View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *   http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.myfaces.custom.security;
20  
21  import javax.faces.el.EvaluationException;
22  import javax.faces.el.PropertyNotFoundException;
23  import javax.faces.el.PropertyResolver;
24  
25  import org.apache.commons.logging.Log;
26  import org.apache.commons.logging.LogFactory;
27  
28  /**
29   * 
30   * @author cagatay
31   */
32  public class SecurityContextPropertyResolver extends PropertyResolver{
33      
34      private static final Log log = LogFactory.getLog(SecurityContextPropertyResolver.class);
35  
36      private final static String AUTH_TYPE = "authType";
37      private final static String USER = "remoteUser";
38      private final static String IF_GRANTED = "ifGranted";
39      private final static String IF_ALL_GRANTED = "ifAllGranted";
40      private final static String IF_ANY_GRANTED = "ifAnyGranted";
41      private final static String IF_NOT_GRANTED = "ifNotGranted";
42      
43      private PropertyResolver originalResolver;
44  
45      public SecurityContextPropertyResolver(PropertyResolver propertyresolver) {
46          originalResolver = propertyresolver;
47      }
48      
49      public Object getValue(Object base, Object property) throws EvaluationException, PropertyNotFoundException {
50          if(base instanceof SecurityContext) {
51              SecurityContext securityContext = (SecurityContext) base;
52              
53              if(property.equals(AUTH_TYPE)) {
54                  return securityContext.getAuthType();                
55              }
56              else if(property.equals(USER)) 
57              {
58                  return securityContext.getRemoteUser();
59              }
60              else if(property.equals(IF_GRANTED)) 
61              {
62                  securityContext.setAuthMode(SecurityContext.AUTH_MODE_SINGLE);
63                  return securityContext;
64              }
65              else if(property.equals(IF_ALL_GRANTED)) 
66              {
67                  securityContext.setAuthMode(SecurityContext.AUTH_MODE_ALL);
68                  return securityContext;
69              }
70              else if(property.equals(IF_ANY_GRANTED)) 
71              {
72                  securityContext.setAuthMode(SecurityContext.AUTH_MODE_ANY);
73                  return securityContext;
74              }
75              else if(property.equals(IF_NOT_GRANTED)) 
76              {
77                  securityContext.setAuthMode(SecurityContext.AUTH_MODE_NOT);
78                  return securityContext;
79              }
80              else if(securityContext.inAuthMode()) {
81                  securityContext.setRoles(getRolesFromProperty(property));
82                  int authMode = securityContext.getAuthMode();
83                  
84                  if(authMode == SecurityContext.AUTH_MODE_SINGLE)
85                      return Boolean.valueOf(securityContext.ifSingleGranted());
86                  else if(authMode == SecurityContext.AUTH_MODE_ALL)
87                      return Boolean.valueOf(securityContext.ifAllGranted());
88                  else if(authMode == SecurityContext.AUTH_MODE_ANY)
89                      return Boolean.valueOf(securityContext.ifAnyGranted());
90                  else
91                      return Boolean.valueOf(securityContext.ifNotGranted());
92              }
93              else {
94                   if(log.isDebugEnabled())
95                        log.debug("Exception while retrieving property; base : "+base.getClass().getName()+", property : "+property);
96                   
97                  throw new PropertyNotFoundException(getMessage(base, (String)property));
98              }
99          }
100         else 
101             return originalResolver.getValue(base, property);
102         
103     }
104 
105     public Class getType(Object base, int index) throws EvaluationException, PropertyNotFoundException {
106         return originalResolver.getType(base, index);
107     }
108 
109     public Class getType(Object base, Object property) throws EvaluationException, PropertyNotFoundException {
110         if(base instanceof SecurityContext)
111             return SecurityContext.class;
112         else
113             return originalResolver.getType(base, property);
114     }
115 
116     public Object getValue(Object base, int index) throws EvaluationException, PropertyNotFoundException {
117         return originalResolver.getValue(base, index);
118     }
119 
120     public boolean isReadOnly(Object base, int index) throws EvaluationException, PropertyNotFoundException {
121         return originalResolver.isReadOnly(base, index);
122     }
123 
124     public boolean isReadOnly(Object base, Object property) throws EvaluationException, PropertyNotFoundException {
125         if(base instanceof SecurityContext)
126             return true;
127         else
128             return originalResolver.isReadOnly(base, property);
129     }
130 
131     public void setValue(Object base, int index, Object value) throws EvaluationException, PropertyNotFoundException {
132         originalResolver.setValue(base, index, value);
133     }
134 
135     public void setValue(Object base, Object property, Object value) throws EvaluationException, PropertyNotFoundException {
136         originalResolver.setValue(base, property, value);
137     }
138     
139     private String[] getRolesFromProperty(Object property) {
140         String[] roles = ((String)property).split(",");
141         for (int i = 0; i < roles.length; i++) {
142             roles[i] = roles[i].trim();
143         }
144         return roles;
145     }
146     
147     private static String getMessage(Object base, String name) {
148         return "Bean: " + base.getClass().getName() + ", property: " + name;
149     }
150 
151 }