PolicyProtectedBuilder xref

View Javadoc

1   // 
2   // Copyright (c) 2003-2005, Caltha - Gajda, Krzewski, Mach, Potempski Sp.J. 
3   // All rights reserved. 
4   // 
5   // Redistribution and use in source and binary forms, with or without modification,  
6   // are permitted provided that the following conditions are met: 
7   //  
8   // * Redistributions of source code must retain the above copyright notice,  
9   //	 this list of conditions and the following disclaimer. 
10  // * Redistributions in binary form must reproduce the above copyright notice,  
11  //	 this list of conditions and the following disclaimer in the documentation  
12  //	 and/or other materials provided with the distribution. 
13  // * Neither the name of the Caltha - Gajda, Krzewski, Mach, Potempski Sp.J.  
14  //	 nor the names of its contributors may be used to endorse or promote products  
15  //	 derived from this software without specific prior written permission. 
16  // 
17  // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"  
18  // AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED  
19  // WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 
20  // IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,  
21  // INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,  
22  // BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, 
23  // OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,  
24  // WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)  
25  // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE  
26  // POSSIBILITY OF SUCH DAMAGE. 
27  // 
28  package org.objectledge.web.mvc.builders;
29  
30  import org.objectledge.authentication.AuthenticationContext;
31  import org.objectledge.context.Context;
32  import org.objectledge.pipeline.ProcessingException;
33  import org.objectledge.web.mvc.MVCContext;
34  import org.objectledge.web.mvc.security.Policy;
35  import org.objectledge.web.mvc.security.PolicySystem;
36  import org.objectledge.web.mvc.security.SecurityChecking;
37  
38  /***
39   * A builder that must be protected by a specific policy. 
40   *
41   * @author <a href="mailto:rafal@caltha.pl">Rafal Krzewski</a>
42   * @version $Id: PolicyProtectedBuilder.java,v 1.3 2006/04/05 15:52:30 zwierzem Exp $
43   */
44  public abstract class PolicyProtectedBuilder
45      extends AbstractBuilder
46      implements SecurityChecking
47  {
48      private final PolicySystem policySystem;
49  
50      /***
51       * Creates new PolicyProtectedBuider instance.
52       * 
53       * @param context the request context.
54       * @param policySystemArg the PolicySystem component.
55       */
56      public PolicyProtectedBuilder(Context context, PolicySystem policySystemArg)
57      {
58          super(context);
59          this.policySystem = policySystemArg;
60      }
61  
62      /***
63       * {@inheritDoc}
64       */
65      public boolean requiresSecureChannel(Context context)
66          throws Exception
67      {
68          Policy policy = getPolicy(context);
69          return policy.requiresSSL();
70      }
71  
72      /***
73       * {@inheritDoc}
74       */
75      public boolean requiresAuthenticatedUser(Context context)
76          throws Exception
77      {
78          Policy policy = getPolicy(context);
79          return policy.requiresLogin();
80      }
81  
82      /***
83       * {@inheritDoc}
84       */
85      public boolean checkAccessRights(Context context)
86          throws Exception
87      {
88          Policy policy = getPolicy(context);
89          AuthenticationContext authenticationContext =
90              AuthenticationContext.getAuthenticationContext(context);
91          return policySystem.checkPolicy(authenticationContext.getUserPrincipal(),
92              authenticationContext.isUserAuthenticated(), policy);
93      }
94      
95      /***
96       * Retruns a policy matching the current request.
97       * 
98       * @param context the request context.
99       * @return the matching policy.
100      * @throws ProcessingException if no policy matches the request.
101      */
102     private Policy getPolicy(Context context)
103         throws ProcessingException
104     {
105         MVCContext mvcContext = MVCContext.getMVCContext(context);
106         Policy policy = policySystem.getPolicy(mvcContext.getView(), mvcContext.getAction());
107         if(policy == null)
108         {
109             throw new ProcessingException(mvcContext.getView() + 
110                 " is not matched by any access policy");
111         }
112         return policy;
113     }
114 }