001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.pacl.checker;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    
020    import java.security.Permission;
021    
022    import java.util.ArrayList;
023    import java.util.List;
024    import java.util.Set;
025    import java.util.regex.Matcher;
026    import java.util.regex.Pattern;
027    
028    /**
029     * @author Brian Wing Shun Chan
030     * @author Raymond Augé
031     */
032    public class JNDIChecker extends BaseChecker {
033    
034            public void afterPropertiesSet() {
035                    initNames();
036            }
037    
038            public void checkPermission(Permission permission) {
039                    throw new UnsupportedOperationException();
040            }
041    
042            @Override
043            public AuthorizationProperty generateAuthorizationProperty(
044                    Object... arguments) {
045    
046                    if ((arguments == null) || (arguments.length != 1) ||
047                            !(arguments[0] instanceof String)) {
048    
049                            return null;
050                    }
051    
052                    AuthorizationProperty authorizationProperty =
053                            new AuthorizationProperty();
054    
055                    authorizationProperty.setKey("security-manager-jndi-names");
056                    authorizationProperty.setValue((String)arguments[0]);
057    
058                    return authorizationProperty;
059            }
060    
061            public boolean hasJNDI(String name) {
062                    for (Pattern pattern : _patterns) {
063                            Matcher matcher = pattern.matcher(name);
064    
065                            if (matcher.matches()) {
066                                    return true;
067                            }
068                    }
069    
070                    return false;
071            }
072    
073            protected void initNames() {
074                    Set<String> names = getPropertySet("security-manager-jndi-names");
075    
076                    _patterns = new ArrayList<Pattern>(names.size());
077    
078                    for (String name : names) {
079                            Pattern pattern = Pattern.compile(name);
080    
081                            _patterns.add(pattern);
082    
083                            if (_log.isDebugEnabled()) {
084                                    _log.debug(
085                                            "Allowing access to JNDI names that match the regular " +
086                                                    "expression " + name);
087                            }
088                    }
089            }
090    
091            private static Log _log = LogFactoryUtil.getLog(JNDIChecker.class);
092    
093            private List<Pattern> _patterns;
094    
095    }