NamedCasProxyDecider xref

View Javadoc

1   /* Copyright 2004, 2005 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.providers.cas.proxy;
17  
18  import java.util.List;
19  
20  import org.acegisecurity.AcegiMessageSource;
21  import org.acegisecurity.providers.cas.CasProxyDecider;
22  import org.acegisecurity.providers.cas.ProxyUntrustedException;
23  import org.apache.commons.logging.Log;
24  import org.apache.commons.logging.LogFactory;
25  import org.springframework.beans.factory.InitializingBean;
26  import org.springframework.context.MessageSource;
27  import org.springframework.context.MessageSourceAware;
28  import org.springframework.context.support.MessageSourceAccessor;
29  import org.springframework.util.Assert;
30  
31  
32  /***
33   * Accepts proxied requests if the closest proxy is named in the
34   * <code>validProxies</code> list.
35   * 
36   * <P>
37   * Also accepts the request if there was no proxy (ie the user directly
38   * authenticated against this service).
39   * </p>
40   */
41  public class NamedCasProxyDecider implements CasProxyDecider, InitializingBean,
42      MessageSourceAware {
43      //~ Static fields/initializers =============================================
44  
45      private static final Log logger = LogFactory.getLog(NamedCasProxyDecider.class);
46  
47      //~ Instance fields ========================================================
48  
49      private List validProxies;
50      protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
51  
52      //~ Methods ================================================================
53  
54      public void afterPropertiesSet() throws Exception {
55          Assert.notNull(this.validProxies, "A validProxies list must be set");
56          Assert.notNull(this.messages, "A message source must be set");
57      }
58  
59      public void confirmProxyListTrusted(List proxyList)
60          throws ProxyUntrustedException {
61          Assert.notNull(proxyList, "proxyList cannot be null");
62  
63          if (logger.isDebugEnabled()) {
64              logger.debug("Proxy list: " + proxyList.toString());
65          }
66  
67          if (proxyList.size() == 0) {
68              // A Service Ticket (not a Proxy Ticket)
69              return;
70          }
71  
72          if (!validProxies.contains(proxyList.get(0))) {
73              throw new ProxyUntrustedException(messages.getMessage(
74                      "NamedCasProxyDecider.untrusted",
75                      new Object[] {proxyList.get(0)},
76                      "Nearest proxy {0} is untrusted"));
77          }
78      }
79  
80      public List getValidProxies() {
81          return validProxies;
82      }
83  
84      public void setMessageSource(MessageSource messageSource) {
85          this.messages = new MessageSourceAccessor(messageSource);
86      }
87  
88      public void setValidProxies(List validProxies) {
89          this.validProxies = validProxies;
90      }
91  }