From 99f90f9d1d7bce0d2c446736aed0800de531fb78 Mon Sep 17 00:00:00 2001 From: Cleverson Sacramento Date: Fri, 22 Feb 2013 16:53:46 -0300 Subject: [PATCH] Implementação do controle de acesso na extensão Servlet --- impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/Credentials.java | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthenticator.java | 139 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthorizer.java | 78 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/util/ServletFilter.java | 8 -------- impl/extension/servlet/src/main/resources/demoiselle-servlet-bundle.properties | 3 ++- 5 files changed, 293 insertions(+), 9 deletions(-) create mode 100644 impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/Credentials.java create mode 100644 impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthenticator.java create mode 100644 impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthorizer.java diff --git a/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/Credentials.java b/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/Credentials.java new file mode 100644 index 0000000..023bef8 --- /dev/null +++ b/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/Credentials.java @@ -0,0 +1,74 @@ +/* + * Demoiselle Framework + * Copyright (C) 2010 SERPRO + * ---------------------------------------------------------------------------- + * This file is part of Demoiselle Framework. + * + * Demoiselle Framework is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License version 3 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License version 3 + * along with this program; if not, see + * or write to the Free Software Foundation, Inc., 51 Franklin Street, + * Fifth Floor, Boston, MA 02110-1301, USA. + * ---------------------------------------------------------------------------- + * Este arquivo é parte do Framework Demoiselle. + * + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação + * do Software Livre (FSF). + * + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português + * para maiores detalhes. + * + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título + * "LICENCA.txt", junto com esse programa. Se não, acesse + * ou escreva para a Fundação do Software Livre (FSF) Inc., + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA. + */ +package br.gov.frameworkdemoiselle.security; + +import java.io.Serializable; + +import javax.enterprise.context.RequestScoped; +import javax.inject.Named; + +@Named +@RequestScoped +public class Credentials implements Serializable { + + private static final long serialVersionUID = 1L; + + private String username; + + private String password; + + public void clear() { + this.username = null; + this.password = null; + } + + public String getUsername() { + return username; + } + + public void setUsername(String username) { + this.username = username; + } + + public String getPassword() { + return password; + } + + public void setPassword(String password) { + this.password = password; + } +} diff --git a/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthenticator.java b/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthenticator.java new file mode 100644 index 0000000..baeb7e6 --- /dev/null +++ b/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthenticator.java @@ -0,0 +1,139 @@ +/* + * Demoiselle Framework + * Copyright (C) 2010 SERPRO + * ---------------------------------------------------------------------------- + * This file is part of Demoiselle Framework. + * + * Demoiselle Framework is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License version 3 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License version 3 + * along with this program; if not, see + * or write to the Free Software Foundation, Inc., 51 Franklin Street, + * Fifth Floor, Boston, MA 02110-1301, USA. + * ---------------------------------------------------------------------------- + * Este arquivo é parte do Framework Demoiselle. + * + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação + * do Software Livre (FSF). + * + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português + * para maiores detalhes. + * + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título + * "LICENCA.txt", junto com esse programa. Se não, acesse + * ou escreva para a Fundação do Software Livre (FSF) Inc., + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA. + */ +package br.gov.frameworkdemoiselle.security; + +import static br.gov.frameworkdemoiselle.internal.implementation.StrategySelector.EXTENSIONS_L1_PRIORITY; + +import java.security.Principal; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; + +import org.slf4j.Logger; + +import br.gov.frameworkdemoiselle.annotation.Priority; +import br.gov.frameworkdemoiselle.internal.interceptor.TransactionalInterceptor; +import br.gov.frameworkdemoiselle.internal.producer.LoggerProducer; +import br.gov.frameworkdemoiselle.internal.producer.ResourceBundleProducer; +import br.gov.frameworkdemoiselle.util.Beans; +import br.gov.frameworkdemoiselle.util.ResourceBundle; + +@Priority(EXTENSIONS_L1_PRIORITY) +public class ServletAuthenticator implements Authenticator { + + private static final long serialVersionUID = 1L; + + private static ResourceBundle bundle; + + private static Logger logger; + + @Override + public boolean authenticate() { + boolean result; + + try { + getRequest().login(getCredentials().getUsername(), getCredentials().getPassword()); + result = true; + + } catch (ServletException cause) { + getLogger().debug(getBundle().getString(cause.getLocalizedMessage())); + + result = false; + } + + return result; + } + + @Override + public void unAuthenticate() { + getCredentials().clear(); + getRequest().getSession().invalidate(); + } + + @Override + public User getUser() { + User user = null; + final Principal userPincipal = getRequest().getUserPrincipal(); + + if (userPincipal != null) { + user = new User() { + + private static final long serialVersionUID = 1L; + + @Override + public String getId() { + return userPincipal.getName(); + } + + @Override + public void setAttribute(Object key, Object value) { + } + + @Override + public Object getAttribute(Object key) { + return null; + } + }; + } + + return user; + } + + protected Credentials getCredentials() { + return Beans.getReference(Credentials.class); + } + + private HttpServletRequest getRequest() { + return Beans.getReference(HttpServletRequest.class); + } + + private static ResourceBundle getBundle() { + if (bundle == null) { + bundle = ResourceBundleProducer.create("demoiselle-servlet-bundle"); + } + + return bundle; + } + + private static Logger getLogger() { + if (logger == null) { + logger = LoggerProducer.create(TransactionalInterceptor.class); + } + + return logger; + } +} diff --git a/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthorizer.java b/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthorizer.java new file mode 100644 index 0000000..45d89c8 --- /dev/null +++ b/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthorizer.java @@ -0,0 +1,78 @@ +/* + * Demoiselle Framework + * Copyright (C) 2010 SERPRO + * ---------------------------------------------------------------------------- + * This file is part of Demoiselle Framework. + * + * Demoiselle Framework is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License version 3 + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License version 3 + * along with this program; if not, see + * or write to the Free Software Foundation, Inc., 51 Franklin Street, + * Fifth Floor, Boston, MA 02110-1301, USA. + * ---------------------------------------------------------------------------- + * Este arquivo é parte do Framework Demoiselle. + * + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação + * do Software Livre (FSF). + * + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português + * para maiores detalhes. + * + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título + * "LICENCA.txt", junto com esse programa. Se não, acesse + * ou escreva para a Fundação do Software Livre (FSF) Inc., + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA. + */ +package br.gov.frameworkdemoiselle.security; + +import static br.gov.frameworkdemoiselle.internal.implementation.StrategySelector.EXTENSIONS_L1_PRIORITY; + +import javax.servlet.http.HttpServletRequest; + +import br.gov.frameworkdemoiselle.DemoiselleException; +import br.gov.frameworkdemoiselle.annotation.Priority; +import br.gov.frameworkdemoiselle.internal.producer.ResourceBundleProducer; +import br.gov.frameworkdemoiselle.util.Beans; +import br.gov.frameworkdemoiselle.util.ResourceBundle; + +@Priority(EXTENSIONS_L1_PRIORITY) +public class ServletAuthorizer implements Authorizer { + + private static final long serialVersionUID = 1L; + + private static ResourceBundle bundle; + + @Override + public boolean hasRole(String role) { + return getRequest().isUserInRole(role); + } + + @Override + public boolean hasPermission(String resource, String operation) { + throw new DemoiselleException(getBundle().getString("has-permission-not-supported", + RequiredPermission.class.getSimpleName())); + } + + private HttpServletRequest getRequest() { + return Beans.getReference(HttpServletRequest.class); + } + + private static ResourceBundle getBundle() { + if (bundle == null) { + bundle = ResourceBundleProducer.create("demoiselle-servlet-bundle"); + } + + return bundle; + } +} diff --git a/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/util/ServletFilter.java b/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/util/ServletFilter.java index 3e9ac05..a5435c2 100644 --- a/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/util/ServletFilter.java +++ b/impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/util/ServletFilter.java @@ -63,14 +63,6 @@ public class ServletFilter implements Filter { Beans.getReference(HttpServletRequestProducer.class).setDelegate((HttpServletRequest) request); Beans.getReference(HttpServletResponseProducer.class).setDelegate((HttpServletResponse) response); - // LoginContext ctx = null; - // HttpSession sess = (HttpSession) ((HttpServletRequest) request).getSession(false); - // if (sess != null) { - // ctx = (LoginContext) sess.getAttribute("ctx"); - // } - - // System.out.println(ctx); - chain.doFilter(request, response); } diff --git a/impl/extension/servlet/src/main/resources/demoiselle-servlet-bundle.properties b/impl/extension/servlet/src/main/resources/demoiselle-servlet-bundle.properties index 52a1346..ea80cee 100644 --- a/impl/extension/servlet/src/main/resources/demoiselle-servlet-bundle.properties +++ b/impl/extension/servlet/src/main/resources/demoiselle-servlet-bundle.properties @@ -33,4 +33,5 @@ # ou escreva para a Fundação do Software Livre (FSF) Inc., # 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA. -id-converter-not-found=Voc\u00EA precisa criar um FacesConverter para a classe "{0}". \ No newline at end of file +has-permission-not-supported=N\u00E3o \u00E9 poss\u00EDvel utilizar @{0}, pois esta funcionalidade n\u00E3o \u00E9 suportada pelo JAAS +authentication-failed=Falha na autentica\u00E7\u00E3o. -- libgit2 0.21.2