KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sslexplorer > security > actions > ShowAuthenticationSchemesDispatchAction


1 /*
2  * SSL-Explorer
3  *
4  * Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version 2 of
9  * the License, or (at your option) any later version.
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public
16  * License along with this program; if not, write to the Free Software
17  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18  */
19             
20 package com.sslexplorer.security.actions;
21
22 import java.util.ArrayList JavaDoc;
23 import java.util.Collections JavaDoc;
24 import java.util.Comparator JavaDoc;
25 import java.util.Iterator JavaDoc;
26 import java.util.List JavaDoc;
27
28 import javax.servlet.http.HttpServletRequest JavaDoc;
29 import javax.servlet.http.HttpServletResponse JavaDoc;
30
31 import org.apache.struts.action.ActionForm;
32 import org.apache.struts.action.ActionForward;
33 import org.apache.struts.action.ActionMapping;
34
35 import com.sslexplorer.boot.Util;
36 import com.sslexplorer.core.CoreUtil;
37 import com.sslexplorer.policyframework.Permission;
38 import com.sslexplorer.policyframework.PolicyConstants;
39 import com.sslexplorer.policyframework.PolicyDatabaseFactory;
40 import com.sslexplorer.policyframework.PolicyUtil;
41 import com.sslexplorer.policyframework.ResourceStack;
42 import com.sslexplorer.policyframework.ResourceType;
43 import com.sslexplorer.policyframework.ResourceUtil;
44 import com.sslexplorer.policyframework.actions.AbstractResourcesDispatchAction;
45 import com.sslexplorer.security.AuthenticationScheme;
46 import com.sslexplorer.security.Constants;
47 import com.sslexplorer.security.DefaultAuthenticationScheme;
48 import com.sslexplorer.security.SessionInfo;
49 import com.sslexplorer.security.SystemDatabaseFactory;
50 import com.sslexplorer.security.User;
51 import com.sslexplorer.security.forms.AuthenticationSchemesForm;
52
53 /**
54  * Implementation of a
55  * {@link com.sslexplorer.core.actions.AuthenticatedDispatchAction} that allows
56  * an administrator to view, create, edit, delete and set default
57  * <i>Authentication Schemes</i>.
58  *
59  * @author Brett Smith <a HREF="mailto:brett@3sp.com">&lt;brett@3sp.com&gt;</a>
60  */
61 public class ShowAuthenticationSchemesDispatchAction extends AbstractResourcesDispatchAction {
62     /**
63      * Constructor
64      */
65     public ShowAuthenticationSchemesDispatchAction() {
66         super(PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE, PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE);
67     }
68
69     /*
70      * (non-Javadoc)
71      * @see org.apache.struts.actions.DispatchAction#unspecified(org.apache.struts.action.ActionMapping,
72      * org.apache.struts.action.ActionForm,
73      * javax.servlet.http.HttpServletRequest,
74      * javax.servlet.http.HttpServletResponse)
75      */
76     public ActionForward unspecified(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response) throws Exception JavaDoc {
77         return list(mapping, form, request, response);
78     }
79
80     private AuthenticationScheme getAuthenticationScheme(ActionForm form) throws Exception JavaDoc {
81         AuthenticationSchemesForm schemesForm = (AuthenticationSchemesForm) form;
82         int id = schemesForm.getSelectedResource();
83         AuthenticationScheme scheme = SystemDatabaseFactory.getInstance().getAuthenticationSchemeSequence(id);
84         if (scheme == null) {
85             throw new Exception JavaDoc("No scheme with Id of " + id + ".");
86         }
87         return scheme;
88     }
89     
90     /*
91      * (non-Javadoc)
92      * @see com.sslexplorer.policyframework.actions.AbstractResourcesDispatchAction#confirmRemove(org.apache.struts.action.ActionMapping,
93      * org.apache.struts.action.ActionForm,
94      * javax.servlet.http.HttpServletRequest,
95      * javax.servlet.http.HttpServletResponse)
96      */
97     public ActionForward confirmRemove(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response) throws Exception JavaDoc {
98         PolicyUtil.checkPermission(getResourceType(), PolicyConstants.PERM_DELETE, request);
99         AuthenticationSchemesForm schemesForm = (AuthenticationSchemesForm) form;
100         int id = schemesForm.getSelectedResource();
101         AuthenticationScheme scheme = getAuthenticationScheme(form);
102         if (scheme.isSystemScheme()) {
103             throw new Exception JavaDoc("Cannot remove system schemes.");
104         }
105         
106         int nextEnabled = getNextEnabledAuthenticationScheme(scheme);
107         if (nextEnabled == -1) {
108             saveError(request, "authenticationSchemes.error.mustHaveOneEnabledScheme", scheme);
109             return list(mapping, form, request, response);
110         }
111
112         List JavaDoc resourceIds = ResourceUtil.getSignonAuthenticationSchemeIDs(getSessionInfo(request).getUser());
113         resourceIds.remove(new Integer JavaDoc(id));
114         if (resourceIds.size() == 0) {
115             saveError(request, "authenticationSchemes.error.mustHavePolicySuperUserAssociation", scheme);
116             return list(mapping, form, request, response);
117         }
118
119         PolicyUtil.checkPermission(getResourceType(), PolicyConstants.PERM_DELETE, request);
120         return mapping.findForward("confirmRemove");
121     }
122     
123     private int getNextEnabledAuthenticationScheme(AuthenticationScheme scheme) throws Exception JavaDoc {
124         List JavaDoc<AuthenticationScheme> allSchemes = SystemDatabaseFactory.getInstance().getAuthenticationSchemeSequences();
125         int nextEnabled = -1;
126         for (AuthenticationScheme oseq : allSchemes) {
127             if (!oseq.equals(scheme) && oseq.getEnabled() && !oseq.isSystemScheme()) {
128                 nextEnabled = oseq.getResourceId();
129             }
130         }
131         return nextEnabled;
132     }
133
134     /**
135      * Delete the selected authentication scheme.
136      * @param mapping mapping
137      * @param form form
138      * @param request request
139      * @param response response
140      * @return forward
141      * @throws Exception on any error
142      */
143     public ActionForward remove(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
144                     throws Exception JavaDoc {
145         PolicyUtil.checkPermission(getResourceType(), PolicyConstants.PERM_DELETE, request);
146         AuthenticationScheme scheme = getAuthenticationScheme(form);
147         int nextEnabled = getNextEnabledAuthenticationScheme(scheme);
148         if (nextEnabled == -1) {
149             saveError(request, "authenticationSchemes.error.mustHaveOneEnabledScheme", scheme);
150             return list(mapping, form, request, response);
151         }
152         super.remove(mapping, form, request, response);
153         saveMessage(request, "authenticationSchemes.message.schemeDeleted", scheme);
154         return getRedirectWithMessages(mapping, request);
155     }
156
157     /**
158      * Disable the selected authentication scheme.
159      * @param mapping mapping
160      * @param form form
161      * @param request request
162      * @param response response
163      * @return forward
164      * @throws Exception on any error
165      */
166     public ActionForward disable(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
167                     throws Exception JavaDoc {
168         PolicyUtil.checkPermission(PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE, PolicyConstants.PERM_EDIT_AND_ASSIGN, request);
169         AuthenticationSchemesForm schemesForm = (AuthenticationSchemesForm) form;
170         int id = schemesForm.getSelectedResource();
171         AuthenticationScheme scheme = getAuthenticationScheme(form);
172
173         List JavaDoc resourceIds = PolicyDatabaseFactory.getInstance().getGrantedResourcesOfType(getSessionInfo(request).getUser(),
174             PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE);
175         // remove the WebDav and Embedded Client as they are not sign-on-able.
176 resourceIds.remove(new Integer JavaDoc(3));
177         resourceIds.remove(new Integer JavaDoc(4));
178         resourceIds.remove(new Integer JavaDoc(id));
179
180         if (resourceIds.size() == 0) {
181             saveError(request, "authenticationSchemes.error.mustHavePolicySuperUserAssociation", scheme);
182             return list(mapping, form, request, response);
183         }
184
185         List JavaDoc<AuthenticationScheme> authSchemes = SystemDatabaseFactory.getInstance().getAuthenticationSchemeSequences();
186         int enabled = 0;
187         for (Iterator JavaDoc i = authSchemes.iterator(); i.hasNext();) {
188             AuthenticationScheme oseq = (DefaultAuthenticationScheme) i.next();
189             if (oseq.getResourceId() == id && !oseq.getEnabled()) {
190                 throw new Exception JavaDoc("Scheme already disabled.");
191             }
192             if (oseq.getEnabled() && !oseq.isSystemScheme()) {
193                 enabled++;
194             }
195         }
196         if (enabled == 1) {
197             saveError(request, "authenticationSchemes.error.cantDisableLastEnabledScheme", scheme);
198             return list(mapping, form, request, response);
199         }
200         scheme.setEnabled(false);
201         SystemDatabaseFactory.getInstance().updateAuthenticationSchemeSequence(scheme);
202         saveMessage(request, "authenticationSchemes.message.schemeDisabled", scheme);
203         return getRedirectWithMessages(mapping, request);
204     }
205
206     /**
207      * Enable the selected authentication scheme.
208      * @param mapping mapping
209      * @param form form
210      * @param request request
211      * @param response response
212      * @return forward
213      * @throws Exception on any error
214      */
215     public ActionForward enable(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
216                     throws Exception JavaDoc {
217         PolicyUtil.checkPermission(PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE, PolicyConstants.PERM_EDIT_AND_ASSIGN, request);
218         AuthenticationScheme scheme = getAuthenticationScheme(form);
219         if (scheme.getEnabled()) {
220             throw new Exception JavaDoc("Alreadty enabled.");
221         }
222         scheme.setEnabled(true);
223         SystemDatabaseFactory.getInstance().updateAuthenticationSchemeSequence(scheme);
224         saveMessage(request, "authenticationSchemes.message.schemeEnabled", scheme);
225         return getRedirectWithMessages(mapping, request);
226     }
227
228     /**
229      * Edit the selected authentication scheme.
230      * @param mapping mapping
231      * @param form form
232      * @param request request
233      * @param response response
234      * @return forward
235      * @throws Exception on any error
236      */
237     public ActionForward edit(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
238                     throws Exception JavaDoc {
239         PolicyUtil.checkPermissions(PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE, new Permission[] {
240                         PolicyConstants.PERM_EDIT_AND_ASSIGN, PolicyConstants.PERM_CREATE_EDIT_AND_ASSIGN,
241                         PolicyConstants.PERM_ASSIGN }, request);
242         AuthenticationScheme seq = getAuthenticationScheme(form);
243         ResourceStack.pushToEditingStack(request.getSession(), seq);
244         return mapping.findForward("edit");
245     }
246     
247     /**
248      * @param mapping
249      * @param form
250      * @param request
251      * @param response
252      * @return ActionForward
253      * @throws Exception
254      */
255     public ActionForward moveUp(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
256                     throws Exception JavaDoc {
257         AuthenticationScheme scheme = getAuthenticationScheme(form);
258         if (scheme.getPriorityInt() == 1) {
259             saveError(request, "authenticationSchemes.error.moveup.top", scheme);
260             return unspecified(mapping, form, request, response);
261         }
262         
263         PolicyUtil.checkPermission(PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE, PolicyConstants.PERM_EDIT_AND_ASSIGN, request);
264         List JavaDoc<AuthenticationScheme> schemes = SystemDatabaseFactory.getInstance().getAuthenticationSchemeSequences();
265         SystemDatabaseFactory.getInstance().moveAuthenticationSchemeUp(scheme, schemes);
266         saveMessage(request, "authenticationSchemes.message.moveup", scheme);
267         return getRedirectWithMessages(mapping, request);
268     }
269     
270     /**
271      * @param mapping
272      * @param form
273      * @param request
274      * @param response
275      * @return ActionForward
276      * @throws Exception
277      */
278     public ActionForward moveDown(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response) throws Exception JavaDoc {
279         AuthenticationScheme scheme = getAuthenticationScheme(form);
280         List JavaDoc<AuthenticationScheme> schemes = SystemDatabaseFactory.getInstance().getAuthenticationSchemeSequences();
281         if (schemes.indexOf(scheme) == schemes.size() - 1) {
282             saveError(request, "authenticationSchemes.error.movedown.bottom", scheme);
283             return unspecified(mapping, form, request, response);
284         }
285         
286         PolicyUtil.checkPermission(PolicyConstants.AUTHENTICATION_SCHEMES_RESOURCE_TYPE, PolicyConstants.PERM_EDIT_AND_ASSIGN, request);
287         SystemDatabaseFactory.getInstance().moveAuthenticationSchemeDown(scheme, schemes);
288         saveMessage(request, "authenticationSchemes.message.movedown", scheme);
289         return getRedirectWithMessages(mapping, request);
290     }
291
292     /**
293      * List the authentication schemes configured.
294      *
295      * @param mapping mapping
296      * @param form form
297      * @param request request
298      * @param response response
299      * @return forward
300      * @throws Exception on any error
301      */
302     public ActionForward list(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
303                     throws Exception JavaDoc {
304
305         response.setHeader("Cache-Control", "no-cache");
306         response.setHeader("Pragma", "must-revalidate");
307         
308         CoreUtil.clearFlow(request);
309
310         AuthenticationSchemesForm schemesForm = (AuthenticationSchemesForm) form;
311         schemesForm.initialize(getSessionInfo(request), getSessionInfo(request).getNavigationContext() == SessionInfo.MANAGEMENT_CONSOLE_CONTEXT ?
312                         SystemDatabaseFactory.getInstance().getAuthenticationSchemeSequences(getSessionInfo(request).getUser().getRealm().getRealmID())
313                         : ResourceUtil.getGrantedResource(getSessionInfo(request), getResourceType()));
314         Util.noCache(response);
315         return mapping.findForward("display");
316     }
317
318     /*
319      * (non-Javadoc)
320      * @see com.sslexplorer.core.actions.CoreAction#getNavigationContext(org.apache.struts.action.ActionMapping,
321      * org.apache.struts.action.ActionForm,
322      * javax.servlet.http.HttpServletRequest,
323      * javax.servlet.http.HttpServletResponse)
324      */
325     public int getNavigationContext(ActionMapping mapping, ActionForm form, HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response) {
326         return SessionInfo.MANAGEMENT_CONSOLE_CONTEXT;
327     }
328 }
Popular Tags