Index: topia-security/src/java/org/codelutin/topia/security/TopiaSecurityManagerImpl.java diff -u topia-security/src/java/org/codelutin/topia/security/TopiaSecurityManagerImpl.java:1.6 topia-security/src/java/org/codelutin/topia/security/TopiaSecurityManagerImpl.java:1.7 --- topia-security/src/java/org/codelutin/topia/security/TopiaSecurityManagerImpl.java:1.6 Fri Sep 29 15:50:07 2006 +++ topia-security/src/java/org/codelutin/topia/security/TopiaSecurityManagerImpl.java Thu Oct 5 07:49:44 2006 @@ -22,18 +22,32 @@ import static org.codelutin.topia.security.util.TopiaSecurityUtil.TOPIA_SECURITY_PERSISTENCE_CLASSES; +import java.security.AccessController; +import java.security.Permission; +import java.security.Principal; +import java.util.Collection; +import java.util.HashSet; +import java.util.Map; +import java.util.Set; + +import javax.security.auth.Subject; import javax.security.auth.login.Configuration; +import org.apache.commons.collections.map.ReferenceMap; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.codelutin.topia.TopiaContext; import org.codelutin.topia.TopiaException; import org.codelutin.topia.security.entities.authorization.TopiaAssociationAuthorizationDAO; +import org.codelutin.topia.security.entities.authorization.TopiaAuthorization; import org.codelutin.topia.security.entities.authorization.TopiaAuthorizationDAO; import org.codelutin.topia.security.entities.authorization.TopiaEntityAuthorizationDAO; import org.codelutin.topia.security.entities.authorization.TopiaLinkAuthorizationDAO; import org.codelutin.topia.security.entities.user.TopiaGroupDAO; import org.codelutin.topia.security.entities.user.TopiaUserDAO; +import org.codelutin.topia.security.jaas.TopiaConfiguration; +import org.codelutin.topia.security.jaas.TopiaPermission; +import org.codelutin.topia.security.jaas.TopiaPolicy; import org.codelutin.topia.security.listener.PropertyReadListener; import org.codelutin.topia.security.listener.PropertyWriteListener; import org.codelutin.topia.security.listener.VetoableEntityListener; @@ -49,19 +63,23 @@ /** to use log facility, just put in your code: log.info(\"...\"); */ static private Log log = LogFactory.getLog(TopiaSecurityManagerImpl.class); - + /* Context ToPIA */ private TopiaContext rootContext; private TopiaContext securityContext; /* Listeners */ - private VetoableEntityListener entityListener = new VetoableEntityListener(); - private PropertyReadListener readListener = new PropertyReadListener(); + private VetoableEntityListener entityListener = new VetoableEntityListener(this); + private PropertyReadListener readListener = new PropertyReadListener(this); private PropertyWriteListener writeListener = new PropertyWriteListener(); private VetoablePropertyListener propertyListener = new VetoablePropertyListener(readListener, writeListener); + /* Policy */ + private TopiaPolicy policy = new TopiaPolicy(this); + /* Cache */ - static public TopiaSecurityCaching cachingLOAD = new TopiaSecurityCaching(); + transient private TopiaSecurityCaching entitiesLoadingCache = new TopiaSecurityCaching(2); + transient private Map> permissionsCache = new ReferenceMap(ReferenceMap.SOFT, ReferenceMap.SOFT); /** * Constructeur. Initialise la sécurité à partir du contexte passer en paramètre @@ -81,9 +99,9 @@ rootContext.addVetoableLoadListener(entityListener); rootContext.addTopiaEntityLoadListener(propertyListener); rootContext.addTopiaEntityListener(propertyListener); - org.codelutin.topia.security.jaas.TopiaPolicy policy = new org.codelutin.topia.security.jaas.TopiaPolicy(this); + policy.installPolicy(); - Configuration.setConfiguration(new org.codelutin.topia.security.jaas.TopiaConfiguration("topia", this)); + Configuration.setConfiguration(new TopiaConfiguration("topia", this)); } /* @@ -183,5 +201,65 @@ return null; } -} + public void putPermissionsCache(String principalName) throws TopiaException { + TopiaAuthorizationDAO authorizationDAO = getTopiaAuthorizationDAO(); + Collection authorizations = authorizationDAO.findAll(); + + Set permissions = new HashSet(); + permissionsCache.put(principalName, permissions); + + for (TopiaAuthorization authorization : authorizations) { + Set principals = authorization.getPrincipals(); + if(principals.contains(principalName)) { + Permission topiaPermission = new TopiaPermission(authorization); + permissions.add(topiaPermission); + } + } + } + public Set getPermissionsCache(String principalName) { + return permissionsCache.get(principalName); + } + + public void putEntitiesLoadingCache(String topiaId, boolean authorized) { + Subject subject = Subject.getSubject(AccessController.getContext()); + if (subject != null) { + for (Principal principal : subject.getPrincipals()) { + entitiesLoadingCache.put(authorized, principal.getName(), topiaId); + } + } + } + + public Boolean getEntitiesLoadingCache(String topiaId) { + boolean authorized = false; + boolean modified = false; + Subject subject = Subject.getSubject(AccessController.getContext()); + if (subject != null) { + for (Principal principal : subject.getPrincipals()) { + Object object = entitiesLoadingCache.get(principal.getName(), topiaId); + if(object != null) { + modified = true; + authorized |= (Boolean) object; + } + } + } + if(modified) { + return authorized; + } else { + return null; + } + } + + public void removeEntitiesLoadingCache(String principalName) { + entitiesLoadingCache.clear(principalName); + } + + public boolean containEntitiesLoadingCache(String topiaId) { + Boolean authorized = getEntitiesLoadingCache(topiaId); + if(authorized != null) { + return true; + } else { + return false; + } + } +}