Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.owasp.esapi.reference
Class FileBasedAccessController

java.lang.Object
  extended byorg.owasp.esapi.reference.FileBasedAccessController
All Implemented Interfaces:
AccessController
public class FileBasedAccessController
extends java.lang.Object
implements AccessController

Reference implementation of the IAccessController interface. This reference implementation uses a simple model for specifying a set of access control rules. Many organizations will want to create their own implementation of the methods provided in the IAccessController interface.

This reference implementation uses a simple scheme for specifying the rules. The first step is to create a namespace for the resources being accessed. For files and URL's, this is easy as they already have a namespace. Be extremely careful about canonicalizing when relying on information from the user in an access ctnrol decision.

For functions, data, and services, you will have to come up with your own namespace for the resources being accessed. You might simply define a flat namespace with a list of category names. For example, you might specify 'FunctionA', 'FunctionB', and 'FunctionC'. Or you can create a richer namespace with a hierarchical structure, such as:

/functions

/admin Once you've defined your namespace, you have to work out the rules that govern access to the different parts of the namespace. This implementation allows you to attach a simple access control list (ACL) to any part of the namespace tree. The ACL lists a set of roles that are either allowed or denied access to a part of the tree. You specify these rules in a textfile with a simple format.

There is a single configuration file supporting each of the five methods in the IAccessController interface. These files are located in the ESAPI resources directory as specified when the JVM was started. The use of a default deny rule is STRONGLY recommended. The file format is as follows: 

 path          | role,role   | allow/deny | comment
 ------------------------------------------------------------------------------------
 /banking/*    | user,admin  | allow      | authenticated users can access /banking
 /admin        | admin       | allow      | only admin role can access /admin
 /             | any         | deny       | default deny rule
To find the matching rules, this implementation follows the general approach used in Java EE when matching HTTP requests to servlets in web.xml. The four mapping rules are used in the following order:

Since:
June 1, 2007
Author:
Jeff Williams (jeff.williams@aspectsecurity.com)
See Also:
AccessController

Constructor Summary
FileBasedAccessController()
           
 
Method Summary
 void assertAuthorizedForData(java.lang.String key)
          Checks if an account is authorized to access the referenced data.
 void assertAuthorizedForFile(java.lang.String filepath)
          Checks if an account is authorized to access the referenced file.
 void assertAuthorizedForFunction(java.lang.String functionName)
          Checks if an account is authorized to access the referenced function.
 void assertAuthorizedForService(java.lang.String serviceName)
          Checks if an account is authorized to access the referenced service.
 void assertAuthorizedForURL(java.lang.String url)
          Checks if an account is authorized to access the referenced URL.
 boolean isAuthorizedForData(java.lang.String key)
          Checks if an account is authorized to access the referenced data.
 boolean isAuthorizedForFile(java.lang.String filepath)
          Checks if an account is authorized to access the referenced file.
 boolean isAuthorizedForFunction(java.lang.String functionName)
          Checks if an account is authorized to access the referenced function.
 boolean isAuthorizedForService(java.lang.String serviceName)
          Checks if an account is authorized to access the referenced service.
 boolean isAuthorizedForURL(java.lang.String url)
          Checks if an account is authorized to access the referenced URL.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

FileBasedAccessController

public FileBasedAccessController()
Method Detail

isAuthorizedForURL

public boolean isAuthorizedForURL(java.lang.String url)
Description copied from interface: AccessController
Checks if an account is authorized to access the referenced URL. The implementation should allow access to be granted to any part of the URL. Generally, this method should be invoked in the application's controller or a filter as follows: 
ESAPI.accessController().isAuthorizedForURL(request.getRequestURI().toString());

Specified by:
isAuthorizedForURL in interface AccessController
Returns:
true, if is authorized for URL

isAuthorizedForFunction

public boolean isAuthorizedForFunction(java.lang.String functionName)
Description copied from interface: AccessController
Checks if an account is authorized to access the referenced function. The implementation should define the function "namespace" to be enforced. Choosing something simple like the classname of action classes or menu item names will make this implementation easier to use.

Specified by:
isAuthorizedForFunction in interface AccessController
Parameters:
functionName - the function name
Returns:
true, if is authorized for function

isAuthorizedForData

public boolean isAuthorizedForData(java.lang.String key)
Description copied from interface: AccessController
Checks if an account is authorized to access the referenced data. The implementation should define the data "namespace" to be enforced.

Specified by:
isAuthorizedForData in interface AccessController
Parameters:
key - the key
Returns:
true, if is authorized for data

isAuthorizedForFile

public boolean isAuthorizedForFile(java.lang.String filepath)
Description copied from interface: AccessController
Checks if an account is authorized to access the referenced file. The implementation should be extremely careful about canonicalization.

Specified by:
isAuthorizedForFile in interface AccessController
Parameters:
filepath - the filepath
Returns:
true, if is authorized for file
See Also:
Encoder.canonicalize(String)

isAuthorizedForService

public boolean isAuthorizedForService(java.lang.String serviceName)
Description copied from interface: AccessController
Checks if an account is authorized to access the referenced service. This can be used in applications that provide access to a variety of backend services.

Specified by:
isAuthorizedForService in interface AccessController
Parameters:
serviceName - the service name
Returns:
true, if is authorized for service

assertAuthorizedForURL

public void assertAuthorizedForURL(java.lang.String url)
                            throws AccessControlException
Description copied from interface: AccessController
Checks if an account is authorized to access the referenced URL. The implementation should allow access to be granted to any part of the URL. Generally, this method should be invoked in the application's controller or a filter as follows: 
ESAPI.accessController().assertAuthorizedForURL(request.getRequestURI().toString());

Specified by:
assertAuthorizedForURL in interface AccessController
Parameters:
url - the url as returned by request.getRequestURI().toString()
Throws:
AccessControlException - if access is not permitted

assertAuthorizedForFunction

public void assertAuthorizedForFunction(java.lang.String functionName)
                                 throws AccessControlException
Description copied from interface: AccessController
Checks if an account is authorized to access the referenced function. The implementation should define the function "namespace" to be enforced. Choosing something simple like the classname of action classes or menu item names will make this implementation easier to use.

Specified by:
assertAuthorizedForFunction in interface AccessController
Parameters:
functionName - the function name
Throws:
AccessControlException - if access is not permitted

assertAuthorizedForData

public void assertAuthorizedForData(java.lang.String key)
                             throws AccessControlException
Description copied from interface: AccessController
Checks if an account is authorized to access the referenced data. The implementation should define the data "namespace" to be enforced.

Specified by:
assertAuthorizedForData in interface AccessController
Parameters:
key - the key
Throws:
AccessControlException - is access is not permitted

assertAuthorizedForFile

public void assertAuthorizedForFile(java.lang.String filepath)
                             throws AccessControlException
Description copied from interface: AccessController
Checks if an account is authorized to access the referenced file. The implementation should be extremely careful about canonicalization.

Specified by:
assertAuthorizedForFile in interface AccessController
Parameters:
filepath - the filepath
Throws:
AccessControlException - is access is not permitted
See Also:
Encoder.canonicalize(String)

assertAuthorizedForService

public void assertAuthorizedForService(java.lang.String serviceName)
                                throws AccessControlException
Description copied from interface: AccessController
Checks if an account is authorized to access the referenced service. This can be used in applications that provide access to a variety of backend services.

Specified by:
assertAuthorizedForService in interface AccessController
Parameters:
serviceName - the service name
Throws:
AccessControlException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD