分享
 
 
 

用JAAS 实现in Struts Web App(二)

王朝other·作者佚名  2008-05-31
窄屏简体版  字體: |||超大  

5. 实现XMLPolicyFile类。

public class XMLPolicyFile extends Policy implements JAASConstants {

private Document doc = null;

//private CodeSource noCertCodeSource=null;

/*

* constrUCtor

* refresh()

*/ public XMLPolicyFile(){

refresh();

} public PermissionCollection getPermissions(CodeSource arg0) {

// TODO Auto-generated method stub

return null;

}

/*

* Creates a DOM tree document from the default XML file or

* from the file specified by the system property,

* <codecom.ibm.resource.security.auth.policy</code. This

* DOM tree document is then used by the

* <codegetPermissions()</code in searching for permissions.

*

* @see Javax.security.auth.Policy#refresh()

*/ public void refresh() {

FileInputStream fis = null;

try {

// Set up a DOM tree to query

fis = new FileInputStream(AUTH_SECURITY_POLICYXMLFILE);

InputSource in = new InputSource(fis);

DocumentBuilderFactory dfactory = DocumentBuilderFactory.newInstance();

dfactory.setNamespaceAware(true);

doc = dfactory.newDocumentBuilder().parse(in);

} catch (Exception e) {

e.printStackTrace();

throw new RuntimeException(e.getMessage());

} finally {

if(fis != null) {

try { fis.close(); } catch (IOException e) {}

}

}

} public PermissionCollection getPermissions(Subject subject,CodeSource codeSource) {

ResourcePermissionCollection collection = new ResourcePermissionCollection();

try {

// Iterate through all of the subjects principals

Iterator principalIterator = subject.getPrincipals().iterator();

while(principalIterator.hasNext()){

Principal principal = (Principal)principalIterator.next();

// Set up the XPath string to retrieve all the relevant permissions

// Sample xpath string:"/policy/grant[@codebase=\"sample_actions.jar\"]/principal[@classname=\"com.fonseca.security.SamplePrincipal\"][@name=\"testUser\"]/permission"

StringBuffer xpath = new StringBuffer();

xpath.append("/policy/grant/principal[@classname=\"");

xpath.append(principal.getClass().getName());

xpath.append("\"][@name=\"");

xpath.append(principal.getName());

xpath.append("\"]/permission");

//System.out.println(xpath.toString());

NodeIterator nodeIter = XPathAPI.selectNodeIterator(doc, xpath.toString());

Node node = null;

while( (node = nodeIter.nextNode()) != null ) {

//here

CodeSource codebase=getCodebase(node.getParentNode().getParentNode());

if (codebase!=null codebase.implies(codeSource)){

Permission permission = getPermission(node);

collection.add(permission);

}

}

}

} catch (Exception e) {

e.printStackTrace();

throw new RuntimeException(e.getMessage());

}

if(collection != null)

return collection;

else {

// If the permission is not found here then delegate it

// to the standard java Policy class instance.

Policy policy = Policy.getPolicy();

return policy.getPermissions(codeSource);

}

}

/**

* Returns a Permission instance defined by the provided

* permission Node attributes.

*/

private Permission getPermission(Node node) throws Exception {

NamedNodeMap map = node.getAttributes();

Attr attrClassname = (Attr) map.getNamedItem("classname");

Attr attrName = (Attr) map.getNamedItem("name");

Attr attrActions = (Attr) map.getNamedItem("actions");

Attr attrRelationship = (Attr) map.getNamedItem("relationship");

if(attrClassname == null)

throw new RuntimeException();

Class[] types = null;

Object[] args = null;

// Check if the name is specified

// if no name is specified then because

// the types and the args variables above

// are null the default constructor is used.

if(attrName != null) {

String name = attrName.getValue();

// Check if actions are specified

// then setup the array sizes accordingly

if(attrActions != null) {

String actions = attrActions.getValue();

// Check if a relationship is specified

// then setup the array sizes accordingly

if(attrRelationship == null) {

types = new Class[2];

args = new Object[2];

} else {

types = new Class[3];

args = new Object[3];

String relationship = attrRelationship.getValue();

types[2] = relationship.getClass();

args[2] = relationship;

}

types[1] = actions.getClass();

args[1] = actions;

} else {

types = new Class[1];

args = new Object[1];

}

types[0] = name.getClass();

args[0] = name;

}String classname = attrClassname.getValue();

Class permissionClass = Class.forName(classname);

Constructor constructor = permissionClass.getConstructor(types);

return (Permission) constructor.newInstance(args);

}

/**

* Returns a CodeSource object defined by the provided

* grant Node attributes.

*/

private java.security.CodeSource getCodebase(Node node) throws Exception {

Certificate[] certs = null;

URL location;

if(node.getNodeName().equalsIgnoreCase("grant")) {

NamedNodeMap map = node.getAttributes();

Attr attrCodebase = (Attr) map.getNamedItem("codebase");

if(attrCodebase != null) {

String codebaseValue = attrCodebase.getValue();

location = new URL(codebaseValue);

return new CodeSource(location,certs);

}

}

return null;

}

}

6.继续Principal类PrincipalUser

public class PrincipalUser implements Principal {

private String name;

/**

*

* @param name the name for this principal.

*

* @exception InvalidParameterException if the <codename</code

* is <codenull</code.

*/public PrincipalUser(String name) {

if (name == null)

throw new InvalidParameterException("name cannot be null");

//search role of this name.

this.name = name;

}

/**

* Returns the name for this <codePrincipalUser</code.

*

* @return the name for this <codePrincipalUser</code

*/

public String getName() {

return name;

}

/**

*

*/public int hashCode() {

return name.hashCode();

}

}

7.继续Permission和PermissionCollection类

public class ResourcePermission extends Permission {

static final public String OWNER_RELATIONSHIP = "OWNER";

static private int READ= 0x01;

static private int WRITE = 0x02;

static private int EXECUTE = 0x04;

static private int CREATE= 0x08;

static private int DELETE= 0x10;

static private int DEPLOY= 0x16;

static private int CONFIRM = 0x24;

static final public String READ_ACTION = "read";

static final public String WRITE_ACTION = "write";

static final public String EXECUTE_ACTION = "execute";

static final public String CREATE_ACTION= "create";

static final public String DELETE_ACTION= "delete";

static final public String DEPLOY_ACTION= "deploy";

static final public String CONFIRM_ACTION = "confirm";

protected int mask; protected Resource resource;

protected Subject subject;

/**

* Constructor for ResourcePermission

*/

public ResourcePermission(String name, String actions, Resource resource, Subject subject) {

super(name);

this

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
2023年上半年GDP全球前十五强
 百态   2023-10-24
美众议院议长启动对拜登的弹劾调查
 百态   2023-09-13
上海、济南、武汉等多地出现不明坠落物
 探索   2023-09-06
印度或要将国名改为“巴拉特”
 百态   2023-09-06
男子为女友送行,买票不登机被捕
 百态   2023-08-20
手机地震预警功能怎么开?
 干货   2023-08-06
女子4年卖2套房花700多万做美容:不但没变美脸,面部还出现变形
 百态   2023-08-04
住户一楼被水淹 还冲来8头猪
 百态   2023-07-31
女子体内爬出大量瓜子状活虫
 百态   2023-07-25
地球连续35年收到神秘规律性信号,网友:不要回答!
 探索   2023-07-21
全球镓价格本周大涨27%
 探索   2023-07-09
钱都流向了那些不缺钱的人,苦都留给了能吃苦的人
 探索   2023-07-02
倩女手游刀客魅者强控制(强混乱强眩晕强睡眠)和对应控制抗性的关系
 百态   2020-08-20
美国5月9日最新疫情:美国确诊人数突破131万
 百态   2020-05-09
荷兰政府宣布将集体辞职
 干货   2020-04-30
倩女幽魂手游师徒任务情义春秋猜成语答案逍遥观:鹏程万里
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案神机营:射石饮羽
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案昆仑山:拔刀相助
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案天工阁:鬼斧神工
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案丝路古道:单枪匹马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:与虎谋皮
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:李代桃僵
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:指鹿为马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:小鸟依人
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:千金买邻
 干货   2019-11-12
 
推荐阅读
 
 
 
>>返回首頁<<
 
靜靜地坐在廢墟上,四周的荒凉一望無際,忽然覺得,淒涼也很美
© 2005- 王朝網路 版權所有