GroupContainer


1   /*
2    *  SSL-Explorer
3    *
4    *  Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
5    *
6    *  This program is free software; you can redistribute it and/or
7    *  modify it under the terms of the GNU General Public License
8    *  as published by the Free Software Foundation; either version 2 of
9    *  the License, or (at your option) any later version.
10   *  This program is distributed in the hope that it will be useful,
11   *  but WITHOUT ANY WARRANTY; without even the implied warranty of
12   *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13   *  GNU General Public License for more details.
14   *
15   *  You should have received a copy of the GNU General Public
16   *  License along with this program; if not, write to the Free Software
17   *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18   */
19              
20  package com.sslexplorer.activedirectory;
21  
22  import java.io.Serializable  ;
23  import java.util.Collection  ;
24  import java.util.HashMap  ;
25  import java.util.Map  ;
26  import java.util.TreeSet  ;
27  
28  import org.apache.commons.cache.Cache;
29  import org.apache.commons.logging.Log;
30  import org.apache.commons.logging.LogFactory;
31  
32  import com.sslexplorer.security.Role;
33  
34  public final class GroupContainer extends PrincipalContainer<ActiveDirectoryGroup> {
35      private static final Log logger = LogFactory.getLog(GroupContainer.class);
36      private static final String   GROUPS_CACHE_PREFIX = "groups";
37      private static final String   CACHE_FULL_MESSAGE = "activeDirectory.cache.group.full";
38      public static final GroupContainer EMPTY_CACHE = new GroupContainer(0, true);
39      
40      private final Cache dnToRoleCache;
41      private final Cache groupsByRidCache;
42      private final Cache parentGroupsByDnCache;
43      
44      GroupContainer(int cacheSize, boolean inMemoryCache) {
45          super(cacheSize, inMemoryCache, "role", CACHE_FULL_MESSAGE);
46          dnToRoleCache = createCache(CACHE_FULL_MESSAGE);
47          groupsByRidCache = createCache(CACHE_FULL_MESSAGE);
48          parentGroupsByDnCache = createCache(CACHE_FULL_MESSAGE);
49      }    
50      
51      synchronized Role getGroupByDn(String   dn) {
52          return (Role) dnToRoleCache.retrieve(dn.toLowerCase());
53      }
54  
55      synchronized boolean containsDn(String   dn) {
56          return getGroupByDn(dn) != null;
57      }
58  
59      synchronized String   storeGroup(ActiveDirectoryGroup group, String  [] parents) {
60          storePrincipal(group);
61          final String   dn = group.getOriginalDn().toLowerCase();
62          dnToRoleCache.store(dn, group, Long.MAX_VALUE, null, GROUPS_CACHE_PREFIX);
63          if (group.getRID() != null) { // Only NT Authority groups will be used
64              groupsByRidCache.store(group.getRID(), group, Long.MAX_VALUE, null, GROUPS_CACHE_PREFIX);
65          }
66          parentGroupsByDnCache.store(dn, parents, Long.MAX_VALUE, null, GROUPS_CACHE_PREFIX);
67          return group.getPrincipalName();
68      }
69  
70      synchronized ActiveDirectoryGroup getByRid(Long   rid) {
71          return (ActiveDirectoryGroup) groupsByRidCache.retrieve(rid);
72      }
73  
74      synchronized void buildHierarchy() {
75          Serializable  [] keysForGroup = parentGroupsByDnCache.getKeysForGroup(GROUPS_CACHE_PREFIX);
76          for (Serializable   key : keysForGroup) {
77              buildHierarchy((String  ) key);
78          }
79      }
80  
81      synchronized void buildHierarchy(String   roleDn) {
82          roleDn = roleDn.toLowerCase();
83          ActiveDirectoryGroup role = (ActiveDirectoryGroup) dnToRoleCache.retrieve(roleDn);
84          if (role != null) {
85              Map  <String  , ActiveDirectoryGroup> parents = new HashMap  <String  , ActiveDirectoryGroup>();
86              addParents(roleDn, parents);
87              Collection  <ActiveDirectoryGroup> values = new TreeSet  <ActiveDirectoryGroup>(parents.values());
88              values.remove(role); // groups can be recursive so it might contain itself
89              ActiveDirectoryGroup[] toArray = values.toArray(new ActiveDirectoryGroup[parents.size()]);
90              role.setParents(toArray);
91          }
92      }
93      
94      private void addParents(String   roleDn, Map  <String  , ActiveDirectoryGroup> groups) {
95          String  [] parents = (String  []) parentGroupsByDnCache.retrieve(roleDn);
96          if (parents == null) {
97              return;
98          }
99  
100         for (String   parentDn : parents) {
101             parentDn = parentDn.toLowerCase();
102             // need to guard against recursive groups, if we've seen it before ignore it
103             if (!groups.containsKey(parentDn)) {
104                 if (containsDn(parentDn)) {
105                     ActiveDirectoryGroup foundRole = (ActiveDirectoryGroup) dnToRoleCache.retrieve(parentDn);
106                     if (foundRole != null) {
107                         groups.put(parentDn, foundRole);
108                     } else if (logger.isDebugEnabled()) {
109                         logger.debug("Found NULL group in parent list");
110                     }
111                 }
112                 addParents(parentDn, groups);
113             }
114         }
115     }
116     
117     synchronized void updateRemovedGroups(Collection  <String  > missingGroups) {
118         for (String   groupName : missingGroups) {
119             ActiveDirectoryGroup group = retrievePrincipal(groupName);
120             if (group != null) {
121                 removeGroup(group);           
122             }
123         }
124     }
125 
126     public synchronized void removeGroup(ActiveDirectoryGroup group) {
127         removePrincipal(group);
128         final String   dn = group.getOriginalDn().toLowerCase();
129         dnToRoleCache.store(dn, null, 0L, null, GROUPS_CACHE_PREFIX);
130         if (group.getRID() != null) { // Only NT Authority groups will be used
131             groupsByRidCache.store(group.getRID(), group, 0L, null, GROUPS_CACHE_PREFIX);
132         }
133         parentGroupsByDnCache.store(dn, null, 0L, null, GROUPS_CACHE_PREFIX);
134     }
135     
136     synchronized void close() {
137         super.close();
138         closeCache(dnToRoleCache);
139         closeCache(groupsByRidCache);
140         closeCache(parentGroupsByDnCache);
141     }
142 }
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Free Books Free Magazines
Popular Tags