You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lenya.apache.org by an...@apache.org on 2004/08/16 18:34:09 UTC
cvs commit: cocoon-lenya/src/java/org/apache/lenya/ac/impl AbstractUser.java ConfigurableAccessControllerResolver.java AbstractAccreditableManager.java AbstractIPRange.java PolicyBuilder.java DefaultAccessController.java AbstractGroup.java UserAuthenticator.java ComposableAccessControllerResolver.java AbstractItem.java AbstractAccessControllerResolver.java BypassableAccessController.java AbstractGroupable.java PolicyAuthorizer.java InheritingPolicyManager.java
andreas 2004/08/16 09:34:08
Modified: src/java/org/apache/lenya/ac/impl AbstractUser.java
ConfigurableAccessControllerResolver.java
AbstractAccreditableManager.java
AbstractIPRange.java PolicyBuilder.java
DefaultAccessController.java AbstractGroup.java
UserAuthenticator.java
ComposableAccessControllerResolver.java
AbstractItem.java
AbstractAccessControllerResolver.java
BypassableAccessController.java
AbstractGroupable.java PolicyAuthorizer.java
InheritingPolicyManager.java
Log:
fixed javadocs
Revision Changes Path
1.4 +4 -2 cocoon-lenya/src/java/org/apache/lenya/ac/impl/AbstractUser.java
Index: AbstractUser.java
===================================================================
RCS file: /home/cvs/cocoon-lenya/src/java/org/apache/lenya/ac/impl/AbstractUser.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- AbstractUser.java 3 Mar 2004 12:56:33 -0000 1.3
+++ AbstractUser.java 16 Aug 2004 16:34:06 -0000 1.4
@@ -15,8 +15,6 @@
*
*/
-/* $Id$ */
-
package org.apache.lenya.ac.impl;
import org.apache.lenya.ac.AccessControlException;
@@ -24,6 +22,10 @@
import org.apache.lenya.ac.User;
import org.apache.log4j.Category;
+/**
+ * Abstract user implementation.
+ * @version $Id$
+ */
public abstract class AbstractUser extends AbstractGroupable implements User {
private static Category log = Category.getInstance(AbstractUser.class);
1.4 +4 -2 cocoon-lenya/src/java/org/apache/lenya/ac/impl/ConfigurableAccessControllerResolver.java
Index: ConfigurableAccessControllerResolver.java
===================================================================
RCS file: /home/cvs/cocoon-lenya/src/java/org/apache/lenya/ac/impl/ConfigurableAccessControllerResolver.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- ConfigurableAccessControllerResolver.java 8 Mar 2004 16:48:20 -0000 1.3
+++ ConfigurableAccessControllerResolver.java 16 Aug 2004 16:34:06 -0000 1.4
@@ -15,8 +15,6 @@
*
*/
-/* $Id$ */
-
package org.apache.lenya.ac.impl;
import org.apache.avalon.framework.configuration.Configurable;
@@ -25,6 +23,10 @@
import org.apache.lenya.ac.AccessControlException;
import org.apache.lenya.ac.AccessController;
+/**
+ * Configurable access controller resolver.
+ * @version $Id$
+ */
public class ConfigurableAccessControllerResolver
extends AbstractAccessControllerResolver
implements Configurable {
1.5 +3 -3 cocoon-lenya/src/java/org/apache/lenya/ac/impl/AbstractAccreditableManager.java
Index: AbstractAccreditableManager.java
===================================================================
RCS file: /home/cvs/cocoon-lenya/src/java/org/apache/lenya/ac/impl/AbstractAccreditableManager.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- AbstractAccreditableManager.java 8 Mar 2004 16:48:20 -0000 1.4
+++ AbstractAccreditableManager.java 16 Aug 2004 16:34:06 -0000 1.5
@@ -107,7 +107,7 @@
}
/**
- * @see org.apache.lenya.cms.ac.ItemManagerListener#itemAdded(org.apache.lenya.cms.ac.Item)
+ * @see org.apache.lenya.ac.ItemManagerListener#itemAdded(org.apache.lenya.ac.Item)
*/
public void itemAdded(Item item) throws AccessControlException {
if (getLogger().isDebugEnabled()) {
@@ -117,7 +117,7 @@
}
/**
- * @see org.apache.lenya.cms.ac.ItemManagerListener#itemRemoved(org.apache.lenya.cms.ac.Item)
+ * @see org.apache.lenya.ac.ItemManagerListener#itemRemoved(org.apache.lenya.ac.Item)
*/
public void itemRemoved(Item item) throws AccessControlException {
if (getLogger().isDebugEnabled()) {
1.7 +141 -195 cocoon-lenya/src/java/org/apache/lenya/ac/impl/AbstractIPRange.java
Index: AbstractIPRange.java
===================================================================
RCS file: /home/cvs/cocoon-lenya/src/java/org/apache/lenya/ac/impl/AbstractIPRange.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- AbstractIPRange.java 28 Jun 2004 08:52:33 -0000 1.6
+++ AbstractIPRange.java 16 Aug 2004 16:34:06 -0000 1.7
@@ -31,91 +31,70 @@
import org.apache.log4j.Category;
/**
- * A range of IP addresses, expressed by a network address and a
- * subnet mask.
* <p>
- * Note: this class does not enforce that the network address
- * and the subnet mask have the same size (i.e. either both
- * IPv4 or both IPv6 addresses). If the the network address
- * and subnet mask have different sizes, the range does not
- * contain any hosts, that is {@link contains(Machine)} will
+ * A range of IP addresses, expressed by a network address and a subnet mask.
+ * </p>
+ * <p>
+ * Note: this class does not enforce that the network address and the subnet mask have the same size
+ * (i.e. either both IPv4 or both IPv6 addresses). If the the network address and subnet mask have
+ * different sizes, the range does not contain any hosts, that is {@link #contains(Machine)} will
* always return <code>false</code>.
+ * </p>
*/
-public abstract class AbstractIPRange extends AbstractGroupable
- implements IPRange
-{
+public abstract class AbstractIPRange extends AbstractGroupable implements IPRange {
/*
- * FIXME by zisch@dals.ch: Fixed this class for IPv6. However
- * there are still some general flaws, partly coming from the IPRange
- * interface. A redesign of (Abstract/File)IPRange and it's
- * helper class org.apache.lenya.net.InetAddressUtil would
- * be a good idea. Some problems of this implementation are:
- *
- * - The whole initialization seems flawed. Objects can be
- * in an unitialized state and the class seems not to be
- * aware of this.
- *
- * - Network-address and -mask can be set independently.
- * Therefore it cannot be enforced that these have
- * the same size (i.e. that both are IPv4 or both are
- * IPv6). This shows up in InetAddressUtil.contains(...),
- * where in a case of mismatch there is no good way
- * to inform the user about the problem. This should
- * be done once when the AbstractIPRange object is initialized.
- *
- * - Unless this functionality would be needed by other
- * parts of Lenya or external software (which seems not
- * to be the case ;-), InetAddressUtil should be removed
- * (resp. deprecated) altogether, because it's mostly
- * an internal implementation detail of AbstractIPRange.
- * AbstractIPRange should implement the contains(...)-method
- * internally to make use of the fact that the network-
- * addresses and -masks validity and compatibility has
- * already been checked when setting these. (Once the
- * above problems have been fixed. ;-)
- *
- * - Especially for IPv6 it would be nice to have the
- * possibility to specify the netmask as the number
- * of bits (as in "::1/128" or "127.0.0.1/24").
- *
- * - I think, that logging should probably work the "Cocoon-Way",
- * as explained in
- * <http://wiki.cocoondev.org/Wiki.jsp?page=JavaLogging>,
- * rather than using org.apache.log4j.Category.
- * (But I may be wrong. ;-)
+ * FIXME by zisch@dals.ch: Fixed this class for IPv6. However there are still some general
+ * flaws, partly coming from the IPRange interface. A redesign of (Abstract/File)IPRange and
+ * it's helper class org.apache.lenya.net.InetAddressUtil would be a good idea. Some problems of
+ * this implementation are:
+ * - The whole initialization seems flawed. Objects can be in an unitialized state and the
+ * class seems not to be aware of this.
+ * - Network-address and -mask can be set independently. Therefore it cannot be enforced that
+ * these have the same size (i.e. that both are IPv4 or both are IPv6). This shows up in
+ * InetAddressUtil.contains(...), where in a case of mismatch there is no good way to inform the
+ * user about the problem. This should be done once when the AbstractIPRange object is
+ * initialized.
+ * - Unless this functionality would be needed by other parts of Lenya or external software
+ * (which seems not to be the case ;-), InetAddressUtil should be removed (resp. deprecated)
+ * altogether, because it's mostly an internal implementation detail of AbstractIPRange.
+ * AbstractIPRange should implement the contains(...)-method internally to make use of the fact
+ * that the network- addresses and -masks validity and compatibility has already been checked
+ * when setting these. (Once the above problems have been fixed. ;-)
+ * - Especially for IPv6 it would be nice to have the possibility to specify the netmask as the
+ * number of bits (as in "::1/128" or "127.0.0.1/24").
+ * - I think, that logging should probably work the "Cocoon-Way", as explained in
+ * <http://wiki.cocoondev.org/Wiki.jsp?page=JavaLogging>, rather than using
+ * org.apache.log4j.Category. (But I may be wrong. ;-)
*
- * FIXME II (from the previous version): why are we in the business
- * of implementing IP ranges??
+ * FIXME II (from the previous version): why are we in the business of implementing IP ranges??
*/
private static final Category log = Category.getInstance(AbstractIPRange.class);
/**
- * Initializes the the IP range with the local host
- * (127.0.0.1/24 for IPv4, ::1/128 for IPv6).
+ * Initializes the the IP range with the local host (127.0.0.1/24 for IPv4, ::1/128 for IPv6).
*/
public AbstractIPRange() {
try {
networkAddress = InetAddress.getLocalHost();
byte[] mask = null;
int masklen = networkAddress.getAddress().length;
- if(masklen == 4) {
+ if (masklen == 4) {
/* IPv4: */
/*
- * FIXME? by zisch@dals.ch: Should this
- * be { -1, 0, 0, 0 }??
+ * FIXME? by zisch@dals.ch: Should this be { -1, 0, 0, 0 }??
*/
mask = new byte[] { -1, -1, -1, 0 };
} else {
/* IPv6 (and others ;-): */
mask = new byte[masklen];
- Arrays.fill(mask, (byte)-1);
+ Arrays.fill(mask, (byte) -1);
}
subnetMask = InetAddress.getByAddress(mask);
} catch (UnknownHostException ignore) {
/*
- * FIXME? by zisch@dals.ch: Is it safe to ignore the
- * exception and just leave the IPRange uninitialized!?
+ * FIXME? by zisch@dals.ch: Is it safe to ignore the exception and just leave the
+ * IPRange uninitialized!?
*/
}
}
@@ -126,8 +105,8 @@
*/
public AbstractIPRange(String id) {
/*
- * FIXME? by zisch@dals.ch: Is it safe not to call the default
- * constructor and just leave the IPRange uninitialized!?
+ * FIXME? by zisch@dals.ch: Is it safe not to call the default constructor and just leave
+ * the IPRange uninitialized!?
*/
setId(id);
}
@@ -143,7 +122,7 @@
}
/**
- * @see org.apache.lenya.cms.ac.Item#setConfigurationDirectory(java.io.File)
+ * @see org.apache.lenya.ac.Item#setConfigurationDirectory(java.io.File)
*/
public void setConfigurationDirectory(File configurationDirectory) {
this.configurationDirectory = configurationDirectory;
@@ -151,14 +130,14 @@
/**
* Save the IP range
- *
+ *
* @throws AccessControlException if the save failed
*/
public abstract void save() throws AccessControlException;
/**
* Delete an IP range
- *
+ *
* @throws AccessControlException if the delete failed
*/
public void delete() throws AccessControlException {
@@ -168,60 +147,51 @@
private InetAddress networkAddress;
/**
- * Sets the network address. This method accepts
- * numeric IPv4 addresses like <code>"129.168.0.32"</code>,
- * numeric IPv6 addresses like <code>"1080::8:800:200C:417A"</code>
- * as well as hostnames (if DNS resolution is available) like
- * <code>"localhost"</code> or <code>"www.apache.com"</code>.
+ * Sets the network address. This method accepts numeric IPv4 addresses like
+ * <code>"129.168.0.32"</code>, numeric IPv6 addresses like
+ * <code>"1080::8:800:200C:417A"</code> as well as hostnames (if DNS resolution is available)
+ * like <code>"localhost"</code> or <code>"www.apache.com"</code>.
*
* @param address a <code>String</code> like <code>"192.168.0.32"</code>,
- * <code>"::1"</code>, ...
+ * <code>"::1"</code>, ...
*
- * @throws AccessControlException when the conversion of the
- * <code>String</code> to an <code>InetAddress</code> failed
+ * @throws AccessControlException when the conversion of the <code>String</code> to an
+ * <code>InetAddress</code> failed
*
* @see #setNetworkAddress(byte[])
*/
- public void setNetworkAddress(String address)
- throws AccessControlException
- {
+ public void setNetworkAddress(String address) throws AccessControlException {
try {
networkAddress = InetAddress.getByName(address);
- } catch(UnknownHostException e) {
- throw new AccessControlException
- ("Failed to convert address [" + address + "]: ", e);
+ } catch (UnknownHostException e) {
+ throw new AccessControlException("Failed to convert address [" + address + "]: ", e);
}
}
/**
- * Sets the network address. The method accepts numeric
- * IPv4 addresses (specified by byte arrays of length 4)
- * or IPv6 addresses (specified by byte arrays of length 16).
+ * Sets the network address. The method accepts numeric IPv4 addresses (specified by byte arrays
+ * of length 4) or IPv6 addresses (specified by byte arrays of length 16).
*
* @param address a byte array of the length 4 or 16
*
- * @throws AccessControlException when the conversion of the byte
- * array to an InetAddress failed.
+ * @throws AccessControlException when the conversion of the byte array to an InetAddress
+ * failed.
*
* @see #setNetworkAddress(String)
*/
- public void setNetworkAddress(byte[] address)
- throws AccessControlException
- {
+ public void setNetworkAddress(byte[] address) throws AccessControlException {
try {
networkAddress = InetAddress.getByAddress(address);
} catch (UnknownHostException e) {
- throw new AccessControlException
- ("Failed to convert address ["+addr2string(address)+"]: ",
- e);
+ throw new AccessControlException("Failed to convert address [" + addr2string(address)
+ + "]: ", e);
}
}
/**
* Returns the network address.
*
- * @return an <code>InetAddress</code> representing the
- * network address
+ * @return an <code>InetAddress</code> representing the network address
*/
public InetAddress getNetworkAddress() {
return networkAddress;
@@ -230,114 +200,99 @@
private InetAddress subnetMask;
/**
- * Sets the subnet mask. See {@link #setNetworkAddress} for
- * the allowed formats of the <code>mask</code> string.
- * (However, the hostname format will usually not be of much use
- * for setting the mask.)
+ * Sets the subnet mask. See {@link #setNetworkAddress(String)} for the allowed formats of the
+ * <code>mask</code> string. (However, the hostname format will usually not be of much use for
+ * setting the mask.)
* <p>
- * Only valid subnet masks are accepted, for which the binary
- * representation is a sequence of 1-bits followed by a
- * sequence of 0-bits. For example
- * <code>"255.128.0.0"</code> is valid while
- * <code>"255.128.0.1"</code> is not.
+ * Only valid subnet masks are accepted, for which the binary representation is a sequence of
+ * 1-bits followed by a sequence of 0-bits. For example <code>"255.128.0.0"</code> is valid
+ * while <code>"255.128.0.1"</code> is not.
*
* @param mask a <code>String</code> like <code>"255.255.255.0"</code>
*
- * @throws AccessControlException when the conversion of the String
- * to an <code>InetAddress</code> failed.
+ * @throws AccessControlException when the conversion of the String to an
+ * <code>InetAddress</code> failed.
*
* @see #setSubnetMask(byte[])
*/
- public void setSubnetMask(String mask)
- throws AccessControlException
- {
+ public void setSubnetMask(String mask) throws AccessControlException {
try {
/* use setSubnetMask(...) to check the mask-format: */
setSubnetMask(InetAddress.getByName(mask).getAddress());
- } catch(UnknownHostException e) {
- throw new AccessControlException
- ("Failed to convert mask [" + mask + "]: ", e);
+ } catch (UnknownHostException e) {
+ throw new AccessControlException("Failed to convert mask [" + mask + "]: ", e);
}
-
+
}
/**
* Sets the subnet mask.
* <p>
- * Only valid subnet masks are accepted, for which the binary
- * representation is a sequence of 1-bits followed by a
- * sequence of 0-bits. For example
- * <code>{ 255, 128, 0, 0 }</code> is valid while
- * <code>{ 255, 128, 0, 1 }</code> is not.
+ * Only valid subnet masks are accepted, for which the binary representation is a sequence of
+ * 1-bits followed by a sequence of 0-bits. For example <code>{ 255, 128, 0, 0 }</code> is
+ * valid while <code>{ 255, 128, 0, 1 }</code> is not.
*
* @param mask A byte array of the length 4.
*
- * @throws AccessControlException when the conversion of the byte
- * array to an InetAddress failed.
+ * @throws AccessControlException when the conversion of the byte array to an InetAddress
+ * failed.
*
* @see #setSubnetMask(String)
*/
- public void setSubnetMask(byte[] mask)
- throws AccessControlException
- {
- /*
- * check for correct netmask (i.e. any number of
- * 1-bits followed by 0-bits filling the right
+ public void setSubnetMask(byte[] mask) throws AccessControlException {
+ /*
+ * check for correct netmask (i.e. any number of 1-bits followed by 0-bits filling the right
* part of the mask) ...
*
- * FIXME: This "algorithm" is rather unelegant.
- * There should be a better way to do it! ;-)
+ * FIXME: This "algorithm" is rather unelegant. There should be a better way to do it! ;-)
*/
- if(log.isDebugEnabled()) {
+ if (log.isDebugEnabled()) {
log.debug("CHECK_NETMASK: check " + addr2string(mask));
}
- int i=0;
- CHECK_NETMASK: while(i<mask.length) {
+ int i = 0;
+ CHECK_NETMASK: while (i < mask.length) {
int b = mask[i++] & 0xff;
/* the initial byte(s) must be 255: */
- if(b != 0xff) {
+ if (b != 0xff) {
/* first byte != 255, test all possibilities: */
- if(log.isDebugEnabled()) {
- log.debug
- ("CHECK_NETMASK: first byte != 255: idx: "
- + (i-1) + ", mask[idx]: 0x" + b);
+ if (log.isDebugEnabled()) {
+ log.debug("CHECK_NETMASK: first byte != 255: idx: " + (i - 1)
+ + ", mask[idx]: 0x" + b);
}
/* check if 0: */
- if(b == 0) { break CHECK_NETMASK; }
- for(int tst = 0xfe; tst != 0; tst = (tst << 1) & 0xff) {
+ if (b == 0) {
+ break CHECK_NETMASK;
+ }
+ for (int tst = 0xfe; tst != 0; tst = (tst << 1) & 0xff) {
log.debug("CHECK_NETMASK: tst == 0x" + Integer.toHexString(tst));
- if(b == tst) { break CHECK_NETMASK; }
+ if (b == tst) {
+ break CHECK_NETMASK;
+ }
}
/*
- * Invalid byte found, i.e. one which is
- * not element of { 11111111,
- * 11111110, 11111100, 11111000, ...,
- * 00000000 }
+ * Invalid byte found, i.e. one which is not element of { 11111111, 11111110,
+ * 11111100, 11111000, ..., 00000000 }
*/
- throw new AccessControlException
- ("Invalid byte in mask ["+addr2string(mask)+"]");
+ throw new AccessControlException("Invalid byte in mask [" + addr2string(mask) + "]");
}
}
/* the remaining byte(s) (if any) must be 0: */
- while(++i < mask.length) {
- if(mask[i] != 0) {
+ while (++i < mask.length) {
+ if (mask[i] != 0) {
/*
- * Invalid byte found, i.e. some
- * non-zero byte right of the first
- * non-zero byte.
+ * Invalid byte found, i.e. some non-zero byte right of the first non-zero byte.
*/
- throw new AccessControlException
- ("Invalid non-zero byte in mask ["
- + addr2string(mask) + "]");
+ throw new AccessControlException("Invalid non-zero byte in mask ["
+ + addr2string(mask) + "]");
}
}
-
+
/* convert the checked mask to InetAddress: */
try {
subnetMask = InetAddress.getByAddress(mask);
} catch (UnknownHostException e) {
- throw new AccessControlException
- ("Failed to convert mask ["+addr2string(mask)+"]: ", e);
+ throw new AccessControlException(
+ "Failed to convert mask [" + addr2string(mask) + "]: ", e);
}
}
@@ -350,23 +305,18 @@
}
/**
- * Checks if a network address / subnet mask combination describes a
- * valid subnet.
+ * Checks if a network address / subnet mask combination describes a valid subnet.
* @param networkAddress The network address.
* @param subnetMask The subnet mask.
* @return A boolean value.
*
- * @deprecated This method is currently not implemented,
- * probably not necessary.and could be removed in the future.
- * Therefore it should not be used.
- */
- public static boolean isValidSubnet
- (InetAddress networkAddress, InetAddress subnetMask)
- {
+ * @deprecated This method is currently not implemented, probably not necessary.and could be
+ * removed in the future. Therefore it should not be used.
+ */
+ public static boolean isValidSubnet(InetAddress networkAddress, InetAddress subnetMask) {
/*
- * FIXME? by zisch@dals.ch: Is this method really
- * necessary (what for?) and (if so) shouldn't it be an internal
- * (private) utility-method??
+ * FIXME? by zisch@dals.ch: Is this method really necessary (what for?) and (if so)
+ * shouldn't it be an internal (private) utility-method??
*/
// TODO implement class
return false;
@@ -375,26 +325,18 @@
/**
* Checks if this IP range contains a certain machine.
* <p>
- * Note: if the network address and the subnet mask
- * of this IP range have different sizes (i.e.
- * one is IPv4 and one is IPv6), this method will
- * always return <code>false</code>, no matter
+ * Note: if the network address and the subnet mask of this IP range have different sizes (i.e.
+ * one is IPv4 and one is IPv6), this method will always return <code>false</code>, no matter
* what machine has been specified!
* <p>
- * Further, if the machine address and the
- * IP range (i.e. network address and subnet
- * mask) have different sizes, the method will
- * return <code>false</code>. (In other words:
- * an IPv4 range never contains an
- * IPv6 address and the other way round.)
+ * Further, if the machine address and the IP range (i.e. network address and subnet mask) have
+ * different sizes, the method will return <code>false</code>. (In other words: an IPv4 range
+ * never contains an IPv6 address and the other way round.)
* <p>
- * Note that the above can lead to confusion.
- * For example the local subnet in IPv4
- * (<code>127.0.0.0/8</code>) will <b>not</b>
- * contain the localhost in IPv6 (<code>::1</code>),
- * and the localhost in IPv4 (<code>127.0.0.1</code>)
- * will <b>not</b> be contained in the local
- * subnet in IPv6 (<code>::1/128</code>).
+ * Note that the above can lead to confusion. For example the local subnet in IPv4 (
+ * <code>127.0.0.0/8</code>) will <b>not </b> contain the localhost in IPv6 (
+ * <code>::1</code>), and the localhost in IPv4 (<code>127.0.0.1</code>) will <b>not </b>
+ * be contained in the local subnet in IPv6 (<code>::1/128</code>).
*
* @param machine the machine to check for
* @return a boolean value
@@ -403,16 +345,14 @@
*/
public boolean contains(Machine machine) {
/*
- * FIXME? by zisch@dals.ch: Maybe some mapping between IPv4/v6
- * should be done here, p.e. for the localhost (see the javdoc
- * comment above)? (I'm not a TCP/IP-guru, so I'm not
- * sure about this. ;-)
+ * FIXME? by zisch@dals.ch: Maybe some mapping between IPv4/v6 should be done here, p.e. for
+ * the localhost (see the javdoc comment above)? (I'm not a TCP/IP-guru, so I'm not sure
+ * about this. ;-)
*/
log.debug("Checking IP range: [" + getId() + "]");
- return InetAddressUtil.contains
- (networkAddress, subnetMask, machine.getAddress());
+ return InetAddressUtil.contains(networkAddress, subnetMask, machine.getAddress());
}
-
+
/**
* Format the specified numeric IP address.
* @param addr the raw numeric IP address
@@ -420,21 +360,27 @@
*/
private static String addr2string(byte[] addr) {
StringBuffer buf = new StringBuffer();
- if(addr.length > 4) {
+ if (addr.length > 4) {
/* IPv6-format if more than 4 bytes: */
- for(int i=0; i<addr.length; i++) {
- if(i > 0 && (i & 1) == 0) { buf.append(':'); }
+ for (int i = 0; i < addr.length; i++) {
+ if (i > 0 && (i & 1) == 0) {
+ buf.append(':');
+ }
String hex = Integer.toHexString(addr[i] & 0xff);
- if(hex.length() == 1) { buf.append('0'); }
+ if (hex.length() == 1) {
+ buf.append('0');
+ }
buf.append(hex);
}
} else {
/* IPv4-format: */
- for(int i=0; i<addr.length; i++) {
- if(i > 0) { buf.append('.'); }
+ for (int i = 0; i < addr.length; i++) {
+ if (i > 0) {
+ buf.append('.');
+ }
buf.append(addr[i] & 0xff);
}
}
return buf.toString();
}
-}
+}
\ No newline at end of file
1.4 +5 -3 cocoon-lenya/src/java/org/apache/lenya/ac/impl/PolicyBuilder.java
Index: PolicyBuilder.java
===================================================================
RCS file: /home/cvs/cocoon-lenya/src/java/org/apache/lenya/ac/impl/PolicyBuilder.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- PolicyBuilder.java 8 Mar 2004 16:48:20 -0000 1.3
+++ PolicyBuilder.java 16 Aug 2004 16:34:06 -0000 1.4
@@ -15,8 +15,6 @@
*
*/
-/* $Id$ */
-
package org.apache.lenya.ac.impl;
import java.io.InputStream;
@@ -37,6 +35,10 @@
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+/**
+ * Builds policies from input streams.
+ * @version $Id$
+ */
public class PolicyBuilder implements InputStreamBuilder {
/**
@@ -248,7 +250,7 @@
}
/**
- * @see org.apache.lenya.ac.cache.InputStreamBuilder#build(org.apache.excalibur.source.Source)
+ * @see org.apache.lenya.ac.cache.InputStreamBuilder#build(java.io.InputStream)
*/
public Object build(InputStream stream) throws BuildException {
Object value = null;
1.9 +6 -5 cocoon-lenya/src/java/org/apache/lenya/ac/impl/DefaultAccessController.java
Index: DefaultAccessController.java
===================================================================
RCS file: /home/cvs/cocoon-lenya/src/java/org/apache/lenya/ac/impl/DefaultAccessController.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- DefaultAccessController.java 22 Jul 2004 21:27:57 -0000 1.8
+++ DefaultAccessController.java 16 Aug 2004 16:34:06 -0000 1.9
@@ -15,8 +15,6 @@
*
*/
-/* $Id$ */
-
package org.apache.lenya.ac.impl;
import java.util.ArrayList;
@@ -53,6 +51,10 @@
import org.apache.lenya.ac.Machine;
import org.apache.lenya.ac.PolicyManager;
+/**
+ * Default access controller implementation.
+ * @version $Id$
+ */
public class DefaultAccessController extends AbstractLogEnabled implements AccessController,
Configurable, Serviceable, Disposable, ItemManagerListener {
@@ -264,7 +266,6 @@
* Set the global component manager.
*
* @param manager The global component manager
- * @exception ComponentException
* @throws ServiceException when something went wrong.
*/
public void service(ServiceManager manager) throws ServiceException {
@@ -432,7 +433,7 @@
}
/**
- * @see org.apache.lenya.cms.ac.ItemManagerListener#itemAdded(org.apache.lenya.cms.ac.Item)
+ * @see org.apache.lenya.ac.ItemManagerListener#itemAdded(org.apache.lenya.ac.Item)
*/
public void itemAdded(Item item) throws AccessControlException {
if (getLogger().isDebugEnabled()) {
@@ -445,7 +446,7 @@
}
/**
- * @see org.apache.lenya.cms.ac.ItemManagerListener#itemRemoved(org.apache.lenya.cms.ac.Item)
+ * @see org.apache.lenya.ac.ItemManagerListener#itemRemoved(org.apache.lenya.ac.Item)
*/
public void itemRemoved(Item item) throws AccessControlException {
if (getLogger().isDebugEnabled()) {
1.4 +2 -2 cocoon-lenya/src/java/org/apache/lenya/ac/impl/AbstractGroup.java
Index: AbstractGroup.java
===================================================================
RCS file: /home/cvs/cocoon-lenya/src/java/org/apache/lenya/ac/impl/AbstractGroup.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- AbstractGroup.java 3 Mar 2004 12:56:33 -0000 1.3
+++ AbstractGroup.java 16 Aug 2004 16:34:06 -0000 1.4
@@ -96,7 +96,7 @@
}
/**
- * @see org.apache.lenya.cms.ac.Accreditable#getAccreditables()
+ * @see org.apache.lenya.ac.Accreditable#getAccreditables()
*/
public Accreditable[] getAccreditables() {
Accreditable[] accreditables = { this };
1.6 +31 -34 cocoon-lenya/src/java/org/apache/lenya/ac/impl/UserAuthenticator.java
Index: UserAuthenticator.java
===================================================================
RCS file: /home/cvs/cocoon-lenya/src/java/org/apache/lenya/ac/impl/UserAuthenticator.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- UserAuthenticator.java 8 Mar 2004 16:48:20 -0000 1.5
+++ UserAuthenticator.java 16 Aug 2004 16:34:06 -0000 1.6
@@ -1,22 +1,18 @@
/*
- * Copyright 1999-2004 The Apache Software Foundation
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
+ * Copyright 1999-2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
*/
-/* $Id$ */
-
package org.apache.lenya.ac.impl;
import org.apache.avalon.framework.logger.AbstractLogEnabled;
@@ -27,33 +23,39 @@
import org.apache.lenya.ac.Identity;
import org.apache.lenya.ac.User;
+/**
+ * User authenticator.
+ * @version $Id$
+ */
public class UserAuthenticator extends AbstractLogEnabled implements Authenticator {
/**
- * @see org.apache.lenya.ac.Authenticator#authenticate(org.apache.cocoon.environment.Request)
+ * @see org.apache.lenya.ac.Authenticator#authenticate(org.apache.lenya.ac.AccreditableManager,
+ * org.apache.cocoon.environment.Request)
*/
public boolean authenticate(AccreditableManager accreditableManager, Request request)
- throws AccessControlException {
+ throws AccessControlException {
String username = request.getParameter("username");
String password = request.getParameter("password");
-
+
if (getLogger().isDebugEnabled()) {
- getLogger().debug("Authenticating username [" + username + "] with password [" + password + "]");
+ getLogger().debug(
+ "Authenticating username [" + username + "] with password [" + password + "]");
}
if (username == null || password == null) {
throw new AccessControlException("Username or password is null!");
}
- Identity identity =
- (Identity) request.getSession(false).getAttribute(Identity.class.getName());
+ Identity identity = (Identity) request.getSession(false).getAttribute(
+ Identity.class.getName());
boolean authenticated = authenticate(accreditableManager, username, password, identity);
return authenticated;
}
/**
- * Authenticates a user with a given username and password.
- * When the authentication is successful, the user is added to the identity.
+ * Authenticates a user with a given username and password. When the authentication is
+ * successful, the user is added to the identity.
* @param accreditableManager The accreditable manager.
* @param username The username.
* @param password The password.
@@ -61,12 +63,8 @@
* @throws AccessControlException when something went wrong.
* @return <code>true</code> if the user was authenticated, <code>false</code> otherwise.
*/
- protected boolean authenticate(
- AccreditableManager accreditableManager,
- String username,
- String password,
- Identity identity)
- throws AccessControlException {
+ protected boolean authenticate(AccreditableManager accreditableManager, String username,
+ String password, Identity identity) throws AccessControlException {
User user = accreditableManager.getUserManager().getUser(username);
if (getLogger().isDebugEnabled()) {
@@ -78,7 +76,7 @@
if (getLogger().isDebugEnabled()) {
getLogger().debug("User [" + user + "] authenticated.");
}
-
+
if (!identity.contains(user)) {
User oldUser = identity.getUser();
if (oldUser != null) {
@@ -90,8 +88,7 @@
identity.addIdentifiable(user);
}
authenticated = true;
- }
- else {
+ } else {
if (getLogger().isDebugEnabled()) {
if (user == null) {
getLogger().debug("No such user: [" + username + "]");
@@ -103,4 +100,4 @@
return authenticated;
}
-}
+}
\ No newline at end of file
1.4 +6 -2 cocoon-lenya/src/java/org/apache/lenya/ac/impl/ComposableAccessControllerResolver.java
Index: ComposableAccessControllerResolver.java
===================================================================
RCS file: /home/cvs/cocoon-lenya/src/java/org/apache/lenya/ac/impl/ComposableAccessControllerResolver.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- ComposableAccessControllerResolver.java 8 Mar 2004 16:48:20 -0000 1.3
+++ ComposableAccessControllerResolver.java 16 Aug 2004 16:34:06 -0000 1.4
@@ -15,8 +15,6 @@
*
*/
-/* $Id$ */
-
package org.apache.lenya.ac.impl;
import java.util.HashMap;
@@ -32,6 +30,12 @@
import org.apache.lenya.ac.AccessController;
import org.apache.lenya.ac.AccessControllerResolver;
+/**
+ * Access controller resolver composed of other access controller resolvers.
+ * The member resolvers are called one after the other to resolve the access controllers.
+ *
+ * @version $Id$
+ */
public class ComposableAccessControllerResolver
extends AbstractAccessControllerResolver
implements Configurable, Disposable {
1.3 +11 -12 cocoon-lenya/src/java/org/apache/lenya/ac/impl/AbstractItem.java
Index: AbstractItem.java
===================================================================
RCS file: /home/cvs/cocoon-lenya/src/java/org/apache/lenya/ac/impl/AbstractItem.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- AbstractItem.java 3 Mar 2004 12:56:33 -0000 1.2
+++ AbstractItem.java 16 Aug 2004 16:34:06 -0000 1.3
@@ -15,22 +15,21 @@
*
*/
-/* $Id$ */
-
package org.apache.lenya.ac.impl;
import org.apache.lenya.ac.Item;
/**
- * Abstract superclass for all access control objects that can be
- * managed by an {@link ItemManager}. It is only used for code reuse.
+ * Abstract superclass for all access control objects that can be managed by an
+ * {@link org.apache.lenya.ac.ItemManager}. It is only used for code reuse.
+ * @version $Id$
*/
public abstract class AbstractItem implements Item {
private String id;
private String description = "";
private String name = "";
-
+
/**
* Ctor.
*/
@@ -76,12 +75,12 @@
*/
public String toString() {
return getId();
-
+
}
/**
* Returns the name of this object.
- *
+ *
* @return A <code>String</code>.
*/
public String getName() {
@@ -90,14 +89,14 @@
/**
* Set the full name
- *
+ *
* @param name the new full name
*/
public void setName(String name) {
assert name != null;
this.name = name;
}
-
+
/**
* Checks if a string is a valid ID.
* @param id The string to test.
@@ -106,7 +105,7 @@
public static boolean isValidId(String id) {
return id != null && id.matches("\\w+");
}
-
+
/**
* @see java.lang.Object#equals(Object)
*/
@@ -127,5 +126,5 @@
public int hashCode() {
return getId().hashCode();
}
-
-}
+
+}
\ No newline at end of file
1.4 +4 -2 cocoon-lenya/src/java/org/apache/lenya/ac/impl/AbstractAccessControllerResolver.java
Index: AbstractAccessControllerResolver.java
===================================================================
RCS file: /home/cvs/cocoon-lenya/src/java/org/apache/lenya/ac/impl/AbstractAccessControllerResolver.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- AbstractAccessControllerResolver.java 8 Mar 2004 16:48:20 -0000 1.3
+++ AbstractAccessControllerResolver.java 16 Aug 2004 16:34:06 -0000 1.4
@@ -15,8 +15,6 @@
*
*/
-/* $Id$ */
-
package org.apache.lenya.ac.impl;
import org.apache.avalon.framework.logger.AbstractLogEnabled;
@@ -31,6 +29,10 @@
import org.apache.lenya.ac.cache.URLKeyUtil;
import org.apache.lenya.util.CacheMap;
+/**
+ * Abstract implementation for access controller resolvers.
+ * @version $Id$
+ */
public abstract class AbstractAccessControllerResolver
extends AbstractLogEnabled
implements AccessControllerResolver, Serviceable, ThreadSafe {
1.4 +2 -2 cocoon-lenya/src/java/org/apache/lenya/ac/impl/BypassableAccessController.java
Index: BypassableAccessController.java
===================================================================
RCS file: /home/cvs/cocoon-lenya/src/java/org/apache/lenya/ac/impl/BypassableAccessController.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- BypassableAccessController.java 8 Mar 2004 16:48:20 -0000 1.3
+++ BypassableAccessController.java 16 Aug 2004 16:34:06 -0000 1.4
@@ -121,7 +121,7 @@
}
/**
- * @see org.apache.lenya.ac.AccessController#authorize(org.apache.lenya.cms.publication.Publication, org.apache.cocoon.environment.Request)
+ * @see org.apache.lenya.ac.AccessController#authorize(org.apache.cocoon.environment.Request)
*/
public boolean authorize(Request request)
throws AccessControlException {
1.3 +9 -7 cocoon-lenya/src/java/org/apache/lenya/ac/impl/AbstractGroupable.java
Index: AbstractGroupable.java
===================================================================
RCS file: /home/cvs/cocoon-lenya/src/java/org/apache/lenya/ac/impl/AbstractGroupable.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- AbstractGroupable.java 3 Mar 2004 12:56:33 -0000 1.2
+++ AbstractGroupable.java 16 Aug 2004 16:34:06 -0000 1.3
@@ -15,8 +15,6 @@
*
*/
-/* $Id$ */
-
package org.apache.lenya.ac.impl;
import java.util.Arrays;
@@ -27,11 +25,15 @@
import org.apache.lenya.ac.Group;
import org.apache.lenya.ac.Groupable;
+/**
+ * Abstract implementation for group members.
+ * @version $Id$
+ */
public abstract class AbstractGroupable extends AbstractItem implements Groupable, Accreditable {
private Set groups = new HashSet();
/**
- * @see org.apache.lenya.cms.ac.Groupable#addedToGroup(org.apache.lenya.ac.Group)
+ * @see org.apache.lenya.ac.Groupable#addedToGroup(org.apache.lenya.ac.Group)
*/
public void addedToGroup(Group group) {
assert group != null;
@@ -40,7 +42,7 @@
}
/**
- * @see org.apache.lenya.cms.ac.Groupable#removedFromGroup(org.apache.lenya.ac.Group)
+ * @see org.apache.lenya.ac.Groupable#removedFromGroup(org.apache.lenya.ac.Group)
*/
public void removedFromGroup(Group group) {
assert group != null;
@@ -65,7 +67,7 @@
groups[i].remove(this);
}
}
-
+
/**
* @see org.apache.lenya.ac.Accreditable#getAccreditables()
*/
@@ -82,5 +84,5 @@
return (Accreditable[]) accreditables.toArray(new Accreditable[accreditables.size()]);
}
-
-}
+
+}
\ No newline at end of file
1.4 +5 -3 cocoon-lenya/src/java/org/apache/lenya/ac/impl/PolicyAuthorizer.java
Index: PolicyAuthorizer.java
===================================================================
RCS file: /home/cvs/cocoon-lenya/src/java/org/apache/lenya/ac/impl/PolicyAuthorizer.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- PolicyAuthorizer.java 8 Mar 2004 16:48:20 -0000 1.3
+++ PolicyAuthorizer.java 16 Aug 2004 16:34:06 -0000 1.4
@@ -15,8 +15,6 @@
*
*/
-/* $Id$ */
-
package org.apache.lenya.ac.impl;
import java.util.Arrays;
@@ -34,6 +32,10 @@
import org.apache.lenya.ac.PolicyManager;
import org.apache.lenya.ac.Role;
+/**
+ * Policy-based authorizer.
+ * @version $Id$
+ */
public class PolicyAuthorizer extends AbstractLogEnabled implements Authorizer {
/**
@@ -81,7 +83,7 @@
}
/**
- * @see org.apache.lenya.ac.Authorizer#authorize(org.apache.lenya.ac.Identity, java.lang.String, java.util.Map)
+ * @see org.apache.lenya.ac.Authorizer#authorize(org.apache.cocoon.environment.Request)
*/
public boolean authorize(Request request)
throws AccessControlException {
1.3 +4 -2 cocoon-lenya/src/java/org/apache/lenya/ac/impl/InheritingPolicyManager.java
Index: InheritingPolicyManager.java
===================================================================
RCS file: /home/cvs/cocoon-lenya/src/java/org/apache/lenya/ac/impl/InheritingPolicyManager.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- InheritingPolicyManager.java 3 Mar 2004 12:56:33 -0000 1.2
+++ InheritingPolicyManager.java 16 Aug 2004 16:34:06 -0000 1.3
@@ -15,14 +15,16 @@
*
*/
-/* $Id$ */
-
package org.apache.lenya.ac.impl;
import org.apache.lenya.ac.AccessControlException;
import org.apache.lenya.ac.AccreditableManager;
import org.apache.lenya.ac.PolicyManager;
+/**
+ * Policy manager which inherits credentials in a policy tree.
+ * @version $Id$
+ */
public interface InheritingPolicyManager extends PolicyManager {
/**
---------------------------------------------------------------------
To unsubscribe, e-mail: lenya-cvs-unsubscribe@cocoon.apache.org
For additional commands, e-mail: lenya-cvs-help@cocoon.apache.org