changeset 3485:71ba3cf3ec5e

Refactor Authentication to allow to pass the Freatures to the user class The Features class can be used to receive the allowed features for the users roles. flys-client/trunk@5183 c6561f87-3c4e-4783-a992-168aeb5c3f6f
author Bjoern Ricks <bjoern.ricks@intevation.de>
date Fri, 10 Aug 2012 07:06:18 +0000
parents 83845aa322ea
children 23095983c249
files flys-client/ChangeLog flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java flys-client/src/main/java/de/intevation/flys/client/server/auth/Authenticator.java flys-client/src/main/java/de/intevation/flys/client/server/auth/DefaultUser.java flys-client/src/main/java/de/intevation/flys/client/server/auth/User.java flys-client/src/main/java/de/intevation/flys/client/server/auth/plain/Authenticator.java flys-client/src/main/java/de/intevation/flys/client/server/auth/was/Authenticator.java
diffstat 8 files changed, 66 insertions(+), 14 deletions(-) [+]
line wrap: on
line diff
--- a/flys-client/ChangeLog	Thu Aug 09 08:22:04 2012 +0000
+++ b/flys-client/ChangeLog	Fri Aug 10 07:06:18 2012 +0000
@@ -1,3 +1,14 @@
+2012-08-08	Björn Ricks <bjoern.ricks@intevation.de>
+
+	* src/main/java/de/intevation/flys/client/server/LoginServlet.java,
+	  src/main/java/de/intevation/flys/client/server/auth/plain/Authenticator.java,
+	  src/main/java/de/intevation/flys/client/server/auth/DefaultUser.java,
+	  src/main/java/de/intevation/flys/client/server/auth/was/Authenticator.java,
+	  src/main/java/de/intevation/flys/client/server/auth/Authenticator.java,
+	  src/main/java/de/intevation/flys/client/server/auth/User.java,
+	  src/main/java/de/intevation/flys/client/server/GGInAFilter.java:
+	  Refactor Authentication to allow to pass the Freatures to the user class.
+
 2012-08-09	Sascha L. Teichmann	<sascha.teichmann@intevation.de>
 
 	* src/main/java/de/intevation/flys/client/server/features/XMLFileFeatures.java:
--- a/flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java	Thu Aug 09 08:22:04 2012 +0000
+++ b/flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java	Fri Aug 10 07:06:18 2012 +0000
@@ -1,10 +1,12 @@
 package de.intevation.flys.client.server;
 
 import java.io.IOException;
+import java.util.Enumeration;
 
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
+import javax.servlet.ServletContext;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
@@ -19,6 +21,7 @@
 import de.intevation.flys.client.server.auth.AuthenticationException;
 import de.intevation.flys.client.server.auth.AuthenticationFactory;
 import de.intevation.flys.client.server.auth.User;
+import de.intevation.flys.client.server.features.Features;
 
 
 /** ServletFilter used for GGInA authentification and certain authorisation. */
@@ -29,6 +32,7 @@
 
     private boolean deactivate = false;
     private String authmethod;
+    private ServletContext sc;
 
 
     /**
@@ -41,8 +45,8 @@
     throws ServletException
     {
         String deactivate = config.getInitParameter("deactivate");
-        this.authmethod = config.getServletContext().getInitParameter(
-                "authentication");
+        this.sc = config.getServletContext();
+        this.authmethod = sc.getInitParameter("authentication");
         if (deactivate != null && deactivate.equalsIgnoreCase("true")) {
             this.deactivate = true;
         }
@@ -69,6 +73,9 @@
         HttpServletRequest sreq = (HttpServletRequest) req;
 
         String requesturi = sreq.getRequestURI();
+        for (Enumeration e = req.getAttributeNames() ; e.hasMoreElements() ;) {
+            logger.debug(e.nextElement());
+        }
 
         logger.debug("Request for: " + requesturi);
 
@@ -133,8 +140,9 @@
 
     private Authentication auth(User user, String encoding)
         throws AuthenticationException, IOException {
+        Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE);
         return AuthenticationFactory.getInstance(this.authmethod).auth(
-                user.getName(), user.getPassword(), encoding);
+                user.getName(), user.getPassword(), encoding, features);
     }
 }
 // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 :
--- a/flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java	Thu Aug 09 08:22:04 2012 +0000
+++ b/flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java	Fri Aug 10 07:06:18 2012 +0000
@@ -3,6 +3,7 @@
 import java.io.IOException;
 
 import javax.servlet.ServletException;
+import javax.servlet.ServletContext;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -15,6 +16,7 @@
 import de.intevation.flys.client.server.auth.AuthenticationFactory;
 import de.intevation.flys.client.server.auth.User;
 import de.intevation.flys.client.server.auth.UserClient;
+import de.intevation.flys.client.server.features.Features;
 
 public class LoginServlet extends HttpServlet {
 
@@ -89,7 +91,9 @@
 
     private Authentication auth(String username, String password, String encoding)
         throws AuthenticationException, IOException {
-        String auth = this.getServletContext().getInitParameter("authentication");
-        return AuthenticationFactory.getInstance(auth).auth(username, password, encoding);
+        ServletContext sc = this.getServletContext();
+        Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE);
+        String auth = sc.getInitParameter("authentication");
+        return AuthenticationFactory.getInstance(auth).auth(username, password, encoding, features);
     }
 }
--- a/flys-client/src/main/java/de/intevation/flys/client/server/auth/Authenticator.java	Thu Aug 09 08:22:04 2012 +0000
+++ b/flys-client/src/main/java/de/intevation/flys/client/server/auth/Authenticator.java	Fri Aug 10 07:06:18 2012 +0000
@@ -2,9 +2,11 @@
 
 import java.io.IOException;
 
+import de.intevation.flys.client.server.features.Features;
+
 public interface Authenticator {
 
-    public Authentication auth(String username, String password, String encoding)
+    public Authentication auth(String username, String password, String encoding, Features features)
         throws AuthenticationException, IOException;
 
 }
--- a/flys-client/src/main/java/de/intevation/flys/client/server/auth/DefaultUser.java	Thu Aug 09 08:22:04 2012 +0000
+++ b/flys-client/src/main/java/de/intevation/flys/client/server/auth/DefaultUser.java	Fri Aug 10 07:06:18 2012 +0000
@@ -1,6 +1,7 @@
 package de.intevation.flys.client.server.auth;
 
 import java.util.List;
+import java.util.Map;
 
 public class DefaultUser
 implements   User
@@ -9,6 +10,7 @@
     protected String  password;
     protected boolean expired;
     protected List<String> roles;
+    protected List<String> features;
 
     public DefaultUser() {
     }
@@ -17,12 +19,14 @@
         String       name,
         String       password,
         boolean      expired,
-        List<String> roles
+        List<String> roles,
+        List<String> features
     ) {
         this.name     = name;
         this.password = password;
         this.expired  = expired;
         this.roles    = roles;
+        this.features = features;
     }
 
     @Override
@@ -61,5 +65,14 @@
     public void setRoles(List<String> roles) {
         this.roles = roles;
     }
+
+    @Override
+    public boolean canUseFeature(String feature) {
+        return this.features.contains(feature);
+    }
+
+    public void setAllowedFeatures(List<String> features) {
+        this.features = features;
+    }
 }
 // vim:set ts=4 sw=4 si et fenc=utf8 tw=80:
--- a/flys-client/src/main/java/de/intevation/flys/client/server/auth/User.java	Thu Aug 09 08:22:04 2012 +0000
+++ b/flys-client/src/main/java/de/intevation/flys/client/server/auth/User.java	Fri Aug 10 07:06:18 2012 +0000
@@ -27,5 +27,11 @@
      * Returns a list of roles corresponsing the the user
      */
     public List<String> getRoles();
+
+
+    /**
+     * Returns true if the user is allowed access the feature
+     */
+    public boolean canUseFeature(String feature);
 }
 // vim:set ts=4 sw=4 si et fenc=utf8 tw=80:
--- a/flys-client/src/main/java/de/intevation/flys/client/server/auth/plain/Authenticator.java	Thu Aug 09 08:22:04 2012 +0000
+++ b/flys-client/src/main/java/de/intevation/flys/client/server/auth/plain/Authenticator.java	Fri Aug 10 07:06:18 2012 +0000
@@ -14,6 +14,8 @@
 
 import org.apache.log4j.Logger;
 
+import de.intevation.flys.client.server.features.Features;
+
 public class Authenticator
 implements   de.intevation.flys.client.server.auth.Authenticator
 {
@@ -26,15 +28,18 @@
         protected String       user;
         protected String       password;
         protected List<String> roles;
+        protected Features     features;
 
         public Authentication(
             String       user,
             String       password,
-            List<String> roles
+            List<String> roles,
+            Features features
         ) {
             this.user     = user;
             this.password = password;
             this.roles    = roles;
+            this.features = features;
         }
 
         @Override
@@ -45,7 +50,7 @@
         @Override
         public User getUser() {
             return isSuccess()
-                ? new DefaultUser(user, password, false, roles)
+                ? new DefaultUser(user, password, false, roles, this.features.getFeatures(roles))
                 : null;
         }
     } // class Authentication
@@ -70,14 +75,15 @@
     public de.intevation.flys.client.server.auth.Authentication auth(
         String username,
         String password,
-        String encoding
+        String encoding,
+        Features features
     )
     throws AuthenticationException, IOException
     {
         File file = credentialsFile();
         if (!file.canRead() || !file.isFile()) {
             log.error("cannot find user file '" + file + "'");
-            return new Authentication(null, null, new ArrayList<String>(0));
+            return new Authentication(null, null, new ArrayList<String>(0), features);
         }
 
         BufferedReader reader =
@@ -105,7 +111,7 @@
                         }
 
                         log.debug("success");
-                        return new Authentication(username, password, roles);
+                        return new Authentication(username, password, roles, features);
                     }
                     // Stop: user found, wrong password
                     break;
@@ -116,7 +122,7 @@
             reader.close();
         }
         log.debug("failed");
-        return new Authentication(null, null, new ArrayList<String>(0));
+        return new Authentication(null, null, new ArrayList<String>(0), features);
     }
 }
 // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 :
--- a/flys-client/src/main/java/de/intevation/flys/client/server/auth/was/Authenticator.java	Thu Aug 09 08:22:04 2012 +0000
+++ b/flys-client/src/main/java/de/intevation/flys/client/server/auth/was/Authenticator.java	Fri Aug 10 07:06:18 2012 +0000
@@ -13,10 +13,12 @@
 import de.intevation.flys.client.server.GGInATrustStrategy;
 import de.intevation.flys.client.server.auth.Authentication;
 import de.intevation.flys.client.server.auth.AuthenticationException;
+import de.intevation.flys.client.server.features.Features;
 
 public class Authenticator implements de.intevation.flys.client.server.auth.Authenticator {
 
-    public Authentication auth(String username, String password, String encoding)
+    @Override
+    public Authentication auth(String username, String password, String encoding, Features faetures)
         throws AuthenticationException, IOException {
             try {
                 SSLSocketFactory sf = new SSLSocketFactory(

http://dive4elements.wald.intevation.org