AuthorizationFactory


1   /**
2    * Copyright (C) 2001 Yasna.com. All rights reserved.
3    *
4    * ===================================================================
5    * The Apache Software License, Version 1.1
6    *
7    * Redistribution and use in source and binary forms, with or without
8    * modification, are permitted provided that the following conditions
9    * are met:
10   *
11   * 1. Redistributions of source code must retain the above copyright
12   *    notice, this list of conditions and the following disclaimer.
13   *
14   * 2. Redistributions in binary form must reproduce the above copyright
15   *    notice, this list of conditions and the following disclaimer in
16   *    the documentation and/or other materials provided with the
17   *    distribution.
18   *
19   * 3. The end-user documentation included with the redistribution,
20   *    if any, must include the following acknowledgment:
21   *       "This product includes software developed by
22   *        Yasna.com (http://www.yasna.com)."
23   *    Alternately, this acknowledgment may appear in the software itself,
24   *    if and wherever such third-party acknowledgments normally appear.
25   *
26   * 4. The names "Yazd" and "Yasna.com" must not be used to
27   *    endorse or promote products derived from this software without
28   *    prior written permission. For written permission, please
29   *    contact yazd@yasna.com.
30   *
31   * 5. Products derived from this software may not be called "Yazd",
32   *    nor may "Yazd" appear in their name, without prior written
33   *    permission of Yasna.com.
34   *
35   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
36   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
37   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
38   * DISCLAIMED.  IN NO EVENT SHALL YASNA.COM OR
39   * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40   * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
41   * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
42   * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
43   * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
44   * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
45   * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
46   * SUCH DAMAGE.
47   * ====================================================================
48   *
49   * This software consists of voluntary contributions made by many
50   * individuals on behalf of Yasna.com. For more information
51   * on Yasna.com, please see <http://www.yasna.com>.
52   */
53  
54  /**
55   * Copyright (C) 2000 CoolServlets.com. All rights reserved.
56   *
57   * ===================================================================
58   * The Apache Software License, Version 1.1
59   *
60   * Redistribution and use in source and binary forms, with or without
61   * modification, are permitted provided that the following conditions
62   * are met:
63   *
64   * 1. Redistributions of source code must retain the above copyright
65   *    notice, this list of conditions and the following disclaimer.
66   *
67   * 2. Redistributions in binary form must reproduce the above copyright
68   *    notice, this list of conditions and the following disclaimer in
69   *    the documentation and/or other materials provided with the
70   *    distribution.
71   *
72   * 3. The end-user documentation included with the redistribution,
73   *    if any, must include the following acknowledgment:
74   *       "This product includes software developed by
75   *        CoolServlets.com (http://www.coolservlets.com)."
76   *    Alternately, this acknowledgment may appear in the software itself,
77   *    if and wherever such third-party acknowledgments normally appear.
78   *
79   * 4. The names "Jive" and "CoolServlets.com" must not be used to
80   *    endorse or promote products derived from this software without
81   *    prior written permission. For written permission, please
82   *    contact webmaster@coolservlets.com.
83   *
84   * 5. Products derived from this software may not be called "Jive",
85   *    nor may "Jive" appear in their name, without prior written
86   *    permission of CoolServlets.com.
87   *
88   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
89   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
90   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
91   * DISCLAIMED.  IN NO EVENT SHALL COOLSERVLETS.COM OR
92   * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
93   * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
94   * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
95   * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
96   * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
97   * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
98   * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
99   * SUCH DAMAGE.
100  * ====================================================================
101  *
102  * This software consists of voluntary contributions made by many
103  * individuals on behalf of CoolServlets.com. For more information
104  * on CoolServlets.com, please see <http://www.coolservlets.com>.
105  */
106 
107 package com.Yasna.forum;
108 
109 /**
110  * An abstract class that defines a framework for providing authorization
111  * services in Yazd. The static getAuthorization(String,String) and
112  * getAnonymousAuthorization() methods should be called directly from
113  * applications using Yazd in order to obtain Authorization tokens.<p>
114  *
115  * Users of Yazd that wish to change the AuthorizationFactory implementation
116  * used to generate tokens can set the <code>AuthorizationFactory.className</code>
117  * Yazd property. For example, if you have altered Yazd to use LDAP for user
118  * information, you'd want to write a custom implementation of
119  * AuthorizationFactory to make LDAP authorization queries. After changing the
120  * <code>AuthorizationFactory.className</code> Yazd property, you must restart
121  * your application server.
122  */
123 public abstract class AuthorizationFactory {
124     
125 
126     /**
127      * The default class to instantiate is database implementation.
128      */
129     private static String   className =
130         "com.Yasna.forum.database.DbAuthorizationFactory";
131 
132     private static AuthorizationFactory factory = null;
133 
134     /**
135      * Returns the Authorization token associated with the specified username
136      * and password. If the username and password do not match the record of
137      * any user in the system, the method throws an UnauthorizedException.<p>
138      *
139      * When using most implementations of this class, authorization tokens
140      * should be cached. A convenient place to store a token is often in the
141      * HttpSession.
142      *
143      * @param username the username to create an Authorization with.
144      * @param password the password to create an Authorization with.
145      * @return an Authorization token if the username and password are correct.
146      * @throws UnauthorizedException if the username and password do not match
147      *      any existing user.
148      */
149     public static Authorization getAuthorization(String   username,
150             String   password) throws UnauthorizedException
151     {
152         loadAuthorizationFactory();
153         return factory.createAuthorization(username, password);
154     }
155 
156     /**
157      * Returns the anonymous user Authorization.
158      *
159      * @return an anonymous Authorization token.
160      */
161     public static Authorization getAnonymousAuthorization() {
162         loadAuthorizationFactory();
163         return factory.createAnonymousAuthorization();
164     }
165 
166     /**
167      * Creates Authorization tokens for users. This method is implemented by
168      * concrete subclasses of AuthorizationFactory.
169      *
170      * @param username the username to create an Authorization with.
171      * @param password the password to create an Authorization with.
172      * @return an Authorization token if the username and password are correct.
173      * @throws UnauthorizedException if the username and password do not match
174      *      any existing user.
175      */
176     public abstract Authorization createAuthorization(String   username,
177             String   password) throws UnauthorizedException;
178 
179     /**
180      * Creates anonymous Authorization tokens. This method is implemented by
181      * concrete subclasses AuthorizationFactory.
182      *
183      * @return an anonymous Authorization token.
184      */
185     public abstract Authorization createAnonymousAuthorization();
186 
187     /**
188      * Loads a concrete AuthorizationFactory that can be used generate
189      * Authorization tokens for authorized users.<p>
190      *
191      * By default, the implementation used will be an instance of
192      * DbAuthorizationFactory -- the standard database implementation that uses
193      * the Yazd user table. A different factory can be specified by setting the
194      * Yazd property "AuthorizationFactory.className". However, you must
195      * restart Yazd for any change to take effect.
196      */
197     private static void loadAuthorizationFactory() {
198         if (factory == null) {
199             //Use className as a convenient object to get a lock on.
200             synchronized(className) {
201                 if (factory == null) {
202                     //See if the classname has been set as a Yazd property.
203                     String   classNameProp = PropertyManager.getProperty(
204                         "AuthorizationFactory.className"
205                     );
206                     if (classNameProp != null) {
207                         className = classNameProp;
208                     }
209                     try {
210                         Class   c = Class.forName(className);
211                         factory = (AuthorizationFactory)c.newInstance();
212                     }
213                     catch (Exception   e) {
214                         System.err.println("Exception loading class: " + e);
215                         e.printStackTrace();
216                     }
217                 }
218             }
219         }
220     }
221 }
222
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags