You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-dev@jakarta.apache.org by re...@apache.org on 2001/03/02 00:05:36 UTC
cvs commit: jakarta-slide/src/wrappers/catalina SlideRealm.java
remm 01/03/01 15:05:36
Modified: src/wrappers/catalina SlideRealm.java
Log:
- Correct implementation for hasRole, which will use the roles the auth pricipal has
in the Slide namespace.
- The realm will not attempt to silently connect to various namespaces (that
could cause security problems). Instead, the namespace name should either :
- be specified using the "namespace" property
- be the container's name
Revision Changes Path
1.3 +49 -20 jakarta-slide/src/wrappers/catalina/SlideRealm.java
Index: SlideRealm.java
===================================================================
RCS file: /home/cvs/jakarta-slide/src/wrappers/catalina/SlideRealm.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- SlideRealm.java 2000/12/05 06:45:23 1.2
+++ SlideRealm.java 2001/03/01 23:05:36 1.3
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-slide/src/wrappers/catalina/SlideRealm.java,v 1.2 2000/12/05 06:45:23 remm Exp $
- * $Revision: 1.2 $
- * $Date: 2000/12/05 06:45:23 $
+ * $Header: /home/cvs/jakarta-slide/src/wrappers/catalina/SlideRealm.java,v 1.3 2001/03/01 23:05:36 remm Exp $
+ * $Revision: 1.3 $
+ * $Date: 2001/03/01 23:05:36 $
*
* ====================================================================
*
@@ -84,6 +84,7 @@
import org.apache.slide.content.NodeProperty;
import org.apache.slide.authenticate.CredentialsToken;
import org.apache.slide.authenticate.SecurityToken;
+import org.apache.slide.security.Security;
/**
@@ -95,7 +96,7 @@
* to tomcat, webdav or default.
*
* @author Remy Maucherat
- * @version $Revision: 1.2 $ $Date: 2000/12/05 06:45:23 $
+ * @version $Revision: 1.3 $ $Date: 2001/03/01 23:05:36 $
*/
public final class SlideRealm
@@ -109,7 +110,7 @@
* Descriptive information about this Realm implementation.
*/
private static final String info =
- "org.apache.catalina.realm.SlideRealm/1.0";
+ "org.apache.catalina.realm.SlideRealm/1.1";
/**
@@ -125,6 +126,12 @@
/**
+ * Security halper.
+ */
+ private Security securityHelper;
+
+
+ /**
* Users path.
*/
private String usersPath;
@@ -136,6 +143,12 @@
private CredentialsToken rootCredentials;
+ /**
+ * Namepsace to which this realm will connect.
+ */
+ private String namespace;
+
+
// ------------------------------------------------------------- Properties
@@ -147,24 +160,34 @@
public void setContainer(Container container) {
super.setContainer(container);
- accessToken = Domain.accessNamespace(new SecurityToken(container),
- container.getName());
- if (accessToken == null)
- accessToken = Domain.accessNamespace(new SecurityToken(container),
- "tomcat");
- if (accessToken == null)
- accessToken = Domain.accessNamespace(new SecurityToken(container),
- "webdav");
+
+ if (namespace == null)
+ namespace = container.getName();
+
+ accessToken = Domain.accessNamespace
+ (new SecurityToken(container), namespace);
+
if (accessToken == null)
- accessToken = Domain.accessNamespace(new SecurityToken(container),
- "default");
+ throw new IllegalStateException
+ ("Invalid Slide Realm configuration : "
+ + "Couldn't access namespace");
+
contentHelper = accessToken.getContentHelper();
+ securityHelper = accessToken.getSecurityHelper();
usersPath = accessToken.getNamespaceConfig().getUsersPath();
}
+ /**
+ * Set the namespace name to which this realm will connect.
+ */
+ public void setNamespace(String namespace) {
+ this.namespace = namespace;
+ }
+
+
// --------------------------------------------------------- Public Methods
@@ -178,11 +201,13 @@
*/
public boolean hasRole(Principal principal, String role) {
- // FIXME !
- // Use role resolution ...
- if (principal.getName().equals(role))
- return true;
- return (false);
+ CredentialsToken credToken = new CredentialsToken(principal);
+ SlideToken slideToken = new SlideToken(credToken);
+ try {
+ return securityHelper.hasRole(slideToken, role);
+ } catch (SlideException e) {
+ return (false);
+ }
}
@@ -194,8 +219,10 @@
* Return the password associated with the given principal's user name.
*/
protected String getPassword(String username) {
+
// Fetch the Slide object representing the user.
try {
+
Principal userPrincipal = getPrincipal(username);
CredentialsToken credToken = new CredentialsToken(userPrincipal);
SlideToken slideToken = new SlideToken(credToken);
@@ -216,7 +243,9 @@
// The stack trace is displayed for now for debug purposes
e.printStackTrace();
}
+
return null;
+
}