Class WebApplication

  extended bySK.gnome.dwarf.GenericService
      extended bySK.gnome.dwarf.GenericServer
          extended bySK.gnome.dwarf.http.Application
              extended bySK.gnome.dwarf.http.WebApplication
All Implemented Interfaces:
SK.gnome.dwarf.Reportable, SK.gnome.dwarf.Server, SK.gnome.dwarf.Service, javax.servlet.ServletContext

public class WebApplication
extends Application

Provides the standard web application.

This class extends the Application in a way that it is able to configure itself automatically according to the deployment descriptor read from the "WEB-INF/web.xml" file. The directory format defined by the Servlet API 2.2 must be followed by the web application files.

The following servlets are automatically created and added during the initialization process:

  servlet class                                      URL mapping
  SK.gnome.dwarf.htp.servlet.FileServlet             /
  SK.gnome.dwarf.htp.servlet.LoginServlet            /j_security_check
  org.apache.jasper.servlet.JspServlet               *.jsp
If there are any other custom servlets mapped to these patterns via the deployment descriptor, they will be replaced by the above ones.

The initialization procedure sets the implicit servlet mapping to the "*.jsp" extension pattern if it is not set manually via the Application.setImplicitMappings(String) method. By setting it manually you can override the default behaviour.

The following initial context parameters can be used to configure the corresponding application attributes:

Directory indexing feature built-in to the FileServlet can be enabled by specifying the sk.gnome.dwarf.http.dirIndex initial context parameter. The parameter value must be set to "true".

Field Summary
Fields inherited from class SK.gnome.dwarf.http.Application
clearTempDir, contextPath, defaultEncoding, errorPages, EVERYONE, followSymlinks, forceAuthentication, implicitMappings, logFormat, mimeTypes, rolePrincipalClass, rootDir, runtimeServletPath, servlets, sessionTimeout, SSLRequired, tempDir, userPrincipalClass
Fields inherited from class SK.gnome.dwarf.GenericService
initParameters, parent
Fields inherited from interface SK.gnome.dwarf.Service
Constructor Summary
WebApplication(java.lang.String name)
          Creates a new WebApplication.
Method Summary
 java.lang.String getRealmName()
          Returns the authentication realm name.
 java.lang.ClassLoader getServletClassLoader()
          Returns the sevlet class loader.
 void checkAccess(Request request)
          Checks the access to the given resource.
 void init(SK.gnome.dwarf.Server parent)
          Initializes the service.
 boolean isUserInRole(Request request, java.lang.String role)
          Checks whether the user is in the given role.
Methods inherited from class SK.gnome.dwarf.http.Application
addService, getAttribute, getAttributeNames, getContext, getContextPath, getDefaultEncoding, getErrorPage, getForceAuthentication, getInitParameter, getInitParameterNames, getMajorVersion, getMimeType, getMinorVersion, getNamedDispatcher, getRealPath, getRequestDispatcher, getResource, getResourceAsStream, getServerInfo, getServlet, getServletMapping, getServletNames, getServlets, getSessionTimeout, getUserPrincipalClass, log, log, log, logFinished, removeAttribute, report, setAttribute, setClearTempDir, setContextPath, setDefaultEncoding, setErrorPages, setFollowSymlinks, setForceAuthentication, setImplicitMappings, setMimeTypes, setRolePrincipalClass, setRootDir, setRuntimeServletPath, setSessionTimeout, setSSLRequired, setTempDir, setUserPrincipalClass
Methods inherited from class SK.gnome.dwarf.GenericServer
addService, getAuthenticator, getLogger, getParameters, getService, getServices, getServices, removeService, shutdown, start, stop
Methods inherited from class SK.gnome.dwarf.GenericService
getAuthFacility, getFullName, getLogFacility, getName, getPrincipal, getShutdownTimeout, getState, log, log, login, logout, setAuthFacility, setInitParameters, setLogFacility, toString
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
Methods inherited from interface SK.gnome.dwarf.Service
getFullName, getName, getState, log, log, login, logout

Constructor Detail


public WebApplication(java.lang.String name)
Creates a new WebApplication.

Method Detail


public void init(SK.gnome.dwarf.Server parent)
          throws SK.gnome.dwarf.ServiceException
Initializes the service.

Reads and parses the "web.xml" file and configures the superclass via its setter methods, then makes a call to super.init.

Specified by:
init in interface SK.gnome.dwarf.Service
init in class Application


public java.lang.ClassLoader getServletClassLoader()
Returns the sevlet class loader.

getServletClassLoader in class Application
the class loader


public java.lang.String getRealmName()
Returns the authentication realm name.

Returns the realm name as defined by the deployment descriptor via the realm-name element, or calls the super.getRealmName method if no name is specified via the deployment descriptor.

getRealmName in class Application
the realm name


public void checkAccess(Request request)
Checks the access to the given resource.

Checks whether the subject issuing the request has permission to access the resource referenced by it. An exception is thrown to indicate that the access is denied, otherwise the method returns silently.

This method works as follows:
The resource URI path and the HTTP method are obtained from the request first, and then a new HTTPPathPermission is created according to the given information. The permission is then checked in the context of either the currently authenticated subject, obtained from the HTTP session, or the Application.EVERYONE subject representing an anonymous user. Actual checking operation is performed via the isUserInRole(Request, String) method.

This method also throws the SSLRequiredException for each request, whose isSecure method returns false, if the transport-guarantee element for the given web resource is set to either INTEGRAL or CONFIDENTIAL.

checkAccess in class Application
request - the HTTP request


public boolean isUserInRole(Request request,
                            java.lang.String role)
Checks whether the user is in the given role.

It first tries to translate the role name according to the security role reference (if exists) defined by the servlet, and then calls the superclass' isUserInRole method with the translated role name.

If the "***" string is used as the role name, the method will always return true and will not perform any security checks. This wildcard string can be thus used to represent an anonymous user.

isUserInRole in class Application
request - the request
role - the security role
true if the user is in the security role
See Also:

Copyright (c) 1999-2005, Gnome Ltd. All rights reserved.