001: /*
002: * ====================================================================
003: * JAFFA - Java Application Framework For All
004: *
005: * Copyright (C) 2002 JAFFA Development Group
006: *
007: * This library is free software; you can redistribute it and/or
008: * modify it under the terms of the GNU Lesser General Public
009: * License as published by the Free Software Foundation; either
010: * version 2.1 of the License, or (at your option) any later version.
011: *
012: * This library is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this library; if not, write to the Free Software
019: * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020: *
021: * Redistribution and use of this software and associated documentation ("Software"),
022: * with or without modification, are permitted provided that the following conditions are met:
023: * 1. Redistributions of source code must retain copyright statements and notices.
024: * Redistributions must also contain a copy of this document.
025: * 2. Redistributions in binary form must reproduce the above copyright notice,
026: * this list of conditions and the following disclaimer in the documentation
027: * and/or other materials provided with the distribution.
028: * 3. The name "JAFFA" must not be used to endorse or promote products derived from
029: * this Software without prior written permission. For written permission,
030: * please contact mail to: jaffagroup@yahoo.com.
031: * 4. Products derived from this Software may not be called "JAFFA" nor may "JAFFA"
032: * appear in their names without prior written permission.
033: * 5. Due credit should be given to the JAFFA Project (http://jaffa.sourceforge.net).
034: *
035: * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED
036: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
037: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
038: * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
039: * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
040: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
041: * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
042: * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
043: * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
044: * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
045: * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
046: * SUCH DAMAGE.
047: * ====================================================================
048: */
049:
050: /* Generated by Together */
051:
052: package org.jaffa.security;
053:
054: import org.jaffa.config.Config;
055: import org.jaffa.security.securityrolesdomain.Roles;
056: import java.util.HashMap;
057: import java.net.URL;
058: import java.util.List;
059: import java.util.Iterator;
060: import org.jaffa.security.securityrolesdomain.Role;
061: import java.util.ArrayList;
062: import org.jaffa.security.securityrolesdomain.GrantFunctionAccess;
063: import java.net.MalformedURLException;
064: import org.apache.log4j.Logger;
065: import org.jaffa.util.URLHelper;
066: import javax.xml.bind.JAXBContext;
067: import javax.xml.bind.JAXBException;
068: import javax.xml.bind.Unmarshaller;
069: import org.jaffa.util.XmlHelper;
070: import java.io.IOException;
071:
072: /** This class is the interface between the policy domain classes
073: * and the Policy manager, it provide the data to the PolicyManager
074: * in a more native format then in the domain objects
075: * It also caches the policy information for multiple
076: * access.
077: */
078: public class PolicyCache {
079: /** Set up Logging for Log4J */
080: private static Logger log = Logger.getLogger(PolicyCache.class);
081:
082: /** If no property is specified in the framework.properties file, this is where the system
083: * will look for the roles.xml policy file. It is wise to put an empty policy file at this location!
084: */
085: private static final String DEFAULT_POLICY_LOCATION = "classpath:///resources/roles.xml";
086:
087: /** This caches the roles read from the XML file*/
088: private static Roles c_roles = null;
089:
090: /** Returns the Roles domain objects. This are the objects created from the XML file. This is a cached copy and should not be modified.
091: * Changing this will not effect the contents of the loaded policy, as the
092: * policy will load on application startup.
093: * @return The root Roles domain object for the current policy
094: */
095: public static Roles getRoles() {
096: if (c_roles == null)
097: c_roles = readRoles();
098: return c_roles;
099: }
100:
101: /** Read the roles in from the XMLdocument and cache them
102: * @return The Root of the Roles XML document to cache
103: */
104: private static Roles readRoles() {
105: // message #1.1.1.1.1.1 to config:org.jaffa.config.Config
106: String prop = (String) Config.getProperty(
107: Config.PROP_SECURITY_POLICY_URL,
108: DEFAULT_POLICY_LOCATION);
109: URL roleUrl = null;
110: try {
111: // Create a URL for the resource file...
112: roleUrl = URLHelper.newExtendedURL(prop);
113: } catch (MalformedURLException e) {
114: log.fatal("Can't Find Security Policy File, Bad URL - "
115: + prop, e);
116: throw new SecurityException();
117: }
118: // message #1.1.1.1.1.2 to roles:org.jaffa.security.securityrolesdomain.Roles
119: Roles roles = null;
120: try {
121: // create a JAXBContext capable of handling classes generated into the package
122: JAXBContext jc = JAXBContext
123: .newInstance("org.jaffa.security.securityrolesdomain");
124:
125: // create an Unmarshaller
126: Unmarshaller u = jc.createUnmarshaller();
127:
128: // enable validation
129: u.setValidating(true);
130:
131: // unmarshal a document into a tree of Java content objects composed of classes from the package.
132: roles = (Roles) u.unmarshal(XmlHelper
133: .stripDoctypeDeclaration(roleUrl));
134:
135: log.info("Loaded Policy File From : "
136: + roleUrl.toExternalForm());
137: log.info("Policy Contains " + roles.getRole().size()
138: + " Role Entries");
139: } catch (JAXBException e) {
140: log
141: .fatal(
142: "Can't Load Security Policy File, Malformed XML Document",
143: e);
144: throw new SecurityException();
145: } catch (IOException e) {
146: log
147: .fatal(
148: "Can't Load Security Policy File, I/O Error in reading XML Document",
149: e);
150: throw new SecurityException();
151: }
152:
153: // Set it on exit
154: return roles;
155: }
156:
157: /** Clear the cached policy. Will be reloaded on the next access.
158: */
159: public static void clearCache() {
160: c_roles = null;
161: //This cleras the functionindex , componentindex and roleindex
162: PolicyManager.clearCache();
163: }
164:
165: /** Get the list of roles and what functions are in each role.
166: *
167: * @return The returned Hashmap is keyed on Role name (String), and each entry is a list (List) of
168: * business function names (String)
169: */
170: static HashMap getRoleMap() {
171:
172: // Get the roles, throws exceptions if there are issues
173: Roles roles = getRoles();
174:
175: // Now we have the information, build the hashmap
176: HashMap m = new HashMap();
177: List roleList = roles.getRole();
178: // Bail if there are no roles....
179: if (roleList == null)
180: return m;
181:
182: // Loop of all the role objects
183: for (Iterator it = roleList.iterator(); it.hasNext();) {
184: Role role = (Role) it.next();
185: if (log.isDebugEnabled())
186: log.debug("Processing Role: " + role.getName());
187: List access = role.getGrantFunctionAccess();
188: List funcs = null;
189: if (access != null) {
190: funcs = new ArrayList();
191: // Add all the names in all of the GrantAccess objects to the list.
192: for (Iterator it2 = access.iterator(); it2.hasNext();) {
193: GrantFunctionAccess gfa = (GrantFunctionAccess) it2
194: .next();
195: funcs.add(gfa.getName());
196: if (log.isDebugEnabled())
197: log.debug("Processing Role: " + role.getName()
198: + " has function " + gfa.getName());
199: }
200: }
201: // If there are some functions, add it to the master hashmap
202: if (funcs != null)
203: m.put(role.getName(), funcs);
204: }
205:
206: // Return the construsted Map
207: return m;
208:
209: }
210: }
|