• Home
• org.opencastproject
• opencast-kernel
• 8.4
• source code
• SpringSecurityConfigurationArtifactInstaller.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.opencastproject.kernel.security.SpringSecurityConfigurationArtifactInstaller Maven / Gradle / Ivy

/**
 * Licensed to The Apereo Foundation under one or more contributor license
 * agreements. See the NOTICE file distributed with this work for additional
 * information regarding copyright ownership.
 *
 *
 * The Apereo Foundation licenses this file to you under the Educational
 * Community License, Version 2.0 (the "License"); you may not use this file
 * except in compliance with the License. You may obtain a copy of the License
 * at:
 *
 *   http://opensource.org/licenses/ecl2.txt
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
 * License for the specific language governing permissions and limitations under
 * the License.
 *
 */

package org.opencastproject.kernel.security;

import org.apache.commons.io.FilenameUtils;
import org.apache.felix.fileinstall.ArtifactInstaller;
import org.osgi.framework.BundleContext;
import org.osgi.service.component.ComponentContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.osgi.context.support.OsgiBundleXmlApplicationContext;

import java.io.File;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.Filter;

/**
 * Registers a security filter, which delegates to the spring filter chain appropriate for the current request's
 * organization. Organizational security configurations may be added to the security watch directory, and should be
 * named <organization_id>.xml.
 */
public class SpringSecurityConfigurationArtifactInstaller implements ArtifactInstaller {
  protected static final Logger logger = LoggerFactory.getLogger(SpringSecurityConfigurationArtifactInstaller.class);

  /** This component's bundle context */
  protected BundleContext bundleContext = null;

  /** The security filter */
  protected SecurityFilter securityFilter = null;

  /** Spring application contexts */
  protected Map appContexts = null;

  /** OSGi DI. */
  public void setSecurityFilter(SecurityFilter securityFilter) {
    this.securityFilter = securityFilter;
  }

  /**
   * OSGI activation callback
   */
  protected void activate(ComponentContext cc) {
    this.bundleContext = cc.getBundleContext();
    this.appContexts = new HashMap<>();
  }

  /**
   * {@inheritDoc}
   *
   * @see org.apache.felix.fileinstall.ArtifactListener#canHandle(java.io.File)
   */
  @Override
  public boolean canHandle(File artifact) {
    return "security".equals(artifact.getParentFile().getName()) && artifact.getName().endsWith(".xml");
  }

  /**
   * {@inheritDoc}
   *
   * @see org.apache.felix.fileinstall.ArtifactInstaller#install(java.io.File)
   */
  @Override
  public void install(File artifact) throws Exception {
    // If we already have a registration for this ID, take it out of the security filter and close it
    String orgId = FilenameUtils.getBaseName(artifact.getName());
    OsgiBundleXmlApplicationContext orgAppContext = appContexts.get(orgId);
    if (orgAppContext != null) {
      securityFilter.removeFilter(orgId);
      orgAppContext.close();
    }

    OsgiBundleXmlApplicationContext springContext = new OsgiBundleXmlApplicationContext(
            new String[] { "file:" + artifact.getAbsolutePath() });
    springContext.setBundleContext(bundleContext);
    logger.info("registered {} for {}", springContext, orgId);

    // Refresh the spring application context
    try {
      springContext.refresh();
    } catch (Exception e) {
      logger.error("Unable to refresh spring security configuration file {}: {}", artifact, e);
      return;
    }

    // Keep track of the app context so we can close it later
    appContexts.put(orgId, springContext);

    // Add the filter chain for this org to the security filter
    securityFilter.addFilter(orgId, (Filter) springContext.getBean("springSecurityFilterChain"));
  }

  /**
   * {@inheritDoc}
   *
   * @see org.apache.felix.fileinstall.ArtifactInstaller#uninstall(java.io.File)
   */
  @Override
  public void uninstall(File artifact) throws Exception {
    String orgId = FilenameUtils.getBaseName(artifact.getName());
    OsgiBundleXmlApplicationContext appContext = appContexts.get(orgId);
    if (appContext != null) {
      securityFilter.removeFilter(orgId);
      appContexts.remove(orgId);
      appContext.close();
    }
  }

  /**
   * {@inheritDoc}
   *
   * @see org.apache.felix.fileinstall.ArtifactInstaller#update(java.io.File)
   */
  @Override
  public void update(File artifact) throws Exception {
    install(artifact);
  }

}