privilegedSubjects;
private UserPersistence userPersistence;
/**
* Servlet initialization method.
*
*
* Receives the servlet configuration object and initializes UserPersistence
* using input parameters read from it. Users who do augment
* subject calls are constructed by taking the principals out of the ServletConfig
* input parameter.
*
*
* The UserRequestServlet in the web deployment descriptor file
* web.xml
must have two input parameters:
*
* ca.nrc.cadc.ac.server.web.UserRequestServlet.PrivilegedX500Principals
* is a list of trusted administrators DNs. It is a multi-line list with
* line breaks between the trusted DNs and each DN eclosed in double quotes.
* ca.nrc.cadc.ac.server.web.UserRequestServlet.PrivilegedHttpPrincipals
* is a list of space separated userids (HTTP identities) corresponding
* to the previous DNs.
*
* The two lists of principal names must be of the same
* length and correspond to each other in order.
*
* @param config The servlet configuration object.
* @param response The HTTP Response.
*
* @throws javax.servlet.ServletException For general Servlet exceptions.
*/
@Override
public void init(ServletConfig config) throws ServletException
{
super.init(config);
try
{
String x500Users = config.getInitParameter(UserRequestServlet.class.getName() + ".PrivilegedX500Principals");
log.debug("PrivilegedX500Users: " + x500Users);
String httpUsers = config.getInitParameter(UserRequestServlet.class.getName() + ".PrivilegedHttpPrincipals");
log.debug("PrivilegedHttpUsers: " + httpUsers);
List x500List = new ArrayList();
List httpList = new ArrayList();
if (x500Users != null && httpUsers != null)
{
Pattern pattern = Pattern.compile("([^\"]\\S*|\".+?\")\\s*");
Matcher x500Matcher = pattern.matcher(x500Users);
Matcher httpMatcher = pattern.matcher(httpUsers);
while (x500Matcher.find())
{
String next = x500Matcher.group(1);
x500List.add(next.replace("\"", ""));
}
while (httpMatcher.find())
{
String next = httpMatcher.group(1);
httpList.add(next.replace("\"", ""));
}
if (x500List.size() != httpList.size())
{
throw new RuntimeException("Init exception: Lists of augment subject principals not equivalent in length");
}
privilegedSubjects = new ArrayList(x500Users.length());
for (int i=0; i principals = extractor.getPrincipals();
for (Principal principal : principals)
{
if (principal instanceof X500Principal)
{
for (Subject s : privilegedSubjects)
{
Set x500Principals = s.getPrincipals(X500Principal.class);
for (X500Principal p2 : x500Principals)
{
if (p2.getName().equalsIgnoreCase(principal.getName()))
{
return s;
}
}
}
}
if (principal instanceof HttpPrincipal)
{
for (Subject s : privilegedSubjects)
{
Set httpPrincipals = s.getPrincipals(HttpPrincipal.class);
for (HttpPrincipal p2 : httpPrincipals)
{
if (p2.getName().equalsIgnoreCase(principal.getName()))
{
return s;
}
}
}
}
}
return null;
}
}