You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-dev@jakarta.apache.org by re...@apache.org on 2001/03/02 00:05:36 UTC

cvs commit: jakarta-slide/src/wrappers/catalina SlideRealm.java

remm        01/03/01 15:05:36

  Modified:    src/wrappers/catalina SlideRealm.java
  Log:
  - Correct implementation for hasRole, which will use the roles the auth pricipal has
    in the Slide namespace.
  - The realm will not attempt to silently connect to various namespaces (that
    could cause security problems). Instead, the namespace name should either :
    - be specified using the "namespace" property
    - be the container's name
  
  Revision  Changes    Path
  1.3       +49 -20    jakarta-slide/src/wrappers/catalina/SlideRealm.java
  
  Index: SlideRealm.java
  ===================================================================
  RCS file: /home/cvs/jakarta-slide/src/wrappers/catalina/SlideRealm.java,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- SlideRealm.java	2000/12/05 06:45:23	1.2
  +++ SlideRealm.java	2001/03/01 23:05:36	1.3
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-slide/src/wrappers/catalina/SlideRealm.java,v 1.2 2000/12/05 06:45:23 remm Exp $
  - * $Revision: 1.2 $
  - * $Date: 2000/12/05 06:45:23 $
  + * $Header: /home/cvs/jakarta-slide/src/wrappers/catalina/SlideRealm.java,v 1.3 2001/03/01 23:05:36 remm Exp $
  + * $Revision: 1.3 $
  + * $Date: 2001/03/01 23:05:36 $
    *
    * ====================================================================
    *
  @@ -84,6 +84,7 @@
   import org.apache.slide.content.NodeProperty;
   import org.apache.slide.authenticate.CredentialsToken;
   import org.apache.slide.authenticate.SecurityToken;
  +import org.apache.slide.security.Security;
   
   
   /**
  @@ -95,7 +96,7 @@
    * to tomcat, webdav or default.
    * 
    * @author Remy Maucherat
  - * @version $Revision: 1.2 $ $Date: 2000/12/05 06:45:23 $
  + * @version $Revision: 1.3 $ $Date: 2001/03/01 23:05:36 $
    */
   
   public final class SlideRealm
  @@ -109,7 +110,7 @@
        * Descriptive information about this Realm implementation.
        */
       private static final String info =
  -	"org.apache.catalina.realm.SlideRealm/1.0";
  +	"org.apache.catalina.realm.SlideRealm/1.1";
   
   
       /**
  @@ -125,6 +126,12 @@
   
   
       /**
  +     * Security halper.
  +     */
  +    private Security securityHelper;
  +
  +
  +    /**
        * Users path.
        */
       private String usersPath;
  @@ -136,6 +143,12 @@
       private CredentialsToken rootCredentials;
   
   
  +    /**
  +     * Namepsace to which this realm will connect.
  +     */
  +    private String namespace;
  +
  +
       // ------------------------------------------------------------- Properties
   
   
  @@ -147,24 +160,34 @@
       public void setContainer(Container container) {
   
           super.setContainer(container);
  -        accessToken = Domain.accessNamespace(new SecurityToken(container), 
  -                                             container.getName());
  -        if (accessToken == null)
  -            accessToken = Domain.accessNamespace(new SecurityToken(container),
  -                                                 "tomcat");
  -        if (accessToken == null)
  -            accessToken = Domain.accessNamespace(new SecurityToken(container),
  -                                                 "webdav");
  +
  +        if (namespace == null)
  +            namespace = container.getName();
  +
  +        accessToken = Domain.accessNamespace
  +            (new SecurityToken(container), namespace);
  +
           if (accessToken == null)
  -            accessToken = Domain.accessNamespace(new SecurityToken(container),
  -                                                 "default");
  +            throw new IllegalStateException
  +                ("Invalid Slide Realm configuration : "
  +                 + "Couldn't access namespace");
  +
           contentHelper = accessToken.getContentHelper();
  +        securityHelper = accessToken.getSecurityHelper();
   
           usersPath = accessToken.getNamespaceConfig().getUsersPath();
   
       }
   
   
  +    /**
  +     * Set the namespace name to which this realm will connect.
  +     */
  +    public void setNamespace(String namespace) {
  +        this.namespace = namespace;
  +    }
  +
  +
       // --------------------------------------------------------- Public Methods
   
   
  @@ -178,11 +201,13 @@
        */
       public boolean hasRole(Principal principal, String role) {
   
  -        // FIXME !
  -        // Use role resolution ...
  -        if (principal.getName().equals(role))
  -            return true;
  -	return (false);
  +        CredentialsToken credToken = new CredentialsToken(principal);
  +        SlideToken slideToken = new SlideToken(credToken);
  +        try {
  +            return securityHelper.hasRole(slideToken, role);
  +        } catch (SlideException e) {
  +            return (false);
  +        }
   
       }
   
  @@ -194,8 +219,10 @@
        * Return the password associated with the given principal's user name.
        */
       protected String getPassword(String username) {
  +        
           // Fetch the Slide object representing the user.
           try {
  +            
               Principal userPrincipal = getPrincipal(username);
               CredentialsToken credToken = new CredentialsToken(userPrincipal);
               SlideToken slideToken = new SlideToken(credToken);
  @@ -216,7 +243,9 @@
               // The stack trace is displayed for now for debug purposes
               e.printStackTrace();
           }
  +        
           return null;
  +        
       }