tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-francois Arcand <jeanfrancois.arc...@sun.com>
Subject [PATCH][tomcat-catalina] RealmBase/Authenticator re-factoring.
Date Thu, 08 Aug 2002 20:31:43 GMT
HI,

I have completed the move of the authorization logic from the 
o.a.c.authenticator.AuthenticatorBase to the o.a.c.realm.RealmBase. The 
Realm class has now three new methods:

    /**
     * Return the SecurityConstraint configured to guard the request URI for
     * this request, or <code>null</code> if there is no such constraint.
     *
     * @param request Request we are processing
     */
    public SecurityConstraint findSecurityConstraint(HttpRequest request,
                                                     Context context);
    /**
     * Perform access control based on the specified authorization 
constraint.
     * Return <code>true</code> if this constraint is satisfied and 
processing
     * should continue, or <code>false</code> otherwise.
     *
     * @param request Request we are processing
     * @param response Response we are creating
     * @param constraint Security constraint we are enforcing
     * @param The Context to which client of this class is attached.
     *
     * @exception IOException if an input/output error occurs
     */
    public boolean hasResourcePermission(HttpRequest request,
                                         HttpResponse response,
                                         SecurityConstraint constraint,
                                         Context context)
        throws IOException;
   
   /**
     * Enforce any user data constraint required by the security constraint
     * guarding this request URI.  Return <code>true</code> if this 
constraint
     * was not violated and processing should continue, or 
<code>false</code>
     * if we have created a response already.
     *
     * @param request Request we are processing
     * @param response Response we are creating
     * @param constraint Security constraint being checked
     *
     * @exception IOException if an input/output error occurs
     */
    public boolean hasUserDataPermission(HttpRequest request,
                                         HttpResponse response,
                                         SecurityConstraint constraint)
        throws IOException;

Now, Realm can overload those methods an implement a different resource 
authorization mechanism. Actual Realm implementatin still work since 
they all extend RealmBase.

Let me know if you see any issues.

Can somebody apply this patch?

Thanks,

-- Jeanfrancois



Mime
View raw message