diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml
index ebf27bf99f..21b0e5e96f 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml
@@ -103,6 +103,10 @@
org.wso2.carbon
org.wso2.carbon.core.services
+
+ org.wso2.carbon
+ org.wso2.carbon.registry.api
+
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java
index a046c5280b..dc467e1c24 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java
@@ -21,6 +21,7 @@ public final class Constants {
public static final String AUTHORIZATION_HEADER_PREFIX_BEARER = "Bearer";
public static final String NO_MATCHING_AUTH_SCHEME = "noMatchedAuthScheme";
+ public static final String PERMISSION_PATH = "/_system/governance/permission/admin/device-mgt/";
public static final class HTTPHeaders {
private HTTPHeaders() {
@@ -40,4 +41,25 @@ public final class Constants {
public static final String CONTENT_TYPE_APPLICATION_XML = "application/xml";
}
+ public static final class HttpVerb {
+ private HttpVerb() {
+ throw new AssertionError();
+ }
+
+ public static final String GET = "GET";
+ public static final String POST = "POST";
+ public static final String DELETE = "DELETE";
+ public static final String PUT = "PUT";
+ }
+
+ public static final class PermissionMethod {
+ private PermissionMethod() {
+ throw new AssertionError();
+ }
+
+ public static final String READ = "read";
+ public static final String WRITE = "write";
+ public static final String DELETE = "delete";
+ public static final String ACTION = "action";
+ }
}
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java
index d27116b8fe..a26ffa5a55 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java
@@ -26,6 +26,9 @@ import org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve;
import org.wso2.carbon.tomcat.ext.valves.CompositeValve;
import javax.servlet.http.HttpServletResponse;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Properties;
public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve {
@@ -34,8 +37,7 @@ public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve {
@Override
public void invoke(Request request, Response response, CompositeValve compositeValve) {
- String authScheme =
- request.getContext().findParameter(WebappAuthenticatorFrameworkValve.AUTHENTICATION_SCHEME);
+ String authScheme = request.getAuthType();
if (authScheme == null || "".equals(authScheme)) {
this.getNext().invoke(request, response, compositeValve);
return;
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizerUtil.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizerUtil.java
new file mode 100644
index 0000000000..416f96db49
--- /dev/null
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizerUtil.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.carbon.webapp.authenticator.framework.authorizer;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.context.CarbonContext;
+import org.wso2.carbon.context.RegistryType;
+import org.wso2.carbon.registry.api.Collection;
+import org.wso2.carbon.registry.api.Registry;
+import org.wso2.carbon.registry.api.RegistryException;
+import org.wso2.carbon.webapp.authenticator.framework.authorizer.config.Permission;
+
+public class PermissionAuthorizerUtil {
+
+ private static Registry registry = CarbonContext.getThreadLocalCarbonContext().
+ getRegistry(RegistryType.SYSTEM_GOVERNANCE);
+
+ private static final String PROPERTY_NAME = "name";
+ private static final String PATH_PERMISSION = "/permission";
+ private static final Log log = LogFactory.getLog(PermissionAuthorizerUtil.class);
+
+ public static void addPermission(Permission permission) {
+
+ if (registry == null) {
+ throw new IllegalArgumentException("Registry instance retrieved is null");
+ }
+
+ if (permission == null) {
+ throw new IllegalArgumentException("Permission argument is null");
+ }
+ try {
+ Collection collection = registry.newCollection();
+ collection.setProperty(PROPERTY_NAME, permission.getName());
+ registry.put(PATH_PERMISSION + permission.getPath(), collection);
+
+ } catch (RegistryException e) {
+ String errorMsg = "Error occured while adding permission '" + permission.getName() +
+ "' to registry. ";
+ log.error(errorMsg + e.getMessage());
+ }
+ }
+}
diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkBundleActivator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkBundleActivator.java
index cb3ab4ac83..47bee21e7b 100644
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkBundleActivator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkBundleActivator.java
@@ -28,6 +28,10 @@ import org.wso2.carbon.webapp.authenticator.framework.DataHolder;
import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticator;
import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorFrameworkValve;
import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorRepository;
+import org.wso2.carbon.webapp.authenticator.framework.authorizer.PermissionAuthorizerUtil;
+import org.wso2.carbon.webapp.authenticator.framework.authorizer.PermissionAuthorizerValve;
+import org.wso2.carbon.webapp.authenticator.framework.authorizer.config.Permission;
+import org.wso2.carbon.webapp.authenticator.framework.authorizer.config.PermissionAuthorizerConfig;
import org.wso2.carbon.webapp.authenticator.framework.config.AuthenticatorConfig;
import org.wso2.carbon.webapp.authenticator.framework.config.WebappAuthenticatorConfig;
@@ -54,8 +58,15 @@ public class WebappAuthenticatorFrameworkBundleActivator implements BundleActiva
}
DataHolder.setWebappAuthenticatorRepository(repository);
+ // Adding permissions to registry
+// PermissionAuthorizerConfig.init();
+// for (Permission permission : PermissionAuthorizerConfig.getInstance().getPermissions()) {
+// PermissionAuthorizerUtil.addPermission(permission);
+// }
+
List valves = new ArrayList();
valves.add(new WebappAuthenticatorFrameworkValve());
+ valves.add(new PermissionAuthorizerValve());
TomcatValveContainer.addValves(valves);
if (log.isDebugEnabled()) {
diff --git a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/p2.inf b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/p2.inf
index 91ac161b4e..49291ae9be 100644
--- a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/p2.inf
+++ b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/p2.inf
@@ -1,2 +1,3 @@
instructions.configure = \
-org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.webapp.authenticator.framework.server_${feature.version}/conf/webapp-authenticator-config.xml,target:${installFolder}/../../conf/etc/webapp-authenticator-config.xml,overwrite:true);\
\ No newline at end of file
+org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.webapp.authenticator.framework.server_${feature.version}/conf/webapp-authenticator-config.xml,target:${installFolder}/../../conf/etc/webapp-authenticator-config.xml,overwrite:true);\
+org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.webapp.authenticator.framework.server_${feature.version}/conf/permissions-config.xml,target:${installFolder}/../../conf/etc/permissions-config.xml,overwrite:true);\
\ No newline at end of file