Hi Jörn, [EMAIL PROTECTED] schrieb: > Author: nettings > Date: Sun Aug 5 14:08:25 2007 > New Revision: 562961 > > URL: http://svn.apache.org/viewvc?view=rev&rev=562961 > Log: > move UsecaseAuthorizer, impl and helper classes from usecase to ac > module to avoid circular dependencies
IMO this is not a good idea. I consider the access control a very fundamental functionality, and I think that we should keep the module minimal. The UsecaseAuthorizer is not a generic access control service, so IMO it doesn't belong in the access control module. What do the others think? -- Andreas > create new usecase ac.visit > change PolicyAuthorizer to check ac.visit permission for each requested > page > add usecase policy to default: ac.visit will be granted to editors, > admins and reviewers (basically restoring the old implicit behaviour, > but now in a clean and obvious way without opening security holes) > > WARNING: this is a proof-of-concept code that touches security-critical > infrastructure. it will compile and has been > tested briefly. there has been NO SECURITY AUDIT of any kind. the whole > shebang may be utter bogus - it's here as a discussion item. > > > Added: > lenya/trunk/src/modules-core/ac/java/src/org/apache/lenya/cms/ac/usecase/ > - copied from r562853, > lenya/trunk/src/modules-core/usecase/java/src/org/apache/lenya/cms/ac/usecase/ > > lenya/trunk/src/modules-core/ac/java/src/org/apache/lenya/cms/ac/usecase/UsecaseAuthorizer.java > - copied unchanged from r562875, > lenya/trunk/src/modules-core/usecase/java/src/org/apache/lenya/cms/ac/usecase/UsecaseAuthorizer.java > > lenya/trunk/src/modules-core/ac/java/src/org/apache/lenya/cms/ac/usecase/impl/UsecaseAuthorizerImpl.java > - copied, changed from r562861, > lenya/trunk/src/modules-core/usecase/java/src/org/apache/lenya/cms/ac/usecase/impl/UsecaseAuthorizerImpl.java > > lenya/trunk/src/modules-core/acusecases/config/cocoon-xconf/usecase-ac-visit.xconf > lenya/trunk/src/modules-core/acusecases/sitemap.xmap > Removed: > lenya/trunk/src/modules-core/usecase/java/src/org/apache/lenya/cms/ac/ > Modified: > lenya/trunk/src/modules-core/ac/config/module.xml > > lenya/trunk/src/modules-core/ac/java/src/org/apache/lenya/ac/impl/PolicyAuthorizer.java > lenya/trunk/src/modules-core/usecase/config/module.xml > > lenya/trunk/src/pubs/default/config/access-control/policies/authoring/subtree-policy.acml > > lenya/trunk/src/pubs/default/config/access-control/policies/index.html/url-policy.acml > lenya/trunk/src/pubs/default/config/access-control/usecase-policies.xml > > Modified: lenya/trunk/src/modules-core/ac/config/module.xml > URL: > http://svn.apache.org/viewvc/lenya/trunk/src/modules-core/ac/config/module.xml?view=diff&rev=562961&r1=562960&r2=562961 > ============================================================================== > --- lenya/trunk/src/modules-core/ac/config/module.xml (original) > +++ lenya/trunk/src/modules-core/ac/config/module.xml Sun Aug 5 14:08:25 2007 > @@ -20,6 +20,7 @@ > > <module xmlns="http://apache.org/lenya/module/1.0";> > <id>org.apache.lenya.modules.ac</id> > + <export package="org.apache.lenya.cms.ac.usecase"/> > <export package="org.apache.lenya.ac.file"/> > <depends module="org.apache.lenya.modules.cache"/> > <package>org.apache.lenya.modules</package> > > Modified: > lenya/trunk/src/modules-core/ac/java/src/org/apache/lenya/ac/impl/PolicyAuthorizer.java > URL: > http://svn.apache.org/viewvc/lenya/trunk/src/modules-core/ac/java/src/org/apache/lenya/ac/impl/PolicyAuthorizer.java?view=diff&rev=562961&r1=562960&r2=562961 > ============================================================================== > --- > lenya/trunk/src/modules-core/ac/java/src/org/apache/lenya/ac/impl/PolicyAuthorizer.java > (original) > +++ > lenya/trunk/src/modules-core/ac/java/src/org/apache/lenya/ac/impl/PolicyAuthorizer.java > Sun Aug 5 14:08:25 2007 > @@ -21,6 +21,10 @@ > import java.util.Arrays; > > import org.apache.avalon.framework.logger.AbstractLogEnabled; > +import org.apache.avalon.framework.service.Serviceable; > +import org.apache.avalon.framework.service.ServiceException; > +import org.apache.avalon.framework.service.ServiceManager; > +import org.apache.avalon.framework.service.ServiceSelector; > import org.apache.cocoon.environment.Request; > import org.apache.cocoon.environment.Session; > import org.apache.lenya.ac.AccessControlException; > @@ -29,13 +33,17 @@ > import org.apache.lenya.ac.Identity; > import org.apache.lenya.ac.PolicyManager; > import org.apache.lenya.ac.Role; > +import org.apache.lenya.cms.ac.usecase.UsecaseAuthorizer; > +import org.apache.lenya.cms.publication.Publication; > +import org.apache.lenya.cms.publication.PublicationException; > +import org.apache.lenya.cms.publication.PublicationUtil; > import org.apache.lenya.util.ServletHelper; > > /** > * Policy-based authorizer. > * @version $Id$ > */ > -public class PolicyAuthorizer extends AbstractLogEnabled implements > Authorizer { > +public class PolicyAuthorizer extends AbstractLogEnabled implements > Authorizer, Serviceable { > > /** > * The name of the pseudo-usecase that governs access to pages. > @@ -47,6 +55,8 @@ > > private PolicyManager policyManager; > private AccreditableManager accreditableManager; > + private ServiceManager manager; > + private ServiceSelector authSelector; > > /** > * Creates a new policy authorizer. > @@ -66,9 +76,22 @@ > > if (identity.belongsTo(getAccreditableManager())) { > Role[] roles = > getPolicyManager().getGrantedRoles(getAccreditableManager(), identity, > webappUrl); > - saveRoles(request, roles); > - authorized = (roles.length > 0); > - getLogger().debug("Authorized identity [" + identity + "]: " + > authorized); > + UsecaseAuthorizer auth = null; > + Publication pub; > + try { > + saveRoles(request, roles); > + authSelector = (ServiceSelector) > this.manager.lookup(Authorizer.ROLE + "Selector"); > + auth = (UsecaseAuthorizer) > authSelector.select(org.apache.lenya.cms.ac.usecase.impl.UsecaseAuthorizerImpl.TYPE); > + pub = PublicationUtil.getPublication(this.manager, request); > + authorized = auth.authorizeUsecase(VISIT_USECASE, roles, > pub); > + getLogger().debug("Authorized identity [" + identity + "]: " > + authorized); > + } catch (ServiceException e) { > + throw new AccessControlException("Can't get > UsecaseAuthorizer component: " + e); > + } catch (PublicationException e) { > + throw new AccessControlException("Can't get Publication: " + > e); > + } finally { > + this.manager.release(auth); > + } > } else { > getLogger().debug( > "Identity [" > @@ -110,6 +133,10 @@ > */ > public AccreditableManager getAccreditableManager() { > return this.accreditableManager; > + } > + > + public void service(ServiceManager manager) throws ServiceException { > + this.manager = manager; > } > > /** > > Copied: > lenya/trunk/src/modules-core/ac/java/src/org/apache/lenya/cms/ac/usecase/impl/UsecaseAuthorizerImpl.java > (from r562861, > lenya/trunk/src/modules-core/usecase/java/src/org/apache/lenya/cms/ac/usecase/impl/UsecaseAuthorizerImpl.java) > URL: > http://svn.apache.org/viewvc/lenya/trunk/src/modules-core/ac/java/src/org/apache/lenya/cms/ac/usecase/impl/UsecaseAuthorizerImpl.java?view=diff&rev=562961&p1=lenya/trunk/src/modules-core/usecase/java/src/org/apache/lenya/cms/ac/usecase/impl/UsecaseAuthorizerImpl.java&r1=562861&p2=lenya/trunk/src/modules-core/ac/java/src/org/apache/lenya/cms/ac/usecase/impl/UsecaseAuthorizerImpl.java&r2=562961 > ============================================================================== > --- > lenya/trunk/src/modules-core/usecase/java/src/org/apache/lenya/cms/ac/usecase/impl/UsecaseAuthorizerImpl.java > (original) > +++ > lenya/trunk/src/modules-core/ac/java/src/org/apache/lenya/cms/ac/usecase/impl/UsecaseAuthorizerImpl.java > Sun Aug 5 14:08:25 2007 > @@ -55,8 +55,9 @@ > public class UsecaseAuthorizerImpl extends AbstractLogEnabled implements > UsecaseAuthorizer, > Serviceable, Disposable, Parameterizable { > > + public static final String TYPE = "usecase"; > + > protected static final String PARAMETER_CONFIGURATION = "configuration"; > - protected static final String TYPE = "usecase"; > protected static final String USECASE_PARAMETER = "lenya.usecase"; > private static final String AC_CONFIGURATION_FILE > = "config/access-control/access-control.xml".replace('/', > File.separatorChar); > > Added: > lenya/trunk/src/modules-core/acusecases/config/cocoon-xconf/usecase-ac-visit.xconf > URL: > http://svn.apache.org/viewvc/lenya/trunk/src/modules-core/acusecases/config/cocoon-xconf/usecase-ac-visit.xconf?view=auto&rev=562961 > ============================================================================== > --- > lenya/trunk/src/modules-core/acusecases/config/cocoon-xconf/usecase-ac-visit.xconf > (added) > +++ > lenya/trunk/src/modules-core/acusecases/config/cocoon-xconf/usecase-ac-visit.xconf > Sun Aug 5 14:08:25 2007 > @@ -0,0 +1,26 @@ > +<?xml version="1.0"?> > +<!-- > + Licensed to the Apache Software Foundation (ASF) under one or more > + contributor license agreements. See the NOTICE file distributed with > + this work for additional information regarding copyright ownership. > + The ASF licenses this file to You under the Apache License, Version 2.0 > + (the "License"); you may not use this file except in compliance with > + the License. You may obtain a copy of the License at > + > + http://www.apache.org/licenses/LICENSE-2.0 > + > + Unless required by applicable law or agreed to in writing, software > + distributed under the License is distributed on an "AS IS" BASIS, > + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. > + See the License for the specific language governing permissions and > + limitations under the License. > +--> > + > + <!-- a pseudo-usecase meant to map url authentication to usecase > authentication --> > + <xconf xpath="/cocoon/usecases" unless="/cocoon/usecases/[EMAIL PROTECTED] > = 'ac.visit']"> > + > + <component-instance name="ac.visit" logger="lenya.ac" > class="org.apache.lenya.cms.usecase.DummyUsecase"> > + <view uri="cocoon://modules/acusecases/ac.visit" > createContinuation="false"/> > + </component-instance> > + > + </xconf> > > Added: lenya/trunk/src/modules-core/acusecases/sitemap.xmap > URL: > http://svn.apache.org/viewvc/lenya/trunk/src/modules-core/acusecases/sitemap.xmap?view=auto&rev=562961 > ============================================================================== > --- lenya/trunk/src/modules-core/acusecases/sitemap.xmap (added) > +++ lenya/trunk/src/modules-core/acusecases/sitemap.xmap Sun Aug 5 14:08:25 > 2007 > @@ -0,0 +1,43 @@ > +<?xml version="1.0" encoding="UTF-8"?> > +<!-- > + Licensed to the Apache Software Foundation (ASF) under one or more > + contributor license agreements. See the NOTICE file distributed with > + this work for additional information regarding copyright ownership. > + The ASF licenses this file to You under the Apache License, Version 2.0 > + (the "License"); you may not use this file except in compliance with > + the License. You may obtain a copy of the License at > + > + http://www.apache.org/licenses/LICENSE-2.0 > + > + Unless required by applicable law or agreed to in writing, software > + distributed under the License is distributed on an "AS IS" BASIS, > + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. > + See the License for the specific language governing permissions and > + limitations under the License. > +--> > + > + > +<!-- acusecases sitemap --> > + > +<map:sitemap xmlns:map="http://apache.org/cocoon/sitemap/1.0";> > + > + <map:pipelines> > + > + <map:pipeline> > + > + <!-- This is the view of the ac.visit usecase (see > config/cocoon-xconf/usecase-ac-visit.xconf). > + It is a pseudo-usecase meant to map the PolicyAuthorizer into the > realm of usecase policies, > + i.e. the policy authorizer will ask the UsecaseAuthorizer for an > authorization for the usecase > + ac.visit when a user requests a page. Then you can use the > existing usecase policy editor to > + configure it. > + It is never actually invoked, and so this view does not make all > that much sense. > + But since it *is* a usecase, why not make it work? --> > + <map:match pattern="ac.visit"> > + <map:read > src="cocoon://{page-envelope:publication-id}/{page-envelope:area}/{page-envelope:document-url}"/> > + </map:match> > + > + </map:pipeline> > + > + </map:pipelines> > + > +</map:sitemap> > > Modified: lenya/trunk/src/modules-core/usecase/config/module.xml > URL: > http://svn.apache.org/viewvc/lenya/trunk/src/modules-core/usecase/config/module.xml?view=diff&rev=562961&r1=562960&r2=562961 > ============================================================================== > --- lenya/trunk/src/modules-core/usecase/config/module.xml (original) > +++ lenya/trunk/src/modules-core/usecase/config/module.xml Sun Aug 5 > 14:08:25 2007 > @@ -20,7 +20,6 @@ > > <module xmlns="http://apache.org/lenya/module/1.0";> > <id>org.apache.lenya.modules.usecase</id> > - <export package="org.apache.lenya.cms.ac.usecase"/> > <export package="org.apache.lenya.cms.usecase"/> > <export package="org.apache.lenya.cms.usecase.scheduling"/> > <export package="org.apache.lenya.cms.usecase.xml"/> > > Modified: > lenya/trunk/src/pubs/default/config/access-control/policies/authoring/subtree-policy.acml > URL: > http://svn.apache.org/viewvc/lenya/trunk/src/pubs/default/config/access-control/policies/authoring/subtree-policy.acml?view=diff&rev=562961&r1=562960&r2=562961 > ============================================================================== > --- > lenya/trunk/src/pubs/default/config/access-control/policies/authoring/subtree-policy.acml > (original) > +++ > lenya/trunk/src/pubs/default/config/access-control/policies/authoring/subtree-policy.acml > Sun Aug 5 14:08:25 2007 > @@ -22,19 +22,22 @@ > > <group id="editor"> > <role id="edit" method="grant"/> > + <role id="visit" method="grant"/> > </group> > > <group id="reviewer"> > <role id="review" method="grant"/> > + <role id="visit" method="grant"/> > </group> > > <group id="admin"> > <role id="admin" method="grant"/> > + <role id="visit" method="grant"/> > </group> > > <!-- the "session" role grants access to login, logout and aboutLenya --> > <world> > <role id="session" method="grant"/> > </world> > - > + > </policy> > > Modified: > lenya/trunk/src/pubs/default/config/access-control/policies/index.html/url-policy.acml > URL: > http://svn.apache.org/viewvc/lenya/trunk/src/pubs/default/config/access-control/policies/index.html/url-policy.acml?view=diff&rev=562961&r1=562960&r2=562961 > ============================================================================== > --- > lenya/trunk/src/pubs/default/config/access-control/policies/index.html/url-policy.acml > (original) > +++ > lenya/trunk/src/pubs/default/config/access-control/policies/index.html/url-policy.acml > Sun Aug 5 14:08:25 2007 > @@ -21,7 +21,7 @@ > <policy xmlns="http://apache.org/cocoon/lenya/ac/1.0";> > > <world> > - <role id="visit" method="grant"/> > + <role id="visit" method="deny"/> > </world> > > </policy> > > Modified: > lenya/trunk/src/pubs/default/config/access-control/usecase-policies.xml > URL: > http://svn.apache.org/viewvc/lenya/trunk/src/pubs/default/config/access-control/usecase-policies.xml?view=diff&rev=562961&r1=562960&r2=562961 > ============================================================================== > --- lenya/trunk/src/pubs/default/config/access-control/usecase-policies.xml > (original) > +++ lenya/trunk/src/pubs/default/config/access-control/usecase-policies.xml > Sun Aug 5 14:08:25 2007 > @@ -21,6 +21,13 @@ > <!--+++NOTE+++ The usecase list was initialized using > modules/usecase-impl/xslt/initUsecasePolicies.xsl.--> > <usecases xmlns="http://apache.org/cocoon/lenya/ac/1.0";> > > + <usecase id="ac.visit"> > + <role id="visit" method="grant"/> > + <role id="admin" method="grant"/> > + <role id="edit" method="grant"/> > + <role id="review" method="grant"/> > + </usecase> > + > <usecase id="ac.logout"> > <role id="session" method="grant"/> > </usecase> -- Andreas Hartmann, CTO BeCompany GmbH http://www.becompany.ch --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
