001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017: package org.apache.cocoon.auth.impl;
018:
019: import java.security.Principal;
020: import java.util.Map;
021:
022: import org.apache.avalon.framework.context.Context;
023: import org.apache.avalon.framework.context.ContextException;
024: import org.apache.cocoon.components.ContextHelper;
025: import org.apache.cocoon.environment.Request;
026: import org.apache.cocoon.auth.AbstractSecurityHandler;
027: import org.apache.cocoon.auth.StandardUser;
028: import org.apache.cocoon.auth.User;
029:
030: /**
031: * Verify if a user can be authenticated.
032: * This is a very simple authenticator that checks if the user is authenticated
033: * using the servlet authentication mechanisms.
034: *
035: * @version $Id: ServletSecurityHandler.java 433543 2006-08-22 06:22:54Z crossley $
036: */
037: public class ServletSecurityHandler extends AbstractSecurityHandler {
038:
039: /** The component context. */
040: protected Context context;
041:
042: /**
043: * @see org.apache.avalon.framework.context.Contextualizable#contextualize(org.apache.avalon.framework.context.Context)
044: */
045: public void contextualize(final Context aContext)
046: throws ContextException {
047: super .contextualize(aContext);
048: this .context = aContext;
049: }
050:
051: /**
052: * Create a new user.
053: * @param req The current request.
054: * @return A new user object.
055: */
056: protected User createUser(final Request req) {
057: final User user = new ServletUser(req);
058: return user;
059: }
060:
061: /**
062: * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map)
063: */
064: public User login(final Map loginContext) throws Exception {
065: final Request req = ContextHelper.getRequest(this .context);
066: User user = null;
067: if (req.getRemoteUser() != null) {
068: user = this .createUser(req);
069: }
070: return user;
071: }
072:
073: /**
074: * @see org.apache.cocoon.auth.SecurityHandler#logout(java.util.Map, org.apache.cocoon.auth.User)
075: */
076: public void logout(final Map logoutContext, final User user) {
077: // TODO what can we do here?
078: }
079:
080: /**
081: * Inner class for the current user. This class provides access to some
082: * servlet specific information.
083: */
084: public static class ServletUser extends StandardUser {
085:
086: /** The principal belonging to the user. */
087: protected final Principal principal;
088:
089: /**
090: * Instantiate a new user.
091: * @param req The current request.
092: */
093: public ServletUser(final Request req) {
094: super (req.getRemoteUser());
095: this .principal = req.getUserPrincipal();
096: }
097:
098: /**
099: * Return the current principal.
100: * @return The principal.
101: */
102: public Principal getPrincipal() {
103: return this.principal;
104: }
105: }
106: }
|