001    /**
002     *  Licensed to the Apache Software Foundation (ASF) under one or more
003     *  contributor license agreements.  See the NOTICE file distributed with
004     *  this work for additional information regarding copyright ownership.
005     *  The ASF licenses this file to You under the Apache License, Version 2.0
006     *  (the "License"); you may not use this file except in compliance with
007     *  the License.  You may obtain a copy of the License at
008     *
009     *     http://www.apache.org/licenses/LICENSE-2.0
010     *
011     *  Unless required by applicable law or agreed to in writing, software
012     *  distributed under the License is distributed on an "AS IS" BASIS,
013     *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     *  See the License for the specific language governing permissions and
015     *  limitations under the License.
016     */
017    package org.apache.geronimo.tomcat.realm;
018    
019    import java.io.IOException;
020    
021    import org.apache.catalina.connector.Request;
022    import org.apache.catalina.connector.Response;
023    import org.apache.catalina.deploy.SecurityConstraint;
024    import org.apache.catalina.Context;
025    
026    /**
027     * TomcatEJBWSGeronimoRealm is intended only for use with ejb web services in tomcat.
028     * Tomcat appears to conflate the separate concepts of logging in and checking permissions
029     * into one class.  This is wholly inappropriate for ejb web services, where logging in
030     * is handled by the web container but authorization is handled by the ejb container.
031     * This class "separates" the concerns by always authorizing everything.
032     * 
033     * @version $Rev: 476049 $ $Date: 2006-11-16 23:35:17 -0500 (Thu, 16 Nov 2006) $
034     */
035    public class TomcatEJBWSGeronimoRealm extends TomcatGeronimoRealm {
036    
037        public boolean hasResourcePermission(Request request,
038                                             Response response,
039                                             SecurityConstraint[] constraints,
040                                             Context context)
041                throws IOException {
042            return true;
043    
044        }
045    
046        public boolean hasUserDataPermission(Request request,
047                                             Response response,
048                                             SecurityConstraint[] constraints)
049                throws IOException {
050            return true;
051        }
052    
053    }