01: /*
02: * JBoss, Home of Professional Open Source.
03: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
04: * as indicated by the @author tags. See the copyright.txt file in the
05: * distribution for a full listing of individual contributors.
06: *
07: * This is free software; you can redistribute it and/or modify it
08: * under the terms of the GNU Lesser General Public License as
09: * published by the Free Software Foundation; either version 2.1 of
10: * the License, or (at your option) any later version.
11: *
12: * This software is distributed in the hope that it will be useful,
13: * but WITHOUT ANY WARRANTY; without even the implied warranty of
14: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15: * Lesser General Public License for more details.
16: *
17: * You should have received a copy of the GNU Lesser General Public
18: * License along with this software; if not, write to the Free
19: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21: */
22: package org.jboss.web.tomcat.security;
23:
24: import java.io.IOException;
25: import java.security.CodeSource;
26: import javax.security.jacc.PolicyContext;
27: import javax.servlet.ServletException;
28: import javax.servlet.http.HttpServletRequest;
29:
30: import org.apache.catalina.connector.Request;
31: import org.apache.catalina.connector.Response;
32: import org.apache.catalina.valves.ValveBase;
33: import org.jboss.logging.Logger;
34: import org.jboss.metadata.WebMetaData;
35:
36: /**
37: * A Valve that sets the JACC context id and HttpServletRequest policy
38: * context handler value. The context id needs to be established prior to
39: * any authorization valves.
40: *
41: * @author Scott.Stark@jboss.org
42: * @version $Revision: 60918 $
43: */
44: public class JaccContextValve extends ValveBase {
45: private static Logger log = Logger
46: .getLogger(JaccContextValve.class);
47: public static ThreadLocal activeCS = new ThreadLocal();
48: public static ThreadLocal activeWebMetaData = new ThreadLocal();
49:
50: /** The web app metadata */
51: private String contextID;
52: /** The web app deployment code source */
53: private CodeSource warCS;
54: private boolean trace;
55: private WebMetaData webMetaData;
56:
57: public JaccContextValve(String contextID, CodeSource cs) {
58: this .contextID = contextID;
59: this .warCS = cs;
60: this .trace = log.isTraceEnabled();
61: }
62:
63: public void setWebMetaData(WebMetaData wmd) {
64: this .webMetaData = wmd;
65: }
66:
67: public void invoke(Request request, Response response)
68: throws IOException, ServletException {
69: activeCS.set(warCS);
70: activeWebMetaData.set(webMetaData);
71:
72: HttpServletRequest httpRequest = (HttpServletRequest) request
73: .getRequest();
74:
75: try {
76: // Set the JACC context id
77: PolicyContext.setContextID(contextID);
78: // Set the JACC HttpServletRequest PolicyContextHandler data
79: HttpServletRequestPolicyContextHandler
80: .setRequest(httpRequest);
81: // Perform the request
82: getNext().invoke(request, response);
83: } finally {
84: SecurityAssociationActions.clear();
85: activeCS.set(null);
86: activeWebMetaData.set(null);
87: HttpServletRequestPolicyContextHandler.setRequest(null);
88: }
89: }
90:
91: }
|