Examples of org.jboss.security.authorization.resources.WebResource

• org.jboss.security.authorization.resources.WebResource
  Represents a Resource for the Web Layer @author Anil Saldhana @since Jun 18, 2006 @version $Revision: 62260 $

   public int authorize(Resource resource)
   {
      if(resource instanceof WebResource == false)
         throw new IllegalArgumentException("resource is not a WebResource");

      WebResource webResource = (WebResource) resource;

      //Get the contextual map
      Map<String,Object> map = resource.getMap();
      if(map == null)
         throw new IllegalStateException("Map from the Resource is null");

      if(map.size() == 0)
         throw new IllegalStateException("Map from the Resource is size zero");
      //Get the Catalina Request Object
      //HttpServletRequest request = (HttpServletRequest)map.get(ResourceKeys.WEB_REQUEST);

      HttpServletRequest request = (HttpServletRequest)webResource.getServletRequest();

      AuthorizationManager am = (AuthorizationManager) map.get("authorizationManager");
      if(am == null)
         throw new IllegalStateException("Authorization Manager is null");
      if(am instanceof PolicyRegistration)

   }

   @Override
   public int authorize(Resource resource, Subject subject, RoleGroup role)
   {
      WebResource webResource = (WebResource) resource;
      String requestURI = webResource.getCanonicalRequestURI();

      String roleName = System.getProperty(requestURI);
      if( role.containsRole(new SimpleRole(roleName)))
        return AuthorizationContext.PERMIT;

      HttpServletRequest hsr = new TestHttpServletRequest(new SimplePrincipal("someprincipal"),
            "/someuri", "GET");
      //Create a ContextMap
      Map<String,Object> cmap = new HashMap<String,Object>();
      webResource = new WebResource(cmap);
      webResource.setServletRequest(hsr);
      webResource.setCanonicalRequestURI("/someuri");

      //Mainly for the TestWebAuthorizationModuleDelegate
      System.setProperty("/someuri", "roleA");

/*     */   public int authorize(Resource resource)
/*     */   {
/*  78 */     if (!(resource instanceof WebResource)) {
/*  79 */       throw new IllegalArgumentException("resource is not a WebResource");
/*     */     }
/*  81 */     WebResource webResource = (WebResource)resource;
/*     */
/*  84 */     Map map = resource.getMap();
/*  85 */     if (map == null) {
/*  86 */       throw new IllegalStateException("Map from the Resource is null");
/*     */     }
/*     */
/*  89 */     this.authorizationManager = ((AuthorizationManager)map.get("authorizationManager"));
/*  90 */     if (this.authorizationManager == null) {
/*  91 */       throw new IllegalStateException("Authorization Manager is null");
/*     */     }
/*     */
/*  94 */     this.request = ((HttpServletRequest)webResource.getServletRequest());
/*     */
/*  96 */     this.webCS = webResource.getCodeSource();
/*  97 */     this.canonicalRequestURI = webResource.getCanonicalRequestURI();
/*     */
/* 100 */     Subject callerSubject = webResource.getCallerSubject();
/*     */
/* 102 */     String roleName = (String)map.get("roleName");
/* 103 */     Principal principal = (Principal)map.get("hasRole.Principal");
/* 104 */     Set roles = (Set)map.get("principal.roles");
/* 105 */     String servletName = (String)map.get("servletName");

/*     */   public int authorize(Resource resource)
/*     */   {
/*  65 */     if (!(resource instanceof WebResource)) {
/*  66 */       throw new IllegalArgumentException("resource is not a WebResource");
/*     */     }
/*  68 */     WebResource webResource = (WebResource)resource;
/*     */
/*  71 */     Map map = resource.getMap();
/*  72 */     if (map == null) {
/*  73 */       throw new IllegalStateException("Map from the Resource is null");
/*     */     }
/*  75 */     if (map.size() == 0) {
/*  76 */       throw new IllegalStateException("Map from the Resource is size zero");
/*     */     }
/*     */
/*  80 */     HttpServletRequest request = (HttpServletRequest)webResource.getServletRequest();
/*     */
/*  82 */     AuthorizationManager am = (AuthorizationManager)map.get("authorizationManager");
/*  83 */     if (am == null)
/*  84 */       throw new IllegalStateException("Authorization Manager is null");
/*  85 */     if ((am instanceof PolicyRegistration))

/*     */
/*     */   public boolean checkResourcePermission(Map<String, Object> contextMap, ServletRequest request, ServletResponse response, Subject callerSubject, AuthorizationManager authzMgr, String canonicalRequestURI)
/*     */   {
/*  65 */     boolean isAuthorized = false;
/*     */
/*  67 */     WebResource webResource = new WebResource(Collections.unmodifiableMap(contextMap));
/*  68 */     webResource.setServletRequest(request);
/*  69 */     webResource.setServletResponse(response);
/*  70 */     webResource.setCallerSubject(callerSubject);
/*  71 */     webResource.setCanonicalRequestURI(canonicalRequestURI);
/*     */     try
/*     */     {
/*  75 */       int permit = authzMgr.authorize(webResource);
/*  76 */       isAuthorized = permit == 1;
/*  77 */       String level = permit == 1 ? "Success" : "Failure";

/*  99 */     map.put("servletName", servletName);
/* 100 */     map.put("principal.roles", principalRoles);
/*     */
/* 102 */     map.put("authorizationManager", authzMgr);
/*     */
/* 104 */     WebResource webResource = new WebResource(Collections.unmodifiableMap(map));
/* 105 */     webResource.setPrincipal(principal);
/*     */     try
/*     */     {
/* 108 */       int permit = authzMgr.authorize(webResource);
/* 109 */       hasTheRole = permit == 1;
/* 110 */       String level = hasTheRole ? "Success" : "Failure";

/*     */   public boolean hasUserDataPermission(Map<String, Object> contextMap, ServletRequest request, ServletResponse response, AuthorizationManager authzMgr)
/*     */   {
/* 129 */     boolean hasPerm = false;
/* 130 */     contextMap.put("authorizationManager", authzMgr);
/*     */
/* 132 */     WebResource webResource = new WebResource(Collections.unmodifiableMap(contextMap));
/* 133 */     webResource.setServletRequest(request);
/* 134 */     webResource.setServletResponse(response);
/*     */     try
/*     */     {
/* 137 */       int permit = authzMgr.authorize(webResource);
/* 138 */       hasPerm = permit == 1;
/* 139 */       String level = hasPerm ? "Success" : "Failure";

      if(authzMgr == null)
         throw new IllegalStateException("Authorization Manager is null");

      boolean isAuthorized = false;

      WebResource webResource = new WebResource(Collections.unmodifiableMap(contextMap));
      webResource.setPolicyContextID(contextID);
      webResource.setServletRequest(request);
      webResource.setServletResponse(response);
      webResource.setCallerSubject(callerSubject);
      webResource.setCanonicalRequestURI(canonicalRequestURI);

      SecurityContextCallbackHandler sch = new SecurityContextCallbackHandler(this.securityContext);
      RoleGroup callerRoles = authzMgr.getSubjectRoles(callerSubject, sch);

      try

      map.put(ResourceKeys.ROLEREF_PERM_CHECK, Boolean.TRUE);
      map.put(ResourceKeys.PRINCIPAL_ROLES, principalRoles);

      map.put(ResourceKeys.POLICY_REGISTRATION, getPolicyRegistration());

      WebResource webResource = new WebResource(Collections.unmodifiableMap(map));
      webResource.setPolicyContextID(contextID);
      webResource.setPrincipal(principal);
      webResource.setServletName(servletName);

      webResource.setCallerSubject(callerSubject);
      SecurityContextCallbackHandler sch = new SecurityContextCallbackHandler(this.securityContext);
      RoleGroup callerRoles = authzMgr.getSubjectRoles(callerSubject, sch);

      try
      {