You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lenya.apache.org by an...@apache.org on 2008/07/02 16:34:13 UTC
svn commit: r673403 [1/2] - in /lenya/branches/branch_1_2_x_shibboleth/src:
java/org/apache/lenya/ java/org/apache/lenya/ac/
java/org/apache/lenya/ac/attr/ java/org/apache/lenya/ac/attr/antlr/
java/org/apache/lenya/ac/attr/impl/ java/org/apache/lenya/a...
Author: andreas
Date: Wed Jul 2 07:34:12 2008
New Revision: 673403
URL: http://svn.apache.org/viewvc?rev=673403&view=rev
Log:
Generalized concept of user attributes (not SAML/Shibboleth-specific), remove AttributeTranslator, re-organized package structure.
Added:
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/Attribute.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeManager.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeOwner.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeRule.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeRuleEvaluator.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeRuleEvaluatorFactory.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeSet.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/AntlrEvaluator.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/AntlrEvaluatorFactory.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/Expressions.g
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/ParseException.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeImpl.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeManagerImpl.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeRuleImpl.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeSetImpl.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/EmptyAttributeSet.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/jexl/
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/jexl/JexlEvaluator.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/jexl/JexlEvaluatorFactory.java
Removed:
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/AttributeDefinition.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/AttributeDefinitionRegistry.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/AttributeOwner.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/AttributeRuleEvaluator.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/AttributeRuleEvaluatorFactory.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/antlr/AntlrEvaluator.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/antlr/AntlrEvaluatorFactory.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/antlr/Expressions.g
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/antlr/ParseException.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/jexl/JexlEvaluator.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/jexl/JexlEvaluatorFactory.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/saml/AttributeTranslator.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/saml/impl/AttributeTranslatorImpl.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/saml/impl/SamlAttributeDefinition.java
Modified:
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/AccreditableManager.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Authenticator.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Group.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/ItemManager.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/User.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/UserReference.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileAccreditableManager.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileGroup.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileGroupManager.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileItemManager.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractGroup.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AnonymousAuthenticator.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/DefaultAccessController.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/UserAuthenticator.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/shibboleth/ShibbolethAuthenticator.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/lenya.roles
lenya/branches/branch_1_2_x_shibboleth/src/targets/antlr-build.xml
lenya/branches/branch_1_2_x_shibboleth/src/test/org/apache/lenya/ac/impl/RuleEvaluatorTest.java
lenya/branches/branch_1_2_x_shibboleth/src/webapp/WEB-INF/cocoon-xconf.xsl
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/AccreditableManager.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/AccreditableManager.java?rev=673403&r1=673402&r2=673403&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/AccreditableManager.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/AccreditableManager.java Wed Jul 2 07:34:12 2008
@@ -19,6 +19,7 @@
package org.apache.lenya.ac;
import org.apache.avalon.framework.component.Component;
+import org.apache.lenya.ac.attr.AttributeManager;
/**
* An AccreditableManager combines a UserManager, a GroupManager, an IPRangeManager and a
@@ -71,5 +72,10 @@
* @param listener An item manager listener.
*/
void removeItemManagerListener(ItemManagerListener listener);
+
+ /**
+ * @return The attribute manager of this application.
+ */
+ AttributeManager getAttributeManager();
}
\ No newline at end of file
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Authenticator.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Authenticator.java?rev=673403&r1=673402&r2=673403&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Authenticator.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Authenticator.java Wed Jul 2 07:34:12 2008
@@ -20,6 +20,7 @@
import org.apache.avalon.framework.component.Component;
import org.apache.cocoon.environment.Request;
+import org.apache.lenya.ac.attr.AttributeSet;
/**
* An authenticator.
@@ -31,7 +32,7 @@
* Avalon role.
*/
String ROLE = Authenticator.class.getName();
-
+
/**
* The default authenticator type.
*/
@@ -55,11 +56,18 @@
* @return A string.
*/
String getLoginUri(Request request);
-
+
/**
- * The target URI, i.e. the URI to redirect to after a successful authentication.
+ * The target URI, i.e. the URI to redirect to after a successful
+ * authentication.
* @param request The request containing the authentication data.
* @return A string.
*/
String getTargetUri(Request request);
+
+ /**
+ * @return The set of attributes to be expected when a user has been
+ * authenticated by this authenticator.
+ */
+ AttributeSet getAttributeSet();
}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Group.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Group.java?rev=673403&r1=673402&r2=673403&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Group.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Group.java Wed Jul 2 07:34:12 2008
@@ -18,6 +18,9 @@
package org.apache.lenya.ac;
+import org.apache.lenya.ac.attr.AttributeOwner;
+import org.apache.lenya.ac.attr.AttributeRule;
+
/**
* A group.
* @version $Id: Group.java 473841 2006-11-12 00:46:38Z gregor $
@@ -68,14 +71,13 @@
/**
* @param rule The rule. A <code>null</code> value means that no rule should be used.
- * @throws AccessControlException if the rule is not valid.
*/
- void setRule(String rule) throws AccessControlException;
+ void setRule(AttributeRule rule);
/**
* @return The rule or <code>null</code> if no rule is set.
*/
- String getRule();
+ AttributeRule getRule();
/**
* @param user The user.
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/ItemManager.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/ItemManager.java?rev=673403&r1=673402&r2=673403&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/ItemManager.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/ItemManager.java Wed Jul 2 07:34:12 2008
@@ -46,9 +46,4 @@
*/
AccreditableManager getAccreditableManager();
- /**
- * @return The attribute rule evaluator.
- */
- AttributeRuleEvaluator getAttributeRuleEvaluator();
-
}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/User.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/User.java?rev=673403&r1=673402&r2=673403&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/User.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/User.java Wed Jul 2 07:34:12 2008
@@ -18,6 +18,8 @@
package org.apache.lenya.ac;
+import org.apache.lenya.ac.attr.AttributeOwner;
+
/**
* A user.
* @version $Id: User.java 473841 2006-11-12 00:46:38Z gregor $
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/UserReference.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/UserReference.java?rev=673403&r1=673402&r2=673403&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/UserReference.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/UserReference.java Wed Jul 2 07:34:12 2008
@@ -21,6 +21,8 @@
import java.util.HashSet;
import java.util.Set;
+import org.apache.lenya.ac.attr.AttributeOwner;
+
/**
* An identifiable which represents a user.
*/
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/Attribute.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/Attribute.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/Attribute.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/Attribute.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,40 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.lenya.ac.attr;
+
+/**
+ * A definition of a single user attribute.
+ */
+public interface Attribute {
+
+ /**
+ * @return The name of the attribute as provided by the identity provider.
+ */
+ String getName();
+
+ /**
+ * @return The alias of the attribute as used in rules.
+ */
+ String getAlias();
+
+ /**
+ * @return The description of the attribute.
+ */
+ String getDescription();
+
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeManager.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeManager.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeManager.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeManager.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.lenya.ac.attr;
+
+/**
+ * Manager for attribute sets and evaluators.
+ */
+public interface AttributeManager {
+
+ String ROLE = AttributeManager.class.getName();
+
+ /**
+ * @return The attribute rule evaluator used by this application.
+ */
+ AttributeRuleEvaluator getEvaluator();
+
+ /**
+ * @param name The name.
+ * @return The attribute set with this name.
+ */
+ AttributeSet getAttributeSet(String name);
+
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeOwner.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeOwner.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeOwner.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeOwner.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.lenya.ac.attr;
+
+import org.apache.lenya.ac.AccessControlException;
+import org.apache.lenya.ac.Group;
+
+/**
+ * An attribute owner provides a map of key-value pairs which are used for authorization decisions.
+ * The values are string arrays, i.e. the AttributeOwner can provide multiple values for each key.
+ *
+ * @see Group#matches(AttributeOwner)
+ * @see AttributeRuleEvaluator
+ */
+public interface AttributeOwner {
+
+ /**
+ * @return The names of all possible attributes.
+ */
+ String[] getAttributeNames();
+
+ /**
+ * @param name The attribute name.
+ * @return The attribute values or <code>null</code> if no value is available for the
+ * attribute.
+ * @throws AccessControlException if the attribute is not supported.
+ */
+ String[] getAttributeValues(String name) throws AccessControlException;
+
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeRule.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeRule.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeRule.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeRule.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ */
+
+package org.apache.lenya.ac.attr;
+
+/**
+ * A rule to evaluate attributes.
+ */
+public interface AttributeRule {
+
+ /**
+ * @return The actual rule.
+ */
+ String getRule();
+
+ /**
+ * @return The attribute set this rule applies to.
+ */
+ AttributeSet getAttributeSet();
+
+ /**
+ * @param owner The attribute owner.
+ * @return If the rule matches the owner.
+ */
+ boolean matches(AttributeOwner owner);
+
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeRuleEvaluator.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeRuleEvaluator.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeRuleEvaluator.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeRuleEvaluator.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.lenya.ac.attr;
+
+import org.apache.lenya.ac.impl.ValidationResult;
+
+/**
+ * Service to evaluate attribute rules.
+ */
+public interface AttributeRuleEvaluator {
+
+ /**
+ * @param user The user.
+ * @param rule The rule.
+ * @return if the rule is complied by the user's attributes.
+ */
+ public boolean isComplied(AttributeOwner user, String rule);
+
+ /**
+ * @param rule The rule to validate.
+ * @param attributes The available attributes.
+ * @return If the rule is valid, i.e. if it is syntactically correct and doesn't reference any
+ * attributes which are not supported by the {@link AttributeSet} that is
+ * provided by the {@link AttributeSetRegistry}.
+ */
+ public ValidationResult validate(String rule, AttributeSet attributes);
+
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeRuleEvaluatorFactory.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeRuleEvaluatorFactory.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeRuleEvaluatorFactory.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeRuleEvaluatorFactory.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,35 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.lenya.ac.attr;
+
+/**
+ * Factory for attribute rule evaluators.
+ */
+public interface AttributeRuleEvaluatorFactory {
+
+ /**
+ * The service role.
+ */
+ String ROLE = AttributeRuleEvaluatorFactory.class.getName();
+
+ /**
+ * @return An evaluator.
+ */
+ AttributeRuleEvaluator getEvaluator();
+
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeSet.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeSet.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeSet.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/AttributeSet.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,46 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.lenya.ac.attr;
+
+/**
+ * Definition of user attribute names.
+ */
+public interface AttributeSet {
+
+ /**
+ * The service role.
+ */
+ String ROLE = AttributeSet.class.getName();
+
+ /**
+ * @return All available attribute names.
+ */
+ String[] getAttributeNames();
+
+ /**
+ * @param name An attribute name.
+ * @return An attribute.
+ */
+ Attribute getAttribute(String name);
+
+ /**
+ * @return The name of the attribute set.
+ */
+ String getName();
+
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/AntlrEvaluator.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/AntlrEvaluator.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/AntlrEvaluator.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/AntlrEvaluator.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,112 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.lenya.ac.attr.antlr;
+
+import org.antlr.runtime.ANTLRStringStream;
+import org.antlr.runtime.CharStream;
+import org.antlr.runtime.CommonTokenStream;
+import org.antlr.runtime.RecognitionException;
+import org.apache.avalon.framework.logger.AbstractLogEnabled;
+import org.apache.avalon.framework.logger.Logger;
+import org.apache.lenya.ac.ErrorHandler;
+import org.apache.lenya.ac.Message;
+import org.apache.lenya.ac.SimpleErrorHandler;
+import org.apache.lenya.ac.attr.AttributeSet;
+import org.apache.lenya.ac.attr.AttributeOwner;
+import org.apache.lenya.ac.attr.AttributeRuleEvaluator;
+import org.apache.lenya.ac.impl.ValidationResult;
+import org.apache.lenya.util.Assert;
+
+/**
+ * ANTLR-based attribute rule evaluator.
+ */
+public class AntlrEvaluator extends AbstractLogEnabled implements AttributeRuleEvaluator {
+
+ /**
+ * @param logger The logger.
+ */
+ public AntlrEvaluator(Logger logger) {
+ enableLogging(logger);
+ }
+
+ protected static final String UNDEFINED_VALUE = "undefined";
+
+ public boolean isComplied(AttributeOwner user, String rule) {
+ ErrorHandler handler = new SimpleErrorHandler();
+ ExpressionsParser parser = getParser(rule, handler);
+ try {
+ String[] names = user.getAttributeNames();
+ for (int i = 0; i < names.length; i++) {
+ String[] values = user.getAttributeValues(names[i]);
+ if (values == null) {
+ parser.memory.put(names[i], UNDEFINED_VALUE);
+ }
+ else {
+ if (values.length == 1) {
+ parser.memory.put(names[i], values[0]);
+ } else {
+ parser.memory.put(names[i], values);
+ }
+ }
+ }
+ boolean result = parser.prog();
+ Message[] errors = handler.getErrors();
+ if (errors.length == 0) {
+ return result;
+ }
+ else {
+ getLogger().error("Invalid rule: " + rule);
+ for (int i = 0; i < errors.length; i++) {
+ getLogger().error(errors[i].getText());
+ }
+ return false;
+ }
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public ValidationResult validate(String rule, AttributeSet attrs) {
+ ErrorHandler handler = new SimpleErrorHandler();
+ ExpressionsParser parser = getParser(rule, handler);
+ ValidationResult result;
+ try {
+ String[] names = attrs.getAttributeNames();
+ for (int i = 0; i < names.length; i++) {
+ parser.memory.put(attrs.getAttribute(names[i]).getAlias(), UNDEFINED_VALUE);
+ }
+ parser.prog();
+ result = new ValidationResult(handler.getErrors());
+ } catch (RecognitionException e) {
+ throw new RuntimeException(e);
+ }
+ return result;
+ }
+
+ protected ExpressionsParser getParser(String rule, ErrorHandler handler) {
+ Assert.notNull("rule", rule);
+ CharStream stream = new ANTLRStringStream(rule);
+ ExpressionsLexer lexer = new ExpressionsLexer(stream);
+ lexer.setErrorHandler(handler);
+ CommonTokenStream tokens = new CommonTokenStream(lexer);
+ ExpressionsParser parser = new ExpressionsParser(tokens);
+ parser.setErrorHandler(handler);
+ return parser;
+ }
+
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/AntlrEvaluatorFactory.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/AntlrEvaluatorFactory.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/AntlrEvaluatorFactory.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/AntlrEvaluatorFactory.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,33 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.lenya.ac.attr.antlr;
+
+import org.apache.avalon.framework.logger.AbstractLogEnabled;
+import org.apache.lenya.ac.attr.AttributeRuleEvaluator;
+import org.apache.lenya.ac.attr.AttributeRuleEvaluatorFactory;
+
+/**
+ * Factory for ANTLR-based attribute rule evaluators.
+ */
+public class AntlrEvaluatorFactory extends AbstractLogEnabled implements AttributeRuleEvaluatorFactory {
+
+ public AttributeRuleEvaluator getEvaluator() {
+ return new AntlrEvaluator(getLogger());
+ }
+
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/Expressions.g
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/Expressions.g?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/Expressions.g (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/Expressions.g Wed Jul 2 07:34:12 2008
@@ -0,0 +1,114 @@
+grammar Expressions;
+
+@header {
+package org.apache.lenya.ac.attr.antlr;
+import java.util.HashMap;
+import org.apache.lenya.ac.ErrorHandler;
+}
+
+@lexer::header {
+package org.apache.lenya.ac.attr.antlr;
+import org.apache.lenya.ac.ErrorHandler;
+}
+
+@members {
+/** Map variable name to object holding value */
+ HashMap memory = new HashMap();
+ private ErrorHandler errorHandler;
+
+ public void setErrorHandler(ErrorHandler handler) {
+ this.errorHandler = handler;
+ }
+
+ public void displayRecognitionError(String[] tokenNames, RecognitionException e) {
+ String hdr = getErrorHeader(e);
+ String msg;
+ if (e instanceof FailedPredicateException) {
+ msg = ((FailedPredicateException) e).predicateText;
+ }
+ else {
+ msg = getErrorMessage(e, tokenNames);
+ }
+ emitErrorMessage(hdr+" "+msg);
+ }
+
+ public void emitErrorMessage(String msg) {
+ this.errorHandler.error(msg);
+ }
+}
+
+@lexer::members {
+
+ private ErrorHandler errorHandler;
+
+ public void setErrorHandler(ErrorHandler handler) {
+ this.errorHandler = handler;
+ }
+
+ public void emitErrorMessage(String msg) {
+ this.errorHandler.error(msg);
+ }
+}
+
+prog returns [boolean value]
+ : e=orExpression {$value = $e.value; }
+ ;
+
+orExpression returns [boolean value]
+ : e=andExpression {$value = $e.value; }
+ ( OR e=andExpression {$value = $value || $e.value; } )*
+ ;
+
+andExpression returns [boolean value]
+ : e=comparison {$value = $e.value;}
+ ( AND e=comparison {$value = $value && $e.value;} )*
+ ;
+
+comparison returns [boolean value]
+ : a=atom EQUALS b=atom {
+ if ($a.value instanceof String && $b.value instanceof String) {
+ $value = $a.value.equals($b.value);
+ }
+ else if ($a.value instanceof String && $b.value.getClass().isArray()) {
+ $value = java.util.Arrays.asList((String[]) $b.value).contains($a.value);
+ }
+ else if ($a.value.getClass().isArray() && $b.value instanceof String) {
+ $value = java.util.Arrays.asList((String[]) $a.value).contains($b.value);
+ }
+ else {
+ throw new FailedPredicateException(input, $a.text + " == " + $b.text,
+ "Incompatible arguments for comparison: " + $a.value + ", " + $b.value);
+ }
+ }
+ | LEFTPAR e=orExpression RIGHTPAR {$value = $e.value;}
+ ;
+
+atom returns [Object value]
+ : quotedString {$value = $quotedString.value;}
+ | ID
+ {
+ Object v = memory.get($ID.text);
+ if ( v != null ) {
+ $value = v;
+ }
+ else {
+ $value = "undefined";
+ throw new FailedPredicateException(input, $ID.text,
+ "Undefined variable \"" + $ID.text + "\"");
+ }
+ }
+ ;
+
+quotedString returns [String value]
+ : LITERAL {$value = $LITERAL.text.substring(1, $LITERAL.text.length() - 1);}
+ ;
+
+LITERAL: '"' ('a'..'z'|'A'..'Z'|'_'|' '|'.')* '"';
+ID: ('a'..'z'|'A'..'Z') ('a'..'z'|'A'..'Z'|'0'..'9')*;
+EQUALS: '==';
+QUOT: '"';
+OR: '||';
+AND: '&&';
+LEFTPAR: '(';
+RIGHTPAR: ')';
+WS: (' '|'\t')+ {skip();} ;
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/ParseException.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/ParseException.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/ParseException.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/antlr/ParseException.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.lenya.ac.attr.antlr;
+
+/**
+ * Thrown in attribute rule evaluators if an attribute is not defined.
+ */
+public class ParseException extends RuntimeException {
+
+ public ParseException() {
+ super();
+ }
+
+ public ParseException(String arg0, Throwable arg1) {
+ super(arg0, arg1);
+ }
+
+ public ParseException(String arg0) {
+ super(arg0);
+ }
+
+ public ParseException(Throwable arg0) {
+ super(arg0);
+ }
+
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeImpl.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeImpl.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeImpl.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeImpl.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,50 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.lenya.ac.attr.impl;
+
+import org.apache.lenya.ac.attr.Attribute;
+import org.apache.lenya.util.Assert;
+
+public class AttributeImpl implements Attribute {
+
+ private String description;
+ private String name;
+ private String alias;
+
+ public AttributeImpl(String name, String alias, String description) {
+ Assert.notNull("name", name);
+ Assert.notNull("alias", alias);
+ Assert.notNull("description", description);
+ this.name = name;
+ this.alias = alias;
+ this.description = description;
+ }
+
+ public String getDescription() {
+ return this.description;
+ }
+
+ public String getName() {
+ return this.name;
+ }
+
+ public String getAlias() {
+ return this.alias;
+ }
+
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeManagerImpl.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeManagerImpl.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeManagerImpl.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeManagerImpl.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,82 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.lenya.ac.attr.impl;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.avalon.framework.activity.Disposable;
+import org.apache.avalon.framework.activity.Initializable;
+import org.apache.avalon.framework.component.Component;
+import org.apache.avalon.framework.logger.AbstractLogEnabled;
+import org.apache.avalon.framework.service.ServiceException;
+import org.apache.avalon.framework.service.ServiceManager;
+import org.apache.avalon.framework.service.ServiceSelector;
+import org.apache.avalon.framework.service.Serviceable;
+import org.apache.avalon.framework.thread.ThreadSafe;
+import org.apache.lenya.ac.attr.AttributeManager;
+import org.apache.lenya.ac.attr.AttributeRuleEvaluator;
+import org.apache.lenya.ac.attr.AttributeRuleEvaluatorFactory;
+import org.apache.lenya.ac.attr.AttributeSet;
+
+public class AttributeManagerImpl extends AbstractLogEnabled implements Serviceable,
+ AttributeManager, Disposable, Initializable, ThreadSafe, Component {
+
+ private ServiceManager manager;
+ private ServiceSelector attrSetSelector;
+ private AttributeRuleEvaluatorFactory evaluatorFactory;
+ private Map name2attributeSet = new HashMap();
+
+ public void service(ServiceManager manager) throws ServiceException {
+ this.manager = manager;
+ }
+
+ public synchronized AttributeSet getAttributeSet(String name) {
+ AttributeSet attrs = (AttributeSet) this.name2attributeSet.get(name);
+ if (attrs == null) {
+ try {
+ attrs = (AttributeSet) this.attrSetSelector.select(name);
+ } catch (ServiceException e) {
+ throw new RuntimeException();
+ }
+ this.name2attributeSet.put(name, attrs);
+ }
+ return attrs;
+ }
+
+ public AttributeRuleEvaluator getEvaluator() {
+ return this.evaluatorFactory.getEvaluator();
+ }
+
+ public void dispose() {
+ if (this.attrSetSelector != null) {
+ this.manager.release(this.attrSetSelector);
+ }
+ if (this.evaluatorFactory != null) {
+ this.manager.release(this.evaluatorFactory);
+ }
+ }
+
+ public void initialize() throws Exception {
+ this.attrSetSelector = (ServiceSelector) this.manager
+ .lookup(AttributeSet.ROLE + "Selector");
+ this.evaluatorFactory = (AttributeRuleEvaluatorFactory) this.manager
+ .lookup(AttributeRuleEvaluatorFactory.ROLE);
+ }
+
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeRuleImpl.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeRuleImpl.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeRuleImpl.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeRuleImpl.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,84 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.lenya.ac.attr.impl;
+
+import org.apache.lenya.ac.AccessControlException;
+import org.apache.lenya.ac.Message;
+import org.apache.lenya.ac.attr.AttributeOwner;
+import org.apache.lenya.ac.attr.AttributeRule;
+import org.apache.lenya.ac.attr.AttributeRuleEvaluator;
+import org.apache.lenya.ac.attr.AttributeSet;
+import org.apache.lenya.ac.impl.ValidationResult;
+import org.apache.lenya.util.Assert;
+
+/**
+ * Attribute rule implementation.
+ */
+public class AttributeRuleImpl implements AttributeRule {
+
+ /**
+ * @param rule
+ * @param attrSet
+ * @param evaluator
+ * @throws AccessControlException if the rule is not valid.
+ */
+ public AttributeRuleImpl(String rule, AttributeSet attrSet, AttributeRuleEvaluator evaluator)
+ throws AccessControlException {
+ Assert.notNull("rule", rule);
+ Assert.notNull("attribute set", attrSet);
+ Assert.notNull("evaluator", evaluator);
+
+ ValidationResult result = evaluator.validate(rule, attrSet);
+ if (!result.succeeded()) {
+ StringBuffer msg = new StringBuffer();
+ Message[] messages = result.getMessages();
+ for (int i = 0; i < messages.length; i++) {
+ if (i > 0) {
+ msg.append("; ");
+ }
+ msg.append(messages[i].getText());
+ }
+ throw new AccessControlException("The rule is not valid: " + msg.toString());
+ }
+
+ this.rule = rule;
+ this.attributeSet = attrSet;
+ this.evaluator = evaluator;
+ }
+
+ private String rule;
+ private AttributeSet attributeSet;
+ private AttributeRuleEvaluator evaluator;
+
+ public AttributeSet getAttributeSet() {
+ return this.attributeSet;
+ }
+
+ public String getRule() {
+ return this.rule;
+ }
+
+ public boolean matches(AttributeOwner owner) {
+ return this.evaluator.isComplied(owner, getRule());
+ }
+
+ public String toString() {
+ return getRule();
+ }
+
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeSetImpl.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeSetImpl.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeSetImpl.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/AttributeSetImpl.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,80 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.lenya.ac.attr.impl;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.avalon.framework.configuration.Configurable;
+import org.apache.avalon.framework.configuration.Configuration;
+import org.apache.avalon.framework.configuration.ConfigurationException;
+import org.apache.avalon.framework.logger.AbstractLogEnabled;
+import org.apache.lenya.ac.attr.Attribute;
+import org.apache.lenya.ac.attr.AttributeSet;
+import org.apache.lenya.util.Assert;
+
+/**
+ * SAML attribute translator implementation.
+ */
+public class AttributeSetImpl extends AbstractLogEnabled implements AttributeSet, Configurable {
+
+ private static final String CONF_ATTRIBUTE = "Attribute";
+ private static final String CONF_ATTRIBUTE_NAME = "name";
+ private static final String CONF_ATTRIBUTE_ALIAS = "alias";
+ private static final String CONF_ATTRIBUTE_DESCRIPTION = "description";
+
+ /**
+ * Separator for multiple values.
+ */
+ public static final String MULTIVALUE_SEPARATOR = ";";
+
+ private Map name2attr;
+ private String name;
+
+ public void configure(Configuration attrTransConfig) throws ConfigurationException {
+ this.name2attr = new HashMap();
+ this.name = attrTransConfig.getAttribute(CONF_ATTRIBUTE_NAME);
+ Configuration[] transList = attrTransConfig.getChildren();
+ for (int i = 0; i < transList.length; i++) {
+ if (!transList[i].getName().equals(CONF_ATTRIBUTE))
+ throw new ConfigurationException("Invalid child config element: "
+ + transList[i].getName());
+ String name = transList[i].getAttribute(CONF_ATTRIBUTE_NAME);
+ String alias = transList[i].getAttribute(CONF_ATTRIBUTE_ALIAS, name);
+ String descr = transList[i].getAttribute(CONF_ATTRIBUTE_DESCRIPTION, "");
+ Attribute attr = new AttributeImpl(name, alias, descr);
+ this.name2attr.put(name, attr);
+ }
+ }
+
+ public Attribute getAttribute(String name) {
+ Assert.isTrue("Attribute '" + name + "' exists", this.name2attr.containsKey(name));
+ return (Attribute) this.name2attr.get(name);
+ }
+
+ public String[] getAttributeNames() {
+ Set names = this.name2attr.keySet();
+ return (String[]) names.toArray(new String[names.size()]);
+ }
+
+ public String getName() {
+ return this.name;
+ }
+
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/EmptyAttributeSet.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/EmptyAttributeSet.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/EmptyAttributeSet.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/impl/EmptyAttributeSet.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ */
+package org.apache.lenya.ac.attr.impl;
+
+import org.apache.lenya.ac.attr.Attribute;
+import org.apache.lenya.ac.attr.AttributeSet;
+
+/**
+ * An empty attribute set.
+ */
+public class EmptyAttributeSet implements AttributeSet {
+
+ private static final String NAME = "empty";
+
+ public Attribute getAttribute(String name) {
+ throw new RuntimeException("No attributes defined.");
+ }
+
+ public String[] getAttributeNames() {
+ return new String[0];
+ }
+
+ public String getName() {
+ return NAME;
+ }
+
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/jexl/JexlEvaluator.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/jexl/JexlEvaluator.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/jexl/JexlEvaluator.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/jexl/JexlEvaluator.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,106 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.lenya.ac.attr.jexl;
+
+import org.apache.avalon.framework.container.ContainerUtil;
+import org.apache.avalon.framework.logger.AbstractLogEnabled;
+import org.apache.avalon.framework.logger.Logger;
+import org.apache.commons.jexl.Expression;
+import org.apache.commons.jexl.ExpressionFactory;
+import org.apache.commons.jexl.JexlContext;
+import org.apache.commons.jexl.JexlHelper;
+import org.apache.lenya.ac.attr.AttributeOwner;
+import org.apache.lenya.ac.attr.AttributeRuleEvaluator;
+import org.apache.lenya.ac.attr.AttributeSet;
+import org.apache.lenya.ac.impl.ValidationResult;
+
+/**
+ * JEXL-based attribute rule evaluator.
+ */
+public class JexlEvaluator extends AbstractLogEnabled implements AttributeRuleEvaluator {
+
+ /**
+ * @param logger The logger.
+ */
+ public JexlEvaluator(Logger logger) {
+ ContainerUtil.enableLogging(this, logger);
+ }
+
+ /**
+ * @param user The user.
+ * @param rule The rule.
+ * @return if the rule is complied.
+ */
+ public boolean isComplied(AttributeOwner user, String rule) {
+ if (user.getAttributeNames().length == 0) {
+ return false;
+ } else {
+ try {
+ JexlContext context = JexlHelper.createContext();
+ String[] names = user.getAttributeNames();
+ for (int i = 0; i < names.length; i++) {
+ String[] values = user.getAttributeValues(names[i]);
+ if (values != null) {
+ if (values.length == 1) {
+ context.getVars().put(names[i], values[0]);
+ } else {
+ context.getVars().put(names[i], values);
+ }
+ }
+ }
+ Expression e = ExpressionFactory.createExpression(rule);
+ Object result = e.evaluate(context);
+ if (result instanceof Boolean) {
+ return ((Boolean) result).booleanValue();
+ }
+ else {
+ throw new RuntimeException("The result [" + result + "] is not a boolean value!");
+ }
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+ }
+
+ /**
+ * @param rule The rule to validate.
+ * @return If the rule is valid.
+ */
+ public ValidationResult validate(String rule, AttributeSet attrs) {
+ ValidationResult result;
+ try {
+ JexlContext context = JexlHelper.createContext();
+
+ String[] names = attrs.getAttributeNames();
+ for (int i = 0; i < names.length; i++) {
+ context.getVars().put(attrs.getAttribute(names[i]).getAlias(), null);
+ }
+ try {
+ Expression e = ExpressionFactory.createExpression(rule);
+ e.evaluate(context);
+ result = new ValidationResult(true);
+ } catch (Exception ex) {
+ result = new ValidationResult(false);
+ result.addMessage(ex.getMessage());
+ }
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ return result;
+ }
+}
Added: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/jexl/JexlEvaluatorFactory.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/jexl/JexlEvaluatorFactory.java?rev=673403&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/jexl/JexlEvaluatorFactory.java (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/attr/jexl/JexlEvaluatorFactory.java Wed Jul 2 07:34:12 2008
@@ -0,0 +1,33 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.lenya.ac.attr.jexl;
+
+import org.apache.avalon.framework.logger.AbstractLogEnabled;
+import org.apache.lenya.ac.attr.AttributeRuleEvaluator;
+import org.apache.lenya.ac.attr.AttributeRuleEvaluatorFactory;
+
+/**
+ * Factory for JEXL-based attribute rule evaluators.
+ */
+public class JexlEvaluatorFactory extends AbstractLogEnabled implements AttributeRuleEvaluatorFactory {
+
+ public AttributeRuleEvaluator getEvaluator() {
+ return new JexlEvaluator(getLogger());
+ }
+
+}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileAccreditableManager.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileAccreditableManager.java?rev=673403&r1=673402&r2=673403&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileAccreditableManager.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileAccreditableManager.java Wed Jul 2 07:34:12 2008
@@ -43,6 +43,7 @@
import org.apache.lenya.ac.RoleManager;
import org.apache.lenya.ac.UserManager;
import org.apache.lenya.ac.UserType;
+import org.apache.lenya.ac.attr.AttributeManager;
import org.apache.lenya.ac.impl.AbstractAccreditableManager;
import org.apache.cocoon.util.NetUtils;
@@ -262,5 +263,18 @@
protected UserManager initializeUserManager() throws AccessControlException {
return FileUserManager.instance(this.manager, this, getUserTypes(), getLogger());
}
+
+ private AttributeManager attributeMgr;
+
+ public AttributeManager getAttributeManager() {
+ if (this.attributeMgr == null) {
+ try {
+ this.attributeMgr = (AttributeManager) this.manager.lookup(AttributeManager.ROLE);
+ } catch (ServiceException e) {
+ throw new RuntimeException(e);
+ }
+ }
+ return this.attributeMgr;
+ }
}
\ No newline at end of file
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileGroup.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileGroup.java?rev=673403&r1=673402&r2=673403&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileGroup.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileGroup.java Wed Jul 2 07:34:12 2008
@@ -27,6 +27,10 @@
import org.apache.avalon.framework.configuration.DefaultConfiguration;
import org.apache.avalon.framework.configuration.DefaultConfigurationSerializer;
import org.apache.lenya.ac.AccessControlException;
+import org.apache.lenya.ac.attr.AttributeManager;
+import org.apache.lenya.ac.attr.AttributeRule;
+import org.apache.lenya.ac.attr.AttributeSet;
+import org.apache.lenya.ac.attr.impl.AttributeRuleImpl;
import org.apache.lenya.ac.impl.AbstractGroup;
import org.apache.lenya.ac.impl.ItemConfiguration;
@@ -35,6 +39,7 @@
*/
public class FileGroup extends AbstractGroup implements FileItem {
+ protected static final String ATTRIBUTE_SET = "attributeSet";
protected static final String RULE = "rule";
/**
@@ -70,11 +75,15 @@
new ItemConfiguration().configure(this, config);
Configuration ruleConfig = config.getChild(RULE, false);
if (ruleConfig != null) {
- String rule = ruleConfig.getValue();
+ String ruleString = ruleConfig.getValue();
+ String attributeSetName = ruleConfig.getAttribute(ATTRIBUTE_SET);
try {
+ AttributeManager attrMgr = getItemManager().getAccreditableManager().getAttributeManager();
+ AttributeSet attrs = attrMgr.getAttributeSet(attributeSetName);
+ AttributeRule rule = new AttributeRuleImpl(ruleString, attrs, attrMgr.getEvaluator());
setRule(rule);
} catch (AccessControlException e) {
- throw new ConfigurationException("Setting rule [" + rule + "] failed: ", e);
+ throw new ConfigurationException("Setting rule [" + ruleString + "] failed: ", e);
}
}
}
@@ -118,9 +127,11 @@
private Configuration createConfiguration() {
DefaultConfiguration config = new DefaultConfiguration(GROUP);
new ItemConfiguration().save(this, config);
- if (getRule() != null) {
+ AttributeRule rule = getRule();
+ if (rule != null) {
DefaultConfiguration ruleConfig = new DefaultConfiguration(RULE);
- ruleConfig.setValue(getRule());
+ ruleConfig.setValue(rule.getRule());
+ ruleConfig.setAttribute(ATTRIBUTE_SET, rule.getAttributeSet().getName());
config.addChild(ruleConfig);
}
return config;
@@ -136,11 +147,9 @@
return configurationDirectory;
}
- /**
- * @see org.apache.lenya.ac.Item#setConfigurationDirectory(java.io.File)
- */
public void setConfigurationDirectory(File configurationDirectory) {
assert (configurationDirectory != null) && configurationDirectory.isDirectory();
this.configurationDirectory = configurationDirectory;
}
+
}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileGroupManager.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileGroupManager.java?rev=673403&r1=673402&r2=673403&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileGroupManager.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileGroupManager.java Wed Jul 2 07:34:12 2008
@@ -25,12 +25,15 @@
import java.util.Map;
import org.apache.avalon.framework.logger.Logger;
+import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.lenya.ac.AccessControlException;
import org.apache.lenya.ac.AccreditableManager;
import org.apache.lenya.ac.Group;
import org.apache.lenya.ac.GroupManager;
import org.apache.lenya.ac.Item;
+import org.apache.lenya.ac.attr.AttributeRuleEvaluator;
+import org.apache.lenya.ac.attr.AttributeRuleEvaluatorFactory;
/**
* File-based group manager.
@@ -122,4 +125,24 @@
return containsItem(groupId);
}
+ private AttributeRuleEvaluator evaluator;
+
+ public AttributeRuleEvaluator getAttributeRuleEvaluator() {
+ if (this.evaluator == null) {
+ AttributeRuleEvaluatorFactory factory = null;
+ try {
+ factory = (AttributeRuleEvaluatorFactory) this.manager
+ .lookup(AttributeRuleEvaluatorFactory.ROLE);
+ this.evaluator = factory.getEvaluator();
+ } catch (ServiceException e) {
+ throw new RuntimeException(e);
+ } finally {
+ if (factory != null) {
+ this.manager.release(factory);
+ }
+ }
+ }
+ return this.evaluator;
+ }
+
}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileItemManager.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileItemManager.java?rev=673403&r1=673402&r2=673403&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileItemManager.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileItemManager.java Wed Jul 2 07:34:12 2008
@@ -38,15 +38,16 @@
import org.apache.avalon.framework.logger.Logger;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
+import org.apache.avalon.framework.service.Serviceable;
import org.apache.lenya.ac.AccessControlException;
import org.apache.lenya.ac.AccreditableManager;
-import org.apache.lenya.ac.AttributeRuleEvaluator;
-import org.apache.lenya.ac.AttributeRuleEvaluatorFactory;
import org.apache.lenya.ac.Group;
import org.apache.lenya.ac.Groupable;
import org.apache.lenya.ac.Item;
import org.apache.lenya.ac.ItemManager;
import org.apache.lenya.ac.ItemManagerListener;
+import org.apache.lenya.ac.attr.AttributeRuleEvaluator;
+import org.apache.lenya.ac.attr.AttributeRuleEvaluatorFactory;
import org.apache.lenya.ac.impl.AbstractItem;
import org.apache.lenya.ac.impl.ItemConfiguration;
@@ -85,26 +86,6 @@
loadItems();
}
- private AttributeRuleEvaluator evaluator;
-
- public AttributeRuleEvaluator getAttributeRuleEvaluator() {
- if (this.evaluator == null) {
- AttributeRuleEvaluatorFactory factory = null;
- try {
- factory = (AttributeRuleEvaluatorFactory) this.manager
- .lookup(AttributeRuleEvaluatorFactory.ROLE);
- this.evaluator = factory.getEvaluator();
- } catch (ServiceException e) {
- throw new RuntimeException(e);
- } finally {
- if (factory != null) {
- this.manager.release(factory);
- }
- }
- }
- return this.evaluator;
- }
-
public AccreditableManager getAccreditableManager() {
return this.accreditableManager;
}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractGroup.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractGroup.java?rev=673403&r1=673402&r2=673403&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractGroup.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractGroup.java Wed Jul 2 07:34:12 2008
@@ -28,11 +28,11 @@
import org.apache.lenya.ac.AccessControlException;
import org.apache.lenya.ac.Accreditable;
import org.apache.lenya.ac.AccreditableManager;
-import org.apache.lenya.ac.AttributeOwner;
-import org.apache.lenya.ac.AttributeRuleEvaluator;
import org.apache.lenya.ac.Group;
import org.apache.lenya.ac.Groupable;
-import org.apache.lenya.ac.Message;
+import org.apache.lenya.ac.attr.AttributeOwner;
+import org.apache.lenya.ac.attr.AttributeRule;
+import org.apache.lenya.ac.attr.AttributeRuleEvaluator;
import org.apache.lenya.util.Assert;
/**
@@ -109,12 +109,12 @@
}
public boolean matches(AttributeOwner user) {
- String rule = getRule();
- return rule == null ? false : getAttributeRuleEvaluator().isComplied(user, rule);
+ AttributeRule rule = getRule();
+ return rule == null ? false : rule.matches(user);
}
protected AttributeRuleEvaluator getAttributeRuleEvaluator() {
- return getItemManager().getAttributeRuleEvaluator();
+ return getItemManager().getAccreditableManager().getAttributeManager().getEvaluator();
}
/**
@@ -129,29 +129,13 @@
}
}
- private String rule;
+ private AttributeRule rule;
- public void setRule(String rule) throws AccessControlException {
- if (rule != null) {
- AttributeRuleEvaluator evaluator = getAttributeRuleEvaluator();
- ValidationResult result = evaluator.validate(rule);
- if (!result.succeeded()) {
- StringBuffer msg = new StringBuffer();
- Message[] messages = result.getMessages();
- for (int i = 0; i < messages.length; i++) {
- if (i > 0) {
- msg.append("; ");
- }
- msg.append(messages[i].getText());
- }
- throw new AccessControlException("The rule for group [" + getId()
- + "] is not valid: " + msg.toString());
- }
- }
+ public void setRule(AttributeRule rule) {
this.rule = rule;
}
- public String getRule() {
+ public AttributeRule getRule() {
return this.rule;
}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AnonymousAuthenticator.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AnonymousAuthenticator.java?rev=673403&r1=673402&r2=673403&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AnonymousAuthenticator.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AnonymousAuthenticator.java Wed Jul 2 07:34:12 2008
@@ -27,6 +27,8 @@
import org.apache.lenya.ac.ManagedUserReference;
import org.apache.lenya.ac.UserManager;
import org.apache.lenya.ac.UserReference;
+import org.apache.lenya.ac.attr.AttributeSet;
+import org.apache.lenya.ac.attr.impl.EmptyAttributeSet;
/**
* The anonymous authenticator authenticates to an anonymous user with no password (you just have to
@@ -85,4 +87,10 @@
public String getTargetUri(Request request) {
return request.getRequestURI();
}
+
+ private AttributeSet attrs = new EmptyAttributeSet();
+
+ public AttributeSet getAttributeSet() {
+ return this.attrs;
+ }
}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/DefaultAccessController.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/DefaultAccessController.java?rev=673403&r1=673402&r2=673403&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/DefaultAccessController.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/DefaultAccessController.java Wed Jul 2 07:34:12 2008
@@ -25,7 +25,6 @@
import java.util.regex.*;
import org.apache.avalon.framework.activity.Disposable;
-import org.apache.avalon.framework.activity.Initializable;
import org.apache.avalon.framework.component.Component;
import org.apache.avalon.framework.configuration.Configurable;
import org.apache.avalon.framework.configuration.Configuration;
@@ -44,8 +43,6 @@
import org.apache.lenya.ac.AccessController;
import org.apache.lenya.ac.Accreditable;
import org.apache.lenya.ac.AccreditableManager;
-import org.apache.lenya.ac.AttributeDefinition;
-import org.apache.lenya.ac.AttributeDefinitionRegistry;
import org.apache.lenya.ac.Authenticator;
import org.apache.lenya.ac.Authorizer;
import org.apache.lenya.ac.ErrorHandler;
@@ -61,7 +58,7 @@
* @version $Id: DefaultAccessController.java 473842 2006-11-12 01:15:20Z gregor $
*/
public class DefaultAccessController extends AbstractLogEnabled implements AccessController,
- Configurable, Serviceable, Disposable, ItemManagerListener, Initializable {
+ Configurable, Serviceable, Disposable, ItemManagerListener {
protected static final String AUTHORIZER_ELEMENT = "authorizer";
protected static final String TYPE_ATTRIBUTE = "type";
@@ -448,13 +445,6 @@
getPolicyManager().accreditableRemoved(getAccreditableManager(), (Accreditable) item);
}
- public void initialize() throws Exception {
- // register the attribute definition
- AttributeDefinition definition = (AttributeDefinition) this.manager
- .lookup(AttributeDefinition.ROLE);
- AttributeDefinitionRegistry.register(definition);
- }
-
public String getAuthenticatorType() {
return this.authenticatorType;
}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/UserAuthenticator.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/UserAuthenticator.java?rev=673403&r1=673402&r2=673403&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/UserAuthenticator.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/UserAuthenticator.java Wed Jul 2 07:34:12 2008
@@ -32,6 +32,8 @@
import org.apache.lenya.ac.User;
import org.apache.lenya.ac.UserManager;
import org.apache.lenya.ac.UserReference;
+import org.apache.lenya.ac.attr.AttributeSet;
+import org.apache.lenya.ac.attr.impl.EmptyAttributeSet;
import org.apache.lenya.cms.publication.util.OutgoingLinkRewriter;
import org.apache.lenya.util.ServletHelper;
@@ -139,4 +141,9 @@
return request.getRequestURI();
}
+ private AttributeSet attrs = new EmptyAttributeSet();
+
+ public AttributeSet getAttributeSet() {
+ return this.attrs;
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@lenya.apache.org
For additional commands, e-mail: commits-help@lenya.apache.org