001: /*
002: * Tomcat: The deployer for the tomcat daemon
003: * Copyright (C) 2007 Rift IT Contracting
004: *
005: * This library is free software; you can redistribute it and/or
006: * modify it under the terms of the GNU Lesser General Public
007: * License as published by the Free Software Foundation; either
008: * version 2.1 of the License, or (at your option) any later version.
009: *
010: * This library is distributed in the hope that it will be useful,
011: * but WITHOUT ANY WARRANTY; without even the implied warranty of
012: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
013: * Lesser General Public License for more details.
014: *
015: * You should have received a copy of the GNU Lesser General Public
016: * License along with this library; if not, write to the Free Software
017: * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
018: *
019: * CoadunationValve.java
020: */
021:
022: // package path
023: package com.rift.coad.daemon.tomcat.security;
024:
025: // logging import
026: import java.io.IOException;
027: import java.security.Principal;
028: import javax.servlet.ServletException;
029:
030: // log 4 j imports
031: import org.apache.log4j.Logger;
032:
033: // tomcat imports
034: import org.apache.catalina.connector.Request;
035: import org.apache.catalina.connector.Response;
036: import org.apache.catalina.valves.ValveBase;
037: import org.apache.catalina.Manager;
038: import org.apache.catalina.Session;
039: import javax.servlet.http.HttpSession;
040:
041: // coadunation imports
042: import com.rift.coad.lib.security.UserSession;
043: import com.rift.coad.lib.security.ThreadPermissionSession;
044: import com.rift.coad.lib.security.SessionManager;
045:
046: /**
047: * This valve is responsible for associating an active session with a user. In
048: * coadunation.
049: *
050: * @author brett
051: */
052: public class CoadunationValve extends ValveBase {
053:
054: // instanciate the logger
055: protected static Logger log = Logger
056: .getLogger(CoadunationValve.class.getName());
057:
058: // private member variables
059: private CoadunationInterceptor interceptor = CoadunationInterceptor
060: .getInstance();
061:
062: /**
063: * Creates a new instance of CoadunationValve
064: */
065: public CoadunationValve() {
066: }
067:
068: /**
069: * This method is responsible for dealing with the invoke request on the
070: * servlet container.
071: *
072: * @param request The data used for the request.
073: * @param response The data resulting from the request response.
074: * @exception IOException
075: * @exception ServletException
076: */
077: public void invoke(Request request, Response response)
078: throws IOException, ServletException {
079: Principal caller = request.getSessionInternal().getPrincipal();
080: HttpSession hsession = request.getSession(false);
081: UserSession userSession = null;
082: try {
083: if (caller instanceof CoadunationGenericPrincipal) {
084: userSession = ((CoadunationGenericPrincipal) caller)
085: .getSession();
086: // this section is to deal with form based authentication.
087: } else if (hsession != null) {
088: userSession = (UserSession) hsession
089: .getAttribute("CoadunationUserSession");
090: }
091: } catch (Exception ex) {
092: log.error(
093: "Failed to retrieve the user session information : "
094: + ex.getMessage(), ex);
095: }
096: if (userSession != null) {
097: log.debug("The user session is for : "
098: + userSession.getName());
099: }
100: interceptor.pushUser(userSession);
101: try {
102: getNext().invoke(request, response);
103: // this section is to deal with form based authentication.
104: if (hsession != null) {
105: try {
106: ThreadPermissionSession session = SessionManager
107: .getInstance().getSession();
108:
109: hsession.setAttribute("CoadunationUserSession",
110: session.getUser());
111: } catch (Exception ex) {
112: // ignore this as we will not have a session on a an normal
113: // thread
114: log
115: .debug("No session has been setup for current thread :"
116: + ex.getMessage());
117: }
118: }
119: } finally {
120: interceptor.popUser();
121: }
122: }
123:
124: }
|