summaryrefslogtreecommitdiff
path: root/BKUOnline/src/main/java/at
diff options
context:
space:
mode:
Diffstat (limited to 'BKUOnline/src/main/java/at')
-rw-r--r--BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java48
-rw-r--r--BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java47
-rw-r--r--BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java27
-rw-r--r--BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java177
4 files changed, 192 insertions, 107 deletions
diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java
new file mode 100644
index 00000000..404e254e
--- /dev/null
+++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/accesscontroller/SpringSecurityManager.java
@@ -0,0 +1,48 @@
+package at.gv.egiz.bku.online.accesscontroller;
+
+import java.io.IOException;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.context.ResourceLoaderAware;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+
+import at.gv.egiz.bku.accesscontroller.SecurityManagerFacade;
+import at.gv.egiz.bku.online.conf.Configurator;
+
+public class SpringSecurityManager extends SecurityManagerFacade implements
+ ResourceLoaderAware {
+
+ private ResourceLoader resourceLoader;
+
+ private static Log log = LogFactory.getLog(SpringSecurityManager.class);
+
+ protected Configurator config;
+
+ public void setConfig(Configurator config) {
+ this.config = config;
+ }
+
+ public void init() {
+ String noMatch = config.getProperty("AccessController.acceptNoMatch");
+ if (noMatch != null) {
+ log.debug("Setting allow now match to: " + noMatch);
+ setAllowUnmatched(Boolean.getBoolean(noMatch));
+ }
+ String policy = config.getProperty("AccessController.policyResource");
+ log.info("Loading resource: " + policy);
+ try {
+ Resource res = resourceLoader.getResource(policy);
+ init(res.getInputStream());
+ } catch (IOException e) {
+ log.error(e);
+ }
+ }
+
+ @Override
+ public void setResourceLoader(ResourceLoader loader) {
+ this.resourceLoader = loader;
+ }
+
+}
diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java
index 0cb717c4..f51335e1 100644
--- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java
+++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/Configurator.java
@@ -16,29 +16,31 @@
*/
package at.gv.egiz.bku.online.conf;
-import iaik.security.ecc.provider.ECCProvider;
-import iaik.xml.crypto.XSecProvider;
-
-import java.net.HttpURLConnection;
-import java.security.Provider;
-import java.security.Security;
-
-import javax.net.ssl.HttpsURLConnection;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider;
+import iaik.security.ecc.provider.ECCProvider;
+import iaik.xml.crypto.XSecProvider;
+
+import java.net.HttpURLConnection;
+import java.security.Provider;
+import java.security.Security;
+import java.util.Properties;
+
+import javax.net.ssl.HttpsURLConnection;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider;
/**
*
* TODO currently only the code to get started.
*/
public class Configurator {
- private Log log = LogFactory.getLog(Configurator.class);
+ private Log log = LogFactory.getLog(Configurator.class);
+
+ protected Properties properties;
public Configurator() {
- configure();
}
protected void configUrlConnections() {
@@ -63,7 +65,18 @@ public class Configurator {
public void configure() {
configureProviders();
configUrlConnections();
-
}
-
+
+ public void setConfiguration(Properties props) {
+ this.properties = props;
+ configure();
+ }
+
+ public String getProperty(String key) {
+ if (properties != null) {
+ return properties.getProperty(key);
+ }
+ return null;
+ }
+
}
diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java
new file mode 100644
index 00000000..96588d7d
--- /dev/null
+++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java
@@ -0,0 +1,27 @@
+package at.gv.egiz.bku.online.conf;
+
+import java.io.IOException;
+import java.util.Properties;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.core.io.Resource;
+
+public class SpringConfigurator extends Configurator {
+
+ private final static Log log = LogFactory.getLog(SpringConfigurator.class);
+
+ public void setResource(Resource resource) {
+ log.debug("Loading config from: " + resource);
+ if (resource != null) {
+ Properties props = new Properties();
+ try {
+ props.load(resource.getInputStream());
+ super.setConfiguration(props);
+ } catch (IOException e) {
+ log.error("Cannot load config", e);
+ }
+ }
+ }
+
+}
diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java
index 53a7c164..20320d8e 100644
--- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java
+++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/BKURequestHandler.java
@@ -1,91 +1,88 @@
/*
-* Copyright 2008 Federal Chancellery Austria and
-* Graz University of Technology
-*
-* Licensed under the Apache License, Version 2.0 (the "License");
-* you may not use this file except in compliance with the License.
-* You may obtain a copy of the License at
-*
-* http://www.apache.org/licenses/LICENSE-2.0
-*
-* Unless required by applicable law or agreed to in writing, software
-* distributed under the License is distributed on an "AS IS" BASIS,
-* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-* See the License for the specific language governing permissions and
-* limitations under the License.
-*/
-package at.gv.egiz.bku.online.webapp;
-
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Locale;
-import java.util.Map;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import at.gv.egiz.bku.binding.HTTPBindingProcessor;
-import at.gv.egiz.bku.binding.HttpUtil;
-import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage;
-
-/**
- * Handles SL requests and instantiates BindingProcessors
- *
- */
-public class BKURequestHandler extends SpringBKUServlet {
-
- public final static String REDIRECT_URL ="appletPage.jsp";
-
- protected Log log = LogFactory.getLog(BKURequestHandler.class);
-
- protected void doPost(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, java.io.IOException {
- log.debug("Got new request");
- String lang = req.getHeader("Accept-Language");
- Locale locale = AcceptLanguage.getLocale(lang);
- log.debug("Using locale: "+locale);
- HttpSession session = req.getSession();
- if (session != null) {
- session.invalidate();
- }
- String id = req.getSession(true).getId();
- log.debug("Using session id: "+id);
- HTTPBindingProcessor bindingProcessor;
- if (req.isSecure()) {
- bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager()
- .createBindingProcessor("https", id, locale);
- } else {
- bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager()
- .createBindingProcessor("http", id, locale);
- }
- Map<String, String> headerMap = new HashMap<String, String>();
- for (Enumeration<String> headerName = req.getHeaderNames(); headerName
- .hasMoreElements();) {
- String header = headerName.nextElement();
- if (header != null) {
- headerMap.put(header, req.getHeader(header));
- }
- }
- String charset = req.getCharacterEncoding();
- String contentType = req.getContentType();
- if (charset != null) {
- contentType += ";"+charset;
- }
- headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType);
- bindingProcessor.setHTTPHeaders(headerMap);
- bindingProcessor.consumeRequestStream(req.getInputStream());
- req.getInputStream().close();
- getBindingProcessorManager().process(bindingProcessor);
- resp.sendRedirect(REDIRECT_URL);
- }
-
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, java.io.IOException {
- doPost(req, resp);
- }
-}
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package at.gv.egiz.bku.online.webapp;
+
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Locale;
+import java.util.Map;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import at.gv.egiz.bku.binding.HTTPBindingProcessor;
+import at.gv.egiz.bku.binding.HttpUtil;
+import at.gv.egiz.org.apache.tomcat.util.http.AcceptLanguage;
+
+/**
+ * Handles SL requests and instantiates BindingProcessors
+ *
+ */
+public class BKURequestHandler extends SpringBKUServlet {
+
+ public final static String REDIRECT_URL = "appletPage.jsp";
+
+ protected Log log = LogFactory.getLog(BKURequestHandler.class);
+
+ protected void doPost(HttpServletRequest req, HttpServletResponse resp)
+ throws ServletException, java.io.IOException {
+ log.debug("Got new request");
+ String lang = req.getHeader("Accept-Language");
+ Locale locale = AcceptLanguage.getLocale(lang);
+ log.debug("Using locale: " + locale);
+ HttpSession session = req.getSession();
+ if (session != null) {
+ session.invalidate();
+ }
+ String id = req.getSession(true).getId();
+ log.debug("Using session id: " + id);
+ HTTPBindingProcessor bindingProcessor;
+
+ bindingProcessor = (HTTPBindingProcessor) getBindingProcessorManager()
+ .createBindingProcessor(req.getRequestURL().toString(), id, locale);
+
+ Map<String, String> headerMap = new HashMap<String, String>();
+ for (Enumeration<String> headerName = req.getHeaderNames(); headerName
+ .hasMoreElements();) {
+ String header = headerName.nextElement();
+ if (header != null) {
+ headerMap.put(header, req.getHeader(header));
+ }
+ }
+ String charset = req.getCharacterEncoding();
+ String contentType = req.getContentType();
+ if (charset != null) {
+ contentType += ";" + charset;
+ }
+ headerMap.put(HttpUtil.HTTP_HEADER_CONTENT_TYPE, contentType);
+ bindingProcessor.setHTTPHeaders(headerMap);
+ bindingProcessor.consumeRequestStream(req.getInputStream());
+ req.getInputStream().close();
+ getBindingProcessorManager().process(bindingProcessor);
+ resp.sendRedirect(REDIRECT_URL);
+ }
+
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp)
+ throws ServletException, java.io.IOException {
+ doPost(req, resp);
+ }
+}