org.apache.tomcat.modules.aaa
Class AccessInterceptor

java.lang.Object
  org.apache.tomcat.core.BaseInterceptor
      org.apache.tomcat.modules.aaa.AccessInterceptor

public class AccessInterceptor

extends BaseInterceptor

Access control - find if a request matches any web-resource-collection and set the "required" attributes. The spec requires additive checking ( i.e. there is no "best match" defined, but "all requests that contain a request path that mathces the URL pattern in the resource collection are subject to the constraing" ). In "integrated" mode this interceptor will be no-op, we'll use the web server ( assuming we can map the security to web-server equivalent concepts - I think we can do that, but need to experiment with that)

Field Summary

Fields inherited from class org.apache.tomcat.core.BaseInterceptor

ct, ctx, debug, DECLINED, loghelper, OK

Constructor Summary

AccessInterceptor()

Method Summary

void	addContainer(Container ct) Notify that certain properties are defined for a URL pattern.
int	authorize(Request req, Response response, java.lang.String[] roles) Handle authorization for requests where certain roles are requires, and a user/password scheme is used to authenticate the user ( BASIC, FORM ) and find the user roles.
void	contextInit(Context ctx) Notify when a context is initialized.
void	engineInit(ContextManager cm) Set the context manager.
void	removeContainer(Container ct) A rule was removed, update the internal strucures.
int	requestMap(Request req) Check if this request requires auth, and if so check the roles.
void	setIgnoreCase(boolean b) Use case insensitive match, for windows and similar platforms

Methods inherited from class org.apache.tomcat.core.BaseInterceptor

addContext, addHandler, addInterceptor, addSecurityConstraint, afterBody, authenticate, beforeBody, beforeCommit, contextMap, contextShutdown, contextState, copyContext, engineShutdown, engineStart, engineState, engineStop, findSession, getContext, getContextManager, getDebug, getInfo, getLog, getNote, getNote, handleError, log, log, log, log, postInitCheck, postReadRequest, postRequest, postService, postServletDestroy, postServletInit, preInitCheck, preService, preServletDestroy, preServletInit, registerHooks, reload, removeContext, removeHandler, removeInterceptor, sessionState, setContext, setContextManager, setDebug, setInfo, setNote, setNote

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AccessInterceptor

public AccessInterceptor()

Method Detail

setIgnoreCase

public void setIgnoreCase(boolean b)

Use case insensitive match, for windows and similar platforms

engineInit

public void engineInit(ContextManager cm)
                throws TomcatException

Set the context manager. To keep it simple we don't support dynamic add/remove for this interceptor.

Overrides:

engineInit in class BaseInterceptor

Throws:

TomcatException - The module will not be added if any exception is thrown by engineInit.

contextInit

public void contextInit(Context ctx)
                 throws TomcatException

Description copied from class: BaseInterceptor

Notify when a context is initialized. The first interceptor in the chain for contextInit must read web.xml and set the context. When this method is called you can expect the context to be filled in with all the informations from web.xml.

Overrides:

contextInit in class BaseInterceptor

Throws:

TomcatException

removeContainer

public void removeContainer(Container ct)
                     throws TomcatException

Description copied from class: BaseInterceptor

A rule was removed, update the internal strucures. You can also clean up and reload everything using Context.getContainers()

Overrides:

removeContainer in class BaseInterceptor

Throws:

TomcatException

addContainer

public void addContainer(Container ct)
                  throws TomcatException

Description copied from class: BaseInterceptor

Notify that certain properties are defined for a URL pattern. Properties can be a "handler" that will be called for URLs matching the pattern or "security constraints" ( or any other properties that can be associated with URL patterns ) Interceptors will maintain their own mapping tables if they are interested in a certain property. General-purpose mapping code is provided in utils. The method will be called once for every properties associated with a URL - it's up to the interceptor to interpret the URL and deal with "merging". A Container that defines a servlet mapping ( handler ) will have the handlerName set to the name of the handler. The Handler ( getHandler) can be null for dynamically added servlets, and will be set by a facade interceptor. XXX We use this hook to create ServletWrappers for dynamically added servlets in InvokerInterceptor ( JspInterceptor is JDK1.2 specific ). It may be good to add a new hook specifically for that

Overrides:

addContainer in class BaseInterceptor

Throws:

TomcatException

requestMap

public int requestMap(Request req)

Check if this request requires auth, and if so check the roles.

Overrides:

requestMap in class BaseInterceptor

authorize

public int authorize(Request req,
                     Response response,
                     java.lang.String[] roles)

Handle authorization for requests where certain roles are requires, and a user/password scheme is used to authenticate the user ( BASIC, FORM ) and find the user roles.

Overrides:

authorize in class BaseInterceptor