diff options
Diffstat (limited to 'BKUOnline/src/main/java/at/gv')
4 files changed, 192 insertions, 107 deletions
diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java new file mode 100644 index 00000000..404e254e --- /dev/null +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java @@ -0,0 +1,48 @@ +package at.gv.egiz.bku.online.accesscontroller;
+
+import java.io.IOException;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.context.ResourceLoaderAware;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+
+import at.gv.egiz.bku.accesscontroller.SecurityManagerFacade;
+import at.gv.egiz.bku.online.conf.Configurator;
+
+public class SpringSecurityManager extends SecurityManagerFacade implements
+ ResourceLoaderAware {
+
+ private ResourceLoader resourceLoader;
+
+ private static Log log = LogFactory.getLog(SpringSecurityManager.class);
+
+ protected Configurator config;
+
+ public void setConfig(Configurator config) {
+ this.config = config;
+ }
+
+ public void init() {
+ String noMatch = config.getProperty("AccessController.acceptNoMatch");
+ if (noMatch != null) {
+ log.debug("Setting allow now match to: " + noMatch);
+ setAllowUnmatched(Boolean.getBoolean(noMatch));
+ }
+ String policy = config.getProperty("AccessController.policyResource");
+ log.info("Loading resource: " + policy);
+ try {
+ Resource res = resourceLoader.getResource(policy);
+ init(res.getInputStream());
+ } catch (IOException e) {
+ log.error(e);
+ }
+ }
+
+ @Override
+ public void setResourceLoader(ResourceLoader loader) {
+ this.resourceLoader = loader;
+ }
+
+}
diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java index 0cb717c4..f51335e1 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java @@ -16,29 +16,31 @@ */ package at.gv.egiz.bku.online.conf;
-import iaik.security.ecc.provider.ECCProvider;
-import iaik.xml.crypto.XSecProvider;
-
-import java.net.HttpURLConnection;
-import java.security.Provider;
-import java.security.Security;
-
-import javax.net.ssl.HttpsURLConnection;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider;
+import iaik.security.ecc.provider.ECCProvider; +import iaik.xml.crypto.XSecProvider; + +import java.net.HttpURLConnection; +import java.security.Provider; +import java.security.Security; +import java.util.Properties; + +import javax.net.ssl.HttpsURLConnection; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider; /**
*
* TODO currently only the code to get started.
*/
public class Configurator {
- private Log log = LogFactory.getLog(Configurator.class);
+ private Log log = LogFactory.getLog(Configurator.class); + + protected Properties properties;
public Configurator() {
- configure();
}
protected void configUrlConnections() {
@@ -63,7 +65,18 @@ public class Configurator { public void configure() {
configureProviders();
configUrlConnections();
-
}
-
+ + public void setConfiguration(Properties props) { + this.properties = props; + configure(); + } + + public String getProperty(String key) { + if (properties != null) { + return properties.getProperty(key); + } + return null; + } +
}
diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java new file mode 100644 index 00000000..96588d7d --- /dev/null +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java @@ -0,0 +1,27 @@ +package at.gv.egiz.bku.online.conf;
+
+import java.io.IOException;
+import java.util.Properties;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.core.io.Resource;
+
+public class SpringConfigurator extends Configurator {
+
+ private final static Log log = LogFactory.getLog(SpringConfigurator.class);
+
+ public void setResource(Resource resource) {
+ log.debug("Loading config from: " + resource);
+ if (resource != null) {
+ Properties props = new Properties();
+ try {
+ props.load(resource.getInputStream());
+ super.setConfiguration(props);
+ } catch (IOException e) {
+ log.error("Cannot load config", e);
+ }
+ }
+ }
+
+}
diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java index 53a7c164..20320d8e 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java @@ -1,91 +1,88 @@ /* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.online.webapp;
-
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Locale;
-import java.util.Map;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import at.gv.egiz.bku.binding.HTTPBindingProcessor;
-import at.gv.egiz.bku.binding.HttpUtil;
-import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage;
-
-/**
- * Handles SL requests and instantiates BindingProcessors
- *
- */
-public class BKURequestHandler extends SpringBKUServlet {
-
- public final static String REDIRECT_URL ="appletPage.jsp";
-
- protected Log log = LogFactory.getLog(BKURequestHandler.class);
-
- protected void doPost(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, java.io.IOException {
- log.debug("Got new request");
- String lang = req.getHeader("Accept-Language");
- Locale locale = AcceptLanguage.getLocale(lang);
- log.debug("Using locale: "+locale);
- HttpSession session = req.getSession();
- if (session != null) {
- session.invalidate();
- }
- String id = req.getSession(true).getId();
- log.debug("Using session id: "+id);
- HTTPBindingProcessor bindingProcessor;
- if (req.isSecure()) {
- bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager()
- .createBindingProcessor("https", id, locale);
- } else {
- bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager()
- .createBindingProcessor("http", id, locale);
- }
- Map<String, String> headerMap = new HashMap<String, String>();
- for (Enumeration<String> headerName = req.getHeaderNames(); headerName
- .hasMoreElements();) {
- String header = headerName.nextElement();
- if (header != null) {
- headerMap.put(header, req.getHeader(header));
- }
- }
- String charset = req.getCharacterEncoding();
- String contentType = req.getContentType();
- if (charset != null) {
- contentType += ";"+charset;
- }
- headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType);
- bindingProcessor.setHTTPHeaders(headerMap);
- bindingProcessor.consumeRequestStream(req.getInputStream());
- req.getInputStream().close();
- getBindingProcessorManager().process(bindingProcessor);
- resp.sendRedirect(REDIRECT_URL);
- }
-
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, java.io.IOException {
- doPost(req, resp);
- }
-}
+ * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.online.webapp; + +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Locale; +import java.util.Map; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.binding.HTTPBindingProcessor; +import at.gv.egiz.bku.binding.HttpUtil; +import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage; + +/** + * Handles SL requests and instantiates BindingProcessors + * + */ +public class BKURequestHandler extends SpringBKUServlet { + + public final static String REDIRECT_URL = "appletPage.jsp"; + + protected Log log = LogFactory.getLog(BKURequestHandler.class); + + protected void doPost(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, java.io.IOException { + log.debug("Got new request"); + String lang = req.getHeader("Accept-Language"); + Locale locale = AcceptLanguage.getLocale(lang); + log.debug("Using locale: " + locale); + HttpSession session = req.getSession(); + if (session != null) { + session.invalidate(); + } + String id = req.getSession(true).getId(); + log.debug("Using session id: " + id); + HTTPBindingProcessor bindingProcessor; + + bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager() + .createBindingProcessor(req.getRequestURL().toString(), id, locale); + + Map<String, String> headerMap = new HashMap<String, String>(); + for (Enumeration<String> headerName = req.getHeaderNames(); headerName + .hasMoreElements();) { + String header = headerName.nextElement(); + if (header != null) { + headerMap.put(header, req.getHeader(header)); + } + } + String charset = req.getCharacterEncoding(); + String contentType = req.getContentType(); + if (charset != null) { + contentType += ";" + charset; + } + headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType); + bindingProcessor.setHTTPHeaders(headerMap); + bindingProcessor.consumeRequestStream(req.getInputStream()); + req.getInputStream().close(); + getBindingProcessorManager().process(bindingProcessor); + resp.sendRedirect(REDIRECT_URL); + } + + protected void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, java.io.IOException { + doPost(req, resp); + } +} |