KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > sf > jguard > ext > organization > Organization


1 /*
2 jGuard is a security framework based on top of jaas (java authentication and authorization security).
3 it is written for web applications, to resolve simply, access control problems.
4 version $Name$
5 http://sourceforge.net/projects/jguard/
6
7 Copyright (C) 2004 Charles GAY
8
9 This library is free software; you can redistribute it and/or
10 modify it under the terms of the GNU Lesser General Public
11 License as published by the Free Software Foundation; either
12 version 2.1 of the License, or (at your option) any later version.
13
14 This library is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Lesser General Public License for more details.
18
19 You should have received a copy of the GNU Lesser General Public
20 License along with this library; if not, write to the Free Software
21 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22
23
24 jGuard project home page:
25 http://sourceforge.net/projects/jguard/
26
27 */

28 package net.sf.jguard.ext.organization;
29
30 import java.security.Principal JavaDoc;
31 import java.util.ArrayList JavaDoc;
32 import java.util.Collection JavaDoc;
33 import java.util.HashSet JavaDoc;
34 import java.util.Iterator JavaDoc;
35 import java.util.List JavaDoc;
36 import java.util.Map JavaDoc;
37 import java.util.Set JavaDoc;
38 import java.util.logging.Logger JavaDoc;
39
40 import javax.security.auth.Subject JavaDoc;
41
42 import net.sf.jguard.core.authentication.credentials.JGuardCredential;
43 import net.sf.jguard.core.principals.RolePrincipal;
44 import net.sf.jguard.ext.authentication.AuthenticationException;
45 import net.sf.jguard.ext.authentication.manager.AuthenticationManager;
46 import net.sf.jguard.ext.authentication.manager.AuthenticationManagerFactory;
47 import net.sf.jguard.ext.registration.SubjectTemplate;
48
49
50 /**
51  * an organization which can own some {@link net.sf.jguard.ext.registration.SubjectTemplate} .
52  * @author <a HREF="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
53  * @author <a HREF="mailto:tandilero@users.sourceforge.net">Maximiliano Batelli</a>
54  */

55 public class Organization {
56
57     private static final Logger JavaDoc logger = Logger.getLogger(Organization.class.getName());
58     private AuthenticationManager authenticationManager;
59
60     private Map JavaDoc subjectTemplates;
61
62     /**
63      * principals owned by this organization.
64      */

65     private Set JavaDoc principals;
66
67     /**
68      * credential which uniquely identifies a user.
69      */

70     private JGuardCredential credentialIdentity;
71
72     /**
73      * constructor.
74      */

75     public Organization(){
76        super();
77        authenticationManager = AuthenticationManagerFactory.getAuthenticationManager();
78     }
79
80
81
82     /**
83      * define the SubjectTemplate of the Organization.
84      * there is a check of the SubjectTemplate against
85      * Principals owned by the Organization.
86      * @param stName subject template name
87      * @param subjectTemplate
88      */

89     public void addSubjectTemplate(String JavaDoc stName,SubjectTemplate subjectTemplate) {
90         checkSubjectTemplatePrincipals(subjectTemplate);
91         subjectTemplates.put(stName,subjectTemplate);
92     }
93
94     public Set JavaDoc getPrincipals() {
95         return principals;
96     }
97
98     public void setPrincipals(Set JavaDoc principals) {
99         this.principals = principals;
100     }
101
102     /**
103      * like multiple role inheritance can be enabled, we should check that
104      * every Permissions Set owned by the generic candidate principal is not
105      * a superset of the Permissions Set owned by Principals of the Organization.
106      * @param template SubjectTemplate to filter
107      */

108     private void checkSubjectTemplatePrincipals(SubjectTemplate template){
109            Iterator JavaDoc itPrincipalsOwned = principals.iterator();
110            Set JavaDoc globalPermissions = new HashSet JavaDoc();
111            //we make the globalPermissions Set
112
while(itPrincipalsOwned.hasNext()){
113                RolePrincipal tempPrincipal = (RolePrincipal)itPrincipalsOwned.next();
114                globalPermissions.addAll(tempPrincipal.getAllPermissions());
115            }
116
117            //check generic principals
118
Set JavaDoc genericPrincipals = template.getPrincipals();
119            checkPrincipals(globalPermissions, genericPrincipals);
120
121     }
122
123     /**
124      * check principal Set against global Permissions.
125      * @param globalPermissions
126      * @param principals
127      */

128     private void checkPrincipals(Set JavaDoc globalPermissions, Set JavaDoc principals) {
129         Iterator JavaDoc itPrincipals = principals.iterator();
130            while(itPrincipals.hasNext()){
131                RolePrincipal tempPrincipal = (RolePrincipal)itPrincipals.next();
132                Set JavaDoc permissionsFromTemplate = tempPrincipal.getAllPermissions();
133                if(!globalPermissions.containsAll(permissionsFromTemplate)){
134                    //we remove this principal which contains permissions not present in globalPermissions
135
logger.warning(" principal called "+tempPrincipal.getLocalName()+" has been removed from the SubjectTemplate ");
136                    logger.warning(" because it contains permissions not owned by this organization throw its Principals ");
137                    itPrincipals.remove();
138                }
139
140            }
141     }
142
143     /**
144      *
145      * @param user
146      * @param stName subject template name
147      * @return created subject
148      * @throws AuthenticationException
149      */

150     public Subject JavaDoc createUser(SubjectTemplate user,String JavaDoc stName) throws AuthenticationException{
151         return authenticationManager.createUser(user,(SubjectTemplate)subjectTemplates.get(stName));
152     }
153
154     /**
155      *
156      * @param user
157      * @throws AuthenticationException
158      */

159     public void removeUser(Subject JavaDoc user) throws AuthenticationException{
160              authenticationManager.deleteUser(user);
161     }
162     /**
163      * @param cred
164      * @param user
165      * @throws AuthenticationException
166      */

167     public void updateUser(JGuardCredential cred,Subject JavaDoc user) throws AuthenticationException{
168                authenticationManager.updateUser(cred,user);
169     }
170
171     public Collection JavaDoc getUsers() throws AuthenticationException{
172            List JavaDoc credentials = new ArrayList JavaDoc();
173            credentials.add(credentialIdentity);
174            Collection JavaDoc users = authenticationManager.findUsers(credentials);
175            return users;
176     }
177     public void addPrincipal(Principal JavaDoc principal)throws AuthenticationException{
178          this.principals.add(principal);
179     }
180
181     public void removePrincipal(Principal JavaDoc principal)throws AuthenticationException{
182        //remove this Principal
183
// in the users which contains the Principal
184
Collection JavaDoc users = getUsers();
185        Iterator JavaDoc itUsers = users.iterator();
186        while(itUsers.hasNext()){
187            Subject JavaDoc user = (Subject JavaDoc)itUsers.next();
188            Set JavaDoc principals = user.getPrincipals();
189            if(principals.contains(principal)){
190                principals.remove(principal);
191            }
192        }
193        this.principals.remove(principal);
194
195
196     }
197
198     public JGuardCredential getCredentialIdentity() {
199         return credentialIdentity;
200     }
201
202     public void setCredentialIdentity(JGuardCredential credentialIdentity) {
203         this.credentialIdentity = credentialIdentity;
204     }
205
206     public Map JavaDoc getSubjectTemplates() {
207         return subjectTemplates;
208     }
209
210     public void setSubjectTemplates(Map JavaDoc subjectTemplates) {
211         this.subjectTemplates = subjectTemplates;
212     }
213
214
215 }
216
Popular Tags