Source Code Cross Referenced for AuthFilter.java in  » Web-Server » Jigsaw » org » w3c » jigsaw » auth » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        // AuthFilter.java
002:        // $Id: AuthFilter.java,v 1.17 2000/08/16 21:37:34 ylafon Exp $
003:        // (c) COPYRIGHT MIT and INRIA, 1996.
004:        // Please first read the full copyright statement in file COPYRIGHT.html
005:
006:        package org.w3c.jigsaw.auth;
007:
008:        import org.w3c.tools.resources.Attribute;
009:        import org.w3c.tools.resources.AttributeHolder;
010:        import org.w3c.tools.resources.AttributeRegistry;
011:        import org.w3c.tools.resources.BooleanAttribute;
012:        import org.w3c.tools.resources.LookupResult;
013:        import org.w3c.tools.resources.LookupState;
014:        import org.w3c.tools.resources.ProtocolException;
015:        import org.w3c.tools.resources.ReplyInterface;
016:        import org.w3c.tools.resources.RequestInterface;
017:        import org.w3c.tools.resources.Resource;
018:        import org.w3c.tools.resources.ResourceFilter;
019:        import org.w3c.tools.resources.StringArrayAttribute;
020:        import org.w3c.tools.resources.StringAttribute;
021:
022:        import org.w3c.jigsaw.http.HTTPException;
023:        import org.w3c.jigsaw.http.Reply;
024:        import org.w3c.jigsaw.http.Request;
025:
026:        import org.w3c.www.http.HTTP;
027:        import org.w3c.www.http.HttpReplyMessage;
028:        import org.w3c.www.http.HttpRequestMessage;
029:
030:        import org.w3c.tools.resources.ProtocolException;
031:
032:        /**
033:         * General authentication filters.
034:         */
035:
036:        public class AuthFilter extends ResourceFilter {
037:            /**
038:             * The user as authentified from the request.
039:             * FIXME
040:             */
041:            public static final String STATE_AUTHUSER = "org.w3c.jigsaw.auth.AuthFilter.user";
042:            /**
043:             * The authentication method used to authenticate above user.
044:             * FIXME
045:             */
046:            public static final String STATE_AUTHTYPE = "org.w3c.jigsaw.auth.AuthFilter.type";
047:            /**
048:             * The authentication context used to authenticate the above user
049:             * FIXME
050:             */
051:            public static final String STATE_AUTHCONTEXT = "org.w3c.jigsaw.auth.AuthFilter.context";
052:
053:            /**
054:             * Attribute index - The methods protected by the filter.
055:             */
056:            protected static int ATTR_METHODS = -1;
057:            /**
058:             * Attribute index - The realm name for this filter.
059:             */
060:            protected static int ATTR_REALM = -1;
061:            /**
062:             * Attribute index - Is caching allowed by a shared cache ?
063:             */
064:            protected static int ATTR_SHARED_CACHABILITY = -1;
065:            /**
066:             * Attribute index - Is caching allowed in private cache ?
067:             */
068:            protected static int ATTR_PRIVATE_CACHABILITY = -1;
069:            /**
070:             * Attribute index - Is public caching of protected documents allowed ?
071:             */
072:            protected static int ATTR_PUBLIC_CACHABILITY = -1;
073:
074:            static {
075:                Attribute a = null;
076:                Class c = null;
077:                try {
078:                    c = Class.forName("org.w3c.jigsaw.auth.AuthFilter");
079:                } catch (Exception ex) {
080:                    ex.printStackTrace();
081:                    System.exit(1);
082:                }
083:                // The protected methods
084:                a = new StringArrayAttribute("methods", null,
085:                        Attribute.EDITABLE);
086:                ATTR_METHODS = AttributeRegistry.registerAttribute(c, a);
087:                // The realm name (to be resolved by the RealmFactory).
088:                a = new StringAttribute("realm", null, Attribute.EDITABLE
089:                        | Attribute.MANDATORY);
090:                ATTR_REALM = AttributeRegistry.registerAttribute(c, a);
091:                // Can protected documents be saved in shared cache ?
092:                a = new BooleanAttribute("shared-cachability", Boolean.FALSE,
093:                        Attribute.EDITABLE);
094:                ATTR_SHARED_CACHABILITY = AttributeRegistry.registerAttribute(
095:                        c, a);
096:                // Can protected documents be shared in private cache ?
097:                a = new BooleanAttribute("private-cachability", Boolean.FALSE,
098:                        Attribute.EDITABLE);
099:                ATTR_PRIVATE_CACHABILITY = AttributeRegistry.registerAttribute(
100:                        c, a);
101:                // Can protected documents be publicly cached ?
102:                a = new BooleanAttribute("public-cachability", Boolean.FALSE,
103:                        Attribute.EDITABLE);
104:                ATTR_PUBLIC_CACHABILITY = AttributeRegistry.registerAttribute(
105:                        c, a);
106:            }
107:
108:            /**
109:             * Get the list of methods that this filter protect
110:             * @return An array of String giving the name of the protected methods,
111:             *    or <strong>null</strong>, in wich case <em>all</em> methods are
112:             *    to be protected.
113:             */
114:
115:            public String[] getMethods() {
116:                return (String[]) getValue(ATTR_METHODS, null);
117:            }
118:
119:            /**
120:             * Get the realm of this filter.
121:             */
122:
123:            public String getRealm() {
124:                return (String) getValue(ATTR_REALM, null);
125:            }
126:
127:            /**
128:             * Is this document publicly cachable ?
129:             * @return A boolean.
130:             */
131:
132:            public boolean getPublicCachability() {
133:                return getBoolean(ATTR_PUBLIC_CACHABILITY, false);
134:            }
135:
136:            /**
137:             * Is this document cachable in private caches ?
138:             * @return A boolean.
139:             */
140:
141:            public boolean getPrivateCachability() {
142:                return getBoolean(ATTR_PRIVATE_CACHABILITY, false);
143:            }
144:
145:            /**
146:             * Is this document cachable in shared caches ?
147:             * @return A boolean.
148:             */
149:
150:            public boolean getSharedCachability() {
151:                return getBoolean(ATTR_SHARED_CACHABILITY, false);
152:            }
153:
154:            /**
155:             * Authenticate the request from the given client.
156:             * An authentication filter should only override this method.
157:             * @param request The request to be handled.
158:             * @exception ProtocolException If authentication failed.
159:             */
160:
161:            public void authenticate(Request request) throws ProtocolException {
162:                Reply error = request.makeReply(HTTP.UNAUTHORIZED);
163:                error.setContent("<p>Invalid server configuration</p>"
164:                        + "<p>The server defines an authentication filter "
165:                        + " with no <strong>authenticate</strong> method.");
166:                throw new HTTPException(error);
167:            }
168:
169:            /**
170:             * Authenticate the given request for the given client. 
171:             * This method is invoked prior to any request handling on its target
172:             * entity. If the used authentication method allows so, AuthFilters 
173:             * should set the <strong>authuser</strong> attribute of the request.
174:             * @param request The request.
175:             * @exception ProtocolException If authentication failed.
176:             */
177:
178:            public boolean lookup(LookupState ls, LookupResult lr)
179:                    throws ProtocolException {
180:                Request request = (Request) (ls.hasRequest() ? ls.getRequest()
181:                        : null);
182:                if ((request == null) || ls.isInternal())
183:                    // Internal lookups always allowed
184:                    return false;
185:                // Check the request, and authenticate if needed:
186:                String method = request.getMethod();
187:                String methods[] = getMethods();
188:                if (methods == null) {
189:                    authenticate(request);
190:                    return false;
191:                } else {
192:                    for (int i = 0; i < methods.length; i++) {
193:                        if (methods[i].equalsIgnoreCase(method)) {
194:                            authenticate(request);
195:                            return false;
196:                        }
197:                    }
198:                }
199:                return false;
200:            }
201:
202:            /**
203:             * Add the appropriate cache control directives on the way back.
204:             * @param request The request that has been processed.
205:             * @param reply The original reply.
206:             * @return Always <strong>null</strong>.
207:             */
208:
209:            public ReplyInterface outgoingFilter(RequestInterface request,
210:                    ReplyInterface reply) {
211:                Reply rep = (Reply) reply;
212:                if (getPrivateCachability()) {
213:                    rep.setMustRevalidate(true);
214:                } else if (getSharedCachability()) {
215:                    rep.setProxyRevalidate(true);
216:                } else if (getPublicCachability()) {
217:                    rep.setPublic(true);
218:                }
219:                return null;
220:            }
221:
222:        }