Subversion Repositories XServices

Compare Revisions

No changes between revisions

Ignore whitespace Rev 177 → Rev 180

/xservices/branches/xservices-jre7/src/java/net/brutex/xservices/security/PermissionResolver.java
0,0 → 1,60
/*
* Copyright 2013 Brian Rosenberger (Brutex Network)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
 
package net.brutex.xservices.security;
 
import net.brutex.xservices.ws.XmlService;
import net.brutex.xservices.ws.rs.FileInfo;
 
import org.apache.log4j.Logger;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.authz.permission.InvalidPermissionStringException;
 
/**
* @author Brian Rosenberger, bru(at)brutex.de
*
*/
public class PermissionResolver implements org.apache.shiro.authz.permission.PermissionResolver {
final Logger logger = Logger.getLogger(PermissionResolver.class);
private final String DELIMITER = "||";
 
@Override
public Permission resolvePermission(String permissionString) {
logger.debug(String.format("Trying to examine new Permission '%s'", permissionString));
if(! permissionString.contains(DELIMITER)) {
logger.error(String.format("Permission '%s' is missing permission class.", permissionString));
throw new InvalidPermissionStringException(String.format("Permission '%s' is missing permission class.", permissionString), permissionString);
}
int delimiterIndex = permissionString.indexOf(DELIMITER);
String value = permissionString.substring(0, delimiterIndex);
delimiterIndex = delimiterIndex + DELIMITER.length();
switch (value) {
case XmlService.SERVICE_NAME:
logger.debug(String.format("Found '%s' as permission class.", value));
return new XmlServicePermission(permissionString.substring( delimiterIndex ));
case FileInfo.SERVICE_NAME:
logger.debug(String.format("Found '%s' as permission class.", value));
return new DirectoryPermission(permissionString.substring( delimiterIndex ));
 
 
default:
logger.warn(String.format("Permission class '%s' is not defined.", value));
throw new InvalidPermissionStringException(String.format("Permission class '%s' is not defined.", value), permissionString);
}
}
}
Property changes:
Added: svn:mime-type
+text/plain
\ No newline at end of property
/xservices/branches/xservices-jre7/src/java/net/brutex/xservices/security/XmlServicePermission.java
0,0 → 1,67
/*
* Copyright 2013 Brian Rosenberger (Brutex Network)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
 
package net.brutex.xservices.security;
 
import org.apache.log4j.Logger;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.util.AntPathMatcher;
 
/**
* @author Brian Rosenberger, bru(at)brutex.de
*
*/
public class XmlServicePermission implements Permission {
 
private final Logger logger = Logger.getLogger(XmlServicePermission.class);
private final String permissionString;
 
public XmlServicePermission(String permissionString) {
logger.debug(String.format("Creating permission for '%s'", permissionString));
this.permissionString = permissionString;
}
@Override
public boolean implies(Permission p) {
boolean result = false;
/* is of same type */
if(! (p instanceof XmlServicePermission)) {
logger.debug(String.format("Testing if permission of type '%s' implies permission of type '%s'. Result was '%s'" , this.getClass(), p.getClass(), result));
return result;
}
/* comparing to non null directory */
if( ((XmlServicePermission)p).getPermissionString() == null) {
logger.debug(String.format("Testing if DirectoryPermission '%s' implies permission to 'null'. Result was '%s'" , permissionString, result));
return result;
}
/* directory pattern implies other */
//TODO
/*if( (new AntPathMatcher()).matches(permissionString, ((XmlServicePermission)p).getPermissionString())) ) {
result = true;
}
logger.debug(String.format("Testing if DirectoryPermission '%s' implies permission to '%s'. Result was '%s'" , permissionString, ((XmlServicePermission) p).getPermissionString(), result));
*/
return result;
}
public String getPermissionString() {
return permissionString;
}
 
}
Property changes:
Added: svn:mime-type
+text/plain
\ No newline at end of property
/xservices/branches/xservices-jre7/src/java/net/brutex/xservices/security/DirectoryPermission.java
0,0 → 1,66
/*
* Copyright 2013 Brian Rosenberger (Brutex Network)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
 
package net.brutex.xservices.security;
 
import org.apache.log4j.Logger;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.util.AntPathMatcher;
 
/**
* @author Brian Rosenberger, bru(at)brutex.de
*
*/
public class DirectoryPermission implements Permission {
 
private final Logger logger = Logger.getLogger(DirectoryPermission.class);
private final String path;
 
public DirectoryPermission(String antlikepath) {
logger.debug(String.format("Creating permission for path '%s'", antlikepath));
path = antlikepath;
}
@Override
public boolean implies(Permission p) {
boolean result = false;
/* is of same type */
if(! (p instanceof DirectoryPermission)) {
logger.debug(String.format("Testing if permission of type '%s' implies permission of type '%s'. Result was '%s'" , this.getClass(), p.getClass(), result));
return result;
}
/* comparing to non null directory */
if( ((DirectoryPermission)p).getPath() == null) {
logger.debug(String.format("Testing if DirectoryPermission '%s' implies permission to 'null'. Result was '%s'" , this.getPath(), result));
return result;
}
/* directory pattern implies other */
if( (new AntPathMatcher()).matches(path, ((DirectoryPermission)p).getPath()) ) {
result = true;
}
logger.debug(String.format("Testing if DirectoryPermission '%s' implies permission to '%s'. Result was '%s'" , this.getPath(), ((DirectoryPermission) p).getPath(), result));
return result;
}
public String getPath() {
return path;
}
 
}
Property changes:
Added: svn:mime-type
+text/plain
\ No newline at end of property
/xservices/branches/xservices-jre7/src/java/net/brutex/xservices/security/XServicesRealm.java
0,0 → 1,80
/*
* Copyright 2013 Brian Rosenberger (Brutex Network)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
 
 
package net.brutex.xservices.security;
 
import java.text.ParseException;
import java.util.Collection;
import java.util.Map;
 
import org.apache.log4j.Logger;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.authz.permission.PermissionResolver;
import org.apache.shiro.config.Ini;
import org.apache.shiro.io.ResourceUtils;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.Nameable;
import org.apache.shiro.util.PermissionUtils;
 
// TODO: Auto-generated Javadoc
/*
* For later use. A Realm connects to a DS where Users/ Passes are defined
* and allows Shiro to transparently work against different user/pass stores
* (i.e. LDAP, Custom, etc.)
*
* @author Brian Rosenberger, bru(at)brutex.de
*
*/
/**
* The Class XServicesRealm.
*/
public class XServicesRealm extends IniRealm implements Nameable {
 
/** The logger. */
private static Logger logger = Logger.getLogger(XServicesRealm.class);
/** The name. */
private String name;
/* (non-Javadoc)
* @see org.apache.shiro.realm.AuthorizingRealm#setName(java.lang.String)
*/
@Override
public void setName(String name) {
this.name = name;
}
 
/**
* Instantiates a new x services realm with default
* 'shiro.ini' in classpath and {@link net.brutex.xservices.security.PermissionResolver PermissionResolver}.
*
*/
public XServicesRealm() {
super();
this.setIni(Ini.fromResourcePath(ResourceUtils.CLASSPATH_PREFIX+"shiro.ini"));
this.setPermissionResolver(new net.brutex.xservices.security.PermissionResolver());
//this.setRolePermissionResolver(new RolePermissionResolver());
init();
}
}
Property changes:
Added: svn:mime-type
+text/plain
\ No newline at end of property