You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@turbine.apache.org by go...@apache.org on 2002/02/08 18:39:04 UTC
cvs commit: jakarta-turbine-3/src/java/org/apache/turbine/security/turbine Scope.java SecurityObject.java TurbineScope.java TurbineSecurityObject.java Authenticator.java Authorizer.java Password.java Permission.java Subject.java TurbineAuthenticator.java TurbineAuthorizer.java TurbinePermission.java TurbineSecurityManager.java TurbineSubject.java
gonzalo 02/02/08 09:39:03
Modified: src/java/org/apache/turbine/security/turbine Tag:
rundata_security_changes Authenticator.java
Authorizer.java Password.java Permission.java
Subject.java TurbineAuthenticator.java
TurbineAuthorizer.java TurbinePermission.java
TurbineSecurityManager.java TurbineSubject.java
Added: src/java/org/apache/turbine/security/turbine Tag:
rundata_security_changes Scope.java
SecurityObject.java TurbineScope.java
TurbineSecurityObject.java
Log:
Revision Changes Path
No revision
No revision
1.1.2.4 +2 -2 jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/Authenticator.java
Index: Authenticator.java
===================================================================
RCS file: /home/cvs/jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/Authenticator.java,v
retrieving revision 1.1.2.3
retrieving revision 1.1.2.4
diff -u -r1.1.2.3 -r1.1.2.4
--- Authenticator.java 8 Feb 2002 01:51:18 -0000 1.1.2.3
+++ Authenticator.java 8 Feb 2002 17:39:03 -0000 1.1.2.4
@@ -63,10 +63,10 @@
* valid for a given Subject.
*
* @author <a href="mailto:gonzalo.diethelm@apache.org">Gonzalo Diethelm</a>
- * @version $Id: Authenticator.java,v 1.1.2.3 2002/02/08 01:51:18 dobbs Exp $
+ * @version $Id: Authenticator.java,v 1.1.2.4 2002/02/08 17:39:03 gonzalo Exp $
*/
public interface Authenticator
{
public boolean checkSubjectCredentials(Subject subject,
- Credentials credentials);
+ Credentials credentials);
}
1.1.2.4 +3 -2 jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/Authorizer.java
Index: Authorizer.java
===================================================================
RCS file: /home/cvs/jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/Authorizer.java,v
retrieving revision 1.1.2.3
retrieving revision 1.1.2.4
diff -u -r1.1.2.3 -r1.1.2.4
--- Authorizer.java 8 Feb 2002 01:51:18 -0000 1.1.2.3
+++ Authorizer.java 8 Feb 2002 17:39:03 -0000 1.1.2.4
@@ -59,10 +59,11 @@
* that knows how to determine if a Subject has a given Permission.
*
* @author <a href="mailto:gonzalo.diethelm@apache.org">Gonzalo Diethelm</a>
- * @version $Id: Authorizer.java,v 1.1.2.3 2002/02/08 01:51:18 dobbs Exp $
+ * @version $Id: Authorizer.java,v 1.1.2.4 2002/02/08 17:39:03 gonzalo Exp $
*/
public interface Authorizer
{
public boolean checkSubjectPermission(Subject subject,
- Permission permission);
+ Permission permission,
+ Scope scope);
}
1.1.2.5 +3 -3 jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/Password.java
Index: Password.java
===================================================================
RCS file: /home/cvs/jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/Password.java,v
retrieving revision 1.1.2.4
retrieving revision 1.1.2.5
diff -u -r1.1.2.4 -r1.1.2.5
--- Password.java 8 Feb 2002 01:51:18 -0000 1.1.2.4
+++ Password.java 8 Feb 2002 17:39:03 -0000 1.1.2.5
@@ -60,7 +60,7 @@
* This class defines a text password as Credentials.
*
* @author <a href="mailto:gonzalo.diethelm@apache.org">Gonzalo Diethelm</a>
- * @version $Id: Password.java,v 1.1.2.4 2002/02/08 01:51:18 dobbs Exp $
+ * @version $Id: Password.java,v 1.1.2.5 2002/02/08 17:39:03 gonzalo Exp $
*/
class Password
implements Credentials
@@ -69,11 +69,11 @@
public Password(String text)
{
- text_ = text;
+ text_ = text;
}
public String getText()
{
- return text_;
+ return text_;
}
}
1.1.2.4 +2 -1 jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/Permission.java
Index: Permission.java
===================================================================
RCS file: /home/cvs/jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/Permission.java,v
retrieving revision 1.1.2.3
retrieving revision 1.1.2.4
diff -u -r1.1.2.3 -r1.1.2.4
--- Permission.java 8 Feb 2002 01:51:18 -0000 1.1.2.3
+++ Permission.java 8 Feb 2002 17:39:03 -0000 1.1.2.4
@@ -59,8 +59,9 @@
* to do something (read, write, execute, etc.).
*
* @author <a href="mailto:gonzalo.diethelm@apache.org">Gonzalo Diethelm</a>
- * @version $Id: Permission.java,v 1.1.2.3 2002/02/08 01:51:18 dobbs Exp $
+ * @version $Id: Permission.java,v 1.1.2.4 2002/02/08 17:39:03 gonzalo Exp $
*/
public interface Permission
+ extends SecurityObject
{
}
1.1.2.4 +2 -1 jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/Subject.java
Index: Subject.java
===================================================================
RCS file: /home/cvs/jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/Subject.java,v
retrieving revision 1.1.2.3
retrieving revision 1.1.2.4
diff -u -r1.1.2.3 -r1.1.2.4
--- Subject.java 8 Feb 2002 01:51:18 -0000 1.1.2.3
+++ Subject.java 8 Feb 2002 17:39:03 -0000 1.1.2.4
@@ -59,8 +59,9 @@
* printer, etc., anything that can be associated with permissions.
*
* @author <a href="mailto:gonzalo.diethelm@apache.org">Gonzalo Diethelm</a>
- * @version $Id: Subject.java,v 1.1.2.3 2002/02/08 01:51:18 dobbs Exp $
+ * @version $Id: Subject.java,v 1.1.2.4 2002/02/08 17:39:03 gonzalo Exp $
*/
public interface Subject
+ extends SecurityObject
{
}
1.1.2.5 +3 -3 jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/TurbineAuthenticator.java
Index: TurbineAuthenticator.java
===================================================================
RCS file: /home/cvs/jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/TurbineAuthenticator.java,v
retrieving revision 1.1.2.4
retrieving revision 1.1.2.5
diff -u -r1.1.2.4 -r1.1.2.5
--- TurbineAuthenticator.java 8 Feb 2002 01:51:18 -0000 1.1.2.4
+++ TurbineAuthenticator.java 8 Feb 2002 17:39:03 -0000 1.1.2.5
@@ -62,14 +62,14 @@
* This class defines the default Authenticator.
*
* @author <a href="mailto:gonzalo.diethelm@apache.org">Gonzalo Diethelm</a>
- * @version $Id: TurbineAuthenticator.java,v 1.1.2.4 2002/02/08 01:51:18 dobbs Exp $
+ * @version $Id: TurbineAuthenticator.java,v 1.1.2.5 2002/02/08 17:39:03 gonzalo Exp $
*/
public class TurbineAuthenticator
implements Authenticator
{
public boolean checkSubjectCredentials(Subject subject,
- Credentials credentials)
+ Credentials credentials)
{
- return true;
+ return true;
}
}
1.1.2.5 +4 -3 jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/TurbineAuthorizer.java
Index: TurbineAuthorizer.java
===================================================================
RCS file: /home/cvs/jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/TurbineAuthorizer.java,v
retrieving revision 1.1.2.4
retrieving revision 1.1.2.5
diff -u -r1.1.2.4 -r1.1.2.5
--- TurbineAuthorizer.java 8 Feb 2002 01:51:18 -0000 1.1.2.4
+++ TurbineAuthorizer.java 8 Feb 2002 17:39:03 -0000 1.1.2.5
@@ -62,14 +62,15 @@
* This class defines the default Authorizer.
*
* @author <a href="mailto:gonzalo.diethelm@apache.org">Gonzalo Diethelm</a>
- * @version $Id: TurbineAuthorizer.java,v 1.1.2.4 2002/02/08 01:51:18 dobbs Exp $
+ * @version $Id: TurbineAuthorizer.java,v 1.1.2.5 2002/02/08 17:39:03 gonzalo Exp $
*/
public class TurbineAuthorizer
implements Authorizer
{
public boolean checkSubjectPermission(Subject subject,
- Permission permission)
+ Permission permission,
+ Scope scope)
{
- return true;
+ return true;
}
}
1.1.2.5 +4 -10 jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/TurbinePermission.java
Index: TurbinePermission.java
===================================================================
RCS file: /home/cvs/jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/TurbinePermission.java,v
retrieving revision 1.1.2.4
retrieving revision 1.1.2.5
diff -u -r1.1.2.4 -r1.1.2.5
--- TurbinePermission.java 8 Feb 2002 01:51:18 -0000 1.1.2.4
+++ TurbinePermission.java 8 Feb 2002 17:39:03 -0000 1.1.2.5
@@ -60,20 +60,14 @@
* This class defines the default Permission.
*
* @author <a href="mailto:gonzalo.diethelm@apache.org">Gonzalo Diethelm</a>
- * @version $Id: TurbinePermission.java,v 1.1.2.4 2002/02/08 01:51:18 dobbs Exp $
+ * @version $Id: TurbinePermission.java,v 1.1.2.5 2002/02/08 17:39:03 gonzalo Exp $
*/
public class TurbinePermission
+ extends TurbineSecurityObject
implements Permission
{
- private String id_;
-
- public TurbinePermission(String id)
+ public TurbinePermission()
{
- id_ = id;
- }
-
- public String getId()
- {
- return id_;
+ super();
}
}
1.1.2.5 +96 -52 jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/TurbineSecurityManager.java
Index: TurbineSecurityManager.java
===================================================================
RCS file: /home/cvs/jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/TurbineSecurityManager.java,v
retrieving revision 1.1.2.4
retrieving revision 1.1.2.5
diff -u -r1.1.2.4 -r1.1.2.5
--- TurbineSecurityManager.java 8 Feb 2002 01:51:18 -0000 1.1.2.4
+++ TurbineSecurityManager.java 8 Feb 2002 17:39:03 -0000 1.1.2.5
@@ -58,15 +58,10 @@
import org.apache.turbine.security.SecurityManager;
-// TODO: remove
-import org.apache.turbine.security.turbine.TurbineSubject;
-import org.apache.turbine.security.turbine.TurbinePermission;
-import org.apache.turbine.security.turbine.TurbineAuthenticator;
-import org.apache.turbine.security.turbine.TurbineAuthorizer;
-
import org.apache.turbine.security.turbine.Authenticator;
import org.apache.turbine.security.turbine.Authorizer;
import org.apache.turbine.security.turbine.Permission;
+import org.apache.turbine.security.turbine.Scope;
import org.apache.turbine.security.turbine.Subject;
/**
@@ -75,25 +70,33 @@
* following mechanisms:
*
* 1. All the work is done through interfaces for the following
- * concepts: Subject, Permission, Credentials, Authenticator,
- * Authorizer.
+ * concepts: Subject, Permission, Scope, Credentials,
+ * Authenticator, Authorizer.
* 2. A Subject is a user, a file, a printer, etc., anything that can
* be associated with permissions.
* 3. A Permission is the ability to do something (read, write,
* execute , etc.).
- * 4. Credentials are anything that identifies a Subject (password,
+ * 4. A Scope is the information of the "context" for which
+ * authorization information is being requested.
+ * 5. Credentials are anything that identifies a Subject (password,
* token, signature, DNA, etc.).
- * 5. An Authenticator is an object that knows how to determine if a
+ * 6. An Authenticator is an object that knows how to determine if a
* Credential is valid for a given Subject.
- * 6. An Authorizer is an object that knows how to determine if a
- * Subject has a given Permission.
+ * 7. An Authorizer is an object that knows how to determine if a
+ * Subject has a given Permission in a given Context.
*
* @author <a href="mailto:gonzalo.diethelm@apache.org">Gonzalo Diethelm</a>
- * @version $Id: TurbineSecurityManager.java,v 1.1.2.4 2002/02/08 01:51:18 dobbs Exp $
+ * @version $Id: TurbineSecurityManager.java,v 1.1.2.5 2002/02/08 17:39:03 gonzalo Exp $
*/
public class TurbineSecurityManager
implements SecurityManager
{
+ private static final String DEFAULT_PACKAGE = "org.apache.turbine.security.turbine";
+ private static final String DEFAULT_AUTHENTICATOR = DEFAULT_PACKAGE + ".TurbineAuthenticator";
+ private static final String DEFAULT_AUTHORIZER = DEFAULT_PACKAGE + ".TurbineAuthorizer";
+ private static final String DEFAULT_SUBJECT = DEFAULT_PACKAGE + ".TurbineSubject";
+ private static final String DEFAULT_PERMISSION = DEFAULT_PACKAGE + ".TurbinePermission";
+
private Hashtable subjects_;
private Hashtable permissions_;
private Authenticator authenticator_;
@@ -101,61 +104,102 @@
public TurbineSecurityManager()
{
- subjects_ = new Hashtable();
- permissions_ = new Hashtable();
-
- // TODO: these two should be created as the concrete classes
- // specified in TR.props.
- authenticator_ = new TurbineAuthenticator();
- authorizer_ = new TurbineAuthorizer();
+ subjects_ = new Hashtable();
+ permissions_ = new Hashtable();
+
+ // TODO: these two should be created as the concrete classes
+ // specified in TR.props.
+ authenticator_ = (Authenticator) getObject(DEFAULT_AUTHENTICATOR);
+ authorizer_ = (Authorizer) getObject(DEFAULT_AUTHORIZER);
}
-
+
/*
* TODO: all the get functions have to read from TR.props the
* concrete class to return.
*/
-
+
// Get a concrete Subject for the given id.
- Subject getSubject(String id)
+ public Subject getSubject(String id)
{
- Subject subject = null;
- if (subjects_.containsKey(id))
- {
- subject = (Subject) subjects_.get(id);
- }
- else
- {
- subject = new TurbineSubject(id);
- subjects_.put(id, subject);
- }
- return subject;
+ Subject subject = null;
+ if (subjects_.containsKey(id))
+ {
+ subject = (Subject) subjects_.get(id);
+ }
+ else
+ {
+ subject = (Subject) getObject(DEFAULT_SUBJECT);
+ if (subject != null)
+ {
+ subject.setId(id);
+ subjects_.put(id, subject);
+ }
+ }
+ return subject;
}
-
+
// Get a concrete Permission for the given id.
- Permission getPermission(String id)
+ public Permission getPermission(String id)
+ {
+ Permission permission = null;
+ if (permissions_.containsKey(id))
+ {
+ permission = (Permission) permissions_.get(id);
+ }
+ else
+ {
+ permission = (Permission) getObject(DEFAULT_PERMISSION);
+ if (permission != null)
+ {
+ permission.setId(id);
+ permissions_.put(id, permission);
+ }
+ }
+ return permission;
+ }
+
+ public boolean checkSubjectCredentials(Subject subject,
+ Credentials credentials)
{
- Permission permission = null;
- if (permissions_.containsKey(id))
- {
- permission = (Permission) permissions_.get(id);
- }
- else
- {
- permission = new TurbinePermission(id);
- permissions_.put(id, permission);
- }
- return permission;
+ Authenticator auth = getAuthenticator(subject);
+ return auth.checkSubjectCredentials(subject,
+ credentials);
}
- // Get a concrete Authenticator for the given subject.
- Authenticator getAuthenticator(Subject subject)
+ public boolean checkSubjectPermission(Subject subject,
+ Permission permission,
+ Scope scope)
{
- return authenticator_;
+ Authorizer auth = getAuthorizer(subject);
+ return auth.checkSubjectPermission(subject,
+ permission,
+ scope);
}
+ // Get a concrete Authenticator for the given subject.
+ private Authenticator getAuthenticator(Subject subject)
+ {
+ return authenticator_;
+ }
+
// Get a concrete Authorizer for the given subject.
- Authorizer getAuthorizer(Subject subject)
+ private Authorizer getAuthorizer(Subject subject)
+ {
+ return authorizer_;
+ }
+
+ private Object getObject(String className)
{
- return authorizer_;
+ Object ob;
+ try
+ {
+ Class cl = Class.forName(className);
+ ob = cl.newInstance();
+ }
+ catch (Exception e)
+ {
+ ob = null;
+ }
+ return ob;
}
}
1.1.2.5 +4 -10 jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/TurbineSubject.java
Index: TurbineSubject.java
===================================================================
RCS file: /home/cvs/jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/TurbineSubject.java,v
retrieving revision 1.1.2.4
retrieving revision 1.1.2.5
diff -u -r1.1.2.4 -r1.1.2.5
--- TurbineSubject.java 8 Feb 2002 01:51:18 -0000 1.1.2.4
+++ TurbineSubject.java 8 Feb 2002 17:39:03 -0000 1.1.2.5
@@ -60,20 +60,14 @@
* This class defines the default Subject.
*
* @author <a href="mailto:gonzalo.diethelm@apache.org">Gonzalo Diethelm</a>
- * @version $Id: TurbineSubject.java,v 1.1.2.4 2002/02/08 01:51:18 dobbs Exp $
+ * @version $Id: TurbineSubject.java,v 1.1.2.5 2002/02/08 17:39:03 gonzalo Exp $
*/
public class TurbineSubject
+ extends TurbineSecurityObject
implements Subject
{
- private String id_;
-
- public TurbineSubject(String id)
+ public TurbineSubject()
{
- id_ = id;
- }
-
- public String getId()
- {
- return id_;
+ super();
}
}
No revision
No revision
1.1.2.1 +67 -0 jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/Scope.java
1.1.2.1 +68 -0 jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/SecurityObject.java
1.1.2.1 +73 -0 jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/TurbineScope.java
1.1.2.1 +82 -0 jakarta-turbine-3/src/java/org/apache/turbine/security/turbine/Attic/TurbineSecurityObject.java
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>