Enhancment to allow verification of user credentials and roles in a Geronimo Java EE environment. Some code are commented out as I still need to find a more generic (not so geronimo specific way) to perform some of these actions

git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@777325 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 55 insertions, 5 deletions

diff --git a/branches/sca-java-1.x/modules/policy-security-http/src/main/java/org/apache/tuscany/sca/policy/security/http/LDAPRealmAuthenticationServicePolicyProvider.java b/branches/sca-java-1.x/modules/policy-security-http/src/main/java/org/apache/tuscany/sca/policy/security/http/LDAPRealmAuthenticationServicePolicyProvider.java
index dfe72bee36..fe14987948 100644
--- a/branches/sca-java-1.x/modules/policy-security-http/src/main/java/org/apache/tuscany/sca/policy/security/http/LDAPRealmAuthenticationServicePolicyProvider.java
+++ b/branches/sca-java-1.x/modules/policy-security-http/src/main/java/org/apache/tuscany/sca/policy/security/http/LDAPRealmAuthenticationServicePolicyProvider.java
@@ -29,6 +29,7 @@ import org.apache.tuscany.sca.interfacedef.Operation;
 import org.apache.tuscany.sca.invocation.Interceptor;
 import org.apache.tuscany.sca.invocation.Phase;
 import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.authorization.AuthorizationPolicy;
 import org.apache.tuscany.sca.provider.PolicyProvider;
 import org.apache.tuscany.sca.runtime.RuntimeComponent;
 import org.apache.tuscany.sca.runtime.RuntimeComponentService;
@@ -59,16 +60,18 @@ public class LDAPRealmAuthenticationServicePolicyProvider implements PolicyProvi
     }
 
     public Interceptor createInterceptor(Operation operation) {
-        List<LDAPRealmAuthenticationPolicy> policies = null;
+        List<LDAPRealmAuthenticationPolicy> authenticationPolicies = null;
+        List<AuthorizationPolicy> authorizationPolicies = null;
 
         if (operation != null) {
-            policies = findPolicies(operation);
+            authenticationPolicies = findAuthenticationPolicies(operation);
+            authorizationPolicies = findAuthorizationPolicies(operation);
         }
 
-        if (policies == null || policies.isEmpty()) {
+        if (authenticationPolicies == null || authenticationPolicies.isEmpty()) {
             return null;
         } else {
-            return new LDAPRealmAuthenticationInterceptor(policies);
+            return new LDAPRealmAuthenticationInterceptor(authenticationPolicies, authorizationPolicies);
         }
     }
 
@@ -82,7 +85,7 @@ public class LDAPRealmAuthenticationServicePolicyProvider implements PolicyProvi
      * @param op
      * @return
      */
-    private List<LDAPRealmAuthenticationPolicy> findPolicies(Operation op) {
+    private List<LDAPRealmAuthenticationPolicy> findAuthenticationPolicies(Operation op) {
         List<LDAPRealmAuthenticationPolicy> polices = new ArrayList<LDAPRealmAuthenticationPolicy>();
         // FIXME: How do we get a list of effective policySets for a given operation?
         for(Operation operation : operations) {
@@ -123,5 +126,52 @@ public class LDAPRealmAuthenticationServicePolicyProvider implements PolicyProvi
         
         return polices;
     }
+    
+    /**
+     * 
+     * @param op
+     * @return
+     */
+    private List<AuthorizationPolicy> findAuthorizationPolicies(Operation op) {
+        List<AuthorizationPolicy> polices = new ArrayList<AuthorizationPolicy>();
+        // FIXME: How do we get a list of effective policySets for a given operation?
+        for(Operation operation : operations) {
+            if (operation.getName().equals(op.getName())) {
+                for (PolicySet ps : operation.getPolicySets()) {
+                    for (Object p : ps.getPolicies()) {
+                        if (AuthorizationPolicy.class.isInstance(p)) {
+                            polices.add((AuthorizationPolicy)p);
+                        }
+                    }
+                }
+            }
+        }
+
+        if (service instanceof OperationsConfigurator) {
+            OperationsConfigurator operationsConfigurator = (OperationsConfigurator)service;
+            for (ConfiguredOperation cop : operationsConfigurator.getConfiguredOperations()) {
+                if (cop.getName().equals(op.getName())) {
+                    for (PolicySet ps : cop.getApplicablePolicySets()) {
+                        for (Object p : ps.getPolicies()) {
+                            if (AuthorizationPolicy.class.isInstance(p)) {
+                                polices.add((AuthorizationPolicy)p);
+                            }
+                        }
+                    }
+                }
+            }
+        }
+
+        List<PolicySet> policySets = service.getPolicySets();
+        for (PolicySet ps : policySets) {
+            for (Object p : ps.getPolicies()) {
+                if (AuthorizationPolicy.class.isInstance(p)) {
+                    polices.add((AuthorizationPolicy)p);
+                }
+            }
+        }
+        
+        return polices;
+    }
 
 }