Created
May 29, 2012 21:59
-
-
Save ascandroli/2831057 to your computer and use it in GitHub Desktop.
tapestry-security based configuration that block access to assets (inspired by T5AssetProtectionDispatcher)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package org.tynamo.security.services; | |
import org.apache.shiro.util.PatternMatcher; | |
import org.apache.tapestry5.SymbolConstants; | |
import org.apache.tapestry5.ioc.Configuration; | |
import org.apache.tapestry5.ioc.annotations.Symbol; | |
import org.tynamo.security.services.impl.SecurityFilterChain; | |
import java.util.regex.Pattern; | |
public class AssetProtectionModule { | |
public static void contributeSecurityConfiguration(Configuration<SecurityFilterChain> configuration, | |
@Symbol(SymbolConstants.ASSET_PATH_PREFIX) final String assetPathPrefix, | |
SecurityFilterChainFactory factory) { | |
final String noListingExpression = assetPathPrefix + ".*/$"; | |
final PatternMatcher noListingPatternMatcher = new PatternMatcherImpl(Pattern.compile(noListingExpression)); | |
configuration.add(factory.createChain(noListingExpression, noListingPatternMatcher) | |
.add(factory.notfound()).build()); | |
final String pattern = ".*\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$"; | |
final PatternMatcher patternMatcher = new PatternMatcherImpl(Pattern.compile(pattern)); | |
configuration.add(factory.createChain(pattern, new PatternMatcher() { | |
@Override | |
public boolean matches(String ignored, String source) { | |
return source.startsWith(assetPathPrefix) && !patternMatcher.matches(ignored, source); | |
} | |
}).add(factory.notfound()).build()); | |
} | |
static class PatternMatcherImpl implements PatternMatcher { | |
private Pattern pattern; | |
PatternMatcherImpl(Pattern pattern) { | |
this.pattern = pattern; | |
} | |
@Override | |
public boolean matches(String ignored, String source) { | |
return pattern.matcher(source).matches(); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment