知识大全 用JAAS 实现in Struts Web App(二)
Posted 文字
篇首语:时间是把锋利的刀,成全过我的疯狂,也粉碎过我的梦想。本文由小常识网(cha138.com)小编为大家整理,主要介绍了知识大全 用JAAS 实现in Struts Web App(二)相关的知识,希望对你有一定的参考价值。
用JAAS 实现in Struts Web App(二) 以下文字资料是由(全榜网网www.cha138.com)小编为大家搜集整理后发布的内容,让我们赶快一起来看一下吧!
实现XMLPolicyFile类 public class XMLPolicyFile extends Policy implements JAASConstants private Document doc = null; //private CodeSource noCertCodeSource=null; /* * constructor * refresh() */ public XMLPolicyFile() refresh(); public PermissionCollection getPermissions(CodeSource arg ) // TODO Auto generated method stub return null; /* * Creates a DOM tree document from the default XML file or * from the file specified by the system property * <code> ibm resource security auth policy</code> This * DOM tree document is then used by the * <code>getPermissions()</code> in searching for permissions * * @see javax security auth Policy#refresh() */ public void refresh() FileInputStream fis = null; try // Set up a DOM tree to query fis = new FileInputStream(AUTH_SECURITY_POLICYXMLFILE); InputSource in = new InputSource(fis); DocumentBuilderFactory dfactory = DocumentBuilderFactory newInstance(); dfactory setNamespaceAware(true); doc = dfactory newDocumentBuilder() parse(in); catch (Exception e) e printStackTrace(); throw new RuntimeException(e getMessage()); finally if(fis != null) try fis close(); catch (IOException e) public PermissionCollection getPermissions(Subject subject CodeSource codeSource) ResourcePermissionCollection collection = new ResourcePermissionCollection(); try // Iterate through all of the subjects principals Iterator principalIterator = subject getPrincipals(erator(); while(principalIterator hasNext()) Principal principal = (Principal)principalIterator next(); // Set up the xpath string to retrieve all the relevant permissions // Sample xpath string: /policy/grant[@codebase=\\ sample_actions jar\\ ]/principal[@classname=\\ fonseca security SamplePrincipal\\ ][@name=\\ testUser\\ ]/permission StringBuffer xpath = new StringBuffer(); xpath append( /policy/grant/principal[@classname=\\ ); xpath append(principal getClass() getName()); xpath append( \\ ][@name=\\ ); xpath append(principal getName()); xpath append( \\ ]/permission ); //System out println(xpath toString()); NodeIterator nodeIter = XPathAPI selectNodeIterator(doc xpath toString()); Node node = null; while( (node = nodeIter nextNode()) != null ) //here CodeSource codebase=getCodebase(node getParentNode() getParentNode()); if (codebase!=null || codebase implies(codeSource)) Permission permission = getPermission(node); collection add(permission); catch (Exception e) e printStackTrace(); throw new RuntimeException(e getMessage()); if(collection != null) return collection; else // If the permission is not found here then delegate it // to the standard java Policy class instance Policy policy = Policy getPolicy(); return policy getPermissions(codeSource); /** * Returns a Permission instance defined by the provided * permission Node attributes */ private Permission getPermission(Node node) throws Exception NamedNodeMap map = node getAttributes(); Attr attrClassname = (Attr) map getNamedItem( classname ); Attr attrName = (Attr) map getNamedItem( name ); Attr attrActions = (Attr) map getNamedItem( actions ); Attr attrRelationship = (Attr) map getNamedItem( relationship ); if(attrClassname == null) throw new RuntimeException(); Class[] types = null; Object[] args = null; // Check if the name is specified // if no name is specified then because // the types and the args variables above // are null the default constructor is used if(attrName != null) String name = attrName getValue(); // Check if actions are specified // then setup the array sizes accordingly if(attrActions != null) String actions = attrActions getValue(); // Check if a relationship is specified // then setup the array sizes accordingly if(attrRelationship == null) types = new Class[ ]; args = new Object[ ]; else types = new Class[ ]; args = new Object[ ]; String relationship = attrRelationship getValue(); types[ ] = relationship getClass(); args[ ] = relationship; types[ ] = actions getClass(); args[ ] = actions; else types = new Class[ ]; args = new Object[ ]; types[ ] = name getClass(); args[ ] = name; String classname = attrClassname getValue(); Class permissionClass = Class forName(classname); Constructor constructor = permissionClass getConstructor(types); return (Permission) constructor newInstance(args); /** * Returns a CodeSource object defined by the provided * grant Node attributes */ private java security CodeSource getCodebase(Node node) throws Exception Certificate[] certs = null; URL location; if(node getNodeName() equalsIgnoreCase( grant )) NamedNodeMap map = node getAttributes(); Attr attrCodebase = (Attr) map getNamedItem( codebase ); if(attrCodebase != null) String codebaseValue = attrCodebase getValue(); location = new URL(codebaseValue); return new CodeSource(location certs); return null; 继承Principal类PrincipalUser public class PrincipalUser implements Principal private String name; /** * * @param name the name for this principal * * @exception InvalidParameterException if the <code>name</code> * is <code>null</code> */ public PrincipalUser(String name) if (name == null) throw new InvalidParameterException( name cannot be null ); //search role of this name this name = name; /** * Returns the name for this <code>PrincipalUser</code> * * @return the name for this <code>PrincipalUser</code> */ public String getName() return name; /** * */ public int hashCode() return name hashCode(); .继承Permission和PermissionCollection类 public class ResourcePermission extends Permission static final public String OWNER_RELATIONSHIP = OWNER ; static private int READ = x ; static private int WRITE = x ; static private int EXECUTE = x ; static private int CREATE = x ; static private int DELETE = x ; static private int DEPLOY = x ; static private int CONFIRM = x ; static final public String READ_ACTION = read ; static final public String WRITE_ACTION = write ; static final public String EXECUTE_ACTION = execute ; static final public String CREATE_ACTION = create ; static final public String DELETE_ACTION = delete ; static final public String DEPLOY_ACTION = deploy ; static final public String CONFIRM_ACTION = confirm ; protected int mask; protected Resource resource; protected Subject subject; /** * Constructor for ResourcePermission */ public ResourcePermission(String name String actions Resource resource Subject subject) super(name); this cha138/Article/program/Java/ky/201311/27893相关参考
知识大全 Web App struts框架里实现Filter
WebAppstruts框架里实现Filter 以下文字资料是由(全榜网网www.cha138.com)小编为大家搜集整理后发布的内容,让我们赶快一起来看一下吧! w
知识大全 用struts+spring+hibernate组装web应用
其实就算用Java建造一个不是很烦琐的web应用程序也不是件轻松的事情当为一个应用程序建造一个构架时有许多事情需要考虑从高层来说开发者需要考虑怎样建立用户接口(userinterfaces)?在哪
知识大全 spring在web.xml中和在struts中的不同配置
Spring中WebApplicationContext的研究 ApplicationContext是Spring的核心Context我们通常解释为上下文环境我想用容器来表述它更容易理解一些Ap
Struts配置讲解Web应用 以下文字资料是由(全榜网网www.cha138.com)小编为大家搜集整理后发布的内容,让我们赶快一起来看一下吧! Web应用的发布描
Struts2中访问web元素 以下文字资料是由(全榜网网www.cha138.com)小编为大家搜集整理后发布的内容,让我们赶快一起来看一下吧! 取得Map类型re
为Web服务构建Struts应用程序 以下文字资料是由(全榜网网www.cha138.com)小编为大家搜集整理后发布的内容,让我们赶快一起来看一下吧! 当您要将企业
Struts开发指南之其他Web构架介绍 以下文字资料是由(全榜网网www.cha138.com)小编为大家搜集整理后发布的内容,让我们赶快一起来看一下吧! Stru
WEB开发中Struts常见错误及原因分析 以下文字资料是由(全榜网网www.cha138.com)小编为大家搜集整理后发布的内容,让我们赶快一起来看一下吧!
知识大全 Web框架对比: Wicket vs Struts
Web框架对比:WicketvsStruts 以下文字资料是由(全榜网网www.cha138.com)小编为大家搜集整理后发布的内容,让我们赶快一起来看一下吧!一概貌W
教你如何配置Struts2web.xml文件 以下文字资料是由(全榜网网www.cha138.com)小编为大家搜集整理后发布的内容,让我们赶快一起来看一下吧! St