) roleMap.get(role);
219: for (Iterator it3 = roleList.iterator(); it3.hasNext();) {
220: String func = (String) it3.next();
221: if (!bfuncs.contains(func)) {
222: m_roleErrors.put(role, func);
223: log.error("Business Function '" + func
224: + "' in Role '" + role + "' is Not Valid!");
225: }
226: }
227: }
228: }
229:
230: private static List readFunctions() {
231: ArrayList bflist = new ArrayList();
232: try {
233: // create a JAXBContext capable of handling classes generated into the package
234: JAXBContext jc = JAXBContext
235: .newInstance("org.jaffa.security.businessfunctionsdomain");
236:
237: // create an Unmarshaller
238: Unmarshaller u = jc.createUnmarshaller();
239:
240: // enable validation
241: u.setValidating(true);
242:
243: // unmarshal a document into a tree of Java content objects composed of classes from the package.
244: BusinessFunctions businessFunctions = (BusinessFunctions) u
245: .unmarshal(XmlHelper
246: .stripDoctypeDeclaration(URLHelper
247: .newExtendedURL("resources/business-functions.xml")));
248: for (Iterator i = businessFunctions.getBusinessFunction()
249: .iterator(); i.hasNext();)
250: bflist.add(((BusinessFunction) i.next()).getName());
251:
252: } catch (Exception e) {
253: System.out.println("Can't Read File : " + e.getMessage());
254: }
255: System.out.println("Read Function List. Count = "
256: + bflist.size());
257: return bflist;
258: }
259:
260: public static void main(String[] args) {
261: System.out.println("Running Policy Checker...");
262: checkPolicy();
263: System.out.println("Checking Components");
264: if (m_compErrors == null || m_compErrors.size() == 0) {
265: System.out.println("--- No Errors Detected!");
266: } else {
267: for (Iterator i = m_compErrors.keySet().iterator(); i
268: .hasNext();) {
269: String comp = (String) i.next();
270: System.out.println("--- Component " + comp
271: + " has invalid business function "
272: + m_compErrors.get(comp) + " defined.");
273: }
274: }
275: System.out.println("Checking Roles");
276: if (m_roleErrors == null || m_roleErrors.size() == 0) {
277: System.out.println("--- No Errors Detected!");
278: } else {
279: for (Iterator i = m_roleErrors.keySet().iterator(); i
280: .hasNext();) {
281: String role = (String) i.next();
282: System.out.println("--- Role " + role
283: + " has invalid business function "
284: + m_roleErrors.get(role) + " specified.");
285: }
286: }
287: }
288: }
|