Extending DTD and consequences

Wed, 03 Dec 2003 11:06:07 -0800 

Hello all,

I want to ask you for help concerning an extension of the struts config dtd
and how to make these extension available in the javabeans, respectively. In
my case the "roles" tag isn't enough why I added a "security-constraint" tag.
Within a sub-class of RequestProcessor I would like to check if the user in
role satifies the security-constraint to call the corresponding action. A
security-constraint is composed of a module name and a function access
permission. To do checking I need to be able access the securityConstraint-property of
my SessionActionMapping sub-class if I'm right. But I don't now how to tell
the Digester with the right rules how to add the SecurityConstraint bean to
my SessionActionMapping sub-class. There's where I need help.

So first this is how my DTD looks like:

...
<!ELEMENT action-mappings (action*)>
<!ATTLIST action-mappings id             ID              #IMPLIED>
<!ATTLIST action-mappings type           %ClassName;     #IMPLIED>


<!-- The "auth-constraint" element describes an AuthConstraint object that 
     describes which access rights are neccessary to call an action. The
     following attributes are defined:
     
     module-name     Name of the module where access should be granted.
     
     function-name   Name of the function whose access rights should be
granted.
-->
<!ELEMENT auth-constraint EMPTY>
<!ATTLIST auth-constraint
        module-name CDATA #REQUIRED
        function-name CDATA #REQUIRED>


<!-- The "security-constraint" element describes an SecurityConstraint
     object which collects a number of AuthConstraint objects
-->
<!ELEMENT security-constraint (auth-constraint+)>


<!-- The "action" element describes an ActionMapping object that is to be
used
     to process a request for a specific module-relative URI. The following
     attributes are defined:

<!ELEMENT action (icon?, display-name?, description?, set-property*,
exception*, forward*, security-constraint?)>
<!ATTLIST action         id             ID              #IMPLIED>
...


and this is how my extended struts config look like:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts-config 
        PUBLIC "-//Sebastian//DTD Struts Configuration 1.1_1//EN"
    "struts-config_1_1_RFS1.dtd">
<struts-config>

        <!-- Data Sources -->
        <data-sources>
        </data-sources>

        <!-- Form Beans -->
        <form-beans>
        </form-beans>

        <!-- Global Forwards -->
        <global-forwards>
        </global-forwards>

        <!-- Action Mappings -->
        <action-mappings type="sample.struts.action.RFSActionMapping">
                <action path="/sample-action" type="sample.actions.SampleAction">
                        <forward name="success" path="success.jsp"></forward>
                        <forward name="error" path="error.jsp"></forward>
                        <security-constraint>
                                <auth-constraint module-name="show" 
function-name="ordering"  />
                        </security-constraint>
                </action>
        </action-mappings>

</struts-config>

I wrote an ActionServlet sub-class to define the public id of my dtd for the
digester and activated my ActionServer sub-class threw the web deployment
descriptor. Starting my sample application the action servlet gets correctly
initialized. 

Then I added JavaBeans SecurityConstraint and AuthConstraint.
SecurityConstraint contains a property authConstraints type Collection, getter- and
setter-methods and a addAuthConstraint-method. AuthConstraint is a simple JavaBean
with properties moduleName and functionName and getter/setter-methods. 

SampleActionMapping extends SessionActionMapping and contains a property of
type SecurityConstraint. Within the struts-config I defined my sample action
mapping globaly for all action mappings.

All this describes works fine. But now the problem raises. Following an
excerpt from my SampleRuleSet:

public class SampleRuleSet extends RuleSetBase {

public void addRuleInstances(Digester digester) {

    digester.addObjectCreate(
        "struts-config/action-mappings/action/security-constraint", 
        "sample.struts.config.SecurityConstraint");
                        
    digester.addObjectCreate(
       
"struts-config/action-mappings/action/security-constraint/auth-constraint",
        "sample.struts.config.AuthConstraint");
    digester.addSetProperties(
       
"struts-config/action-mappings/action/security-constraint/auth-constraint",
        "function-name",
        "functionName");
    digester.addSetProperties(
       
"struts-config/action-mappings/action/security-constraint/auth-constraint",
        "module-name",
        "moduleName");
    digester.addSetNext( 
       
"struts-config/action-mappings/action/security-constraint/auth-constraint",
        "addAuthConstraint");                   
                        
I added my sample rule set using the init parameter within the web
deployment descriptor. But I didn't find the way how to tell the digester to add the
SecurityConstraint bean to my sample action mapping.

Impatiently waiting for your answers

regards

Sebastian





---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to