View Javadoc

1   //
2   //  ========================================================================
3   //  Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
4   //  ------------------------------------------------------------------------
5   //  All rights reserved. This program and the accompanying materials
6   //  are made available under the terms of the Eclipse Public License v1.0
7   //  and Apache License v2.0 which accompanies this distribution.
8   //
9   //      The Eclipse Public License is available at
10  //      http://www.eclipse.org/legal/epl-v10.html
11  //
12  //      The Apache License v2.0 is available at
13  //      http://www.opensource.org/licenses/apache2.0.php
14  //
15  //  You may elect to redistribute this code under either of these licenses.
16  //  ========================================================================
17  //
18  
19  package org.eclipse.jetty.security;
20  
21  import java.util.Set;
22  
23  import org.eclipse.jetty.server.Authentication.User;
24  import org.eclipse.jetty.server.UserIdentity;
25  import org.eclipse.jetty.server.UserIdentity.Scope;
26  
27  /**
28   * AbstractUserAuthentication
29   *
30   *
31   * Base class for representing an authenticated user.
32   */
33  public abstract class AbstractUserAuthentication implements User
34  {
35      protected String _method;
36      protected UserIdentity _userIdentity;
37      
38      
39      public AbstractUserAuthentication(String method, UserIdentity userIdentity)
40      {
41          _method = method;
42          _userIdentity = userIdentity;
43      }
44      
45  
46      @Override
47      public String getAuthMethod()
48      {
49          return _method;
50      }
51  
52      @Override
53      public UserIdentity getUserIdentity()
54      {
55          return _userIdentity;
56      }
57  
58      @Override
59      public boolean isUserInRole(Scope scope, String role)
60      {
61          String roleToTest = null;
62          if (scope!=null && scope.getRoleRefMap()!=null)
63              roleToTest=scope.getRoleRefMap().get(role);
64          if (roleToTest==null)
65              roleToTest=role;
66          //Servlet Spec 3.1 pg 125 if testing special role **
67          if ("**".equals(roleToTest.trim()))
68          {
69              //if ** is NOT a declared role name, the we return true 
70              //as the user is authenticated. If ** HAS been declared as a
71              //role name, then we have to check if the user has that role
72              if (!declaredRolesContains("**"))
73                  return true;
74              else
75                  return _userIdentity.isUserInRole(role, scope);
76          }
77        
78          return _userIdentity.isUserInRole(role, scope);
79      }
80  
81      public boolean declaredRolesContains(String roleName)
82      {
83          SecurityHandler security=SecurityHandler.getCurrentSecurityHandler();
84          if (security==null)
85              return false;
86          
87          if (security instanceof ConstraintAware)
88          {
89              Set<String> declaredRoles = ((ConstraintAware)security).getRoles();
90              return (declaredRoles != null) && declaredRoles.contains(roleName);
91          }
92          
93          return false;
94      }
95  }