网站首页
JSP空间
动态资讯
开源项目
技术文档
资源下载
J2EE资源
客户论坛
在线支付
 
  技术文档>>JAVA>>新手入门>>基础入门>查看文档  
  用jaas 实现in struts web app(二)     
  文章作者:未知  文章来源:水木森林  
  查看:111次  录入:管理员--2007-11-17  
 
  5. 实现xmlpolicyfile类。
  
  public class xmlpolicyfile extends policy implements jaasconstants {
  private document doc = null;
  //private codesource nocertcodesource=null;
  /*
  * constructor
  * refresh()
  */  public xmlpolicyfile(){
  refresh();
  }  public permissioncollection getpermissions(codesource arg0) {
  // todo auto-generated method stub
  return null;
  }
  /*
  * creates a dom tree document from the default xml file or
  * from the file specified by the system property,
  * <code>com.ibm.resource.security.auth.policy</code>. this
  * dom tree document is then used by the
  * <code>getpermissions()</code> in searching for permissions.
  *
  * @see javax.security.auth.policy#refresh()
  */  public void refresh() {
  fileinputstream fis = null;
  try {
  // set up a dom tree to query
  fis = new fileinputstream(auth_security_policyxmlfile);
  inputsource in = new inputsource(fis);
  documentbuilderfactory dfactory = documentbuilderfactory.newinstance();
  dfactory.setnamespaceaware(true);
  doc = dfactory.newdocumentbuilder().parse(in);
  } catch (exception e) {
  e.printstacktrace();
  throw new runtimeexception(e.getmessage());
  } finally {
  if(fis != null) {
  try { fis.close(); } catch (ioexception e) {}
  
  }
  }
  }  public permissioncollection getpermissions(subject subject,codesource codesource) {
  resourcepermissioncollection collection = new resourcepermissioncollection();
  try {
  // iterate through all of the subjects principals
  iterator principaliterator = subject.getprincipals().iterator();
  while(principaliterator.hasnext()){
  principal principal = (principal)principaliterator.next();
  // set up the xpath string to retrieve all the relevant permissions
  // sample xpath string: "/policy/grant[@codebase=/"sample_actions.jar/"]/principal[@classname=/"com.fonseca.security.sampleprincipal/"][@name=/"testuser/"]/permission"
  stringbuffer xpath = new stringbuffer();
  xpath.append("/policy/grant/principal[@classname=/"");
  xpath.append(principal.getclass().getname());
  xpath.append("/"][@name=/"");
  xpath.append(principal.getname());
  xpath.append("/"]/permission");
  //system.out.println(xpath.tostring());
  nodeiterator nodeiter = xpathapi.selectnodeiterator(doc, xpath.tostring());
  node node = null;
  while( (node = nodeiter.nextnode()) != null ) {
  //here
  codesource codebase=getcodebase(node.getparentnode().getparentnode());
  if (codebase!=null || codebase.implies(codesource)){
  permission permission = getpermission(node);
  collection.add(permission);
  }
  }
  }
  } catch (exception e) {
  e.printstacktrace();
  throw new runtimeexception(e.getmessage());
  }
  if(collection != null)
  return collection;
  else {
  // if the permission is not found here then delegate it
  // to the standard java policy class instance.
  policy policy = policy.getpolicy();
  return policy.getpermissions(codesource);
  }
  }
  /**
  * returns a permission instance defined by the provided
  * permission node attributes.
  */
  private permission getpermission(node node) throws exception {
  namednodemap map = node.getattributes();
  attr attrclassname = (attr) map.getnameditem("classname");
  attr attrname = (attr) map.getnameditem("name");
  attr attractions = (attr) map.getnameditem("actions");
  attr attrrelationship = (attr) map.getnameditem("relationship");
  if(attrclassname == null)
  throw new runtimeexception();
  class[] types = null;
  object[] args = null;
  // check if the name is specified
  // if no name is specified then because
  // the types and the args variables above
  // are null the default constructor is used.
  if(attrname != null) {
  string name = attrname.getvalue();
  // check if actions are specified
  // then setup the array sizes accordingly
  if(attractions != null) {
  string actions = attractions.getvalue();
  // check if a relationship is specified
  // then setup the array sizes accordingly
  if(attrrelationship == null) {
  types = new class[2];
  args = new object[2];
  } else {
  types = new class[3];
  args = new object[3];
  string relationship = attrrelationship.getvalue();
  types[2] = relationship.getclass();
  args[2] = relationship;
  }
  types[1] = actions.getclass();
  args[1] = actions;
  } else {
  
  types = new class[1];
  args = new object[1];
  
  }
  types[0] = name.getclass();
  args[0] = name;
  }   string classname = attrclassname.getvalue();
  class permissionclass = class.forname(classname);
  constructor constructor = permissionclass.getconstructor(types);
  return (permission) constructor.newinstance(args);
  }
  /**
  * returns a codesource object defined by the provided
  * grant node attributes.
  */
  private java.security.codesource getcodebase(node node) throws exception {
  certificate[] certs = null;
  url location;
  if(node.getnodename().equalsignorecase("grant")) {
  namednodemap map = node.getattributes();
  attr attrcodebase = (attr) map.getnameditem("codebase");
  if(attrcodebase != null) {
  string codebasevalue = attrcodebase.getvalue();
  location = new url(codebasevalue);
  return new codesource(location,certs);
  }
  }
  return null;
  }
  }
  
  6.继承principal类principaluser
  public class principaluser implements principal {
  private string name;
  /**
  *
  * @param name the name for this principal.
  *
  * @exception invalidparameterexception if the <code>name</code>
  * is <code>null</code>.
  */  public principaluser(string name) {
  if (name == null)
  throw new invalidparameterexception("name cannot be null");
  //search role of this name.
  this.name = name;
  }
  /**
  * returns the name for this <code>principaluser</code>.
  *
  * @return the name for this <code>principaluser</code>
  */
  public string getname() {
  return name;
  }
  /**
  *
  */  public int hashcode() {
  return name.hashcode();
  }
  }
  
  7.继承permission和permissioncollection类
  public class resourcepermission extends permission {
  static final public string owner_relationship = "owner";
  static private int read  = 0x01;
  static private int write  = 0x02;
  static private int execute = 0x04;
  static private int create = 0x08;
  static private int delete = 0x10;
  static private int deploy = 0x16;
  static private int confirm = 0x24;
  static final public string read_action = "read";
  static final public string write_action  = "write";
  static final public string execute_action = "execute";
  static final public string create_action = "create";
  static final public string delete_action = "delete";
  static final public string deploy_action = "deploy";
  static final public string confirm_action = "confirm";
  protected int mask;  protected resource resource;
  protected subject subject;
  /**
  * constructor for resourcepermission
  */
  public resourcepermission(string name, string actions, resource resource, subject subject) {
  super(name);
  this
 
 
上一篇: 全程解析struts中两个相似类的解释    下一篇: 用jaas 实现in struts web app(一)
  相关文档
在java中连接oracle数据库 11-17
log信息获取调用类和调用方法名的实现原理 11-17
课程介绍(7):sem-sl-345 java 2平台企业版 11-17
一个关于过程原码 11-17
经验谈 java软件开发前期规划的重要性 11-16
java各类本地接口——规范大全 11-17
taglib原理和实现 第五章:再论支持el表达式和jstl标签 11-17
分享java类初始化顺序,经典例程 11-17
再谈面向对象 11-17
java打印程序设计 11-17
全国计算机等级考试二级java考试大纲 11-16
getdate 方法 11-16
高级:struts彻底实践中文问题的解决方法 12-26
巧妙利用xslt将xml数据转换成html 11-17
java多线程设计模式详解之三 11-17
jbuilder 2005代码审查功能体验(1) 11-17
什么是设计模式 11-16
java性能优化之通用篇 11-17
var 语句 11-16
asp.net查询mssql数据库的一个例子 11-17
返回首页 | 关于我们 | J网章程 | JSP空间合租 | 客服中心 | 免责声明 | 常见问题 | 参观机房
本站主机空间代理至厦门市华众网络科技有限公司
《中华人民共和国增值电信业务经营许可证》
编号:闽B2-20050079
@2005-2008福建JSP技术网 版权所有 闽ICP备05000928号
技术电话:13616026886
邮箱:admin@fjjsp.com 站长QQ,点击这里给我发消息