/xservices/trunk/src/java/net/brutex/xservices/security/PermissionResolver.java |
---|
0,0 → 1,35 |
/* |
* Copyright 2013 Brian Rosenberger (Brutex Network) |
* |
* Licensed under the Apache License, Version 2.0 (the "License"); |
* you may not use this file except in compliance with the License. |
* You may obtain a copy of the License at |
* |
* http://www.apache.org/licenses/LICENSE-2.0 |
* |
* Unless required by applicable law or agreed to in writing, software |
* distributed under the License is distributed on an "AS IS" BASIS, |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
* See the License for the specific language governing permissions and |
* limitations under the License. |
*/ |
package net.brutex.xservices.security; |
import org.apache.log4j.Logger; |
import org.apache.shiro.authz.Permission; |
/** |
* @author Brian Rosenberger, bru(at)brutex.de |
* |
*/ |
public class PermissionResolver implements org.apache.shiro.authz.permission.PermissionResolver { |
final Logger logger = Logger.getLogger(PermissionResolver.class); |
@Override |
public Permission resolvePermission(String permissionString) { |
logger.debug(String.format("Creating new Permission '%s'", permissionString)); |
return new DirectoryPermission(permissionString); |
} |
} |
Property changes: |
Added: svn:mime-type |
+text/plain |
\ No newline at end of property |
/xservices/trunk/src/java/net/brutex/xservices/security/XServicesRealm.java |
---|
0,0 → 1,80 |
/* |
* Copyright 2013 Brian Rosenberger (Brutex Network) |
* |
* Licensed under the Apache License, Version 2.0 (the "License"); |
* you may not use this file except in compliance with the License. |
* You may obtain a copy of the License at |
* |
* http://www.apache.org/licenses/LICENSE-2.0 |
* |
* Unless required by applicable law or agreed to in writing, software |
* distributed under the License is distributed on an "AS IS" BASIS, |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
* See the License for the specific language governing permissions and |
* limitations under the License. |
*/ |
package net.brutex.xservices.security; |
import java.text.ParseException; |
import java.util.Collection; |
import java.util.Map; |
import org.apache.log4j.Logger; |
import org.apache.shiro.authc.AuthenticationException; |
import org.apache.shiro.authc.AuthenticationInfo; |
import org.apache.shiro.authc.AuthenticationToken; |
import org.apache.shiro.authz.AuthorizationInfo; |
import org.apache.shiro.authz.Permission; |
import org.apache.shiro.authz.permission.PermissionResolver; |
import org.apache.shiro.config.Ini; |
import org.apache.shiro.io.ResourceUtils; |
import org.apache.shiro.realm.AuthorizingRealm; |
import org.apache.shiro.realm.text.IniRealm; |
import org.apache.shiro.subject.PrincipalCollection; |
import org.apache.shiro.util.Nameable; |
import org.apache.shiro.util.PermissionUtils; |
// TODO: Auto-generated Javadoc |
/* |
* For later use. A Realm connects to a DS where Users/ Passes are defined |
* and allows Shiro to transparently work against different user/pass stores |
* (i.e. LDAP, Custom, etc.) |
* |
* @author Brian Rosenberger, bru(at)brutex.de |
* |
*/ |
/** |
* The Class XServicesRealm. |
*/ |
public class XServicesRealm extends IniRealm implements Nameable { |
/** The logger. */ |
private static Logger logger = Logger.getLogger(XServicesRealm.class); |
/** The name. */ |
private String name; |
/* (non-Javadoc) |
* @see org.apache.shiro.realm.AuthorizingRealm#setName(java.lang.String) |
*/ |
@Override |
public void setName(String name) { |
this.name = name; |
} |
/** |
* Instantiates a new x services realm with default |
* 'shiro.ini' in classpath and {@link net.brutex.xservices.security.PermissionResolver PermissionResolver}. |
* |
*/ |
public XServicesRealm() { |
super(); |
this.setIni(Ini.fromResourcePath(ResourceUtils.CLASSPATH_PREFIX+"shiro.ini")); |
this.setPermissionResolver(new net.brutex.xservices.security.PermissionResolver()); |
//this.setRolePermissionResolver(new RolePermissionResolver()); |
init(); |
} |
} |
Property changes: |
Added: svn:mime-type |
+text/plain |
\ No newline at end of property |
/xservices/trunk/src/java/net/brutex/xservices/security/DirectoryPermission.java |
---|
0,0 → 1,65 |
/* |
* Copyright 2013 Brian Rosenberger (Brutex Network) |
* |
* Licensed under the Apache License, Version 2.0 (the "License"); |
* you may not use this file except in compliance with the License. |
* You may obtain a copy of the License at |
* |
* http://www.apache.org/licenses/LICENSE-2.0 |
* |
* Unless required by applicable law or agreed to in writing, software |
* distributed under the License is distributed on an "AS IS" BASIS, |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
* See the License for the specific language governing permissions and |
* limitations under the License. |
*/ |
package net.brutex.xservices.security; |
import org.apache.log4j.Logger; |
import org.apache.shiro.authz.Permission; |
import org.apache.shiro.util.AntPathMatcher; |
/** |
* @author Brian Rosenberger, bru(at)brutex.de |
* |
*/ |
public class DirectoryPermission implements Permission { |
private final Logger logger = Logger.getLogger(DirectoryPermission.class); |
private final String path; |
public DirectoryPermission(String antlikepath) { |
path = antlikepath; |
} |
@Override |
public boolean implies(Permission p) { |
boolean result = false; |
/* is of same type */ |
if(! (p instanceof DirectoryPermission)) { |
logger.debug(String.format("Testing if permission of type '%s' implies permission of type '%s'. Result was '%s'" , this.getClass(), p.getClass(), result)); |
return result; |
} |
/* comparing to non null directory */ |
if( ((DirectoryPermission)p).getPath() == null) { |
logger.debug(String.format("Testing if DirectoryPermission '%s' implies permission to 'null'. Result was '%s'" , this.getPath(), result)); |
return result; |
} |
/* directory pattern implies other */ |
if( (new AntPathMatcher()).matches(path, ((DirectoryPermission)p).getPath()) ) { |
result = true; |
} |
logger.debug(String.format("Testing if DirectoryPermission '%s' implies permission to '%s'. Result was '%s'" , this.getPath(), ((DirectoryPermission) p).getPath(), result)); |
return result; |
} |
public String getPath() { |
return path; |
} |
} |
Property changes: |
Added: svn:mime-type |
+text/plain |
\ No newline at end of property |