001: /*
002: * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/naming/ContextAccessController.java,v 1.3 2001/06/11 22:44:03 remm Exp $
003: * $Revision: 1.3 $
004: * $Date: 2001/06/11 22:44:03 $
005: *
006: * ====================================================================
007: *
008: * The Apache Software License, Version 1.1
009: *
010: * Copyright (c) 1999 The Apache Software Foundation. All rights
011: * reserved.
012: *
013: * Redistribution and use in source and binary forms, with or without
014: * modification, are permitted provided that the following conditions
015: * are met:
016: *
017: * 1. Redistributions of source code must retain the above copyright
018: * notice, this list of conditions and the following disclaimer.
019: *
020: * 2. Redistributions in binary form must reproduce the above copyright
021: * notice, this list of conditions and the following disclaimer in
022: * the documentation and/or other materials provided with the
023: * distribution.
024: *
025: * 3. The end-user documentation included with the redistribution, if
026: * any, must include the following acknowlegement:
027: * "This product includes software developed by the
028: * Apache Software Foundation (http://www.apache.org/)."
029: * Alternately, this acknowlegement may appear in the software itself,
030: * if and wherever such third-party acknowlegements normally appear.
031: *
032: * 4. The names "The Jakarta Project", "Tomcat", and "Apache Software
033: * Foundation" must not be used to endorse or promote products derived
034: * from this software without prior written permission. For written
035: * permission, please contact apache@apache.org.
036: *
037: * 5. Products derived from this software may not be called "Apache"
038: * nor may "Apache" appear in their names without prior written
039: * permission of the Apache Group.
040: *
041: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
042: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
043: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
044: * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
045: * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
046: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
047: * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
048: * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
049: * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
050: * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
051: * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
052: * SUCH DAMAGE.
053: * ====================================================================
054: *
055: * This software consists of voluntary contributions made by many
056: * individuals on behalf of the Apache Software Foundation. For more
057: * information on the Apache Software Foundation, please see
058: * <http://www.apache.org/>.
059: *
060: * [Additional notices, if required by prior licensing conditions]
061: *
062: */
063:
064: package org.apache.naming;
065:
066: import java.util.Hashtable;
067: import javax.naming.NamingException;
068:
069: /**
070: * Handles the access control on the JNDI contexts.
071: *
072: * @author Remy Maucherat
073: * @version $Revision: 1.3 $ $Date: 2001/06/11 22:44:03 $
074: */
075:
076: public class ContextAccessController {
077:
078: // -------------------------------------------------------------- Variables
079:
080: /**
081: * Catalina context names on which writing is not allowed.
082: */
083: private static Hashtable readOnlyContexts = new Hashtable();
084:
085: /**
086: * Security tokens repository.
087: */
088: private static Hashtable securityTokens = new Hashtable();
089:
090: // --------------------------------------------------------- Public Methods
091:
092: /**
093: * Set a security token for a context. Can be set only once.
094: *
095: * @param name Name of the context
096: * @param context Security token
097: */
098: public static void setSecurityToken(Object name, Object token) {
099: if ((!securityTokens.containsKey(name)) && (token != null)) {
100: securityTokens.put(name, token);
101: }
102: }
103:
104: /**
105: * Remove a security token for a context.
106: *
107: * @param name Name of the context
108: * @param context Security token
109: */
110: public static void unsetSecurityToken(Object name, Object token) {
111: if (checkSecurityToken(name, token)) {
112: securityTokens.remove(name);
113: }
114: }
115:
116: /**
117: * Check a submitted security token. The submitted token must be equal to
118: * the token present in the repository. If no token is present for the
119: * context, then returns true.
120: *
121: * @param name Name of the context
122: * @param context Submitted security token
123: */
124: public static boolean checkSecurityToken(Object name, Object token) {
125: Object refToken = securityTokens.get(name);
126: if (refToken == null)
127: return (true);
128: if ((refToken != null) && (refToken.equals(token)))
129: return (true);
130: return (false);
131: }
132:
133: /**
134: * Allow writing to a context.
135: *
136: * @param name Name of the context
137: * @param token Security token
138: */
139: public static void setWritable(Object name, Object token) {
140: if (checkSecurityToken(name, token))
141: readOnlyContexts.remove(name);
142: }
143:
144: /**
145: * Set whether or not a context is writable.
146: *
147: * @param name Name of the context
148: */
149: public static void setReadOnly(Object name) {
150: readOnlyContexts.put(name, name);
151: }
152:
153: /**
154: * Returns if a context is writable.
155: *
156: * @param name Name of the context
157: */
158: public static boolean isWritable(Object name) {
159: return !(readOnlyContexts.containsKey(name));
160: }
161:
162: }
|