001: /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
002: *
003: * Licensed under the Apache License, Version 2.0 (the "License");
004: * you may not use this file except in compliance with the License.
005: * You may obtain a copy of the License at
006: *
007: * http://www.apache.org/licenses/LICENSE-2.0
008: *
009: * Unless required by applicable law or agreed to in writing, software
010: * distributed under the License is distributed on an "AS IS" BASIS,
011: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
012: * See the License for the specific language governing permissions and
013: * limitations under the License.
014: */
015:
016: package org.acegisecurity.securechannel;
017:
018: import org.acegisecurity.ConfigAttribute;
019: import org.acegisecurity.ConfigAttributeDefinition;
020:
021: import org.acegisecurity.intercept.web.FilterInvocation;
022:
023: import org.springframework.beans.factory.InitializingBean;
024:
025: import java.io.IOException;
026:
027: import java.util.Iterator;
028: import java.util.List;
029:
030: import javax.servlet.ServletException;
031:
032: /**
033: * Implementation of {@link ChannelDecisionManager}.<p>Iterates through each configured {@link ChannelProcessor}.
034: * If a <code>ChannelProcessor</code> has any issue with the security of the request, it should cause a redirect,
035: * exception or whatever other action is appropriate for the <code>ChannelProcessor</code> implementation.</p>
036: * <P>Once any response is committed (ie a redirect is written to the response object), the
037: * <code>ChannelDecisionManagerImpl</code> will not iterate through any further <code>ChannelProcessor</code>s.</p>
038: *
039: * @author Ben Alex
040: * @version $Id: ChannelDecisionManagerImpl.java 1496 2006-05-23 13:38:33Z benalex $
041: */
042: public class ChannelDecisionManagerImpl implements
043: ChannelDecisionManager, InitializingBean {
044: //~ Instance fields ================================================================================================
045:
046: private List channelProcessors;
047:
048: //~ Methods ========================================================================================================
049:
050: public void afterPropertiesSet() throws Exception {
051: checkIfValidList(this .channelProcessors);
052: }
053:
054: private void checkIfValidList(List listToCheck) {
055: if ((listToCheck == null) || (listToCheck.size() == 0)) {
056: throw new IllegalArgumentException(
057: "A list of ChannelProcessors is required");
058: }
059: }
060:
061: public void decide(FilterInvocation invocation,
062: ConfigAttributeDefinition config) throws IOException,
063: ServletException {
064: Iterator iter = this .channelProcessors.iterator();
065:
066: while (iter.hasNext()) {
067: ChannelProcessor processor = (ChannelProcessor) iter.next();
068:
069: processor.decide(invocation, config);
070:
071: if (invocation.getResponse().isCommitted()) {
072: break;
073: }
074: }
075: }
076:
077: public List getChannelProcessors() {
078: return this .channelProcessors;
079: }
080:
081: public void setChannelProcessors(List newList) {
082: checkIfValidList(newList);
083:
084: Iterator iter = newList.iterator();
085:
086: while (iter.hasNext()) {
087: Object currentObject = null;
088:
089: try {
090: currentObject = iter.next();
091:
092: ChannelProcessor attemptToCast = (ChannelProcessor) currentObject;
093: } catch (ClassCastException cce) {
094: throw new IllegalArgumentException("ChannelProcessor "
095: + currentObject.getClass().getName()
096: + " must implement ChannelProcessor");
097: }
098: }
099:
100: this .channelProcessors = newList;
101: }
102:
103: public boolean supports(ConfigAttribute attribute) {
104: Iterator iter = this .channelProcessors.iterator();
105:
106: while (iter.hasNext()) {
107: ChannelProcessor processor = (ChannelProcessor) iter.next();
108:
109: if (processor.supports(attribute)) {
110: return true;
111: }
112: }
113:
114: return false;
115: }
116: }
|