/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.naming;

import java.util.Hashtable;

Handles the access control on the JNDI contexts.
Author:Remy Maucherat
/** * Handles the access control on the JNDI contexts. * * @author Remy Maucherat */
public class ContextAccessController { // -------------------------------------------------------------- Variables
Catalina context names on which writing is not allowed.
/** * Catalina context names on which writing is not allowed. */
private static final Hashtable<Object,Object> readOnlyContexts = new Hashtable<>();
Security tokens repository.
/** * Security tokens repository. */
private static final Hashtable<Object,Object> securityTokens = new Hashtable<>(); // --------------------------------------------------------- Public Methods
Set a security token for a Catalina context. Can be set only once.
Params:
  • name – Name of the Catalina context
  • token – Security token
/** * Set a security token for a Catalina context. Can be set only once. * * @param name Name of the Catalina context * @param token Security token */
public static void setSecurityToken(Object name, Object token) { SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(new RuntimePermission( ContextAccessController.class.getName() + ".setSecurityToken")); } if ((!securityTokens.containsKey(name)) && (token != null)) { securityTokens.put(name, token); } }
Remove a security token for a context.
Params:
  • name – Name of the Catalina context
  • token – Security token
/** * Remove a security token for a context. * * @param name Name of the Catalina context * @param token Security token */
public static void unsetSecurityToken(Object name, Object token) { if (checkSecurityToken(name, token)) { securityTokens.remove(name); } }
Check a submitted security token.
Params:
  • name – Name of the Catalina context
  • token – Submitted security token
Returns:true if the submitted token is equal to the token in the repository or if no token is present in the repository. Otherwise, false
/** * Check a submitted security token. * * @param name Name of the Catalina context * @param token Submitted security token * * @return <code>true</code> if the submitted token is equal to the token * in the repository or if no token is present in the repository. * Otherwise, <code>false</code> */
public static boolean checkSecurityToken (Object name, Object token) { Object refToken = securityTokens.get(name); return (refToken == null || refToken.equals(token)); }
Allow writing to a context.
Params:
  • name – Name of the Catalina context
  • token – Security token
/** * Allow writing to a context. * * @param name Name of the Catalina context * @param token Security token */
public static void setWritable(Object name, Object token) { if (checkSecurityToken(name, token)) readOnlyContexts.remove(name); }
Set whether or not a Catalina context is writable.
Params:
  • name – Name of the Catalina context
/** * Set whether or not a Catalina context is writable. * * @param name Name of the Catalina context */
public static void setReadOnly(Object name) { readOnlyContexts.put(name, name); }
Is the context is writable?
Params:
  • name – Name of the Catalina context
Returns:true if it is writable, otherwise false
/** * Is the context is writable? * * @param name Name of the Catalina context * * @return <code>true</code> if it is writable, otherwise <code>false</code> */
public static boolean isWritable(Object name) { return !(readOnlyContexts.containsKey(name)); } }