KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > alfresco > repo > security > authentication > AbstractAuthenticationComponent


1 /*
2  * Copyright (C) 2005 Alfresco, Inc.
3  *
4  * Licensed under the Mozilla Public License version 1.1
5  * with a permitted attribution clause. You may obtain a
6  * copy of the License at
7  *
8  * http://www.alfresco.org/legal/license.txt
9  *
10  * Unless required by applicable law or agreed to in writing,
11  * software distributed under the License is distributed on an
12  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
13  * either express or implied. See the License for the specific
14  * language governing permissions and limitations under the
15  * License.
16  */

17 package org.alfresco.repo.security.authentication;
18
19 import net.sf.acegisecurity.Authentication;
20 import net.sf.acegisecurity.GrantedAuthority;
21 import net.sf.acegisecurity.GrantedAuthorityImpl;
22 import net.sf.acegisecurity.UserDetails;
23 import net.sf.acegisecurity.context.Context;
24 import net.sf.acegisecurity.context.ContextHolder;
25 import net.sf.acegisecurity.context.security.SecureContext;
26 import net.sf.acegisecurity.context.security.SecureContextImpl;
27 import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
28 import net.sf.acegisecurity.providers.dao.User;
29
30 import org.alfresco.error.AlfrescoRuntimeException;
31 import org.alfresco.service.cmr.security.PermissionService;
32
33 /**
34  * This class abstract the support required to set up and query the Acegi context for security enforcement.
35  *
36  * There are some simple default method implementations to support simple authentication.
37  *
38  * @author Andy Hind
39  */

40 public abstract class AbstractAuthenticationComponent implements AuthenticationComponent
41 {
42
43     // Name of the system user
44

45     private static final String JavaDoc SYSTEM_USER_NAME = "System";
46
47     private Boolean JavaDoc allowGuestLogin = null;
48
49     public AbstractAuthenticationComponent()
50     {
51         super();
52     }
53
54     public void setAllowGuestLogin(Boolean JavaDoc allowGuestLogin)
55     {
56         this.allowGuestLogin = allowGuestLogin;
57     }
58     
59     /**
60      * Explicitly set the current user to be authenticated.
61      *
62      * @param userName
63      * String
64      * @return Authentication
65      */

66     public Authentication setCurrentUser(String JavaDoc userName) throws AuthenticationException
67     {
68         if (userName == null)
69         {
70             throw new AuthenticationException("Null user name");
71         }
72
73         try
74         {
75             UserDetails ud = null;
76             if (userName.equals(SYSTEM_USER_NAME))
77             {
78                 GrantedAuthority[] gas = new GrantedAuthority[1];
79                 gas[0] = new GrantedAuthorityImpl("ROLE_SYSTEM");
80                 ud = new User(SYSTEM_USER_NAME, "", true, true, true, true, gas);
81             }
82             else if (userName.equalsIgnoreCase(PermissionService.GUEST_AUTHORITY))
83             {
84                 GrantedAuthority[] gas = new GrantedAuthority[0];
85                 ud = new User(PermissionService.GUEST_AUTHORITY.toLowerCase(), "", true, true, true, true, gas);
86             }
87             else
88             {
89                 ud = getUserDetails(userName);
90             }
91
92             UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(ud, "", ud
93                     .getAuthorities());
94             auth.setDetails(ud);
95             auth.setAuthenticated(true);
96             return setCurrentAuthentication(auth);
97         }
98         catch (net.sf.acegisecurity.AuthenticationException ae)
99         {
100             throw new AuthenticationException(ae.getMessage(), ae);
101         }
102     }
103
104     /**
105      * Default implementation that makes an ACEGI object on the fly
106      *
107      * @param userName
108      * @return
109      */

110     protected UserDetails getUserDetails(String JavaDoc userName)
111     {
112         GrantedAuthority[] gas = new GrantedAuthority[1];
113         gas[0] = new GrantedAuthorityImpl("ROLE_AUTHENTICATED");
114         UserDetails ud = new User(userName, "", true, true, true, true, gas);
115         return ud;
116     }
117
118     /**
119      * Explicitly set the current authentication.
120      *
121      * @param authentication
122      * Authentication
123      */

124     public Authentication setCurrentAuthentication(Authentication authentication)
125     {
126         Context context = ContextHolder.getContext();
127         SecureContext sc = null;
128         if ((context == null) || !(context instanceof SecureContext))
129         {
130             sc = new SecureContextImpl();
131             ContextHolder.setContext(sc);
132         }
133         else
134         {
135             sc = (SecureContext) context;
136         }
137         authentication.setAuthenticated(true);
138         sc.setAuthentication(authentication);
139         return authentication;
140     }
141
142     /**
143      * Get the current authentication context
144      *
145      * @return Authentication
146      * @throws AuthenticationException
147      */

148     public Authentication getCurrentAuthentication() throws AuthenticationException
149     {
150         Context context = ContextHolder.getContext();
151         if ((context == null) || !(context instanceof SecureContext))
152         {
153             return null;
154         }
155         return ((SecureContext) context).getAuthentication();
156     }
157
158     /**
159      * Get the current user name.
160      *
161      * @return String
162      * @throws AuthenticationException
163      */

164     public String JavaDoc getCurrentUserName() throws AuthenticationException
165     {
166         Context context = ContextHolder.getContext();
167         if ((context == null) || !(context instanceof SecureContext))
168         {
169             return null;
170         }
171         return getUserName(((SecureContext) context).getAuthentication());
172     }
173
174     /**
175      * Get the current user name
176      *
177      * @param authentication
178      * Authentication
179      * @return String
180      */

181     private String JavaDoc getUserName(Authentication authentication)
182     {
183         String JavaDoc username = authentication.getPrincipal().toString();
184
185         if (authentication.getPrincipal() instanceof UserDetails)
186         {
187             username = ((UserDetails) authentication.getPrincipal()).getUsername();
188         }
189
190         return username;
191     }
192
193     /**
194      * Set the system user as the current user.
195      *
196      * @return Authentication
197      */

198     public Authentication setSystemUserAsCurrentUser()
199     {
200         return setCurrentUser(SYSTEM_USER_NAME);
201     }
202
203     /**
204      * Get the name of the system user
205      *
206      * @return String
207      */

208     public String JavaDoc getSystemUserName()
209     {
210         return SYSTEM_USER_NAME;
211     }
212
213     /**
214      * Get the name of the Guest User
215      */

216     public String JavaDoc getGuestUserName()
217     {
218         return PermissionService.GUEST_AUTHORITY.toLowerCase();
219     }
220
221     /**
222      * Set the guest user as the current user.
223      */

224     public Authentication setGuestUserAsCurrentUser() throws AuthenticationException
225     {
226         if (allowGuestLogin == null)
227         {
228             if(implementationAllowsGuestLogin())
229             {
230                 return setCurrentUser(PermissionService.GUEST_AUTHORITY);
231             }
232             else
233             {
234                 throw new AuthenticationException("Guest authentication is not allowed");
235             }
236         }
237         else
238         {
239             if(allowGuestLogin.booleanValue())
240             {
241                 return setCurrentUser(PermissionService.GUEST_AUTHORITY);
242             }
243             else
244             {
245                 throw new AuthenticationException("Guest authentication is not allowed");
246             }
247             
248         }
249     }
250
251     protected abstract boolean implementationAllowsGuestLogin();
252
253     /**
254      * Remove the current security information
255      */

256     public void clearCurrentSecurityContext()
257     {
258         ContextHolder.setContext(null);
259     }
260
261     /**
262      * The default is not to support Authentication token base authentication
263      */

264     public Authentication authenticate(Authentication token) throws AuthenticationException
265     {
266         throw new AlfrescoRuntimeException("Authentication via token not supported");
267     }
268
269     /**
270      * The should only be supported if getNTLMMode() is NTLMMode.MD4_PROVIDER.
271      */

272     public String JavaDoc getMD4HashedPassword(String JavaDoc userName)
273     {
274         throw new UnsupportedOperationException JavaDoc();
275     }
276
277     /**
278      * Get the NTML mode - none - supports MD4 hash to integrate - or it can asct as an NTLM authentication
279      */

280     public NTLMMode getNTLMMode()
281     {
282         return NTLMMode.NONE;
283     }
284
285 }
286
Popular Tags