This commit is contained in:
parent
672768e0b2
commit
c653edd679
|
@ -16,6 +16,7 @@ import org.apache.log4j.Logger;
|
|||
import org.dom4j.Element;
|
||||
|
||||
import ch.eitchnet.privilege.handler.EncryptionHandler;
|
||||
import ch.eitchnet.privilege.handler.ModificationHandler;
|
||||
import ch.eitchnet.privilege.handler.PersistenceHandler;
|
||||
import ch.eitchnet.privilege.handler.PolicyHandler;
|
||||
import ch.eitchnet.privilege.handler.SessionHandler;
|
||||
|
@ -46,9 +47,7 @@ public class PrivilegeContainer {
|
|||
private SessionHandler sessionHandler;
|
||||
private PolicyHandler policyHandler;
|
||||
private EncryptionHandler encryptionHandler;
|
||||
private PersistenceHandler persistenceHandler;
|
||||
|
||||
private String basePath;
|
||||
private ModificationHandler modificationHandler;
|
||||
|
||||
public static PrivilegeContainer getInstance() {
|
||||
return instance;
|
||||
|
@ -83,17 +82,10 @@ public class PrivilegeContainer {
|
|||
}
|
||||
|
||||
/**
|
||||
* @return the persistenceHandler
|
||||
* @return the modificationHandler
|
||||
*/
|
||||
public PersistenceHandler getPersistenceHandler() {
|
||||
return persistenceHandler;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the basePath
|
||||
*/
|
||||
public String getBasePath() {
|
||||
return basePath;
|
||||
public ModificationHandler getModificationHandler() {
|
||||
return modificationHandler;
|
||||
}
|
||||
|
||||
public void initialize(File privilegeContainerXml) {
|
||||
|
@ -105,7 +97,7 @@ public class PrivilegeContainer {
|
|||
}
|
||||
|
||||
// set base path from privilege container xml
|
||||
basePath = privilegeContainerXml.getParentFile().getAbsolutePath();
|
||||
String basePath = privilegeContainerXml.getParentFile().getAbsolutePath();
|
||||
|
||||
// parse container xml file to XML document
|
||||
Element containerRootElement = XmlHelper.parseDocument(privilegeContainerXml).getRootElement();
|
||||
|
@ -129,9 +121,14 @@ public class PrivilegeContainer {
|
|||
Element policyHandlerElement = containerRootElement.element(XmlConstants.XML_HANDLER_POLICY);
|
||||
String policyHandlerClassName = policyHandlerElement.attributeValue(XmlConstants.XML_ATTR_CLASS);
|
||||
PolicyHandler policyHandler = ClassHelper.instantiateClass(policyHandlerClassName);
|
||||
|
||||
// instantiate modification handler
|
||||
Element modificationHandlerElement = containerRootElement.element(XmlConstants.XML_HANDLER_MODIFICATION);
|
||||
String modificationHandlerClassName = modificationHandlerElement.attributeValue(XmlConstants.XML_ATTR_CLASS);
|
||||
ModificationHandler modificationHandler = ClassHelper.instantiateClass(policyHandlerClassName);
|
||||
|
||||
try {
|
||||
persistenceHandler.initialize(persistenceHandlerElement);
|
||||
persistenceHandler.initialize(basePath, persistenceHandlerElement);
|
||||
} catch (Exception e) {
|
||||
logger.error(e, e);
|
||||
throw new PrivilegeException("PersistenceHandler " + persistenceHandlerElement
|
||||
|
@ -156,9 +153,15 @@ public class PrivilegeContainer {
|
|||
logger.error(e, e);
|
||||
throw new PrivilegeException("PolicyHandler " + policyHandlerClassName + " could not be initialized");
|
||||
}
|
||||
try {
|
||||
modificationHandler.initialize(modificationHandlerElement);
|
||||
} catch (Exception e) {
|
||||
logger.error(e, e);
|
||||
throw new PrivilegeException("ModificationHandler " + modificationHandlerClassName + " could not be initialized");
|
||||
}
|
||||
|
||||
// keep references to the handlers
|
||||
this.persistenceHandler = persistenceHandler;
|
||||
this.modificationHandler = modificationHandler;
|
||||
this.sessionHandler = sessionHandler;
|
||||
this.encryptionHandler = encryptionHandler;
|
||||
this.policyHandler = policyHandler;
|
||||
|
|
|
@ -19,6 +19,7 @@ public class XmlConstants {
|
|||
public static final String XML_HANDLER_ENCRYPTION = "EncryptionHandler";
|
||||
public static final String XML_HANDLER_SESSION = "SessionHandler";
|
||||
public static final String XML_HANDLER_POLICY = "PolicyHandler";
|
||||
public static final String XML_HANDLER_MODIFICATION = "ModificationHandler";
|
||||
|
||||
public static final String XML_ROLES = "Roles";
|
||||
public static final String XML_ROLE = "Role";
|
||||
|
|
|
@ -51,14 +51,15 @@ public class DefaultPersistenceHandler implements PersistenceHandler {
|
|||
private boolean roleMapDirty;
|
||||
private boolean privilegeMapDirty;
|
||||
|
||||
private PersistenceHandler persistenceHandler;
|
||||
private Map<String, String> parameterMap;
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#addPrivilege(ch.eitchnet.privilege.model.Certificate,
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#addOrReplacePrivilege(ch.eitchnet.privilege.model.Certificate,
|
||||
* ch.eitchnet.privilege.model.internal.Privilege)
|
||||
*/
|
||||
@Override
|
||||
public void addPrivilege(Certificate certificate, Privilege privilege) {
|
||||
public void addOrReplacePrivilege(Certificate certificate, Privilege privilege) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
@ -68,11 +69,11 @@ public class DefaultPersistenceHandler implements PersistenceHandler {
|
|||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#addRole(ch.eitchnet.privilege.model.Certificate,
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#addOrReplaceRole(ch.eitchnet.privilege.model.Certificate,
|
||||
* ch.eitchnet.privilege.model.internal.Role)
|
||||
*/
|
||||
@Override
|
||||
public void addRole(Certificate certificate, Role role) {
|
||||
public void addOrReplaceRole(Certificate certificate, Role role) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
@ -82,11 +83,11 @@ public class DefaultPersistenceHandler implements PersistenceHandler {
|
|||
}
|
||||
|
||||
/**
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#addUser(ch.eitchnet.privilege.model.Certificate,
|
||||
* @see ch.eitchnet.privilege.handler.PersistenceHandler#addOrReplaceUser(ch.eitchnet.privilege.model.Certificate,
|
||||
* ch.eitchnet.privilege.model.internal.User)
|
||||
*/
|
||||
@Override
|
||||
public void addUser(Certificate certificate, User user) {
|
||||
public void addOrReplaceUser(Certificate certificate, User user) {
|
||||
|
||||
// validate who is doing this
|
||||
PrivilegeHelper.isUserPrivilegeAdmin(certificate);
|
||||
|
|
|
@ -33,6 +33,7 @@ import ch.eitchnet.privilege.policy.RestrictionPolicy;
|
|||
*/
|
||||
public class DefaultPolicyHandler implements PolicyHandler {
|
||||
|
||||
private PersistenceHandler persistenceHandler;
|
||||
private Map<String, Class<RestrictionPolicy>> policyMap;
|
||||
|
||||
/**
|
||||
|
|
|
@ -36,6 +36,7 @@ public class DefaultSessionHandler implements SessionHandler {
|
|||
|
||||
private static long lastSessionId;
|
||||
|
||||
private PersistenceHandler persistenceHandler;
|
||||
private Map<String, CertificateSessionPair> sessionMap;
|
||||
|
||||
/**
|
||||
|
@ -63,7 +64,6 @@ public class DefaultSessionHandler implements SessionHandler {
|
|||
throw new PrivilegeException("Restrictable may not be null!");
|
||||
|
||||
PrivilegeContainer privilegeContainer = PrivilegeContainer.getInstance();
|
||||
PersistenceHandler persistenceHandler = privilegeContainer.getPersistenceHandler();
|
||||
|
||||
// get user object
|
||||
User user = persistenceHandler.getUser(certificate.getUsername());
|
||||
|
@ -80,7 +80,7 @@ public class DefaultSessionHandler implements SessionHandler {
|
|||
PolicyHandler policyHandler = privilegeContainer.getPolicyHandler();
|
||||
for (String roleName : user.getRoles()) {
|
||||
|
||||
Role role = privilegeContainer.getPersistenceHandler().getRole(roleName);
|
||||
Role role = persistenceHandler.getRole(roleName);
|
||||
if (role == null) {
|
||||
logger.error("No role is defined with name " + roleName + " which is configured for user " + user);
|
||||
continue;
|
||||
|
@ -124,8 +124,7 @@ public class DefaultSessionHandler implements SessionHandler {
|
|||
+ certificate.getSessionId());
|
||||
|
||||
// get user object
|
||||
User user = PrivilegeContainer.getInstance().getPersistenceHandler().getUser(
|
||||
certificateSessionPair.session.getUsername());
|
||||
User user = persistenceHandler.getUser(certificateSessionPair.session.getUsername());
|
||||
|
||||
// if user exists, then certificate is valid
|
||||
if (user == null) {
|
||||
|
@ -157,7 +156,7 @@ public class DefaultSessionHandler implements SessionHandler {
|
|||
String passwordHash = encryptionHandler.convertToHash(password);
|
||||
|
||||
// get user object
|
||||
User user = PrivilegeContainer.getInstance().getPersistenceHandler().getUser(username);
|
||||
User user = persistenceHandler.getUser(username);
|
||||
// no user means no authentication
|
||||
if (user == null)
|
||||
throw new AccessDeniedException("There is no user defined with the credentials: " + username + " / ***...");
|
||||
|
|
|
@ -0,0 +1,41 @@
|
|||
/*
|
||||
* Copyright (c) 2010
|
||||
*
|
||||
* Robert von Burg
|
||||
* eitch@eitchnet.ch
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
*/
|
||||
|
||||
package ch.eitchnet.privilege.handler;
|
||||
|
||||
import ch.eitchnet.privilege.base.PrivilegeContainerObject;
|
||||
import ch.eitchnet.privilege.model.Certificate;
|
||||
import ch.eitchnet.privilege.model.PrivilegeRep;
|
||||
import ch.eitchnet.privilege.model.RoleRep;
|
||||
import ch.eitchnet.privilege.model.UserRep;
|
||||
import ch.eitchnet.privilege.model.UserState;
|
||||
import ch.eitchnet.privilege.model.internal.Privilege;
|
||||
|
||||
/**
|
||||
* @author rvonburg
|
||||
*
|
||||
*/
|
||||
public interface ModificationHandler extends PrivilegeContainerObject {
|
||||
|
||||
public void addOrReplaceUser(Certificate certificate, UserRep userRep);
|
||||
|
||||
public void setUserPassword(Certificate certificate, String username, String password);
|
||||
|
||||
public void setUserState(Certificate certificate, String username, UserState state);
|
||||
|
||||
public void addOrReplaceRole(Certificate certificate, RoleRep roleRep);
|
||||
|
||||
public void addRoleToUser(Certificate certificate, String username, String role);
|
||||
|
||||
public void addOrReplacePrivilege(Certificate certificate, Privilege privilege);
|
||||
|
||||
public void addPrivilegeToRole(Certificate certificate, String roleName, PrivilegeRep privilegeRep);
|
||||
|
||||
}
|
|
@ -26,17 +26,16 @@ import ch.eitchnet.privilege.model.internal.User;
|
|||
public interface PersistenceHandler extends PrivilegeContainerObject {
|
||||
|
||||
public User getUser(String username);
|
||||
// public void setUserPassword(String username, String password);
|
||||
// public void setUserState(String username, UserState state);
|
||||
public void addUser(Certificate certificate, User user);
|
||||
|
||||
public void addOrReplaceUser(Certificate certificate, User user);
|
||||
|
||||
public Role getRole(String roleName);
|
||||
|
||||
public void addRole(Certificate certificate, Role role);
|
||||
public void addOrReplaceRole(Certificate certificate, Role role);
|
||||
|
||||
public Privilege getPrivilege(String privilegeName);
|
||||
|
||||
public void addPrivilege(Certificate certificate, Privilege privilege);
|
||||
public void addOrReplacePrivilege(Certificate certificate, Privilege privilege);
|
||||
|
||||
public void persist(Certificate certificate);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue