Partial Commit for Permission Authorizer module

revert-70aa11f8
milanperera 10 years ago
parent 458618191d
commit 23bb023686

@ -103,6 +103,10 @@
<groupId>org.wso2.carbon</groupId> <groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.core.services</artifactId> <artifactId>org.wso2.carbon.core.services</artifactId>
</dependency> </dependency>
<dependency>
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.registry.api</artifactId>
</dependency>
</dependencies> </dependencies>
</project> </project>

@ -21,6 +21,7 @@ public final class Constants {
public static final String AUTHORIZATION_HEADER_PREFIX_BEARER = "Bearer"; public static final String AUTHORIZATION_HEADER_PREFIX_BEARER = "Bearer";
public static final String NO_MATCHING_AUTH_SCHEME = "noMatchedAuthScheme"; public static final String NO_MATCHING_AUTH_SCHEME = "noMatchedAuthScheme";
public static final String PERMISSION_PATH = "/_system/governance/permission/admin/device-mgt/";
public static final class HTTPHeaders { public static final class HTTPHeaders {
private HTTPHeaders() { private HTTPHeaders() {
@ -40,4 +41,25 @@ public final class Constants {
public static final String CONTENT_TYPE_APPLICATION_XML = "application/xml"; public static final String CONTENT_TYPE_APPLICATION_XML = "application/xml";
} }
public static final class HttpVerb {
private HttpVerb() {
throw new AssertionError();
}
public static final String GET = "GET";
public static final String POST = "POST";
public static final String DELETE = "DELETE";
public static final String PUT = "PUT";
}
public static final class PermissionMethod {
private PermissionMethod() {
throw new AssertionError();
}
public static final String READ = "read";
public static final String WRITE = "write";
public static final String DELETE = "delete";
public static final String ACTION = "action";
}
} }

@ -26,6 +26,9 @@ import org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve;
import org.wso2.carbon.tomcat.ext.valves.CompositeValve; import org.wso2.carbon.tomcat.ext.valves.CompositeValve;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve { public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve {
@ -34,8 +37,7 @@ public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve {
@Override @Override
public void invoke(Request request, Response response, CompositeValve compositeValve) { public void invoke(Request request, Response response, CompositeValve compositeValve) {
String authScheme = String authScheme = request.getAuthType();
request.getContext().findParameter(WebappAuthenticatorFrameworkValve.AUTHENTICATION_SCHEME);
if (authScheme == null || "".equals(authScheme)) { if (authScheme == null || "".equals(authScheme)) {
this.getNext().invoke(request, response, compositeValve); this.getNext().invoke(request, response, compositeValve);
return; return;

@ -0,0 +1,59 @@
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.webapp.authenticator.framework.authorizer;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.RegistryType;
import org.wso2.carbon.registry.api.Collection;
import org.wso2.carbon.registry.api.Registry;
import org.wso2.carbon.registry.api.RegistryException;
import org.wso2.carbon.webapp.authenticator.framework.authorizer.config.Permission;
public class PermissionAuthorizerUtil {
private static Registry registry = CarbonContext.getThreadLocalCarbonContext().
getRegistry(RegistryType.SYSTEM_GOVERNANCE);
private static final String PROPERTY_NAME = "name";
private static final String PATH_PERMISSION = "/permission";
private static final Log log = LogFactory.getLog(PermissionAuthorizerUtil.class);
public static void addPermission(Permission permission) {
if (registry == null) {
throw new IllegalArgumentException("Registry instance retrieved is null");
}
if (permission == null) {
throw new IllegalArgumentException("Permission argument is null");
}
try {
Collection collection = registry.newCollection();
collection.setProperty(PROPERTY_NAME, permission.getName());
registry.put(PATH_PERMISSION + permission.getPath(), collection);
} catch (RegistryException e) {
String errorMsg = "Error occured while adding permission '" + permission.getName() +
"' to registry. ";
log.error(errorMsg + e.getMessage());
}
}
}

@ -28,6 +28,10 @@ import org.wso2.carbon.webapp.authenticator.framework.DataHolder;
import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticator; import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticator;
import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorFrameworkValve; import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorFrameworkValve;
import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorRepository; import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorRepository;
import org.wso2.carbon.webapp.authenticator.framework.authorizer.PermissionAuthorizerUtil;
import org.wso2.carbon.webapp.authenticator.framework.authorizer.PermissionAuthorizerValve;
import org.wso2.carbon.webapp.authenticator.framework.authorizer.config.Permission;
import org.wso2.carbon.webapp.authenticator.framework.authorizer.config.PermissionAuthorizerConfig;
import org.wso2.carbon.webapp.authenticator.framework.config.AuthenticatorConfig; import org.wso2.carbon.webapp.authenticator.framework.config.AuthenticatorConfig;
import org.wso2.carbon.webapp.authenticator.framework.config.WebappAuthenticatorConfig; import org.wso2.carbon.webapp.authenticator.framework.config.WebappAuthenticatorConfig;
@ -54,8 +58,15 @@ public class WebappAuthenticatorFrameworkBundleActivator implements BundleActiva
} }
DataHolder.setWebappAuthenticatorRepository(repository); DataHolder.setWebappAuthenticatorRepository(repository);
// Adding permissions to registry
// PermissionAuthorizerConfig.init();
// for (Permission permission : PermissionAuthorizerConfig.getInstance().getPermissions()) {
// PermissionAuthorizerUtil.addPermission(permission);
// }
List<CarbonTomcatValve> valves = new ArrayList<CarbonTomcatValve>(); List<CarbonTomcatValve> valves = new ArrayList<CarbonTomcatValve>();
valves.add(new WebappAuthenticatorFrameworkValve()); valves.add(new WebappAuthenticatorFrameworkValve());
valves.add(new PermissionAuthorizerValve());
TomcatValveContainer.addValves(valves); TomcatValveContainer.addValves(valves);
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {

@ -1,2 +1,3 @@
instructions.configure = \ instructions.configure = \
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.webapp.authenticator.framework.server_${feature.version}/conf/webapp-authenticator-config.xml,target:${installFolder}/../../conf/etc/webapp-authenticator-config.xml,overwrite:true);\ org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.webapp.authenticator.framework.server_${feature.version}/conf/webapp-authenticator-config.xml,target:${installFolder}/../../conf/etc/webapp-authenticator-config.xml,overwrite:true);\
org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.webapp.authenticator.framework.server_${feature.version}/conf/permissions-config.xml,target:${installFolder}/../../conf/etc/permissions-config.xml,overwrite:true);\
Loading…
Cancel
Save