org.apache.geronimo.jetty
Class JettyWebAppJACCContext

java.lang.Object
  extended byorg.mortbay.http.ResourceCache
      extended byorg.mortbay.http.HttpContext
          extended byorg.mortbay.jetty.servlet.ServletHttpContext
              extended byorg.mortbay.jetty.servlet.WebApplicationContext
                  extended byorg.apache.geronimo.jetty.JettyWebAppContext
                      extended byorg.apache.geronimo.jetty.JettyWebAppJACCContext
All Implemented Interfaces:
Externalizable, org.apache.geronimo.gbean.GBeanLifecycle, org.mortbay.http.HttpHandler, org.mortbay.util.LifeCycle, Serializable

public class JettyWebAppJACCContext
extends JettyWebAppContext

A class extension to JettyWebAppContext whose purpose is to provide JACC security checks.

Version:
$Revision: 1.4 $ $Date: 2004/07/18 22:04:27 $
See Also:
ServletHttpContext.checkSecurityConstraints(java.lang.String, org.mortbay.http.HttpRequest, org.mortbay.http.HttpResponse), Serialized Form

Nested Class Summary
 
Nested classes inherited from class org.mortbay.jetty.servlet.WebApplicationContext
org.mortbay.jetty.servlet.WebApplicationContext.Configuration
 
Nested classes inherited from class org.mortbay.http.ResourceCache
org.mortbay.http.ResourceCache.ResourceMetaData
 
Field Summary
static org.apache.geronimo.gbean.GBeanInfo GBEAN_INFO
           
 
Fields inherited from class org.mortbay.http.HttpContext
__ErrorHandler, __fileClassPathAttr
 
Fields inherited from class org.mortbay.http.ResourceCache
_cache, _cacheSize, _leastRecentlyUsed, _mostRecentlyUsed
 
Constructor Summary
JettyWebAppJACCContext()
           
JettyWebAppJACCContext(URI uri, org.apache.geronimo.naming.java.ReadOnlyContext compContext, org.apache.geronimo.transaction.UserTransactionImpl userTransaction, ClassLoader classLoader, Set unshareableResources, Set applicationManagedSecurityResources, String policyContextID, org.apache.geronimo.security.deploy.Security securityConfig, org.apache.geronimo.transaction.context.TransactionContextManager transactionContextManager, org.apache.geronimo.transaction.TrackedConnectionAssociator associator, org.apache.geronimo.kernel.config.ConfigurationParent config, JettyContainer container)
           
 
Method Summary
 void addSecurityConstraint(String pathSpec, org.mortbay.http.SecurityConstraint sc)
          Keep our own copy of security constraints.

We keep our own copy of security constraints because Jetty's copy is private.

 boolean checkSecurityConstraints(String pathInContext, org.mortbay.http.HttpRequest request, org.mortbay.http.HttpResponse response)
          Check the security constraints using JACC.
 void doFail()
           
 void doStart()
           
 void doStop()
           
protected  JAASJettyPrincipal generateDefaultPrincipal(org.apache.geronimo.security.deploy.Security securityConfig)
          Generate the default principal from the security config.
static org.apache.geronimo.gbean.GBeanInfo getGBeanInfo()
           
 String getPolicyContextID()
           
 Subject getRoleDesignate(String roleName)
           
 org.apache.geronimo.security.deploy.Security getSecurityConfig()
           
 void handle(String pathInContext, String pathParams, org.mortbay.http.HttpRequest httpRequest, org.mortbay.http.HttpResponse httpResponse)
          Handler request.
 Principal obtainUser(String pathInContext, org.mortbay.http.HttpRequest request, org.mortbay.http.HttpResponse response)
          Obtain an authenticated user, if one is required.
 
Methods inherited from class org.apache.geronimo.jetty.JettyWebAppContext
getContextPriorityClassLoader, initClassLoader, setContextPriorityClassLoader
 
Methods inherited from class org.mortbay.jetty.servlet.WebApplicationContext
addEventListener, getConfiguration, getDefaultsDescriptor, getDisplayName, getErrorPage, getExtractWAR, getResource, getResourceAlias, getServletHandler, getUserRealm, getWAR, getWebApplicationHandler, getWebInf, initialize, isDistributable, isIgnoreWebJetty, readExternal, removeAttribute, removeErrorPage, removeEventListener, removeResourceAlias, setAttribute, setConfiguration, setDefaultsDescriptor, setDisplayName, setDistributable, setErrorPage, setExtractWAR, setIgnoreWebJetty, setPermissions, setResourceAlias, setWAR, start, stop, toString, writeExternal
 
Methods inherited from class org.mortbay.jetty.servlet.ServletHttpContext
addLocaleEncoding, addServlet, addServlet, getLocaleEncoding, getServletContext, jSecurityCheck, sendError
 
Methods inherited from class org.mortbay.http.HttpContext
addClassPath, addClassPaths, addHandler, addHandler, addPermission, addVirtualHost, addWelcomeFile, canonicalContextPathSpec, clearSecurityConstraints, destroy, enterContextScope, flushCache, getAttribute, getAttributeNames, getAttributes, getAuthenticator, getClassLoader, getClassPath, getContextPath, getFileClassPath, getHandler, getHandlerIndex, getHandlers, getHosts, getHttpConnection, getHttpContext, getHttpContextName, getHttpServer, getInitParameter, getInitParameterNames, getName, getParentClassLoader, getPermissions, getRealm, getRealmName, getRequestLog, getRequests, getRequestsActive, getRequestsActiveMax, getResponses1xx, getResponses2xx, getResponses3xx, getResponses4xx, getResponses5xx, getStatsOn, getStatsOnMs, getTempDirectory, getVirtualHosts, getWelcomeFile, getWelcomeFiles, handle, initialize, isClassLoaderJava2Compliant, isRedirectNullPath, isStarted, leaveContextScope, loadClass, log, removeHandler, removeHandler, removeVirtualHost, removeWelcomeFile, sendContextError, setAttributes, setAuthenticator, setClassLoader, setClassLoaderJava2Compliant, setClassPath, setContextPath, setHandlers, setHosts, setHttpContextName, setInitParameter, setParentClassLoader, setRealm, setRealmName, setRedirectNullPath, setRequestLog, setStatsOn, setTempDirectory, setVirtualHosts, setWelcomeFiles, startHandlers, statsReset, stop, toString
 
Methods inherited from class org.mortbay.http.ResourceCache
getBaseResource, getEncodingByMimeType, getEncodingMap, getMaxCachedFileSize, getMaxCacheSize, getMimeByExtension, getMimeMap, getResourceBase, getResourceMetaData, setBaseResource, setEncodingMap, setMaxCachedFileSize, setMaxCacheSize, setMimeMap, setMimeMapping, setResourceBase, setTypeEncoding
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Field Detail

GBEAN_INFO

public static final org.apache.geronimo.gbean.GBeanInfo GBEAN_INFO
Constructor Detail

JettyWebAppJACCContext

public JettyWebAppJACCContext()

JettyWebAppJACCContext

public JettyWebAppJACCContext(URI uri,
                              org.apache.geronimo.naming.java.ReadOnlyContext compContext,
                              org.apache.geronimo.transaction.UserTransactionImpl userTransaction,
                              ClassLoader classLoader,
                              Set unshareableResources,
                              Set applicationManagedSecurityResources,
                              String policyContextID,
                              org.apache.geronimo.security.deploy.Security securityConfig,
                              org.apache.geronimo.transaction.context.TransactionContextManager transactionContextManager,
                              org.apache.geronimo.transaction.TrackedConnectionAssociator associator,
                              org.apache.geronimo.kernel.config.ConfigurationParent config,
                              JettyContainer container)
Method Detail

getPolicyContextID

public String getPolicyContextID()

getSecurityConfig

public org.apache.geronimo.security.deploy.Security getSecurityConfig()

getRoleDesignate

public Subject getRoleDesignate(String roleName)

handle

public void handle(String pathInContext,
                   String pathParams,
                   org.mortbay.http.HttpRequest httpRequest,
                   org.mortbay.http.HttpResponse httpResponse)
            throws org.mortbay.http.HttpException,
                   IOException
Handler request. Call each HttpHandler until request is handled.

Specified by:
handle in interface org.mortbay.http.HttpHandler
Overrides:
handle in class JettyWebAppContext
Parameters:
pathInContext - Path in context
pathParams - Path parameters such as encoded Session ID
httpRequest -
httpResponse -
Throws:
org.mortbay.http.HttpException
IOException

addSecurityConstraint

public void addSecurityConstraint(String pathSpec,
                                  org.mortbay.http.SecurityConstraint sc)
Keep our own copy of security constraints.

We keep our own copy of security constraints because Jetty's copy is private. We use these constraints not for any authorization descitions but, to decide whether we should attempt to authenticate the request.

Parameters:
pathSpec - The path spec to which the secuiryt cosntraint applies
sc - the security constraint TODO Jetty to provide access to this map so we can remove this method
See Also:
HttpContext.addSecurityConstraint(java.lang.String, org.mortbay.http.SecurityConstraint)

checkSecurityConstraints

public boolean checkSecurityConstraints(String pathInContext,
                                        org.mortbay.http.HttpRequest request,
                                        org.mortbay.http.HttpResponse response)
                                 throws org.mortbay.http.HttpException,
                                        IOException
Check the security constraints using JACC.

Parameters:
pathInContext - path in context
request - HTTP request
response - HTTP response
Returns:
true if the path in context passes the security check, false if it fails or a redirection has occured during authentication.
Throws:
org.mortbay.http.HttpException
IOException

obtainUser

public Principal obtainUser(String pathInContext,
                            org.mortbay.http.HttpRequest request,
                            org.mortbay.http.HttpResponse response)
                     throws org.mortbay.http.HttpException,
                            IOException
Obtain an authenticated user, if one is required. Otherwise return the default principal.

Also set the current caller for JACC security checks for the default principal. This is automatically done by JAASJettyRealm.

Parameters:
pathInContext - path in context
request - HTTP request
response - HTTP response
Returns:
null if there is no authenticated user at the moment and security checking should not proceed and servlet handling should also not proceed, e.g. redirect. SecurityConstraint.__NOBODY if security checking should not proceed and servlet handling should proceed, e.g. login page.
Throws:
org.mortbay.http.HttpException
IOException

generateDefaultPrincipal

protected JAASJettyPrincipal generateDefaultPrincipal(org.apache.geronimo.security.deploy.Security securityConfig)
                                               throws org.apache.geronimo.security.GeronimoSecurityException
Generate the default principal from the security config.

Parameters:
securityConfig - The Geronimo security configuration.
Returns:
the default principal
Throws:
org.apache.geronimo.security.GeronimoSecurityException

doStart

public void doStart()
             throws org.apache.geronimo.gbean.WaitingException,
                    Exception
Specified by:
doStart in interface org.apache.geronimo.gbean.GBeanLifecycle
Overrides:
doStart in class JettyWebAppContext
Throws:
org.apache.geronimo.gbean.WaitingException
Exception

doStop

public void doStop()
            throws org.apache.geronimo.gbean.WaitingException,
                   Exception
Specified by:
doStop in interface org.apache.geronimo.gbean.GBeanLifecycle
Overrides:
doStop in class JettyWebAppContext
Throws:
org.apache.geronimo.gbean.WaitingException
Exception

doFail

public void doFail()
Specified by:
doFail in interface org.apache.geronimo.gbean.GBeanLifecycle
Overrides:
doFail in class JettyWebAppContext

getGBeanInfo

public static org.apache.geronimo.gbean.GBeanInfo getGBeanInfo()


Copyright © 2003-2005 Apache Software Foundation. All Rights Reserved.