You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by co...@locus.apache.org on 2000/02/15 18:35:40 UTC
cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/request SecurityCheck.java SimpleMapper.java
costin 00/02/15 09:35:40
Modified: src/share/org/apache/tomcat/context WebXmlReader.java
src/share/org/apache/tomcat/core BaseInterceptor.java
Constants.java Context.java ContextInterceptor.java
ContextManager.java Request.java RequestImpl.java
ServletWrapper.java
src/share/org/apache/tomcat/request SimpleMapper.java
Added: src/share/org/apache/tomcat/core Container.java
src/share/org/apache/tomcat/request SecurityCheck.java
Log:
- Added tomcat.core.Container - it's similar with Catalina container, i.e. it represents a
group of URLs. It is also similar with per dir config in Apache.
For each URL pattern ( "Location" ) we can associate a handler ( via mappings ) and security
constraints. The Container will represent the properties of a location ( or URL pattern ).
- Added SecurityContraints to Context, use Container to represent them.
- Changed SimpleMapper to also check if the location has secuirty requirements. The code in
SimpleMapper needs a serious review and eventually it should be replaced ( the alghoritm for
matching and the data structures are at least ineficient ).
- Tested 1/2 of security - if you define a constraint in web.xml, it will be processed and
all requests that match will be "marked". The missing part is authenticating and checking if
the user is in one of the authorized roles ( this is done in Craig's code, we just need to merge)
Revision Changes Path
1.9 +2 -3 jakarta-tomcat/src/share/org/apache/tomcat/context/WebXmlReader.java
Index: WebXmlReader.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/context/WebXmlReader.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- WebXmlReader.java 2000/02/14 04:59:38 1.8
+++ WebXmlReader.java 2000/02/15 17:35:37 1.9
@@ -200,7 +200,6 @@
String tag=ctx.getTag(ctx.getTagCount()-1);
SecurityConstraint sc=(SecurityConstraint)st.pop();
Context context=(Context)st.peek();
- ContextManager cm=context.getContextManager();
st.push( sc ); // restore stack
// add all patterns that will need security
@@ -212,8 +211,8 @@
ResourceCollection rc=(ResourceCollection)en.nextElement();
String paths[]=rc.getPatterns();
String meths[]=rc.getMethods();
- cm.addSecurityConstraint( context, paths, meths ,
- transport, roles);
+ context.addSecurityConstraint( paths, meths ,
+ roles, transport);
}
}
public void cleanup( SaxContext ctx) {
1.4 +1 -2 jakarta-tomcat/src/share/org/apache/tomcat/core/BaseInterceptor.java
Index: BaseInterceptor.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/BaseInterceptor.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- BaseInterceptor.java 2000/02/14 04:59:38 1.3
+++ BaseInterceptor.java 2000/02/15 17:35:37 1.4
@@ -140,8 +140,7 @@
/**
*/
- public void addSecurityConstraint( Context ctx, String path[], String methods[],
- String transport, String roles[] )
+ public void addSecurityConstraint( Context ctx, String path, Container ct )
throws TomcatException
{
}
1.16 +0 -17 jakarta-tomcat/src/share/org/apache/tomcat/core/Constants.java
Index: Constants.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/Constants.java,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- Constants.java 2000/02/14 04:59:39 1.15
+++ Constants.java 2000/02/15 17:35:37 1.16
@@ -91,23 +91,6 @@
public static final String LOCALE_DEFAULT="en";
-// public static final String ConfigFile = WebInfDir + "WEB-INF/web.xml";
-// public static final String WARExpandDir = "docBase";
-
-
-// public static class Property {
-// public static final String Name = "core.properties";
-// public static final String EngineHeader = "engine.header";
-// public static final String MimeType = "mimeType";
-// }
-
-
- // "org.apache.tomcat.core.DefaultServlet";
-
- // public static final String JSP_CLASSNAME = "org.apache.jasper.runtime.JspServlet";
-
-
-
public static final String ATTRIBUTE_RequestURI =
"javax.servlet.include.request_uri";
public static final String ATTRIBUTE_ServletPath =
1.54 +81 -32 jakarta-tomcat/src/share/org/apache/tomcat/core/Context.java
Index: Context.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/Context.java,v
retrieving revision 1.53
retrieving revision 1.54
diff -u -r1.53 -r1.54
--- Context.java 2000/02/13 20:49:40 1.53
+++ Context.java 2000/02/15 17:35:37 1.54
@@ -89,44 +89,17 @@
private String docBase;
// internal state / related objects
- private boolean initialized = false;
private ContextManager contextM;
private ServletContextFacade contextFacade;
+
private SessionManager sessionManager;
- private ServletWrapper defaultServlet = null;
+ private ServletLoader servletL;
+ boolean reloadable=true; // XXX change default to false after testing
- private URL documentBase;
-
- //
private Hashtable attributes = new Hashtable();
- // work dir
private File workDir;
- private boolean isWorkDirPersistent = false;
-
- // tomcat specific properties
- private String engineHeader = null;
- private URL servletBase = null;
- private boolean isInvokerEnabled = false;
- boolean reloadable=true; // XXX change default to false after testing
- // for serving WARs directly
- private File warDir = null;
- private boolean isWARExpanded = false;
- private boolean isWARValidated = false;
-
-// // Class Loading
-// private String classPath = ""; // classpath used by the classloader.
-// private Vector classPaths = new Vector();
-// private Vector libPaths = new Vector();
-// // XXX deprecated
-// private ServletClassLoader servletLoader;
- private ServletLoader servletL;
-
- // Interceptors
- private Vector initInterceptors = new Vector();
- private Vector serviceInterceptors = new Vector();
- private Vector destroyInterceptors = new Vector();
private RequestSecurityProvider rsProvider;
private Vector contextInterceptors = new Vector();
@@ -152,6 +125,8 @@
// Maps specified in web.xml ( String url -> ServletWrapper )
private Hashtable mappings = new Hashtable();
+ Hashtable constraints=new Hashtable();
+ private ServletWrapper defaultServlet = null;
// Authentication properties
String authMethod;
@@ -487,6 +462,30 @@
}
}
}
+
+ public void addSecurityConstraint( String path[], String methods[],
+ String roles[], String transport)
+ throws TomcatException
+ {
+ for( int i=0; i< path.length; i++ ) {
+ Container ct=new Container();
+ ct.setContext( this );
+ ct.setTransport( transport );
+ ct.setRoles( roles );
+
+ // XXX check if exists, merge if true.
+ constraints.put( path[i], ct );
+ contextM.addSecurityConstraint( this, path[i], ct);
+ }
+ }
+
+ public Enumeration getSecurityConstraints() {
+ return constraints.keys();
+ }
+
+ public Container getSecurityConstraint( String path ) {
+ return (Container)constraints.get(path);
+ }
public ServletWrapper getDefaultServlet() {
if( defaultServlet==null)
@@ -683,78 +682,124 @@
}
// -------------------- Deprecated
- //
+ // tomcat specific properties
+ private boolean isWorkDirPersistent = false;
+ private String engineHeader = null;
+ private URL documentBase;
+ private URL servletBase = null;
+ private boolean isInvokerEnabled = false;
+ // for serving WARs directly
+ private File warDir = null;
+ private boolean isWARExpanded = false;
+ private boolean isWARValidated = false;
+
+
+ /** @deprecated
+ */
public boolean isInvokerEnabled() {
return isInvokerEnabled;
}
-
+ /** @deprecated
+ */
public void setInvokerEnabled(boolean isInvokerEnabled) {
this.isInvokerEnabled = isInvokerEnabled;
}
+ /** @deprecated
+ */
public boolean isWorkDirPersistent() {
return this.isWorkDirPersistent;
}
+ /** @deprecated
+ */
public void setWorkDirPersistent( boolean b ) {
isWorkDirPersistent=b;
}
+ /** @deprecated
+ */
public File getWorkDir() {
return workDir;
}
+ /** @deprecated
+ */
public void setWorkDir(File workDir) {
this.workDir = workDir;
}
/** Set work dir using a String property
+ * @deprecated
*/
public void setWorkDirPath(String workDir) {
this.workDir=new File(workDir);
}
+
+ /** @deprecated
+ */
public String getEngineHeader() {
return engineHeader;
}
+ /** @deprecated
+ */
public void setEngineHeader(String s) {
engineHeader=s;
}
+ /** @deprecated
+ */
public void setRequestSecurityProvider(RequestSecurityProvider rsProvider) {
this.rsProvider = rsProvider;
}
+ /** @deprecated
+ */
public RequestSecurityProvider getRequestSecurityProvider() {
return this.rsProvider;
}
+ /** @deprecated
+ */
public File getWARDir() {
return this.warDir;
}
+ /** @deprecated
+ */
public void setWARDir( File f ) {
warDir=f;
}
+ /** @deprecated
+ */
public boolean isWARExpanded() {
return this.isWARExpanded;
}
+ /** @deprecated
+ */
public void setIsWARExpanded(boolean isWARExpanded) {
this.isWARExpanded = isWARExpanded;
}
+ /** @deprecated
+ */
public boolean isWARValidated() {
return this.isWARValidated;
}
+ /** @deprecated
+ */
public void setIsWARValidated(boolean isWARValidated) {
this.isWARValidated = isWARValidated;
}
+ /** @deprecated
+ */
public void addContextInterceptor( ContextInterceptor ci) {
contextInterceptors.addElement( ci );
}
@@ -766,6 +811,7 @@
returning the vector - the interceptors will not change at
runtime and array access is faster and easier than vector
access
+ @deprecated
*/
public ContextInterceptor[] getContextInterceptors() {
if( cInterceptors == null || cInterceptors.length != contextInterceptors.size()) {
@@ -777,6 +823,8 @@
return cInterceptors;
}
+ /** @deprecated
+ */
public void addRequestInterceptor( RequestInterceptor ci) {
requestInterceptors.addElement( ci );
}
@@ -788,6 +836,7 @@
returning the vector - the interceptors will not change at
runtime and array access is faster and easier than vector
access
+ @deprecated
*/
public RequestInterceptor[] getRequestInterceptors() {
if( rInterceptors == null || rInterceptors.length != requestInterceptors.size()) {
1.8 +4 -5 jakarta-tomcat/src/share/org/apache/tomcat/core/ContextInterceptor.java
Index: ContextInterceptor.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/ContextInterceptor.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- ContextInterceptor.java 2000/02/14 04:59:39 1.7
+++ ContextInterceptor.java 2000/02/15 17:35:37 1.8
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/ContextInterceptor.java,v 1.7 2000/02/14 04:59:39 costin Exp $
- * $Revision: 1.7 $
- * $Date: 2000/02/14 04:59:39 $
+ * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/ContextInterceptor.java,v 1.8 2000/02/15 17:35:37 costin Exp $
+ * $Revision: 1.8 $
+ * $Date: 2000/02/15 17:35:37 $
*
* ====================================================================
*
@@ -128,8 +128,7 @@
* here and path in addMapping into UrlMatch and transport, roles and wrapper
* under UrlAction ( or something like that ).
*/
- public void addSecurityConstraint( Context ctx, String path[], String methods[],
- String transport, String roles[] ) throws TomcatException;
+ public void addSecurityConstraint( Context ctx, String path, Container dirConf ) throws TomcatException;
/** Servlet Init notification
1.41 +3 -4 jakarta-tomcat/src/share/org/apache/tomcat/core/ContextManager.java
Index: ContextManager.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/ContextManager.java,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -r1.40 -r1.41
--- ContextManager.java 2000/02/14 04:59:39 1.40
+++ ContextManager.java 2000/02/15 17:35:37 1.41
@@ -313,6 +313,7 @@
public void removeServlet( Context ctx, ServletWrapper sw )
throws TomcatException
{
+ if( sw==null) return;
ContextInterceptor cI[]=getContextInterceptors();
for( int i=0; i< cI.length; i++ ) {
cI[i].removeServlet( ctx, sw );
@@ -347,13 +348,12 @@
}
}
- public void addSecurityConstraint( Context ctx, String path[], String methods[],
- String transport, String roles[] )
+ public void addSecurityConstraint( Context ctx, String path, Container ct )
throws TomcatException
{
ContextInterceptor cI[]=getContextInterceptors();
for( int i=0; i< cI.length; i++ ) {
- cI[i].addSecurityConstraint( ctx, path, methods, transport, roles );
+ cI[i].addSecurityConstraint( ctx, path, ct );
}
}
@@ -523,7 +523,6 @@
}
// XXX Hardcoded - it will be changed in the next step.( costin )
-
processRequest( rrequest );
if( rrequest.getWrapper() == null ) {
1.26 +4 -0 jakarta-tomcat/src/share/org/apache/tomcat/core/Request.java
Index: Request.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/Request.java,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- Request.java 2000/02/03 07:11:51 1.25
+++ Request.java 2000/02/15 17:35:38 1.26
@@ -171,6 +171,10 @@
public void setWrapper(ServletWrapper handler) ;
+ public Container getContainer() ;
+
+ public void setContainer(Container handler) ;
+
/** The file - result of mapping the request ( using aliases and other
* mapping rules. Usefull only for static resources.
*/
1.17 +14 -4 jakarta-tomcat/src/share/org/apache/tomcat/core/RequestImpl.java
Index: RequestImpl.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/RequestImpl.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- RequestImpl.java 2000/02/13 20:49:40 1.16
+++ RequestImpl.java 2000/02/15 17:35:38 1.17
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/RequestImpl.java,v 1.16 2000/02/13 20:49:40 costin Exp $
- * $Revision: 1.16 $
- * $Date: 2000/02/13 20:49:40 $
+ * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/RequestImpl.java,v 1.17 2000/02/15 17:35:38 costin Exp $
+ * $Revision: 1.17 $
+ * $Date: 2000/02/15 17:35:38 $
*
* ====================================================================
*
@@ -128,6 +128,7 @@
// set by interceptors
protected String servletName;
protected ServletWrapper handler = null;
+ Container container;
protected String mappedPath = null;
@@ -411,6 +412,14 @@
this.handler=handler;
}
+ public Container getContainer() {
+ return container;
+ }
+
+ public void setContainer(Container container) {
+ this.container=container;
+ }
+
/** The file - result of mapping the request ( using aliases and other
* mapping rules. Usefull only for static resources.
*/
@@ -552,7 +561,8 @@
didParameters = false;
didReadFormData = false;
didCookies = false;
-
+ container=null;
+ handler=null;
scheme = "http";// no need to use Constants
method = "GET";
requestURI="/";
1.26 +3 -56 jakarta-tomcat/src/share/org/apache/tomcat/core/ServletWrapper.java
Index: ServletWrapper.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/ServletWrapper.java,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- ServletWrapper.java 2000/02/14 04:59:39 1.25
+++ ServletWrapper.java 2000/02/15 17:35:38 1.26
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/ServletWrapper.java,v 1.25 2000/02/14 04:59:39 costin Exp $
- * $Revision: 1.25 $
- * $Date: 2000/02/14 04:59:39 $
+ * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/core/ServletWrapper.java,v 1.26 2000/02/15 17:35:38 costin Exp $
+ * $Revision: 1.26 $
+ * $Date: 2000/02/15 17:35:38 $
*
* ====================================================================
*
@@ -447,14 +447,6 @@
protected void handleInit(Context context, Servlet servlet, ServletConfig servletConfig )
throws ServletException, IOException
{
- // Vector v=context.getInitInterceptors();
- // for( int i=0; i<v.size(); i++ ) {
- // try {
- // ((LifecycleInterceptor)v.elementAt(i)).preInvoke( context, servlet );
- // } catch(InterceptorException ex ) {
- // ex.printStackTrace();
- // }
- // }
ContextInterceptor cI[]=context.getContextInterceptors();
for( int i=0; i<cI.length; i++ ) {
try {
@@ -475,13 +467,6 @@
}
}
- // for( int i=v.size()-1; i>=0 ; i-- ) {
- // try {
- // ((LifecycleInterceptor)v.elementAt(i)).postInvoke( context, servlet );
- // } catch(InterceptorException ex ) {
- // ex.printStackTrace();
- // }
- // }
}
/** Call destroy(), with all interceptors before and after in the
@@ -490,14 +475,6 @@
protected void handleDestroy(Context context, Servlet servlet )
throws ServletException, IOException
{
- // Vector v=context.getDestroyInterceptors();
- // for( int i=0; i<v.size(); i++ ) {
- // try {
- // ((LifecycleInterceptor)v.elementAt(i)).preInvoke( context, servlet );
- // } catch(InterceptorException ex ) {
- // ex.printStackTrace();
- // }
- // }
ContextInterceptor cI[]=context.getContextInterceptors();
for( int i=0; i<cI.length; i++ ) {
try {
@@ -516,16 +493,6 @@
}
}
- // if an exception is thrown in init, no end interceptors will be called.
- // that was in the origianl code
-
- // for( int i=v.size()-1; i>=0 ; i-- ) {
- // try {
- // ((LifecycleInterceptor)v.elementAt(i)).postInvoke( context, servlet );
- // } catch(InterceptorException ex ) {
- // ex.printStackTrace();
- // }
- // }
}
@@ -536,18 +503,6 @@
HttpServletRequestFacade request, HttpServletResponseFacade response )
throws ServletException, IOException
{
- // XXX pass Request and Response as paramters - all tomcat code use this pattern,
- // we need to use Facade only when we call the Servlet methods
-
- // Vector v = context.getServiceInterceptors();
- // for( int i=0; i<v.size(); i++ ) {
- // try {
- // ((ServiceInterceptor)v.elementAt(i)).preInvoke(context, servlet,
- // request, response);
- // } catch(InterceptorException ex ) {
- // ex.printStackTrace();
- // }
- // }
RequestInterceptor cI[]=context.getRequestInterceptors();
for( int i=0; i<cI.length; i++ ) {
cI[i].preService( request.getRealRequest(), response.getRealResponse() ); // ignore the error - like in the original code
@@ -564,14 +519,6 @@
for( int i=cI.length-1; i>=0; i-- ) {
cI[i].postService( request.getRealRequest() , response.getRealResponse() ); // ignore the error - like in the original code
}
- // for( int i=v.size()-1; i>=0 ; i-- ) {
- // try {
- // ((ServiceInterceptor)v.elementAt(i)).postInvoke(context, servlet,
- // request, response);
- // } catch(InterceptorException ex ) {
- // ex.printStackTrace();
- // }
- // }
}
// Fancy sync logic is to make sure that no threads are in the
1.10 +106 -371 jakarta-tomcat/src/share/org/apache/tomcat/core/Container.java
1.10 +151 -86 jakarta-tomcat/src/share/org/apache/tomcat/request/SimpleMapper.java
Index: SimpleMapper.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/request/SimpleMapper.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- SimpleMapper.java 2000/02/13 01:16:18 1.9
+++ SimpleMapper.java 2000/02/15 17:35:40 1.10
@@ -75,6 +75,20 @@
public class SimpleMapper extends BaseInterceptor {
int debug=0;
ContextManager cm;
+ // String context prefix -> Mappings context maps
+ Hashtable contextPaths=new Hashtable();
+
+ // security restrictions
+ Hashtable securityConstraints=new Hashtable();
+
+ class Mappings {
+ Context ctx;
+ Container defaultContainer;
+ Hashtable prefixMappedServlets;
+ Hashtable extensionMappedServlets;
+ Hashtable pathMappedServlets;
+ }
+
public SimpleMapper() {
methods.addElement("contextMap");
@@ -98,13 +112,10 @@
}
public void setDebug( int level ) {
+ if(level!=0) System.out.println("SimpleMapper - set debug " + level);
debug=level;
}
- public void setDebug( String level ) {
- debug=new Integer( level ).intValue();
- }
-
void log( String msg ) {
if( cm==null)
System.out.println("SimpleMapper: " + msg );
@@ -151,47 +162,77 @@
rrequest.setLookupPath( lookupPath );
return OK;
}
-
+ /**
+ */
public int requestMap(Request req) {
Context context=req.getContext();
String path=req.getLookupPath();
- ServletWrapper wrapper = null;
+ Container container = null;
String ctxP=context.getPath();
Mappings m=(Mappings)contextPaths.get(ctxP);
if(debug>0) context.log( "Mapping: " + req );
- // /*XXX*/ try {throw new Exception(); } catch(Exception ex) {ex.printStackTrace();}
-
- // try an exact match
- wrapper = getPathMatch(m, context, path, req);
- // try a prefix match
- if( wrapper == null )
- wrapper = getPrefixMatch(m, context, path, req);
-
- // try an extension match
- if (wrapper == null)
- wrapper = getExtensionMatch(m, context, path, req);
-
- // set default wrapper, return
- if (wrapper == null) {
- wrapper = context.getDefaultServlet();
- req.setWrapper( wrapper );
+ container=findContainer( m, path, context, req );
+
+ // set default container, return
+ if (container == null) {
+ container=m.defaultContainer;
+ if( m.defaultContainer.getHandler() == null ) {
+ ServletWrapper sw=context.getDefaultServlet();
+ m.defaultContainer.setHandler( sw );
+ }
+ req.setWrapper( m.defaultContainer.getHandler() );
req.setServletPath( "" );
req.setPathInfo( path);
if(debug>0) context.log("Default mapper " + "\n " + req);
+ } else {
+ req.setWrapper( container.getHandler() );
+
+ if(debug>0) context.log("Found wrapper using getMapPath " + "\n " + req);
+ }
+ req.setContainer( container );
+
+ // the container already has security properties
+ // in it, no need to search again
+ if( container.getRoles() != null ) {
+ if(debug>0) context.log("Existing security constraint " + "\n " + container.getRoles());
return OK;
- }
+ }
+
+ // Now find the security restrictions for req
+ m=(Mappings)securityConstraints.get(ctxP);
+ if( m==null) return OK;
+ Container scontainer=findContainer( m, path, context, req);
+ if( m==null ) {
+ // no security
+ return OK;
+ }
+ // Merge the security info into the container
+ //
+ if(debug>0) context.log("Found security constraing " + "\n " + scontainer.getRoles());
+ container.setRoles( scontainer.getRoles());
+ container.setTransport( scontainer.getTransport());
+
+ return OK;
+ }
- req.setWrapper( wrapper );
- if(debug>0) context.log("Found wrapper using getMapPath " + "\n " + req);
+ private Container findContainer( Mappings m, String path, Context context, Request req )
+ {
+ Container container = getPathMatch(m, context, path, req);
- return OK;
- }
+ // try a prefix match
+ if( container == null )
+ container = getPrefixMatch(m, context, path, req);
+ // try an extension match
+ if (container == null)
+ container = getExtensionMatch(m, context, path, req);
+ return container;
+ }
// -------------------- Internal representation of mappings --------------------
/* Implementation:
@@ -201,16 +242,6 @@
*/
- // String prefix -> Mappings context maps
- Hashtable contextPaths=new Hashtable();
-
- class Mappings {
- Context ctx;
- Hashtable prefixMappedServlets;
- Hashtable extensionMappedServlets;
- Hashtable pathMappedServlets;
- }
-
/** Called when a context is added to a CM
*/
@@ -230,9 +261,26 @@
while( enum.hasMoreElements() ) {
String path=(String) enum.nextElement();
ServletWrapper sw=ctx.getServletMapping( path );
+ Container ct=new Container();
+ ct.setContext( ctx );
+ ct.setHandler( sw );
if(debug>0) ctx.log("Adding existing " + path );
- addMapping( ctx, path, sw );
+ addMapping( contextPaths, ctx, path, ct );
}
+ // set default container
+ Container def=new Container();
+ def.setContext( ctx );
+ ServletWrapper wrapper = ctx.getDefaultServlet();
+ def.setHandler( wrapper );
+ m.defaultContainer=def;
+
+ enum=ctx.getSecurityConstraints();
+ while( enum.hasMoreElements() ) {
+ String path=(String) enum.nextElement();
+ Container ct=ctx.getSecurityConstraint( path );
+ if(debug>0) ctx.log("Adding existing " + path );
+ addMapping( securityConstraints, ctx, path, ct );
+ }
}
@@ -250,11 +298,21 @@
}
+ /** Notification - new handler mapping
+ */
+ public void addMapping( Context ctx, String path, ServletWrapper sw)
+ throws TomcatException
+ {
+ Container ct=new Container();
+ ct.setContext( ctx );
+ ct.setHandler( sw );
+ if(debug>0) ctx.log("Adding existing " + path );
+ addMapping( contextPaths, ctx, path, ct );
+ }
+
/**
- * Maps a named servlet to a particular path or extension.
- * If the named servlet is unregistered, it will be added
- * and subsequently mapped.
- *
+ * Associate URL pattern to a set of propreties.
+ *
* Note that the order of resolution to handle a request is:
*
* exact mapped servlet (eg /catalog)
@@ -263,12 +321,20 @@
* default servlet
*
*/
- public void addMapping( Context ctx, String path, ServletWrapper sw)
+ void addMapping( Hashtable mtable, Context ctx, String path, Container ct)
throws TomcatException
{
String ctxP=ctx.getPath();
- Mappings m=(Mappings)contextPaths.get(ctxP);
- if(debug>0) ctx.log( "Add mapping " + path + " " + sw + " " + m );
+ Mappings m=(Mappings)mtable.get(ctxP);
+ if( m==null ) {
+ m=new Mappings();
+ m.ctx=ctx;
+ m.prefixMappedServlets=new Hashtable();
+ m.extensionMappedServlets=new Hashtable();
+ m.pathMappedServlets=new Hashtable();
+ mtable.put( ctxP, m );
+ }
+ if(debug>0) ctx.log( "Add mapping " + path + " " + ct + " " + m );
path = path.trim();
@@ -276,12 +342,12 @@
return;
if (path.startsWith("/") &&
path.endsWith("/*")){
- m.prefixMappedServlets.put(path, sw);
+ m.prefixMappedServlets.put(path, ct);
// System.out.println("Map " + path + " -> " + sw );
} else if (path.startsWith("*.")) {
- m.extensionMappedServlets.put(path, sw);
+ m.extensionMappedServlets.put(path, ct);
} else if (! path.equals("/")) {
- m.pathMappedServlets.put(path, sw);
+ m.pathMappedServlets.put(path, ct);
}
}
@@ -310,52 +376,51 @@
String path=ctx.getPath();
Mappings m=(Mappings)contextPaths.get(path);
- if (m.prefixMappedServlets.contains(sw)) {
- Enumeration enum = m.prefixMappedServlets.keys();
+ Enumeration enum = m.prefixMappedServlets.keys();
- while (enum.hasMoreElements()) {
- String key = (String)enum.nextElement();
-
- if (m.prefixMappedServlets.get(key).equals(sw)) {
- m.prefixMappedServlets.remove(key);
- }
+ while (enum.hasMoreElements()) {
+ String key = (String)enum.nextElement();
+
+ if (((Container)m.prefixMappedServlets.get(key)).getHandler().equals(sw)) {
+ m.prefixMappedServlets.remove(key);
}
}
- if (m.extensionMappedServlets.contains(sw)) {
- Enumeration enum = m.extensionMappedServlets.keys();
+ enum = m.extensionMappedServlets.keys();
- while (enum.hasMoreElements()) {
- String key = (String)enum.nextElement();
-
- if (m.extensionMappedServlets.get(key).equals(sw)) {
- m.extensionMappedServlets.remove(key);
+ while (enum.hasMoreElements()) {
+ String key = (String)enum.nextElement();
+
+ if (((Container)m.extensionMappedServlets.get(key)).getHandler().equals(sw)) {
+ m.extensionMappedServlets.remove(key);
}
- }
}
-
- if (m.pathMappedServlets.contains(sw)) {
- Enumeration enum = m.pathMappedServlets.keys();
-
- while (enum.hasMoreElements()) {
- String key = (String)enum.nextElement();
- if (m.pathMappedServlets.get(key).equals(sw)) {
- m.pathMappedServlets.remove(key);
- }
+ enum = m.pathMappedServlets.keys();
+
+ while (enum.hasMoreElements()) {
+ String key = (String)enum.nextElement();
+
+ if (((Container)m.pathMappedServlets.get(key)).getHandler().equals(sw)) {
+ m.pathMappedServlets.remove(key);
}
}
-
}
+ public void addSecurityConstraint( Context ctx, String path, Container ct)
+ throws TomcatException
+ {
+ if(debug>0) ctx.log( "Add SC " + path + " " + ct );
+ addMapping( securityConstraints, ctx, path, ct );
+ }
// -------------------- Implementation --------------------
/** Get an exact match ( /catalog ) - rule 1 in 10.1
*/
- private ServletWrapper getPathMatch(Mappings m, Context context, String path, Request req) {
- ServletWrapper wrapper = null;
- wrapper = (ServletWrapper)m.pathMappedServlets.get(path);
+ private Container getPathMatch(Mappings m, Context context, String path, Request req) {
+ Container wrapper = null;
+ wrapper = (Container)m.pathMappedServlets.get(path);
if (wrapper != null) {
req.setServletPath( path );
@@ -368,8 +433,8 @@
/** Match a prefix rule - /foo/bar/index.html/abc
*/
- private ServletWrapper getPrefixMatch(Mappings m, Context context, String path, Request req) {
- ServletWrapper wrapper = null;
+ private Container getPrefixMatch(Mappings m, Context context, String path, Request req) {
+ Container wrapper = null;
String s = path;
// /baz/== /baz ==/baz/*
@@ -380,11 +445,11 @@
// XXX we can remove /* in prefix map when we add it, so no need
// for another string creation
if(debug>2) context.log( "Prefix: " + s );
- wrapper = (ServletWrapper)m.prefixMappedServlets.get(s + "/*" );
- // Enumeration en=m.prefixMappedServlets.keys();
- // while( en.hasMoreElements() ) {
- // System.out.println("XXX: " + en.nextElement());
- // }
+ wrapper = (Container)m.prefixMappedServlets.get(s + "/*" );
+ //Enumeration en=m.prefixMappedServlets.keys();
+ //while( en.hasMoreElements() ) {
+ //System.out.println("XXX: " + en.nextElement());
+ //}
if (wrapper == null)
s=removeLast( s );
@@ -407,13 +472,13 @@
// It looks like it's broken: try /foo/bar.jsp/test/a.baz -> will not match it
// as baz, but neither as .jsp, which is wrong.
// XXX Fix this code - I don't think evolution will work in this class.
- private ServletWrapper getExtensionMatch(Mappings m, Context context, String path, Request req) {
+ private Container getExtensionMatch(Mappings m, Context context, String path, Request req) {
String extension=getExtension( path );
if( extension == null ) return null;
// XXX need to store the extensions without *, to avoid extra
// string creation
- ServletWrapper wrapper= (ServletWrapper)m.extensionMappedServlets.get("*" + extension);
+ Container wrapper= (Container)m.extensionMappedServlets.get("*" + extension);
if (wrapper == null)
return null;
1.1 jakarta-tomcat/src/share/org/apache/tomcat/request/SecurityCheck.java
Index: SecurityCheck.java
===================================================================
/*
* ====================================================================
*
* The Apache Software License, Version 1.1
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "The Jakarta Project", "Tomcat", and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
* [Additional notices, if required by prior licensing conditions]
*
*/
package org.apache.tomcat.request;
import org.apache.tomcat.core.*;
import org.apache.tomcat.util.*;
import java.io.*;
import java.net.*;
import java.util.*;
import javax.servlet.http.*;
/**
* Will process the request and determine the session Id, and set it
* in the Request.
* It also marks the session as accessed.
*
* This implementation only handles Cookies sessions, please extend or
* add new interceptors for other methods.
*
*/
public class SecurityCheck extends BaseInterceptor {
public SecurityCheck() {
}
public int beforeBody( Request rrequest, Response response ) {
String roles[]=rrequest.getContainer().getRoles();
if( roles!=null ) {
System.out.println("XXX XXX XXX EXPECT ROLES " );
for( int i=0; i< roles.length; i++ ) {
System.out.println(roles[i]);
}
}
// extract user, passwd
// check if user is authenticated
// check if auth user is in one of the required roles
return 0;
}
}