UserAttributes


1   /*
2    *  SSL-Explorer
3    *
4    *  Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
5    *
6    *  This program is free software; you can redistribute it and/or
7    *  modify it under the terms of the GNU General Public License
8    *  as published by the Free Software Foundation; either version 2 of
9    *  the License, or (at your option) any later version.
10   *  This program is distributed in the hope that it will be useful,
11   *  but WITHOUT ANY WARRANTY; without even the implied warranty of
12   *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13   *  GNU General Public License for more details.
14   *
15   *  You should have received a copy of the GNU General Public
16   *  License along with this program; if not, write to the Free Software
17   *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18   */
19              
20  package com.sslexplorer.properties.impl.userattributes;
21  
22  import java.io.IOException  ;
23  
24  import org.apache.commons.logging.Log;
25  import org.apache.commons.logging.LogFactory;
26  import org.jdom.JDOMException;
27  
28  import com.sslexplorer.boot.AbstractPropertyKey;
29  import com.sslexplorer.boot.ContextHolder;
30  import com.sslexplorer.boot.PropertyClass;
31  import com.sslexplorer.boot.PropertyDefinition;
32  import com.sslexplorer.core.CoreServlet;
33  import com.sslexplorer.properties.ProfilesFactory;
34  import com.sslexplorer.properties.attributes.AbstractXMLDefinedAttributesPropertyClass;
35  import com.sslexplorer.properties.attributes.AttributeDefinition;
36  import com.sslexplorer.properties.attributes.DefaultAttributeDefinition;
37  import com.sslexplorer.security.PublicKeyStore;
38  
39  /**
40   * {@link PropertyClass} implementation suitable for user attributes.
41   * 
42   * @author Brett Smith <a HREF="mailto: brett@3sp.com">&lt;brett@3sp.com&gt;</a>
43   */
44  public class UserAttributes extends AbstractXMLDefinedAttributesPropertyClass  {
45  
46      final static Log log = LogFactory.getLog(UserAttributes.class);
47  
48      /**
49       * Constant for name
50       */
51      public final static String   NAME = "userAttributes";
52  
53      /**
54       * Constructor.
55       * 
56       * @throws IOException
57       * @throws JDOMException
58       */
59      public UserAttributes() throws IOException  , JDOMException {
60          super(NAME, false, "properties", true);
61      }
62  
63      /*
64       * (non-Javadoc)
65       * 
66       * @see com.sslexplorer.properties.PropertyType#retrieve(com.sslexplorer.properties.PropertyKey)
67       */
68      public String   retrievePropertyImpl(AbstractPropertyKey key) throws IllegalArgumentException   {
69          AttributeDefinition def = (AttributeDefinition)getDefinition(key.getName());
70          UserAttributeKey userAttrKey = (UserAttributeKey) key;
71          try {
72              String   val = ProfilesFactory.getInstance().retrieveAttributeValue(userAttrKey);
73              if (val != null) {
74                  if (def.getVisibility() == AttributeDefinition.USER_CONFIDENTIAL_ATTRIBUTE) {
75                      /*
76                       * We can only get confidential attributes after the users
77                       * private key has been verified. This may not have happened
78                       * when a users attributes are first loaded so we must skip
79                       * such attributes.
80                       */
81                      if (PublicKeyStore.getInstance().hasLoadedKey(userAttrKey.getUser().getPrincipalName())) {
82                          try {
83                              val = PublicKeyStore.getInstance().decryptText(val, userAttrKey.getUser().getPrincipalName());
84                          } catch (Throwable   t) {
85                              log.warn("Failed to decrypt confidential user attribute, probably corrupt. Returning default value", t);
86                              return null;
87                          }
88                      }
89                  } 
90              }
91  
92              // Decrypt obfuscated password if of password type
93              if (def.getType() == PropertyDefinition.TYPE_PASSWORD && val != null) {
94                  try {
95                      val = ContextHolder.getContext().deobfuscatePassword(val);
96                  } catch (Throwable   t) {
97                      log.warn("Password property " + def.getName() + " could not be decoded. It has been result to the default.", t);
98                  }
99              }
100             
101             // 
102             return val == null ? def.getDefaultValue() : val;
103         } catch (Exception   e) {
104             log.error("Failed to retrieve property.", e);
105         }
106         return null;
107     }
108 
109     public String   storePropertyImpl(AbstractPropertyKey key, String   value) throws IllegalArgumentException   {
110         AttributeDefinition def = (AttributeDefinition)getDefinition(key.getName());
111         UserAttributeKey userAttrKey = (UserAttributeKey) key;
112         
113         /* A null old value would indicate that the key could be not retrieved for
114          * some reason. So, we write anyway
115          */
116         String   oldValue = retrieveProperty(key);
117         
118         /* If the new value is the same as the default value, we remove the persisted item from the database */ 
119         
120         if (def.getDefaultValue().equals(value)) {
121             value = null;
122         }
123         
124         /* Store the attribute always if this is a confidential attribute, the old value could not be retrieved or the value has changed */ 
125         if (def.getVisibility() == AttributeDefinition.USER_CONFIDENTIAL_ATTRIBUTE || oldValue == null || !oldValue.equals(value) ) {
126 
127             // Obfuscate the password for storing in the database
128 
129             if (def.getType() == PropertyDefinition.TYPE_PASSWORD) {
130                 try {
131                     value = ContextHolder.getContext().obfuscatePassword(value);
132                 } catch (Throwable   t) {
133                     if(log.isDebugEnabled())
134                         log.warn("Password property " + def.getName() + " could not be encoded.", t);
135                 }
136             }
137             
138             if (value != null) {
139                 if (def.getVisibility() == AttributeDefinition.USER_CONFIDENTIAL_ATTRIBUTE) {
140                     /*
141                      * We can only get confidential attributes after the users
142                      * private key has been verified. This may not have happened
143                      * when a users attributes are first loaded so we must skip
144                      * such attributes.
145                      */
146                     if (PublicKeyStore.getInstance().hasLoadedKey(userAttrKey.getUser().getPrincipalName())) {
147                         try {
148                             value = PublicKeyStore.getInstance().encryptText(value, userAttrKey.getUser().getPrincipalName());
149                         } catch (Throwable   t) {
150                             throw new IllegalArgumentException  ("Failed to decrypt confidential user attributre, probably corrup.", t);
151                         }
152                     }
153                 } 
154             }
155 
156             // Store to the database
157             try {
158                 ProfilesFactory.getInstance().storeAttributeValue(userAttrKey, value);
159             } catch (Exception   e) {
160                 log.error("Failed to update user attributes.", e);
161             }
162         }
163         return oldValue;
164     }
165 
166     public AttributeDefinition createAttributeDefinition(int type, String   name,
167             String   typeMeta, int category, String   categoryLabel,
168             String   defaultValue, int visibility, int sortOrder,
169             String   messageResourcesKey, boolean hidden, String   label,
170             String   description, boolean system, boolean replaceable,
171             String   validationString) {
172         AttributeDefinition def = new DefaultAttributeDefinition(type, name, typeMeta, category,
173                 categoryLabel, defaultValue, visibility, sortOrder,
174                 messageResourcesKey, hidden, label, description, system,
175                 replaceable, validationString);
176         def.init(this);
177         return def;
178     }
179 }
180
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags