AccessControlInterceptor.java<TITLE> <LINK rel="stylesheet" href="../..//java.css" type="text/css" media="all" /> </HEAD> <BODY id="java">  <SCRIPT type="text/javascript" src="../..//java.js" /> <TABLE class="tabs"><TR> <TD id="tab_colour" class="active"><A HREF='javascript:set_style("colour")'>Coloured</A></TD> <TD id="tab_raw" class="inactive"><A HREF='javascript:set_style("raw")'>Raw</A></TD> </TR></TABLE> <DIV id="colour" class="display"> <PRE class="colour" id="code"> <SPAN id='line_0' class='line_number'> </SPAN> <SPAN id='line_1' class='line_number'> 1</SPAN><span class='comment'>// Copyright 2007, Tim Vernum</span> <SPAN id='line_2' class='line_number'> 2</SPAN><span class='comment'>// Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation </span> <SPAN id='line_3' class='line_number'> 3</SPAN><span class='comment'>// files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy,</span> <SPAN id='line_4' class='line_number'> 4</SPAN><span class='comment'>// modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the</span> <SPAN id='line_5' class='line_number'> 5</SPAN><span class='comment'>// Software is furnished to do so, subject to the following conditions:</span> <SPAN id='line_6' class='line_number'> 6</SPAN><span class='comment'>// The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.</span> <SPAN id='line_7' class='line_number'> 7</SPAN><span class='comment'>// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE </span> <SPAN id='line_8' class='line_number'> 8</SPAN><span class='comment'>// WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR </span> <SPAN id='line_9' class='line_number'> 9</SPAN><span class='comment'>// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,</span> <SPAN id='line_10' class='line_number'>10</SPAN><span class='comment'>// ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.</span> <SPAN id='line_11' class='line_number'>11</SPAN> <SPAN id='line_12' class='line_number'>12</SPAN><span class='package'>package</span> security<span class='operator'>.</span>constraint<span class='operator'>;</span> <SPAN id='line_13' class='line_number'>13</SPAN> <SPAN id='line_14' class='line_number'>14</SPAN><span class='package'>import</span> org<span class='operator'>.</span>aopalliance<span class='operator'>.</span>intercept<span class='operator'>.</span><span class='type'><a title='View javadoc' href='http:/aopalliance.sf.net/doc/org/aopalliance/intercept/MethodInterceptor.html'>MethodInterceptor</a></span><span class='operator'>;</span> <SPAN id='line_15' class='line_number'>15</SPAN><span class='package'>import</span> org<span class='operator'>.</span>aopalliance<span class='operator'>.</span>intercept<span class='operator'>.</span><span class='type'><a title='View javadoc' href='http:/aopalliance.sf.net/doc/org/aopalliance/intercept/MethodInvocation.html'>MethodInvocation</a></span><span class='operator'>;</span> <SPAN id='line_16' class='line_number'>16</SPAN> <SPAN id='line_17' class='line_number'>17</SPAN><span class='access'>public</span> <span class='typedef'>class</span> AccessControlInterceptor <span class='inherit'>implements</span> <span class='type'><a title='View javadoc' href='http:/aopalliance.sf.net/doc/org/aopalliance/intercept/MethodInterceptor.html'>MethodInterceptor</a></span> <SPAN id='line_18' class='line_number'>18</SPAN>{ <SPAN id='line_19' class='line_number'>19</SPAN> <span class='access'>private</span> <span class='storage'>final</span> AccessChecker <span class='member'>_checker</span><span class='operator'>;</span> <SPAN id='line_20' class='line_number'>20</SPAN> <SPAN id='line_21' class='line_number'>21</SPAN> <span class='access'>public</span> AccessControlInterceptor() <SPAN id='line_22' class='line_number'>22</SPAN> { <SPAN id='line_23' class='line_number'>23</SPAN> <span class='member'>_checker</span> <span class='operator'>=</span> <span class='operator'>new</span> AccessChecker()<span class='operator'>;</span> <SPAN id='line_24' class='line_number'>24</SPAN> } <SPAN id='line_25' class='line_number'>25</SPAN> <SPAN id='line_26' class='line_number'>26</SPAN> <span class='access'>public</span> <span class='type'>Object</span> invoke(<span class='type'><a title='View javadoc' href='http:/aopalliance.sf.net/doc/org/aopalliance/intercept/MethodInvocation.html'>MethodInvocation</a></span> invocation) <span class='throw'>throws</span> <span class='type'>Throwable</span> <SPAN id='line_27' class='line_number'>27</SPAN> { <SPAN id='line_28' class='line_number'>28</SPAN> AccessControl control <span class='operator'>=</span> getAnnotation(invocation)<span class='operator'>;</span> <SPAN id='line_29' class='line_number'>29</SPAN> <span class='loop'>if</span> (control !<span class='operator'>=</span> <span class='operator'>null</span>) <SPAN id='line_30' class='line_number'>30</SPAN> { <SPAN id='line_31' class='line_number'>31</SPAN> <span class='loop'>if</span> (!_checker<span class='operator'>.</span>isAccessAllowed(control)) <SPAN id='line_32' class='line_number'>32</SPAN> { <SPAN id='line_33' class='line_number'>33</SPAN> <span class='throw'>throw</span> <span class='operator'>new</span> <span class='type'>SecurityException</span>(<span class='string'>"No access to "</span> <span class='operator'>+</span> invocation<span class='operator'>.</span>getMethod() <span class='operator'>+</span> <span class='string'>" with access control "</span> <span class='operator'>+</span> control)<span class='operator'>;</span> <SPAN id='line_34' class='line_number'>34</SPAN> } <SPAN id='line_35' class='line_number'>35</SPAN> } <SPAN id='line_36' class='line_number'>36</SPAN> <span class='flow'>return</span> invocation<span class='operator'>.</span>proceed()<span class='operator'>;</span> <SPAN id='line_37' class='line_number'>37</SPAN> } <SPAN id='line_38' class='line_number'>38</SPAN> <SPAN id='line_39' class='line_number'>39</SPAN> <span class='access'>private</span> AccessControl getAnnotation(<span class='type'><a title='View javadoc' href='http:/aopalliance.sf.net/doc/org/aopalliance/intercept/MethodInvocation.html'>MethodInvocation</a></span> invocation) <SPAN id='line_40' class='line_number'>40</SPAN> { <SPAN id='line_41' class='line_number'>41</SPAN> AccessControl annotation <span class='operator'>=</span> invocation<span class='operator'>.</span>getMethod()<span class='operator'>.</span>getAnnotation(AccessControl<span class='operator'>.</span><span class='typedef'>class</span>)<span class='operator'>;</span> <SPAN id='line_42' class='line_number'>42</SPAN> <span class='loop'>if</span> (annotation <span class='operator'>=</span><span class='operator'>=</span> <span class='operator'>null</span>) <SPAN id='line_43' class='line_number'>43</SPAN> { <SPAN id='line_44' class='line_number'>44</SPAN> annotation <span class='operator'>=</span> invocation<span class='operator'>.</span>getThis()<span class='operator'>.</span>getClass()<span class='operator'>.</span>getAnnotation(AccessControl<span class='operator'>.</span><span class='typedef'>class</span>)<span class='operator'>;</span> <SPAN id='line_45' class='line_number'>45</SPAN> } <SPAN id='line_46' class='line_number'>46</SPAN> <span class='flow'>return</span> annotation<span class='operator'>;</span> <SPAN id='line_47' class='line_number'>47</SPAN> } <SPAN id='line_48' class='line_number'>48</SPAN> <SPAN id='line_49' class='line_number'>49</SPAN>} <SPAN id='line_last' class='line_number'> </SPAN> </PRE></DIV> <DIV id='raw' class='hidden'><PRE class='raw'>// Copyright 2007, Tim Vernum // Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation // files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, // modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the // Software is furnished to do so, subject to the following conditions: // The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE // WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR // COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, // ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. package security.constraint; import org.aopalliance.intercept.MethodInterceptor; import org.aopalliance.intercept.MethodInvocation; public class AccessControlInterceptor implements MethodInterceptor { private final AccessChecker _checker; public AccessControlInterceptor() { _checker = new AccessChecker(); } public Object invoke(MethodInvocation invocation) throws Throwable { AccessControl control = getAnnotation(invocation); if (control != null) { if (!_checker.isAccessAllowed(control)) { throw new SecurityException("No access to " + invocation.getMethod() + " with access control " + control); } } return invocation.proceed(); } private AccessControl getAnnotation(MethodInvocation invocation) { AccessControl annotation = invocation.getMethod().getAnnotation(AccessControl.class); if (annotation == null) { annotation = invocation.getThis().getClass().getAnnotation(AccessControl.class); } return annotation; } }</PRE></DIV> </BODY></HTML>