KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > sf > jguard > ext > registration > SubjectTemplate


1 /*
2 jGuard is a security framework based on top of jaas (java authentication and authorization security).
3 it is written for web applications, to resolve simply, access control problems.
4 version $Name: $
5 http://sourceforge.net/projects/jguard/
6
7 Copyright (C) 2004 Charles GAY
8
9 This library is free software; you can redistribute it and/or
10 modify it under the terms of the GNU Lesser General Public
11 License as published by the Free Software Foundation; either
12 version 2.1 of the License, or (at your option) any later version.
13
14 This library is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Lesser General Public License for more details.
18
19 You should have received a copy of the GNU Lesser General Public
20 License along with this library; if not, write to the Free Software
21 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22
23
24 jGuard project home page:
25 http://sourceforge.net/projects/jguard/
26
27 */
28 package net.sf.jguard.ext.registration;
29
30 import java.util.Collections JavaDoc;
31 import java.util.HashSet JavaDoc;
32 import java.util.Iterator JavaDoc;
33 import java.util.Set JavaDoc;
34 import java.util.logging.Logger JavaDoc;
35
36 import javax.security.auth.Subject JavaDoc;
37
38 import net.sf.jguard.core.authentication.credentials.JGuardCredential;
39 import net.sf.jguard.ext.authentication.AuthenticationException;
40
41 /**
42  * template used to validate user registration and to build the corresponding
43  * Subject object.
44  * @author <a HREF="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
45  * @author <a HREF="mailto:tandilero@users.sourceforge.net">Maximiliano Batelli</a>
46  *
47  */
48 public class SubjectTemplate implements Cloneable JavaDoc{
49
50     private static final Logger JavaDoc logger = Logger.getLogger(SubjectTemplate.class.getName());
51     private Set JavaDoc privateRequiredCredentials;
52     private Set JavaDoc publicRequiredCredentials;
53     private Set JavaDoc publicOptionalCredentials;
54     private Set JavaDoc privateOptionalCredentials;
55     private Set JavaDoc missingPrivateRequiredCred;
56     private Set JavaDoc missingPublicRequiredCred;
57     private Set JavaDoc unknownPrivateOptionalCred;
58     private Set JavaDoc unknownPublicOptionalCred;
59     private String JavaDoc name;
60
61
62     //generic principals created during registration
63 private Set JavaDoc principals;
64
65     /**
66      * constructor.
67      */
68     public SubjectTemplate(){
69         //data used for all the users during registration
70 privateRequiredCredentials = new HashSet JavaDoc();
71         publicRequiredCredentials = new HashSet JavaDoc();
72         privateOptionalCredentials = new HashSet JavaDoc();
73         publicOptionalCredentials = new HashSet JavaDoc();
74         principals = new HashSet JavaDoc();
75         missingPrivateRequiredCred = new HashSet JavaDoc();
76         missingPublicRequiredCred = new HashSet JavaDoc();
77         unknownPrivateOptionalCred = new HashSet JavaDoc();
78         unknownPublicOptionalCred= new HashSet JavaDoc();
79
80     }
81     public Set JavaDoc getPublicRequiredCredentials() {
82         return publicRequiredCredentials;
83     }
84
85     public Set JavaDoc getPrivateRequiredCredentials() {
86         return privateRequiredCredentials;
87     }
88
89     public Set JavaDoc getRequiredCredentials(){
90         Set JavaDoc requiredCredentials = new HashSet JavaDoc(publicRequiredCredentials);
91         requiredCredentials.addAll(privateRequiredCredentials);
92         return requiredCredentials;
93     }
94
95     public JGuardCredential getIdentityCredential() throws AuthenticationException{
96         Set JavaDoc requiredCredentials = getRequiredCredentials();
97         Iterator JavaDoc it = requiredCredentials.iterator();
98
99         while(it.hasNext()){
100             JGuardCredential cred = (JGuardCredential)it.next();
101             if(cred.isIdentity()==true){
102                 return cred;
103             }
104         }
105         logger.severe(" subjectTemplate hasn't got any identity credential ");
106         throw new AuthenticationException(" subjectTemplate hasn't got any identity credential ");
107
108     }
109
110     public void setPrivateRequiredCredentials(Set JavaDoc privateCredentials) {
111         this.privateRequiredCredentials = privateCredentials;
112     }
113
114     public void setPublicRequiredCredentials(Set JavaDoc publicCredentials) {
115         this.publicRequiredCredentials = publicCredentials;
116     }
117
118     /**
119      * validate the Subject candidate (<i>ie</i> the SubjectTemplate).
120      * @param user the subjectTemplate which is candidate
121      * to be transformed into a Subject object.
122      * @throws AuthenticationException when the user does not content mandatory fields
123      */
124     public void validateUser(SubjectTemplate user)throws RegistrationException{
125
126         if(user.getPrivateRequiredCredentials()==null){
127             logger.warning("private required credentials set from user is null ");
128             user.setPrivateRequiredCredentials(new HashSet JavaDoc());
129         }
130         if(user.getPrivateOptionalCredentials()==null){
131             logger.warning("private optional credentials set from user is null ");
132             user.setPrivateOptionalCredentials(new HashSet JavaDoc());
133         }
134         if(user.getPublicRequiredCredentials()==null){
135             logger.warning("public required credentials set from user is null ");
136             user.setPublicRequiredCredentials(new HashSet JavaDoc());
137         }
138         if(user.getPublicOptionalCredentials()==null){
139             logger.warning("public optional credentials set from user is null ");
140             user.setPublicOptionalCredentials(new HashSet JavaDoc());
141         }
142
143         missingPrivateRequiredCred =
144             validateCredentialSet(privateRequiredCredentials,user.getPrivateRequiredCredentials());
145         if(missingPrivateRequiredCred.size()>0){
146             throw new RegistrationException("missing private credentials required :"+missingPrivateRequiredCred,new HashSet JavaDoc(),missingPrivateRequiredCred);
147         }
148
149         missingPublicRequiredCred =
150             validateCredentialSet(publicRequiredCredentials,user.getPublicRequiredCredentials());
151         if(missingPrivateRequiredCred.size()>0){
152             throw new RegistrationException("missing public credentials required :"+missingPublicRequiredCred,missingPublicRequiredCred,new HashSet JavaDoc());
153         }
154
155         unknownPrivateOptionalCred =
156             filterCredentialSetFromUser(privateOptionalCredentials,user.getPrivateOptionalCredentials());
157         if(unknownPrivateOptionalCred.size()>0){
158         logger.warning(" user has filled unknown optional private credentials :");
159         logger.warning(unknownPrivateOptionalCred.toString());
160         }
161         unknownPublicOptionalCred =
162             filterCredentialSetFromUser(publicOptionalCredentials,user.getPublicOptionalCredentials());
163         if(unknownPublicOptionalCred.size()>0){
164             logger.warning(" user has filled unknown optional public credentials :");
165             logger.warning(unknownPublicOptionalCred.toString());
166         }
167     }
168     
169     /**
170      * get credentils from set in a non-destructive way.
171      * @param credentialSetFromTemplate
172      * @param credentialSetFromUser
173      * @return new set containing credentials from credentialSetFromUser that are in credentialSetFromTemplate
174      */
175     private static Set JavaDoc getCredentials(Set JavaDoc credentialSetFromTemplate, Set JavaDoc credentialSetFromUser) {
176         Set JavaDoc creds = new HashSet JavaDoc();
177         Iterator JavaDoc itCredentialFromTemplate = credentialSetFromTemplate.iterator();
178
179         while(itCredentialFromTemplate.hasNext()){
180             JGuardCredential jcred = (JGuardCredential)itCredentialFromTemplate.next();
181             Iterator JavaDoc itCredentialFromUser = credentialSetFromUser.iterator();
182             while(itCredentialFromUser.hasNext()){
183                 JGuardCredential jcredFromUser =(JGuardCredential)itCredentialFromUser.next();
184                 //we are looking for the right credential id, but not the right value
185 if(jcred.getId().equals(jcredFromUser.getId())){
186                     creds.add(jcred);
187                     break;
188                 }
189             }
190         }
191         
192         return creds;
193     }
194     
195
196     /**
197      * remove unknown credentials and return missing credentials set.
198      * @param user
199      * @return mssing credentials
200      * @throws AuthenticationException
201      */
202     public Set JavaDoc validateRequiredCredentialsFromUser(Subject JavaDoc user)throws AuthenticationException{
203         Set JavaDoc missingCredentials = new HashSet JavaDoc();
204         Set JavaDoc credentialsNotRegistered = null;
205         //we remove unknown credentials
206 Set JavaDoc userPublicRequiredCredentials = getCredentials(publicRequiredCredentials, user.getPublicCredentials(JGuardCredential.class));
207         Set JavaDoc missingPublicCredentials = validateCredentialSet(publicRequiredCredentials, userPublicRequiredCredentials);
208         missingCredentials.addAll(missingPublicCredentials);
209
210         Set JavaDoc userPublicOptionalCredentials = getCredentials(publicOptionalCredentials, user.getPublicCredentials(JGuardCredential.class));
211         credentialsNotRegistered = filterCredentialSetFromUser(publicOptionalCredentials, userPublicOptionalCredentials);
212         if(credentialsNotRegistered.size()>0){
213           logger.warning(" there are some unknown credentials filled by the user during the registration process: ");
214           logger.warning(credentialsNotRegistered.toString());
215         }
216         
217
218         Set JavaDoc userPrivateRequiredCredentials = getCredentials(privateRequiredCredentials, user.getPrivateCredentials(JGuardCredential.class));
219         Set JavaDoc missingPrivateCredentials = validateCredentialSet(privateRequiredCredentials, userPrivateRequiredCredentials);
220         missingCredentials.addAll(missingPrivateCredentials);
221         
222         Set JavaDoc userPrivateOptionalCredentials = getCredentials(privateOptionalCredentials, user.getPrivateCredentials(JGuardCredential.class));
223         credentialsNotRegistered = filterCredentialSetFromUser(privateOptionalCredentials, userPrivateOptionalCredentials);
224         if(credentialsNotRegistered.size()>0){
225           logger.warning(" there are some unknown credentials filled by the user during the registration process: ");
226           logger.warning(credentialsNotRegistered.toString());
227         }
228         
229         return missingCredentials;
230     }
231
232
233     /**
234      * validate credentials from the User against credentials from the SubjectTemplate.
235      * unknown credentials are filtered.
236      * @param credentialSetFromTemplate
237      * @param credentialSetFromUser
238      * @return missing credentials in the related user's credential set
239      */
240     private static Set JavaDoc validateCredentialSet(Set JavaDoc credentialSetFromTemplate,Set JavaDoc credentialSetFromUser) {
241         Iterator JavaDoc itCredentialFromTemplate = credentialSetFromTemplate.iterator();
242         Set JavaDoc missingCredentials = new HashSet JavaDoc();
243
244         //looking for missing credentials
245 while(itCredentialFromTemplate.hasNext()){
246             JGuardCredential jcred = (JGuardCredential)itCredentialFromTemplate.next();
247             Iterator JavaDoc itCredentialFromUser = credentialSetFromUser.iterator();
248             boolean found = false;
249             while(itCredentialFromUser.hasNext()){
250                 JGuardCredential jcredFromUser =(JGuardCredential)itCredentialFromUser.next();
251                 //we are looking for the right credential id, but not the right value
252 if(jcred.getId().equals(jcredFromUser.getId())){
253                     found = true;
254                     break;
255                 }
256             }
257             if (false == found){
258                 missingCredentials.add(jcred);
259             }
260         }
261
262         Set JavaDoc credentialsNotRegistered = SubjectTemplate.filterCredentialSetFromUser(credentialSetFromTemplate, credentialSetFromUser);
263         if(credentialsNotRegistered.size()>0){
264           logger.warning(" there are some unknown credentials filled by the user during the registration process: ");
265           logger.warning(credentialsNotRegistered.toString());
266         }
267
268         return missingCredentials;
269     }
270
271     /**
272      * remove unknown credentials in the Credential set from user.
273      * @param credentialSetFromTemplate
274      * @param credentialSetFromUser
275      * @return credential Set not registered
276      */
277     private static Set JavaDoc filterCredentialSetFromUser(Set JavaDoc credentialSetFromTemplate, Set JavaDoc credentialSetFromUser) {
278         Iterator JavaDoc itCredentialFromTemplate;
279         //looking for credentials not registered in the SubjectTemplate reference
280 Set JavaDoc credentialsNotRegistered = new HashSet JavaDoc();
281         Iterator JavaDoc itCredentialFromUser = credentialSetFromUser.iterator();
282         while(itCredentialFromUser.hasNext()){
283             JGuardCredential jcred = (JGuardCredential)itCredentialFromUser.next();
284             itCredentialFromTemplate = credentialSetFromTemplate.iterator();
285             boolean found = false;
286             while(itCredentialFromTemplate.hasNext()){
287                 JGuardCredential jcredFromUser =(JGuardCredential)itCredentialFromTemplate.next();
288                 if(jcred.getId().equals(jcredFromUser.getId())){
289                     found = true;
290                     break;
291                 }
292             }
293             if (false == found){
294                 credentialsNotRegistered.add(jcred);
295                 //we remove from the credential set the
296 // unknown credential
297 itCredentialFromUser.remove();
298             }
299         }
300         return credentialsNotRegistered;
301     }
302
303     /**
304      * build a Subject from a validated SubjectTemplate.
305      * @param user SubjectTemplate used to build the Subject object
306      * @return subject built
307      */
308     public Subject JavaDoc buildSubject(SubjectTemplate user){
309
310         Set JavaDoc principalsForRegisteredUsers = new HashSet JavaDoc();
311         principalsForRegisteredUsers.addAll((getPrincipals()));
312
313         Set JavaDoc publicCredentials = user.getPublicCredentials();
314         Set JavaDoc privateCredentials = user.getPrivateCredentials();
315
316         Subject JavaDoc subject = new Subject JavaDoc(false,principalsForRegisteredUsers,publicCredentials,privateCredentials);
317         return subject;
318     }
319
320     /**
321      * build a Subject from a validated SubjectTemplate.
322      * @return subject built
323      */
324     public Subject JavaDoc toSubject(){
325         return buildSubject(this);
326     }
327     public Set JavaDoc getPrivateOptionalCredentials() {
328         return privateOptionalCredentials;
329     }
330     public void setPrivateOptionalCredentials(Set JavaDoc privateOptionalCredentials) {
331         this.privateOptionalCredentials = privateOptionalCredentials;
332     }
333     public Set JavaDoc getPublicOptionalCredentials() {
334         return publicOptionalCredentials;
335     }
336     public void setPublicOptionalCredentials(Set JavaDoc publicOptionalCredentials) {
337         this.publicOptionalCredentials = publicOptionalCredentials;
338     }
339     public Set JavaDoc getPrincipals() {
340         return principals;
341     }
342     /**
343      * defined the principals automatically granted to the registered user.
344      * @param principals
345      */
346     public void setPrincipals(Set JavaDoc principals) {
347         this.principals = principals;
348     }
349
350     public final Set JavaDoc getMissingPrivateRequiredCred() {
351         return missingPrivateRequiredCred;
352     }
353     public final Set JavaDoc getMissingPublicRequiredCred() {
354         return missingPublicRequiredCred;
355     }
356
357     public final Set JavaDoc getUnknownPrivateOptionalCred() {
358         return unknownPrivateOptionalCred;
359     }
360     public final Set JavaDoc getUnknownPublicOptionalCred() {
361         return unknownPublicOptionalCred;
362     }
363
364     /**
365      * return a read-only SubjectTemplate.
366      * this method is inspired from the
367      * Collections.unmodifiableCollection(Collection c), which
368      * is part of the JDK.
369      * @return read-only SubjectTemplate
370      */
371     public SubjectTemplate unmodifiableSubjectTemplate(){
372         SubjectTemplate readOnly = new SubjectTemplate();
373         readOnly.setName(this.name);
374         //principal stuff
375 readOnly.principals = (Collections.unmodifiableSet(principals));
376
377         //credential stuff
378 readOnly.privateOptionalCredentials=(Collections.unmodifiableSet(privateOptionalCredentials));
379         readOnly.privateRequiredCredentials=(Collections.unmodifiableSet(privateRequiredCredentials));
380         readOnly.publicOptionalCredentials=(Collections.unmodifiableSet(publicOptionalCredentials));
381         readOnly.publicRequiredCredentials=(Collections.unmodifiableSet(publicRequiredCredentials));
382
383         return readOnly;
384     }
385     public String JavaDoc getName() {
386         return name;
387     }
388     public void setName(String JavaDoc name) {
389         this.name = name;
390     }
391
392     public Set JavaDoc getPublicCredentials(){
393         Set JavaDoc publicCredentials = getPublicOptionalCredentials();
394         publicCredentials.addAll(getPublicRequiredCredentials());
395         return publicCredentials;
396     }
397
398     public Set JavaDoc getPrivateCredentials(){
399         Set JavaDoc privateCredentials = getPrivateOptionalCredentials();
400         privateCredentials.addAll(getPrivateRequiredCredentials());
401         return privateCredentials;
402
403     }
404
405     /**
406      * implements a deep copy of object
407      * @see java.lang.Object#clone()
408      */
409     public Object JavaDoc clone() throws CloneNotSupportedException JavaDoc{
410
411         SubjectTemplate clone = (SubjectTemplate)super.clone();
412         clone.setName(name);
413         clone.setPrincipals(new HashSet JavaDoc(principals));
414         clone.setPrivateOptionalCredentials(cloneSet(privateOptionalCredentials));
415         clone.setPrivateRequiredCredentials(cloneSet(privateRequiredCredentials));
416         clone.setPublicOptionalCredentials(cloneSet(publicOptionalCredentials));
417         clone.setPublicRequiredCredentials(cloneSet(publicRequiredCredentials));
418         return clone;
419 }
420     private Set JavaDoc cloneSet(Set JavaDoc setToClone) throws CloneNotSupportedException JavaDoc{
421         Set JavaDoc clone = new HashSet JavaDoc();
422         Iterator JavaDoc it = setToClone.iterator();
423         while(it.hasNext()){
424             JGuardCredential jcred = (JGuardCredential)it.next();
425             JGuardCredential clonedCred = new JGuardCredential();
426             clonedCred.setId(jcred.getId());
427             clonedCred.setIdentity(jcred.isIdentity());
428             clonedCred.setDigestNeeded(jcred.isDigestNeeded());
429             //we don't clone value because subjectTemplate don't need it
430 clone.add(clonedCred);
431         }
432         return clone;
433     }
434
435 }
436
Popular Tags