Moved to net.sf.acegisecurity.ui

2004-04-02 12:07:24 +00:00 · 2004-04-02 12:07:24 +00:00 · 33edeb5a2f
parent e54ad9b4e8
commit 33edeb5a2f
2 changed files with 0 additions and 254 deletions
--- a/core/src/main/java/org/acegisecurity/adapters/AbstractIntegrationFilter.java
+++ b/core/src/main/java/org/acegisecurity/adapters/AbstractIntegrationFilter.java
@ -1,156 +0,0 @@
 /* Copyright 2004 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
 package net.sf.acegisecurity.adapters;
 import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.context.Context;
 import net.sf.acegisecurity.context.ContextHolder;
 import net.sf.acegisecurity.context.SecureContext;
 import net.sf.acegisecurity.context.SecureContextImpl;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import java.io.IOException;
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 /**
 * Automatically populates a {@link net.sf.acegisecurity.context.SecureContext}
 * from a subclass-provided container source.
 * 
 * <p>
 * The container is expected to expose an {@link Authentication} object in a
 * well-known location. The <code>Authentication</code> object will have been
 * created by the container-specific Acegi Security System for Spring adapter.
 * </p>
 * 
 * <P>
 * Once the <code>Authentication</code> object has been extracted from the
 * well-known location, the interceptor handles putting it into the {@link
 * ContextHolder}. It then removes it once the filter chain has  completed.
 * </p>
 * 
 * <p>
 * This interceptor will not operate if the container does not provide an
 * <code>Authentication</code> object from its well-known location.
 * </p>
 *
 * @author Ben Alex
 * @version $Id$
 */
 public abstract class AbstractIntegrationFilter implements Filter {
    //~ Static fields/initializers =============================================
    protected static final Log logger = LogFactory.getLog(AbstractIntegrationFilter.class);
    //~ Methods ================================================================
    public void destroy() {}
    public void doFilter(ServletRequest request, ServletResponse response,
        FilterChain chain) throws IOException, ServletException {
        // Populate authentication information
        Object extracted = this.extractFromContainer(request);
        if (extracted instanceof Authentication) {
            if (logger.isDebugEnabled()) {
                logger.debug(
                    "Authentication added to ContextHolder from container");
            }
            Authentication auth = (Authentication) extracted;
            // Get or create existing SecureContext
            SecureContext secureContext = null;
            if ((ContextHolder.getContext() == null)
                || !(ContextHolder.getContext() instanceof SecureContext)) {
                secureContext = new SecureContextImpl();
            } else {
                secureContext = (SecureContext) ContextHolder.getContext();
            }
            // Add Authentication to SecureContext, and save
            secureContext.setAuthentication(auth);
            ContextHolder.setContext((Context) secureContext);
        } else {
            if (logger.isDebugEnabled()) {
                logger.debug(
                    "Authentication not added to ContextHolder (could not extract an authentication object from the container which is an instance of Authentication)");
            }
        }
        // Proceed with chain
        chain.doFilter(request, response);
        // Remove authentication information
        if ((ContextHolder.getContext() != null)
            && ContextHolder.getContext() instanceof SecureContext) {
            if (logger.isDebugEnabled()) {
                logger.debug("Removing Authentication from ContextHolder");
            }
            // Get context holder and remove authentication information
            SecureContext secureContext = (SecureContext) ContextHolder
                .getContext();
            secureContext.setAuthentication(null);
            ContextHolder.setContext((Context) secureContext);
        } else {
            if (logger.isDebugEnabled()) {
                logger.debug(
                    "ContextHolder does not contain any authentication information");
            }
        }
    }
    /**
     * Subclasses must override this method to provide the <code>Object</code>
     * that contains the <code>Authentication</code> interface.
     * 
     * <p>
     * For convenience we have allowed any <code>Object</code> to be  returned
     * by subclasses, as the abstract class will ensure class casting safety
     * and ignore objects that do not implement  <code>Authentication</code>.
     * </p>
     * 
     * <p>
     * If no authentication object is available, subclasses should return
     * <code>null</code>.
     * </p>
     * 
     * <p>
     * If the container can locate multiple authentication objects,  subclasses
     * should return the object that was created by the Acegi Security System
     * for Spring adapter (ie that implements <code>Authentication</code>).
     * </p>
     *
     * @param request the request, which may be of use in extracting the
     *        authentication object
     *
     * @return <code>null</code> or an object that implements
     *         <code>Authentication</code>
     */
    public abstract Object extractFromContainer(ServletRequest request);
    public void init(FilterConfig filterConfig) throws ServletException {}
 }
--- a/core/src/main/java/org/acegisecurity/adapters/AutoIntegrationFilter.java
+++ b/core/src/main/java/org/acegisecurity/adapters/AutoIntegrationFilter.java
@ -1,98 +0,0 @@
 /* Copyright 2004 Acegi Technology Pty Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
 package net.sf.acegisecurity.adapters;
 import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.adapters.jboss.JbossIntegrationFilter;
 import javax.servlet.ServletRequest;
 import javax.servlet.http.HttpServletRequest;
 /**
 * Detects the container and delegates to the appropriate {@link
 * AbstractIntegrationFilter}.
 * 
 * <p>
 * This eases the creation of portable secured Spring applications, as the
 * <code>web.xml</code> will not need to refer to a specific container
 * integration filter.
 * </p>
 * 
 * <P>
 * The filter automatically delegates to
 * <code>HttpRequestIntegrationFilter</code> if any
 * <code>Authentication</code> object is detected in the
 * <code>ServletRequest</code>. Failing this, it will delegate to
 * <code>JbossIntegrationFilter</code> if the <code>ServletRequest</code>
 * contains an instance of JBoss' <code>SimplePrincipal</code>.
 * </p>
 *
 * @author Ben Alex
 * @version $Id$
 *
 * @see AbstractIntegrationFilter
 */
 public class AutoIntegrationFilter extends AbstractIntegrationFilter {
    //~ Methods ================================================================
    public Object extractFromContainer(ServletRequest request) {
        if (request instanceof HttpServletRequest) {
            HttpServletRequest httpRequest = (HttpServletRequest) request;
            if (httpRequest.getUserPrincipal() instanceof Authentication) {
                return getHttpServletRequest().extractFromContainer(request);
            }
            try {
                Class simplePrincipalClass = Class.forName(
                        "org.jboss.security.SimplePrincipal");
                if (null != httpRequest.getUserPrincipal()) {
                    if (simplePrincipalClass.isAssignableFrom(
                            httpRequest.getUserPrincipal().getClass())) {
                        return getJbossIntegrationFilter().extractFromContainer(request);
                    }
                }
            } catch (ClassNotFoundException e) {
                // Can't be JBoss principal
                // Expected, and normal - fall through
            }
        }
        return null;
    }
    /**
     * Allows test case to override the source of
     * <code>HttpRequestIntegrationFilter</code>.
     *
     * @return the <code>HttpRequestIntegrationFilter</code> to use
     */
    protected HttpRequestIntegrationFilter getHttpServletRequest() {
        return new HttpRequestIntegrationFilter();
    }
    /**
     * Allows test case to override the source of
     * <code>JbossIntegrationFilter</code>.
     *
     * @return the <code>JbossIntegrationFilter</code> to use
     */
    protected JbossIntegrationFilter getJbossIntegrationFilter() {
        return new JbossIntegrationFilter();
    }
 }