01: /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
02: *
03: * Licensed under the Apache License, Version 2.0 (the "License");
04: * you may not use this file except in compliance with the License.
05: * You may obtain a copy of the License at
06: *
07: * http://www.apache.org/licenses/LICENSE-2.0
08: *
09: * Unless required by applicable law or agreed to in writing, software
10: * distributed under the License is distributed on an "AS IS" BASIS,
11: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12: * See the License for the specific language governing permissions and
13: * limitations under the License.
14: */
15:
16: package org.acegisecurity.providers.cas.proxy;
17:
18: import org.acegisecurity.AcegiMessageSource;
19:
20: import org.acegisecurity.providers.cas.CasProxyDecider;
21: import org.acegisecurity.providers.cas.ProxyUntrustedException;
22:
23: import org.apache.commons.logging.Log;
24: import org.apache.commons.logging.LogFactory;
25:
26: import org.springframework.beans.factory.InitializingBean;
27:
28: import org.springframework.context.MessageSource;
29: import org.springframework.context.MessageSourceAware;
30: import org.springframework.context.support.MessageSourceAccessor;
31:
32: import org.springframework.util.Assert;
33:
34: import java.util.List;
35:
36: /**
37: * Accepts proxied requests if the closest proxy is named in the <code>validProxies</code> list.<P>Also accepts the
38: * request if there was no proxy (ie the user directly authenticated against this service).</p>
39: */
40: public class NamedCasProxyDecider implements CasProxyDecider,
41: InitializingBean, MessageSourceAware {
42: //~ Static fields/initializers =====================================================================================
43:
44: private static final Log logger = LogFactory
45: .getLog(NamedCasProxyDecider.class);
46:
47: //~ Instance fields ================================================================================================
48:
49: private List validProxies;
50: protected MessageSourceAccessor messages = AcegiMessageSource
51: .getAccessor();
52:
53: //~ Methods ========================================================================================================
54:
55: public void afterPropertiesSet() throws Exception {
56: Assert.notNull(this .validProxies,
57: "A validProxies list must be set");
58: Assert.notNull(this .messages, "A message source must be set");
59: }
60:
61: public void confirmProxyListTrusted(List proxyList)
62: throws ProxyUntrustedException {
63: Assert.notNull(proxyList, "proxyList cannot be null");
64:
65: if (logger.isDebugEnabled()) {
66: logger.debug("Proxy list: " + proxyList.toString());
67: }
68:
69: if (proxyList.size() == 0) {
70: // A Service Ticket (not a Proxy Ticket)
71: return;
72: }
73:
74: if (!validProxies.contains(proxyList.get(0))) {
75: throw new ProxyUntrustedException(messages.getMessage(
76: "NamedCasProxyDecider.untrusted",
77: new Object[] { proxyList.get(0) },
78: "Nearest proxy {0} is untrusted"));
79: }
80: }
81:
82: public List getValidProxies() {
83: return validProxies;
84: }
85:
86: public void setMessageSource(MessageSource messageSource) {
87: this .messages = new MessageSourceAccessor(messageSource);
88: }
89:
90: public void setValidProxies(List validProxies) {
91: this.validProxies = validProxies;
92: }
93: }
|