source.dussan.org Git - archiva.git/blob

   1 package org.apache.archiva.redback.integration.filter.authorization;
   2
   3 /*
   4  * Licensed to the Apache Software Foundation (ASF) under one
   5  * or more contributor license agreements.  See the NOTICE file
   6  * distributed with this work for additional information
   7  * regarding copyright ownership.  The ASF licenses this file
   8  * to you under the Apache License, Version 2.0 (the
   9  * "License"); you may not use this file except in compliance
  10  * with the License.  You may obtain a copy of the License at
  11  *
  12  * http://www.apache.org/licenses/LICENSE-2.0
  13  *
  14  * Unless required by applicable law or agreed to in writing,
  15  * software distributed under the License is distributed on an
  16  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  17  * KIND, either express or implied.  See the License for the
  18  * specific language governing permissions and limitations
  19  * under the License.
  20  */
  21
  22 import org.apache.archiva.redback.authorization.AuthorizationException;
  23 import org.apache.archiva.redback.system.SecuritySession;
  24 import org.apache.archiva.redback.system.SecuritySystem;
  25 import org.codehaus.plexus.util.StringUtils;
  26 import org.apache.archiva.redback.integration.filter.SpringServletFilter;
  27 import org.slf4j.Logger;
  28 import org.slf4j.LoggerFactory;
  29
  30 import javax.servlet.FilterChain;
  31 import javax.servlet.FilterConfig;
  32 import javax.servlet.ServletException;
  33 import javax.servlet.ServletRequest;
  34 import javax.servlet.ServletResponse;
  35 import javax.servlet.http.HttpServletResponse;
  36 import java.io.IOException;
  37
  38 /**
  39  * SimpleAuthorizationFilter
  40  *
  41  * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
  42  * @version $Id$
  43  */
  44 public class SimpleAuthorizationFilter
  45     extends SpringServletFilter
  46 {
  47
  48     private Logger logger = LoggerFactory.getLogger( getClass() );
  49
  50     private String permission;
  51
  52     private String resource;
  53
  54     private String accessDeniedLocation;
  55
  56     public void init( FilterConfig filterConfig )
  57         throws ServletException
  58     {
  59         super.init( filterConfig );
  60
  61         permission = filterConfig.getInitParameter( "permission" );
  62         resource = filterConfig.getInitParameter( "resource" );
  63         accessDeniedLocation = filterConfig.getInitParameter( "accessDeniedLocation" );
  64
  65         if ( StringUtils.isEmpty( accessDeniedLocation ) )
  66         {
  67             throw new ServletException(
  68                 "Missing parameter 'accessDeniedLocation' from " + SimpleAuthorizationFilter.class.getName()
  69                     + " configuration." );
  70         }
  71     }
  72
  73     public void doFilter( ServletRequest request, ServletResponse response, FilterChain chain )
  74         throws IOException, ServletException
  75     {
  76         SecuritySession securitySession = getApplicationContext().getBean( "securitySession", SecuritySession.class );
  77
  78         if ( securitySession == null )
  79         {
  80             logger.warn( "Security Session is null." );
  81             return;
  82         }
  83
  84         SecuritySystem securitySystem = getApplicationContext().getBean( "securitySystem", SecuritySystem.class );
  85
  86         boolean isAuthorized = false;
  87
  88         try
  89         {
  90             if ( StringUtils.isEmpty( resource ) )
  91             {
  92                 isAuthorized = securitySystem.isAuthorized( securitySession, permission );
  93             }
  94             else
  95             {
  96                 isAuthorized = securitySystem.isAuthorized( securitySession, permission, resource );
  97             }
  98             if ( isAuthorized )
  99             {
 100                 chain.doFilter( request, response );
 101             }
 102             else
 103             {
 104                 accessDenied( response );
 105             }
 106         }
 107         catch ( AuthorizationException e )
 108         {
 109             accessDenied( response );
 110         }
 111     }
 112
 113     protected void accessDenied( ServletResponse response )
 114         throws IOException
 115     {
 116         String newlocation = accessDeniedLocation;
 117
 118         if ( newlocation.indexOf( '?' ) == ( -1 ) )
 119         {
 120             newlocation += "?";
 121         }
 122         else
 123         {
 124             newlocation += "&";
 125         }
 126         newlocation += "resource=" + resource;
 127
 128         ( (HttpServletResponse) response ).sendRedirect( newlocation );
 129     }
 130
 131 }