/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.geronimo.tomcat.security.jacc;
import java.beans.PropertyChangeListener;
import java.security.Principal;
import java.security.AccessControlContext;
import java.security.AccessControlException;
import java.security.cert.X509Certificate;
import java.io.IOException;
import javax.security.auth.Subject;
import javax.security.jacc.WebRoleRefPermission;
import org.apache.catalina.Realm;
import org.apache.catalina.Container;
import org.apache.catalina.Context;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.deploy.SecurityConstraint;
import org.apache.geronimo.tomcat.JAASTomcatPrincipal;
import org.apache.geronimo.tomcat.security.UserIdentity;
import org.apache.geronimo.security.ContextManager;
/**
* @version $Rev: 794752 $ $Date: 2009-07-17 01:03:50 +0800 (Fri, 17 Jul 2009) $
*/
public class JACCRealm implements Realm {
public static final JACCRealm INSTANCE = new JACCRealm();
private static final ThreadLocal<String> currentRequestWrapperName = new ThreadLocal<String>();
public static String setRequestWrapperName(String requestWrapperName) {
String old = currentRequestWrapperName.get();
currentRequestWrapperName.set(requestWrapperName);
return old;
}
public boolean hasRole(Principal principal, String role) {
AccessControlContext acc = ContextManager.getCurrentContext();
String name = currentRequestWrapperName.get();
/**
* JACC v1.0 secion B.19
*/
if (name == null || name.equals("jsp")) {
name = "";
}
try {
acc.checkPermission(new WebRoleRefPermission(name, role));
return true;
} catch (AccessControlException e) {
return false;
}
}
public Container getContainer() {
return null;
}
public void setContainer(Container container) {
}
public String getInfo() {
return null;
}
public void addPropertyChangeListener(PropertyChangeListener listener) {
}
public Principal authenticate(String username, String credentials) {
return null;
}
public Principal authenticate(String username, byte[] credentials) {
return null;
}
public Principal authenticate(String username, String digest, String nonce, String nc, String cnonce, String qop, String realm, String md5a2) {
return null;
}
public Principal authenticate(X509Certificate[] certs) {
return null;
}
public void backgroundProcess() {
}
public SecurityConstraint[] findSecurityConstraints(Request request, Context context) {
return new SecurityConstraint[0];
}
public boolean hasResourcePermission(Request request, Response response, SecurityConstraint[] constraint, Context context) throws IOException {
return false;
}
public boolean hasUserDataPermission(Request request, Response response, SecurityConstraint[] constraint) throws IOException {
return false;
}
public void removePropertyChangeListener(PropertyChangeListener listener) {
}
}