This project has retired. For details please refer to its Attic page.
SimpleAuthorizationFilter xref
View Javadoc

1   package org.apache.archiva.redback.integration.filter.authorization;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   * http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  import org.apache.archiva.redback.authorization.AuthorizationException;
23  import org.apache.archiva.redback.system.SecuritySession;
24  import org.apache.archiva.redback.system.SecuritySystem;
25  import org.apache.archiva.redback.integration.filter.SpringServletFilter;
26  import org.apache.commons.lang.StringUtils;
27  import org.slf4j.Logger;
28  import org.slf4j.LoggerFactory;
29  
30  import javax.servlet.FilterChain;
31  import javax.servlet.FilterConfig;
32  import javax.servlet.ServletException;
33  import javax.servlet.ServletRequest;
34  import javax.servlet.ServletResponse;
35  import javax.servlet.http.HttpServletResponse;
36  import java.io.IOException;
37  
38  /**
39   * SimpleAuthorizationFilter
40   *
41   * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
42   *
43   */
44  public class SimpleAuthorizationFilter
45      extends SpringServletFilter
46  {
47  
48      private Logger logger = LoggerFactory.getLogger( getClass() );
49  
50      private String permission;
51  
52      private String resource;
53  
54      private String accessDeniedLocation;
55  
56      public void init( FilterConfig filterConfig )
57          throws ServletException
58      {
59          super.init( filterConfig );
60  
61          permission = filterConfig.getInitParameter( "permission" );
62          resource = filterConfig.getInitParameter( "resource" );
63          accessDeniedLocation = filterConfig.getInitParameter( "accessDeniedLocation" );
64  
65          if ( StringUtils.isEmpty( accessDeniedLocation ) )
66          {
67              throw new ServletException(
68                  "Missing parameter 'accessDeniedLocation' from " + SimpleAuthorizationFilter.class.getName()
69                      + " configuration." );
70          }
71      }
72  
73      public void doFilter( ServletRequest request, ServletResponse response, FilterChain chain )
74          throws IOException, ServletException
75      {
76          SecuritySession securitySession = getApplicationContext().getBean( "securitySession", SecuritySession.class );
77  
78          if ( securitySession == null )
79          {
80              logger.warn( "Security Session is null." );
81              return;
82          }
83  
84          SecuritySystem securitySystem = getApplicationContext().getBean( "securitySystem", SecuritySystem.class );
85  
86          boolean isAuthorized = false;
87  
88          try
89          {
90              if ( StringUtils.isEmpty( resource ) )
91              {
92                  isAuthorized = securitySystem.isAuthorized( securitySession, permission );
93              }
94              else
95              {
96                  isAuthorized = securitySystem.isAuthorized( securitySession, permission, resource );
97              }
98              if ( isAuthorized )
99              {
100                 chain.doFilter( request, response );
101             }
102             else
103             {
104                 accessDenied( response );
105             }
106         }
107         catch ( AuthorizationException e )
108         {
109             accessDenied( response );
110         }
111     }
112 
113     protected void accessDenied( ServletResponse response )
114         throws IOException
115     {
116         String newlocation = accessDeniedLocation;
117 
118         if ( newlocation.indexOf( '?' ) == ( -1 ) )
119         {
120             newlocation += "?";
121         }
122         else
123         {
124             newlocation += "&";
125         }
126         newlocation += "resource=" + resource;
127 
128         ( (HttpServletResponse) response ).sendRedirect( newlocation );
129     }
130 
131 }