📄 xmlauthorizationhandler.java
字号:
package com.liuyang.axis.security.handler;
import java.util.StringTokenizer;
import org.apache.axis.*;
import org.apache.axis.handlers.BasicHandler;
import org.apache.axis.security.*;
import org.apache.axis.utils.*;
import com.liuyang.axis.security.XMLSecurityProvider;
public class XMLAuthorizationHandler extends BasicHandler {
public void invoke(MessageContext msgContext) throws AxisFault {
boolean allowByDefault = JavaUtils.isTrueExplicitly(getOption("allowByDefault"));
AuthenticatedUser user = (AuthenticatedUser)msgContext.getProperty(MessageContext.AUTHUSER);
if (user == null)
throw new AxisFault("Server.NoUser",Messages.getMessage("needUser00"), null, null);
String userID = user.getName();
Handler serviceHandler = msgContext.getService();
if (serviceHandler == null)throw new AxisFault(Messages.getMessage("needService00"));
String serviceName = serviceHandler.getName();
String allowedRoles = (String)serviceHandler.getOption("allowedRoles");
if (allowedRoles == null) {
if (allowByDefault) {
}else {throw new AxisFault( "Server.Unauthorized",
Messages.getMessage("notAuth00", userID, serviceName),null, null);
}return;
}
SecurityProvider provider = new XMLSecurityProvider();
if (provider == null)throw new AxisFault(Messages.getMessage("noSecurity00"));
StringTokenizer st = new StringTokenizer(allowedRoles, ",");
while (st.hasMoreTokens()) {
String thisRole = st.nextToken();
if (provider.userMatches(user, thisRole))return;
}throw new AxisFault("Server.Unauthorized",
Messages.getMessage("cantAuth02",userID,serviceName),null, null);
}
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -