--- /dev/null
+// JigEditAclFilter.java\r
+// $Id: JigEditAclFilter.java,v 1.2 2010/06/15 17:53:03 smhuang Exp $\r
+// (c) COPYRIGHT MIT, INRIA and Keio, 2000.\r
+// Please first read the full copyright statement in file COPYRIGHT.html\r
+\r
+package org.w3c.jigedit.filters ;\r
+\r
+import java.net.*;\r
+\r
+import org.w3c.tools.resources.ProtocolException;\r
+import org.w3c.tools.resources.*;\r
+\r
+import org.w3c.jigsaw.acl.*;\r
+import org.w3c.jigsaw.auth.IPMatcher;\r
+import org.w3c.jigsaw.auth.IPTemplatesAttribute;\r
+\r
+import org.w3c.jigsaw.http.Request;\r
+import org.w3c.jigsaw.http.Client;\r
+\r
+/**\r
+ * @version $Revision: 1.2 $\r
+ * @author Benoît Mahé (bmahe@w3.org)\r
+ */\r
+public class JigEditAclFilter extends AclFilter {\r
+ \r
+ /**\r
+ * Attribute Index - Secure ip array\r
+ */\r
+ public static int ATTR_SECURE_IPS = -1;\r
+\r
+ static {\r
+ Attribute a = null ;\r
+ Class c = null ;\r
+ try {\r
+ c = Class.forName("org.w3c.jigedit.filters.JigEditAclFilter");\r
+ //Added by Jeff Huang\r
+ //TODO: FIXIT\r
+ } catch (Exception ex) {\r
+ ex.printStackTrace() ;\r
+ System.exit(1) ;\r
+ }\r
+ a = new IPTemplatesAttribute("secure-ips"\r
+ , null\r
+ , Attribute.EDITABLE) ;\r
+ ATTR_SECURE_IPS = AttributeRegistry.registerAttribute(c, a);\r
+ }\r
+\r
+ /**\r
+ * The IPMatcher to match secure IP \r
+ */\r
+ protected IPMatcher ipmatcher = null ;\r
+\r
+ protected IPMatcher getIPMatcher() {\r
+ if (ipmatcher == null) {\r
+ ipmatcher = new IPMatcher();\r
+ short[][] ips = getSecureIPs();\r
+ if ( ips != null ) {\r
+ for (int i = 0 ; i < ips.length ; i++) \r
+ ipmatcher.add(ips[i], Boolean.TRUE) ;\r
+ }\r
+ }\r
+ return ipmatcher;\r
+ }\r
+\r
+ /**\r
+ * Get the secure ip address\r
+ */\r
+ public short[][] getSecureIPs() {\r
+ return (short[][]) getValue(ATTR_SECURE_IPS, null) ;\r
+ }\r
+\r
+ /**\r
+ * Catch set value on the filter, to maintain cached values.\r
+ */\r
+ public void setValue(int idx, Object value) {\r
+ super.setValue(idx, value);\r
+ if ( idx == ATTR_SECURE_IPS ) {\r
+ ipmatcher = null;\r
+ }\r
+ }\r
+\r
+ /**\r
+ * Authenticate the given request.\r
+ * @param request The request to be authentified.\r
+ * @param acls The Access Control List array.\r
+ * @exception org.w3c.tools.resources.ProtocolException if authentication\r
+ * failed\r
+ */\r
+ protected void authenticate(Request request, JAcl acls[]) \r
+ throws ProtocolException \r
+ {\r
+ Client client = request.getClient();\r
+ InetAddress inetaddress = client.getInetAddress();\r
+ IPMatcher ipmatcher = getIPMatcher();\r
+ System.out.println(">>> "+inetaddress);\r
+ if (ipmatcher.lookup(inetaddress) != null) {\r
+ // secure ip, basic auth\r
+ setValue(ATTR_SECURITY_LEVEL, new Integer(0));\r
+ } else {\r
+ // unsecure ip, digest auth\r
+ setValue(ATTR_SECURITY_LEVEL, new Integer(1));\r
+ }\r
+ super.authenticate(request, acls);\r
+ }\r
+ \r
+}\r