Source Code Cross Referenced for AuthValve.java in  » Science » Cougaar12_4 » org » cougaar » lib » web » tomcat » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /*
002:         * <copyright>
003:         *  
004:         *  Copyright 1997-2004 Networks Associates Technology, Inc
005:         *  under sponsorship of the Defense Advanced Research Projects
006:         *  Agency (DARPA).
007:         * 
008:         *  You can redistribute this software and/or modify it under the
009:         *  terms of the Cougaar Open Source License as published on the
010:         *  Cougaar Open Source Website (www.cougaar.org).
011:         * 
012:         *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
013:         *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
014:         *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
015:         *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
016:         *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
017:         *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
018:         *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
019:         *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
020:         *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
021:         *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
022:         *  OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
023:         *  
024:         * </copyright>
025:         *
026:         * CHANGE RECORD
027:         * - 
028:         */
029:        package org.cougaar.lib.web.tomcat;
030:
031:        import java.io.IOException;
032:        import java.lang.reflect.Method;
033:
034:        import javax.servlet.ServletException;
035:
036:        import org.apache.catalina.Contained;
037:        import org.apache.catalina.Container;
038:        import org.apache.catalina.Request;
039:        import org.apache.catalina.Response;
040:        import org.apache.catalina.Valve;
041:        import org.apache.catalina.ValveContext;
042:        import org.apache.catalina.valves.ValveBase;
043:
044:        /**
045:         * A Valve for Tomcat 4.0 that will use
046:         * org.cougaar.core.security.acl.auth.DualAuthenticator if it
047:         * exists and the System property
048:         * <code>org.cougaar.lib.web.tomcat.enableAuth</code> 
049:         * is "true".
050:         * <p>
051:         * The <code>server.xml</code> should have within the &lt;Context&gt; section:
052:         * <pre>
053:         *   &lt;Valve className="org.cougaar.lib.web.tomcat.AuthValve" realmName="Cougaar" authMethod="DIGEST"/&gt;
054:         * </pre>
055:         * <p>
056:         * Where realmName is the realm to use for authenticating users and
057:         * authMethod is the secondary method for authentication. It accepts any of the
058:         * standard methods available for authentication in servlet 2.3 spec.
059:         * Remember that the primary authentication is always CERT, so don't use that.
060:         *
061:         *
062:         * @property org.cougaar.lib.web.tomcat.auth.class
063:         *   classname for authenticator.
064:         * @property org.cougaar.lib.web.tomcat.enableAuth
065:         *   enable default authenticator class if the classname property
066:         *   is not specified.
067:         */
068:        public class AuthValve implements  Valve, Contained {
069:
070:            private static final String PROP_ENABLE = "org.cougaar.lib.web.tomcat.enableAuth";
071:            private static final String PROP_CLASS = "org.cougaar.lib.web.tomcat.auth.class";
072:            private static final String DEFAULT_SECURE = "org.cougaar.core.security.acl.auth.DualAuthenticator";
073:
074:            private ValveBase _authValve = null;
075:            private Container _container = null;
076:
077:            /** 
078:             * Default constructor.
079:             */
080:            public AuthValve() {
081:                String authClass = System.getProperty(PROP_CLASS);
082:                if (authClass == null && Boolean.getBoolean(PROP_ENABLE)) {
083:                    authClass = DEFAULT_SECURE;
084:                }
085:                if (authClass != null) {
086:                    try {
087:                        Class c = Class.forName(authClass);
088:                        _authValve = (ValveBase) c.newInstance();
089:                    } catch (ClassNotFoundException e) {
090:                        System.err.println("Error: could not find class "
091:                                + authClass);
092:                    } catch (ClassCastException e) {
093:                        System.err.println("Error: the class " + authClass
094:                                + " is not a Valve");
095:                    } catch (Exception e) {
096:                        System.err.println("Error: could not load the class "
097:                                + authClass);
098:                    }
099:                }
100:            }
101:
102:            /**
103:             * returns the DualAuthenticator Valve if it is available.
104:             */
105:            public ValveBase getValve() {
106:                return _authValve;
107:            }
108:
109:            /**
110:             * returns the DualAuthenticator getInfo() if available or "AuthValve"
111:             * otherwise
112:             */
113:            public String getInfo() {
114:                if (_authValve != null) {
115:                    return _authValve.getInfo();
116:                }
117:                return "AuthValve";
118:            }
119:
120:            /**
121:             * Calls DualAuthenticator invoke() if available or calls
122:             * context.invokeNext() if not.
123:             */
124:            public void invoke(Request request, Response response,
125:                    ValveContext context) throws IOException, ServletException {
126:                if (_authValve != null) {
127:                    _authValve.invoke(request, response, context);
128:                } else {
129:                    context.invokeNext(request, response);
130:                }
131:            }
132:
133:            /**
134:             * Calls DualAuthenticator setRealmName() if available
135:             */
136:            public void setRealmName(String realmName) {
137:                if (_authValve != null) {
138:                    try {
139:                        Method m = _authValve.getClass().getMethod(
140:                                "setRealmName", new Class[] { String.class });
141:                        m.invoke(_authValve, new Object[] { realmName });
142:                    } catch (Exception e) {
143:                        e.printStackTrace();
144:                    }
145:                }
146:            }
147:
148:            /**
149:             * Returns DualAuthenticator getRealmName() if available or
150:             * <code>null</code> otherwise.
151:             */
152:            public String getRealmName() {
153:                if (_authValve != null) {
154:                    try {
155:                        Method m = _authValve.getClass().getMethod(
156:                                "getRealmName", null);
157:                        return (String) m.invoke(_authValve, null);
158:                    } catch (Exception e) {
159:                        // don't worry about it.
160:                    }
161:                }
162:                return null;
163:            }
164:
165:            /**
166:             * Calls DualAuthenticator setAuthMethod() if available
167:             */
168:            public void setAuthMethod(String authMethod) {
169:                if (_authValve != null) {
170:                    try {
171:                        Method m = _authValve.getClass().getMethod(
172:                                "setAuthMethod", new Class[] { String.class });
173:                        m.invoke(_authValve, new Object[] { authMethod });
174:                    } catch (Exception e) {
175:                        // don't worry about it.
176:                    }
177:                }
178:            }
179:
180:            /**
181:             * Returns DualAuthenticator getAuthMethod() if available or
182:             * <code>null</code> otherwise.
183:             */
184:            public String getAuthMethod() {
185:                if (_authValve != null) {
186:                    try {
187:                        Method m = _authValve.getClass().getMethod(
188:                                "getAuthMethod", null);
189:                        return (String) m.invoke(_authValve, null);
190:                    } catch (Exception e) {
191:                        // don't worry about it.
192:                    }
193:                }
194:                return null;
195:            }
196:
197:            /**
198:             * Sets the context container
199:             */
200:            public void setContainer(Container container) {
201:                if (_authValve != null) {
202:                    _authValve.setContainer(container);
203:                }
204:                _container = container;
205:            }
206:
207:            /**
208:             * Returns the context container
209:             */
210:            public Container getContainer() {
211:                if (_authValve != null) {
212:                    return _authValve.getContainer();
213:                }
214:                return _container;
215:            }
216:        }