熱點推薦:
您现在的位置: 電腦知識網 >> 編程 >> Java編程 >> Java開源技術 >> 正文

用JAAS 實現in Struts Web App(二)

2013-11-23 20:03:55  來源: Java開源技術 

   實現XMLPolicyFile類
  
  public class XMLPolicyFile extends Policy implements JAASConstants {
  private Document doc = null;
  //private CodeSource noCertCodeSource=null;
  /*
  * constructor
  * refresh()
  */  public XMLPolicyFile(){
  refresh();
  }  public PermissionCollection getPermissions(CodeSource arg) {
  // TODO Autogenerated method stub
  return null;
  }
  /*
  * Creates a DOM tree document from the default XML file or
  * from the file specified by the system property
  * <code>comibmresourcesecurityauthpolicy</code> This
  * DOM tree document is then used by the
  * <code>getPermissions()</code> in searching for permissions
  *
  * @see javaxsecurityauthPolicy#refresh()
  */  public void refresh() {
  FileInputStream fis = null;
  try {
  // Set up a DOM tree to query
  fis = new FileInputStream(AUTH_SECURITY_POLICYXMLFILE);
  InputSource in = new InputSource(fis);
  DocumentBuilderFactory dfactory = DocumentBuilderFactorynewInstance();
  dfactorysetNamespaceAware(true);
  doc = dfactorynewDocumentBuilder()parse(in);
  } catch (Exception e) {
  eprintStackTrace();
  throw new RuntimeException(egetMessage());
  } finally {
  if(fis != null) {
  try { fisclose(); } catch (IOException e) {}
  
  }
  }
  }  public PermissionCollection getPermissions(Subject subjectCodeSource codeSource) {
  ResourcePermissionCollection collection = new ResourcePermissionCollection();
  try {
  // Iterate through all of the subjects principals
  Iterator principalIterator = subjectgetPrincipals(erator();
  while(principalIteratorhasNext()){
  Principal principal = (Principal)principalIteratornext();
  // Set up the xpath string to retrieve all the relevant permissions
  // Sample xpath string: /policy/grant[@codebase=\sample_actionsjar\]/principal[@classname=\comfonsecasecuritySamplePrincipal\][@name=\testUser\]/permission
  StringBuffer xpath = new StringBuffer();
  xpathappend(/policy/grant/principal[@classname=\);
  xpathappend(principalgetClass()getName());
  xpathappend(\][@name=\);
  xpathappend(principalgetName());
  xpathappend(\]/permission);
  //Systemoutprintln(xpathtoString());
  NodeIterator nodeIter = XPathAPIselectNodeIterator(doc xpathtoString());
  Node node = null;
  while( (node = nodeIternextNode()) != null ) {
  //here
  CodeSource codebase=getCodebase(nodegetParentNode()getParentNode());
  if (codebase!=null || codebaseimplies(codeSource)){
  Permission permission = getPermission(node);
  collectionadd(permission);
  }
  }
  }
  } catch (Exception e) {
  eprintStackTrace();
  throw new RuntimeException(egetMessage());
  }
  if(collection != null)
  return collection;
  else {
  // If the permission is not found here then delegate it
  // to the standard java Policy class instance
  Policy policy = PolicygetPolicy();
  return policygetPermissions(codeSource);
  }
  }
  /**
  * Returns a Permission instance defined by the provided
  * permission Node attributes
  */
  private Permission getPermission(Node node) throws Exception {
  NamedNodeMap map = nodegetAttributes();
  Attr attrClassname = (Attr) mapgetNamedItem(classname);
  Attr attrName = (Attr) mapgetNamedItem(name);
  Attr attrActions = (Attr) mapgetNamedItem(actions);
  Attr attrRelationship = (Attr) mapgetNamedItem(relationship);
  if(attrClassname == null)
  throw new RuntimeException();
  Class[] types = null;
  Object[] args = null;
  // Check if the name is specified
  // if no name is specified then because
  // the types and the args variables above
  // are null the default constructor is used
  if(attrName != null) {
  String name = attrNamegetValue();
  // Check if actions are specified
  // then setup the array sizes accordingly
  if(attrActions != null) {
  String actions = attrActionsgetValue();
  // Check if a relationship is specified
  // then setup the array sizes accordingly
  if(attrRelationship == null) {
  types = new Class[];
  args = new Object[];
  } else {
  types = new Class[];
  args = new Object[];
  String relationship = attrRelationshipgetValue();
  types[] = relationshipgetClass();
  args[] = relationship;
  }
  types[] = actionsgetClass();
  args[] = actions;
  } else {
  
  types = new Class[];
  args = new Object[];
  
  }
  types[] = namegetClass();
  args[] = name;
  }   String classname = attrClassnamegetValue();
  Class permissionClass = ClassforName(classname);
  Constructor constructor = permissionClassgetConstructor(types);
  return (Permission) constructornewInstance(args);
  }
  /**
  * Returns a CodeSource object defined by the provided
  * grant Node attributes
  */
  private javasecurityCodeSource getCodebase(Node node) throws Exception {
  Certificate[] certs = null;
  URL location;
  if(nodegetNodeName()equalsIgnoreCase(grant)) {
  NamedNodeMap map = nodegetAttributes();
  Attr attrCodebase = (Attr) mapgetNamedItem(codebase);
  if(attrCodebase != null) {
  String codebaseValue = attrCodebasegetValue();
  location = new URL(codebaseValue);
  return new CodeSource(locationcerts);
  }
  }
  return null;
  }
  }
  
  繼承Principal類PrincipalUser
  public class PrincipalUser implements Principal {
  private String name;
  /**
  *
  * @param name the name for this principal
  *
  * @exception InvalidParameterException if the <code>name</code>
  * is <code>null</code>
  */  public PrincipalUser(String name) {
  if (name == null)
  throw new InvalidParameterException(name cannot be null);
  //search role of this name
  thisname = name;
  }
  /**
  * Returns the name for this <code>PrincipalUser</code>
  *
  * @return the name for this <code>PrincipalUser</code>
  */
  public String getName() {
  return name;
  }
  /**
  *
  */  public int hashCode() {
  return namehashCode();
  }
  }
  
  .繼承Permission和PermissionCollection類
  public class ResourcePermission extends Permission {
  static final public String OWNER_RELATIONSHIP = OWNER;
  static private int READ  = x;
  static private int WRITE  = x;
  static private int EXECUTE = x;
  static private int CREATE = x;
  static private int DELETE = x;
  static private int DEPLOY = x;
  static private int CONFIRM = x;
  static final public String READ_ACTION = read;
  static final public String WRITE_ACTION  = write;
  static final public String EXECUTE_ACTION = execute;
  static final public String CREATE_ACTION = create;
  static final public String DELETE_ACTION = delete;
  static final public String DEPLOY_ACTION = deploy;
  static final public String CONFIRM_ACTION = confirm;
  protected int mask;  protected Resource resource;
  protected Subject subject;
  /**
  * Constructor for ResourcePermission
  */
  public ResourcePermission(String name String actions Resource resource Subject subject) {
  super(name);
  this
From:http://tw.wingwit.com/Article/program/Java/ky/201311/27893.html
    推薦文章
    Copyright © 2005-2013 電腦知識網 Computer Knowledge   All rights reserved.