1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.jetspeed.layout.impl;
18
19 import java.util.HashSet;
20 import java.util.Iterator;
21 import java.util.Set;
22
23 import javax.security.auth.Subject;
24
25 import org.apache.commons.logging.Log;
26 import org.apache.commons.logging.LogFactory;
27 import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
28 import org.apache.jetspeed.page.PageManager;
29 import org.apache.jetspeed.request.RequestContext;
30 import org.apache.jetspeed.security.RolePrincipal;
31 import org.apache.jetspeed.security.SecurityHelper;
32 import org.apache.jetspeed.security.UserPrincipal;
33 import org.apache.jetspeed.security.impl.RolePrincipalImpl;
34
35 /***
36 * Abstracted behavior of security checks when used with the
37 * profiling rule "user-rolecombo". This behavior merges
38 * all roles into a single role combo.
39 *
40 * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
41 * @version $Id: $
42 */
43 public class PortletActionSecurityPathMergeBehavior
44 extends PortletActionSecurityPathBehavior
45 implements PortletActionSecurityBehavior
46 {
47 protected Log log = LogFactory.getLog(PortletActionSecurityPathMergeBehavior.class);
48
49 public PortletActionSecurityPathMergeBehavior( PageManager pageManager )
50 {
51 this( pageManager, Boolean.FALSE );
52 }
53 public PortletActionSecurityPathMergeBehavior( PageManager pageManager, Boolean enableCreateUserPagesFromRolesOnEdit )
54 {
55 super( pageManager, enableCreateUserPagesFromRolesOnEdit );
56 }
57
58 public Subject getSubject(RequestContext context)
59 {
60 Subject currentSubject = context.getSubject();
61 Iterator roles = currentSubject.getPrincipals(RolePrincipalImpl.class).iterator();
62 StringBuffer combo = new StringBuffer();
63 int count = 0;
64 while (roles.hasNext())
65 {
66 RolePrincipal role = (RolePrincipal)roles.next();
67 if (count > 0)
68 {
69 combo.append("-");
70 }
71 combo.append(role.getName());
72 count++;
73 }
74 Set principals = new HashSet();
75 principals.add(SecurityHelper.getBestPrincipal(currentSubject, UserPrincipal.class));
76 principals.add(new RolePrincipalImpl(combo.toString()));
77 Subject subject =
78 new Subject(true, principals, new HashSet(), new HashSet());
79 return subject;
80 }
81
82 }