[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security/config ...
Shane Bryzak
Shane_Bryzak at symantec.com
Thu Dec 14 23:13:17 EST 2006
User: sbryzak2
Date: 06/12/14 23:13:17
Modified: src/main/org/jboss/seam/security/config
SecurityConfiguration.java SecurityConstraint.java
Log:
implemented page-based security constraints
Revision Changes Path
1.4 +58 -56 jboss-seam/src/main/org/jboss/seam/security/config/SecurityConfiguration.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: SecurityConfiguration.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/config/SecurityConfiguration.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -b -r1.3 -r1.4
--- SecurityConfiguration.java 14 Dec 2006 05:39:35 -0000 1.3
+++ SecurityConfiguration.java 15 Dec 2006 04:13:17 -0000 1.4
@@ -42,12 +42,12 @@
private static final Log log = LogFactory.getLog(SecurityConfiguration.class);
// <security-constraint>
-// private static final String SECURITY_CONSTRAINT = "security-constraint";
-// private static final String WEB_RESOURCE_COLLECTION = "web-resource-collection";
-// private static final String URL_PATTERN = "url-pattern";
-// private static final String HTTP_METHOD = "http-method";
-// private static final String AUTH_CONSTRAINT = "auth-constraint";
-// private static final String ROLE_NAME = "role-name";
+ private static final String SECURITY_CONSTRAINT = "security-constraint";
+ private static final String WEB_RESOURCE_COLLECTION = "web-resource-collection";
+ private static final String URL_PATTERN = "url-pattern";
+ private static final String HTTP_METHOD = "http-method";
+ private static final String AUTH_CONSTRAINT = "auth-constraint";
+ private static final String ROLE_NAME = "role-name";
// <login-config>
// private static final String LOGIN_CONFIG = "login-config";
@@ -66,7 +66,7 @@
private static final String SECURITY_PERMISSIONS = "permissions";
private static final String SECURITY_PERMISSION = "permission";
-// private Set<SecurityConstraint> securityConstraints = new HashSet<SecurityConstraint>();
+ private Set<SecurityConstraint> securityConstraints = new HashSet<SecurityConstraint>();
private Map<String,Role> securityRoles = new HashMap<String,Role>();
@@ -106,9 +106,10 @@
Document doc = xmlReader.read(config);
Element env = doc.getRootElement();
-// loadSecurityConstraints(env.elements(SECURITY_CONSTRAINT));
-// loadLoginConfig(env.element(LOGIN_CONFIG));
+ loadSecurityConstraints(env.elements(SECURITY_CONSTRAINT));
loadSecurityRoles(env.element(SECURITY_ROLES));
+
+ // loadLoginConfig(env.element(LOGIN_CONFIG));
}
catch (Exception ex)
{
@@ -120,13 +121,14 @@
}
/**
+ * Returns the configured security constraints
*
* @return Set
*/
-// public Set<SecurityConstraint> getSecurityConstraints()
-// {
-// return securityConstraints;
-// }
+ public Set<SecurityConstraint> getSecurityConstraints()
+ {
+ return securityConstraints;
+ }
/**
*
@@ -161,49 +163,49 @@
* @param elements List
* @throws SecurityConfigurationException
*/
-// private void loadSecurityConstraints(List elements)
-// throws SecurityConfigException
-// {
-// try
-// {
-// for (Element element : (List<Element>) elements)
-// {
-// SecurityConstraint securityConstraint = new SecurityConstraint();
-// securityConstraints.add(securityConstraint);
-//
-// for (Element wrcElement :
-// (List<Element>) element.elements(WEB_RESOURCE_COLLECTION))
-// {
-// WebResourceCollection wrc = new WebResourceCollection();
-// securityConstraint.getResourceCollections().add(wrc);
-//
-// for (Element urlPatternElement :
-// (List<Element>) wrcElement.elements(URL_PATTERN))
-// {
-// wrc.getUrlPatterns().add(urlPatternElement.getTextTrim());
-// }
-//
-// for (Element httpMethodElement :
-// (List<Element>) wrcElement.elements(HTTP_METHOD))
-// {
-// wrc.getHttpMethods().add(httpMethodElement.getTextTrim());
-// }
-// }
-//
-// securityConstraint.setAuthConstraint(new AuthConstraint());
-// for (Element roleNameElement :
-// (List<Element>) element.element(AUTH_CONSTRAINT).elements(ROLE_NAME))
-// {
-// securityConstraint.getAuthConstraint().getRoles().add(roleNameElement.
-// getTextTrim());
-// }
-// }
-// }
-// catch (Exception ex)
-// {
-// throw new SecurityConfigException("Error loading security constraints", ex);
-// }
-// }
+ private void loadSecurityConstraints(List elements)
+ throws SecurityConfigException
+ {
+ try
+ {
+ for (Element element : (List<Element>) elements)
+ {
+ SecurityConstraint securityConstraint = new SecurityConstraint();
+ securityConstraints.add(securityConstraint);
+
+ for (Element wrcElement :
+ (List<Element>) element.elements(WEB_RESOURCE_COLLECTION))
+ {
+ WebResourceCollection wrc = new WebResourceCollection();
+ securityConstraint.getResourceCollections().add(wrc);
+
+ for (Element urlPatternElement :
+ (List<Element>) wrcElement.elements(URL_PATTERN))
+ {
+ wrc.getUrlPatterns().add(urlPatternElement.getTextTrim());
+ }
+
+ for (Element httpMethodElement :
+ (List<Element>) wrcElement.elements(HTTP_METHOD))
+ {
+ wrc.getHttpMethods().add(httpMethodElement.getTextTrim());
+ }
+ }
+
+ securityConstraint.setAuthConstraint(new AuthConstraint());
+ for (Element roleNameElement :
+ (List<Element>) element.element(AUTH_CONSTRAINT).elements(ROLE_NAME))
+ {
+ securityConstraint.getAuthConstraint().getRoles().add(roleNameElement.
+ getTextTrim());
+ }
+ }
+ }
+ catch (Exception ex)
+ {
+ throw new SecurityConfigException("Error loading security constraints", ex);
+ }
+ }
/**
* Load login configuration
1.3 +92 -2 jboss-seam/src/main/org/jboss/seam/security/config/SecurityConstraint.java
(In the diff below, changes in quantity of whitespace are not shown.)
Index: SecurityConstraint.java
===================================================================
RCS file: /cvsroot/jboss/jboss-seam/src/main/org/jboss/seam/security/config/SecurityConstraint.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -b -r1.2 -r1.3
--- SecurityConstraint.java 24 Oct 2006 14:58:04 -0000 1.2
+++ SecurityConstraint.java 15 Dec 2006 04:13:17 -0000 1.3
@@ -1,10 +1,11 @@
package org.jboss.seam.security.config;
-import java.util.Set;
import java.util.HashSet;
+import java.util.Set;
/**
- * Represents the <security-constraint> element from the configuration.
+ * Represents the <security-constraint> element from the security
+ * configuration file.
*
* @author Shane Bryzak
*/
@@ -32,4 +33,93 @@
{
this.authConstraint = authConstraint;
}
+
+ /**
+ * Check if the specified URI and method are included in this security constraint.
+ *
+ * @param uri String The URI to check
+ * @param method String The method to check
+ * @return boolean True if the URI and method match one of the patterns contained
+ * within this security constraint, false otherwise.
+ */
+ public boolean included(String uri, String method)
+ {
+ if (method == null)
+ return false;
+
+ for (WebResourceCollection c : resourceCollections)
+ {
+ if (!c.getHttpMethods().contains(method))
+ continue;
+
+ for (String pattern : c.getUrlPatterns())
+ {
+ if (matchPattern(uri, pattern))
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * Pattern matching code, adapted from Tomcat. This method checks to see if
+ * the specified path matches the specified pattern.
+ *
+ * @param path String The path to check
+ * @param pattern String The pattern to check the path against
+ * @return boolean True if the path matches the pattern, false otherwise
+ */
+ private boolean matchPattern(String path, String pattern)
+ {
+ if (path == null || "".equals(path))
+ path = "/";
+ if (pattern == null || "".equals(pattern))
+ pattern = "/";
+
+ // Check for an exact match
+ if (path.equals(pattern))
+ return true;
+
+ // Check for path prefix matching
+ if (pattern.startsWith("/") && pattern.endsWith("/*"))
+ {
+ pattern = pattern.substring(0, pattern.length() - 2);
+ if (pattern.length() == 0)
+ return true;
+
+ if (path.endsWith("/"))
+ path = path.substring(0, path.length() - 1);
+
+ while (true)
+ {
+ if (pattern.equals(path))
+ return true;
+ int slash = path.lastIndexOf('/');
+ if (slash <= 0)
+ break;
+ path = path.substring(0, slash);
+ }
+ return false;
+ }
+
+ // Check for suffix matching
+ if (pattern.startsWith("*."))
+ {
+ int slash = path.lastIndexOf('/');
+ int period = path.lastIndexOf('.');
+ if ( (slash >= 0) && (period > slash) &&
+ path.endsWith(pattern.substring(1)))
+ {
+ return true;
+ }
+ return false;
+ }
+
+ // Check for universal mapping
+ if (pattern.equals("/"))
+ return true;
+
+ return false;
+ }
}
More information about the jboss-cvs-commits
mailing list