Line 0
Link Here
|
|
|
1 |
/* |
2 |
* Licensed to the Apache Software Foundation (ASF) under one or more |
3 |
* contributor license agreements. See the NOTICE file distributed with |
4 |
* this work for additional information regarding copyright ownership. |
5 |
* The ASF licenses this file to You under the Apache License, Version 2.0 |
6 |
* (the "License"); you may not use this file except in compliance with |
7 |
* the License. You may obtain a copy of the License at |
8 |
* |
9 |
* http://www.apache.org/licenses/LICENSE-2.0 |
10 |
* |
11 |
* Unless required by applicable law or agreed to in writing, software |
12 |
* distributed under the License is distributed on an "AS IS" BASIS, |
13 |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
14 |
* See the License for the specific language governing permissions and |
15 |
* limitations under the License. |
16 |
*/ |
17 |
|
18 |
package org.apache.catalina.realm; |
19 |
|
20 |
import java.security.Principal; |
21 |
import java.util.ArrayList; |
22 |
import java.util.Properties; |
23 |
import java.util.LinkedList; |
24 |
import java.util.List; |
25 |
import java.io.IOException; |
26 |
import java.io.File; |
27 |
import java.io.FileInputStream; |
28 |
|
29 |
import org.apache.catalina.Globals; |
30 |
import org.apache.catalina.Wrapper; |
31 |
import org.apache.catalina.LifecycleException; |
32 |
import org.apache.catalina.Realm; |
33 |
import org.apache.juli.logging.Log; |
34 |
import org.apache.juli.logging.LogFactory; |
35 |
|
36 |
/** |
37 |
*/ |
38 |
|
39 |
public class MappingRealm extends CombinedRealm { |
40 |
|
41 |
private static final Log log = LogFactory.getLog(MappingRealm.class); |
42 |
|
43 |
|
44 |
// ----------------------------------------------------- Instance Variables |
45 |
|
46 |
/** |
47 |
* Internal security role translation |
48 |
*/ |
49 |
protected Properties mapping = null; |
50 |
|
51 |
/** |
52 |
* Filename to load translation from |
53 |
* Format is <code>application-security-role=inner-realm-security-role</code> |
54 |
*/ |
55 |
protected String pathname = "conf/mapping.properties"; |
56 |
|
57 |
/** |
58 |
* Descriptive information about this Realm implementation. |
59 |
*/ |
60 |
protected static final String info = |
61 |
"org.apache.catalina.realm.MappingRealm/1.0"; |
62 |
|
63 |
/** |
64 |
* Descriptive information about this Realm implementation. |
65 |
*/ |
66 |
protected static final String name = "MappingRealm"; |
67 |
|
68 |
/** |
69 |
* Return descriptive information about this Realm implementation and |
70 |
* the corresponding version number, in the format |
71 |
* <code><description>/<version></code>. |
72 |
*/ |
73 |
@Override |
74 |
public String getInfo() { |
75 |
|
76 |
return info; |
77 |
|
78 |
} |
79 |
|
80 |
/** |
81 |
* Return a short name for this Realm implementation. |
82 |
*/ |
83 |
@Override |
84 |
protected String getName() { |
85 |
|
86 |
return (name); |
87 |
|
88 |
} |
89 |
|
90 |
// ---------------------------------------------------------- Realm Methods |
91 |
|
92 |
/** |
93 |
* Return <code>true</code> if the specified Principal has the specified |
94 |
* security role, within the context of this Realm; otherwise return |
95 |
* <code>false</code>. This method can be overridden by Realm |
96 |
* implementations, but the default is adequate when an instance of |
97 |
* <code>GenericPrincipal</code> is used to represent authenticated |
98 |
* Principals from this Realm. |
99 |
* |
100 |
* @param principal Principal for whom the role is to be checked |
101 |
* @param role Security role to be checked |
102 |
*/ |
103 |
@Override |
104 |
public boolean hasRole(Wrapper wrapper, Principal principal, String role) { |
105 |
|
106 |
// Copied from GenericPrincipal |
107 |
if("*".equals(role)) { // Special 2.4 role meaning everyone |
108 |
return true; |
109 |
} |
110 |
if (role == null) { |
111 |
return (false); |
112 |
} |
113 |
|
114 |
String mappedRole = mapping.getProperty(role); |
115 |
|
116 |
if((mappedRole != null) && super.hasRole(wrapper, principal, mappedRole)) { |
117 |
if (log.isDebugEnabled()) { |
118 |
log.debug(sm.getString("mappingRealm.translated", role, mappedRole)); |
119 |
} |
120 |
return true; |
121 |
} else { |
122 |
return false; |
123 |
} |
124 |
} |
125 |
|
126 |
|
127 |
// ------------------------------------------------------ Lifecycle Methods |
128 |
|
129 |
|
130 |
/** |
131 |
* Prepare for the beginning of active use of the public methods of this |
132 |
* component and implement the requirements of |
133 |
* {@link org.apache.catalina.util.LifecycleBase#startInternal()}. |
134 |
* |
135 |
* @exception LifecycleException if this component detects a fatal error |
136 |
* that prevents this component from being used |
137 |
*/ |
138 |
@Override |
139 |
protected void startInternal() throws LifecycleException { |
140 |
|
141 |
mapping = new Properties(); |
142 |
|
143 |
File file = new File(pathname); |
144 |
if (!file.isAbsolute()) { |
145 |
file = new File(System.getProperty(Globals.CATALINA_BASE_PROP), |
146 |
pathname); |
147 |
} |
148 |
if (file.exists()) { |
149 |
FileInputStream fis = null; |
150 |
try { |
151 |
fis = new FileInputStream(file); |
152 |
mapping.load(fis); |
153 |
log.info(sm.getString("mappingRealm.loadOK", pathname)); |
154 |
} catch (IOException ioe) { |
155 |
log.error(sm.getString("mappingRealm.loadFailed", pathname)); |
156 |
} finally { |
157 |
if (fis != null) { |
158 |
try { |
159 |
fis.close(); |
160 |
} catch (IOException ioe) { |
161 |
// Ignore |
162 |
} |
163 |
} |
164 |
} |
165 |
} else { |
166 |
log.warn(sm.getString("mappingRealm.fileNotExists", pathname)); |
167 |
} |
168 |
|
169 |
super.startInternal(); |
170 |
} |
171 |
|
172 |
|
173 |
/** |
174 |
* Gracefully terminate the active use of the public methods of this |
175 |
* component and implement the requirements of |
176 |
* {@link org.apache.catalina.util.LifecycleBase#stopInternal()}. |
177 |
* |
178 |
* @exception LifecycleException if this component detects a fatal error |
179 |
* that needs to be reported |
180 |
*/ |
181 |
@Override |
182 |
protected void stopInternal() throws LifecycleException { |
183 |
|
184 |
// Perform normal superclass finalization |
185 |
super.stopInternal(); |
186 |
|
187 |
// Release mapping |
188 |
mapping = null; |
189 |
|
190 |
} |
191 |
} |
192 |
|