Mercurial > dive4elements > river
changeset 3485:71ba3cf3ec5e
Refactor Authentication to allow to pass the Freatures to the user class
The Features class can be used to receive the allowed features for the users
roles.
flys-client/trunk@5183 c6561f87-3c4e-4783-a992-168aeb5c3f6f
author | Bjoern Ricks <bjoern.ricks@intevation.de> |
---|---|
date | Fri, 10 Aug 2012 07:06:18 +0000 |
parents | 83845aa322ea |
children | 23095983c249 |
files | flys-client/ChangeLog flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java flys-client/src/main/java/de/intevation/flys/client/server/auth/Authenticator.java flys-client/src/main/java/de/intevation/flys/client/server/auth/DefaultUser.java flys-client/src/main/java/de/intevation/flys/client/server/auth/User.java flys-client/src/main/java/de/intevation/flys/client/server/auth/plain/Authenticator.java flys-client/src/main/java/de/intevation/flys/client/server/auth/was/Authenticator.java |
diffstat | 8 files changed, 66 insertions(+), 14 deletions(-) [+] |
line wrap: on
line diff
--- a/flys-client/ChangeLog Thu Aug 09 08:22:04 2012 +0000 +++ b/flys-client/ChangeLog Fri Aug 10 07:06:18 2012 +0000 @@ -1,3 +1,14 @@ +2012-08-08 Björn Ricks <bjoern.ricks@intevation.de> + + * src/main/java/de/intevation/flys/client/server/LoginServlet.java, + src/main/java/de/intevation/flys/client/server/auth/plain/Authenticator.java, + src/main/java/de/intevation/flys/client/server/auth/DefaultUser.java, + src/main/java/de/intevation/flys/client/server/auth/was/Authenticator.java, + src/main/java/de/intevation/flys/client/server/auth/Authenticator.java, + src/main/java/de/intevation/flys/client/server/auth/User.java, + src/main/java/de/intevation/flys/client/server/GGInAFilter.java: + Refactor Authentication to allow to pass the Freatures to the user class. + 2012-08-09 Sascha L. Teichmann <sascha.teichmann@intevation.de> * src/main/java/de/intevation/flys/client/server/features/XMLFileFeatures.java:
--- a/flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java Thu Aug 09 08:22:04 2012 +0000 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/GGInAFilter.java Fri Aug 10 07:06:18 2012 +0000 @@ -1,10 +1,12 @@ package de.intevation.flys.client.server; import java.io.IOException; +import java.util.Enumeration; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; +import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; @@ -19,6 +21,7 @@ import de.intevation.flys.client.server.auth.AuthenticationException; import de.intevation.flys.client.server.auth.AuthenticationFactory; import de.intevation.flys.client.server.auth.User; +import de.intevation.flys.client.server.features.Features; /** ServletFilter used for GGInA authentification and certain authorisation. */ @@ -29,6 +32,7 @@ private boolean deactivate = false; private String authmethod; + private ServletContext sc; /** @@ -41,8 +45,8 @@ throws ServletException { String deactivate = config.getInitParameter("deactivate"); - this.authmethod = config.getServletContext().getInitParameter( - "authentication"); + this.sc = config.getServletContext(); + this.authmethod = sc.getInitParameter("authentication"); if (deactivate != null && deactivate.equalsIgnoreCase("true")) { this.deactivate = true; } @@ -69,6 +73,9 @@ HttpServletRequest sreq = (HttpServletRequest) req; String requesturi = sreq.getRequestURI(); + for (Enumeration e = req.getAttributeNames() ; e.hasMoreElements() ;) { + logger.debug(e.nextElement()); + } logger.debug("Request for: " + requesturi); @@ -133,8 +140,9 @@ private Authentication auth(User user, String encoding) throws AuthenticationException, IOException { + Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE); return AuthenticationFactory.getInstance(this.authmethod).auth( - user.getName(), user.getPassword(), encoding); + user.getName(), user.getPassword(), encoding, features); } } // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 :
--- a/flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java Thu Aug 09 08:22:04 2012 +0000 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java Fri Aug 10 07:06:18 2012 +0000 @@ -3,6 +3,7 @@ import java.io.IOException; import javax.servlet.ServletException; +import javax.servlet.ServletContext; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -15,6 +16,7 @@ import de.intevation.flys.client.server.auth.AuthenticationFactory; import de.intevation.flys.client.server.auth.User; import de.intevation.flys.client.server.auth.UserClient; +import de.intevation.flys.client.server.features.Features; public class LoginServlet extends HttpServlet { @@ -89,7 +91,9 @@ private Authentication auth(String username, String password, String encoding) throws AuthenticationException, IOException { - String auth = this.getServletContext().getInitParameter("authentication"); - return AuthenticationFactory.getInstance(auth).auth(username, password, encoding); + ServletContext sc = this.getServletContext(); + Features features = (Features)sc.getAttribute(Features.CONTEXT_ATTRIBUTE); + String auth = sc.getInitParameter("authentication"); + return AuthenticationFactory.getInstance(auth).auth(username, password, encoding, features); } }
--- a/flys-client/src/main/java/de/intevation/flys/client/server/auth/Authenticator.java Thu Aug 09 08:22:04 2012 +0000 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/auth/Authenticator.java Fri Aug 10 07:06:18 2012 +0000 @@ -2,9 +2,11 @@ import java.io.IOException; +import de.intevation.flys.client.server.features.Features; + public interface Authenticator { - public Authentication auth(String username, String password, String encoding) + public Authentication auth(String username, String password, String encoding, Features features) throws AuthenticationException, IOException; }
--- a/flys-client/src/main/java/de/intevation/flys/client/server/auth/DefaultUser.java Thu Aug 09 08:22:04 2012 +0000 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/auth/DefaultUser.java Fri Aug 10 07:06:18 2012 +0000 @@ -1,6 +1,7 @@ package de.intevation.flys.client.server.auth; import java.util.List; +import java.util.Map; public class DefaultUser implements User @@ -9,6 +10,7 @@ protected String password; protected boolean expired; protected List<String> roles; + protected List<String> features; public DefaultUser() { } @@ -17,12 +19,14 @@ String name, String password, boolean expired, - List<String> roles + List<String> roles, + List<String> features ) { this.name = name; this.password = password; this.expired = expired; this.roles = roles; + this.features = features; } @Override @@ -61,5 +65,14 @@ public void setRoles(List<String> roles) { this.roles = roles; } + + @Override + public boolean canUseFeature(String feature) { + return this.features.contains(feature); + } + + public void setAllowedFeatures(List<String> features) { + this.features = features; + } } // vim:set ts=4 sw=4 si et fenc=utf8 tw=80:
--- a/flys-client/src/main/java/de/intevation/flys/client/server/auth/User.java Thu Aug 09 08:22:04 2012 +0000 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/auth/User.java Fri Aug 10 07:06:18 2012 +0000 @@ -27,5 +27,11 @@ * Returns a list of roles corresponsing the the user */ public List<String> getRoles(); + + + /** + * Returns true if the user is allowed access the feature + */ + public boolean canUseFeature(String feature); } // vim:set ts=4 sw=4 si et fenc=utf8 tw=80:
--- a/flys-client/src/main/java/de/intevation/flys/client/server/auth/plain/Authenticator.java Thu Aug 09 08:22:04 2012 +0000 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/auth/plain/Authenticator.java Fri Aug 10 07:06:18 2012 +0000 @@ -14,6 +14,8 @@ import org.apache.log4j.Logger; +import de.intevation.flys.client.server.features.Features; + public class Authenticator implements de.intevation.flys.client.server.auth.Authenticator { @@ -26,15 +28,18 @@ protected String user; protected String password; protected List<String> roles; + protected Features features; public Authentication( String user, String password, - List<String> roles + List<String> roles, + Features features ) { this.user = user; this.password = password; this.roles = roles; + this.features = features; } @Override @@ -45,7 +50,7 @@ @Override public User getUser() { return isSuccess() - ? new DefaultUser(user, password, false, roles) + ? new DefaultUser(user, password, false, roles, this.features.getFeatures(roles)) : null; } } // class Authentication @@ -70,14 +75,15 @@ public de.intevation.flys.client.server.auth.Authentication auth( String username, String password, - String encoding + String encoding, + Features features ) throws AuthenticationException, IOException { File file = credentialsFile(); if (!file.canRead() || !file.isFile()) { log.error("cannot find user file '" + file + "'"); - return new Authentication(null, null, new ArrayList<String>(0)); + return new Authentication(null, null, new ArrayList<String>(0), features); } BufferedReader reader = @@ -105,7 +111,7 @@ } log.debug("success"); - return new Authentication(username, password, roles); + return new Authentication(username, password, roles, features); } // Stop: user found, wrong password break; @@ -116,7 +122,7 @@ reader.close(); } log.debug("failed"); - return new Authentication(null, null, new ArrayList<String>(0)); + return new Authentication(null, null, new ArrayList<String>(0), features); } } // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 :
--- a/flys-client/src/main/java/de/intevation/flys/client/server/auth/was/Authenticator.java Thu Aug 09 08:22:04 2012 +0000 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/auth/was/Authenticator.java Fri Aug 10 07:06:18 2012 +0000 @@ -13,10 +13,12 @@ import de.intevation.flys.client.server.GGInATrustStrategy; import de.intevation.flys.client.server.auth.Authentication; import de.intevation.flys.client.server.auth.AuthenticationException; +import de.intevation.flys.client.server.features.Features; public class Authenticator implements de.intevation.flys.client.server.auth.Authenticator { - public Authentication auth(String username, String password, String encoding) + @Override + public Authentication auth(String username, String password, String encoding, Features faetures) throws AuthenticationException, IOException { try { SSLSocketFactory sf = new SSLSocketFactory(