Examples of org.apache.lenya.ac.Policy

• org.apache.lenya.ac.Policy
  A policy assigns roles to accreditables using credentials. Additionally, SSL protection is defined. @version $Id: Policy.java 473841 2006-11-12 00:46:38Z gregor $

    public DefaultPolicy[] getPolicies(AccreditableManager controller, String url)
            throws AccessControlException {

        List policies = new ArrayList();

        Policy policy = buildURLPolicy(controller, url);
        policies.add(policy);

        String[] directories = url.split("/");
        url = "";

            int lastSlashIndex = getPolicyURL().lastIndexOf("/");
            if (lastSlashIndex != -1) {
                ancestorUrl = getPolicyURL().substring(0, lastSlashIndex);
            }

            Policy policy = getPolicyManager().getPolicy(getAccreditableManager(), ancestorUrl);
            ssl = policy.isSSLProtected();
        } catch (AccessControlException e) {
            throw new ProcessingException("Resolving policy failed: ", e);
        }
        return ssl;
    }

     * @throws ProcessingException when something went wrong.
     */
    protected boolean isSSLProtected() throws ProcessingException {
        boolean ssl;
        try {
            Policy policy = getPolicyManager().getPolicy(getAccreditableManager(), getPolicyURL());
            ssl = policy.isSSLProtected();
        } catch (AccessControlException e) {
            throw new ProcessingException("Resolving policy failed: ", e);
        }
        return ssl;
    }

        url = url.substring(1);

        List policies = new LinkedList();
        HashMap orderedPolicies = new LinkedHashMap();
        int position = 1;
        Policy policy;
        String[] directories = url.split("/");
        url = directories[0] + "/";

        for (int i = 1; i < directories.length; i++) {
            url += directories[i] + "/";

        String[] directories = url.split("/");
        url = directories[0] + "/";

        for (int i = 1; i < directories.length; i++) {
            url += directories[i] + "/";
            Policy policy = buildSubtreePolicy(controller, url);
            Credential[] tmp = policy.getCredentials();
            // we need to revert the order of the credentials
            // to keep the most important policy on top
            for (int j = tmp.length - 1; j >= 0; j--) {
                Credential credential = tmp[j];
                orderedCredential.put(String.valueOf(position), credential);

    public Role[] getGrantedRoles(AccreditableManager accreditableManager, Identity identity,
            String url) throws AccessControlException {
        Role[] roles = accreditableManager.getRoleManager().getRoles();
        Set grantedRoles = new HashSet();
        Policy policy = getPolicy(accreditableManager, url);
        for (int i = 0; i < roles.length; i++) {
            if (policy.check(identity, roles[i]) == Policy.RESULT_GRANTED) {
                grantedRoles.add(roles[i]);
            }
        }
        return (Role[]) grantedRoles.toArray(new Role[grantedRoles.size()]);
    }

        String publicationId = url.substring(0, slashIndex);
        url = url.substring(publicationId.length());

        SourceResolver resolver = null;
        Policy policy = null;
        Source source = null;
        try {
            resolver = (SourceResolver) getManager().lookup(SourceResolver.ROLE);

            String policyUrl = publicationId + "/policies" + url + ".acml";
            getLogger().debug("Policy URL: " + policyUrl);
            source = resolver.resolveURI("cocoon://" + policyUrl);
            Document document = DocumentHelper.readDocument(source.getInputStream());
            policy = new PolicyBuilder(accreditableManager).buildPolicy(document);
            this.credentials=policy.getCredentials();
        } catch (SourceNotFoundException e) {
            throw new AccessControlException(e);
        } catch (ServiceException e) {
            throw new AccessControlException(e);
        } catch (MalformedURLException e) {

    public Role[] getGrantedRoles(AccreditableManager accreditableManager, Identity identity,
            String url) throws AccessControlException {
        Role[] roles = accreditableManager.getRoleManager().getRoles();
        Set grantedRoles = new HashSet();
        Policy policy = getPolicy(accreditableManager, url);
        for (int i = 0; i < roles.length; i++) {
            if (policy.check(identity, roles[i]) == Policy.RESULT_GRANTED) {
                grantedRoles.add(roles[i]);
            }
        }
        return (Role[]) grantedRoles.toArray(new Role[grantedRoles.size()]);
    }

        DefaultAccessController controller = getAccessController();
        PolicyManager policyManager = controller.getPolicyManager();
        assertNotNull(policyManager);

        for (int i = 0; i < URLS.length; i++) {
            Policy policy = policyManager.getPolicy(controller.getAccreditableManager(), URLS[i]);
            assertNotNull(policy);

            Role[] roles = policyManager.getGrantedRoles(controller.getAccreditableManager(), getIdentity(), URLS[i]);
            assertTrue(roles.length > 0);

                String url = ServletHelper.getWebappURI(request);
                accessController = resolver.resolveAccessController(url);

                if (accessController != null) {
                    PolicyManager policyManager = accessController.getPolicyManager();
                    Policy policy = policyManager.getPolicy(accessController.getAccreditableManager(),
                            url);
                    if (policy.isSSLProtected()) {
                        Session session = RepositoryUtil.getSession(this.manager, request);
                        LinkRewriter rewriter = new OutgoingLinkRewriter(this.manager, session, url,
                                false, true, false);
                        String sslUri = rewriter.rewrite(url);
                        return Collections.singletonMap(KEY_REDIRECT_URI, sslUri);