KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > axis > security > simple > SimpleSecurityProvider


1 /*
2  * Copyright 2001-2004 The Apache Software Foundation.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16
17 package org.apache.axis.security.simple;
18
19 import org.apache.axis.Constants;
20 import org.apache.axis.MessageContext;
21 import org.apache.axis.components.logger.LogFactory;
22 import org.apache.axis.security.AuthenticatedUser;
23 import org.apache.axis.security.SecurityProvider;
24 import org.apache.axis.utils.Messages;
25 import org.apache.commons.logging.Log;
26
27 import java.io.File JavaDoc;
28 import java.io.FileReader JavaDoc;
29 import java.io.LineNumberReader JavaDoc;
30 import java.util.HashMap JavaDoc;
31 import java.util.StringTokenizer JavaDoc;
32
33 /**
34  * SimpleSecurityProvider
35  *
36  * @author Glen Daniels (gdaniels@apache.org)
37  */
38 public class SimpleSecurityProvider implements SecurityProvider {
39     protected static Log log =
40         LogFactory.getLog(SimpleSecurityProvider.class.getName());
41
42     HashMap JavaDoc users = null;
43     HashMap JavaDoc perms = null;
44
45     boolean initialized = false;
46
47     // load the users list
48 private synchronized void initialize(MessageContext msgContext)
49     {
50         if (initialized) return;
51
52         String JavaDoc configPath = msgContext.getStrProp(Constants.MC_CONFIGPATH);
53         if (configPath == null) {
54             configPath = "";
55         } else {
56             configPath += File.separator;
57         }
58         File JavaDoc userFile = new File JavaDoc(configPath + "users.lst");
59         if (userFile.exists()) {
60             users = new HashMap JavaDoc();
61
62             try {
63
64                 FileReader JavaDoc fr = new FileReader JavaDoc( userFile );
65                 LineNumberReader JavaDoc lnr = new LineNumberReader JavaDoc( fr );
66                 String JavaDoc line = null ;
67
68                 // parse lines into user and passwd tokens and add result to hash table
69 while ( (line = lnr.readLine()) != null ) {
70                     StringTokenizer JavaDoc st = new StringTokenizer JavaDoc( line );
71                     if ( st.hasMoreTokens() ) {
72                         String JavaDoc userID = st.nextToken();
73                         String JavaDoc passwd = (st.hasMoreTokens()) ? st.nextToken() : "";
74
75                         if (log.isDebugEnabled()) {
76                             log.debug( Messages.getMessage("fromFile00",
77                                 userID, passwd) );
78                         }
79
80                         users.put(userID, passwd);
81                     }
82                 }
83
84                 lnr.close();
85
86             } catch( Exception JavaDoc e ) {
87                 log.error( Messages.getMessage("exception00"), e );
88                 return;
89             }
90         }
91         initialized = true;
92     }
93
94     /** Authenticate a user from a username/password pair.
95      *
96      * @param username the user name to check
97      * @param password the password to check
98      * @return an AuthenticatedUser or null
99      */
100     public AuthenticatedUser authenticate(MessageContext msgContext) {
101
102         if (!initialized) {
103             initialize(msgContext);
104         }
105
106         String JavaDoc username = msgContext.getUsername();
107         String JavaDoc password = msgContext.getPassword();
108
109         if (users != null) {
110             if (log.isDebugEnabled()) {
111                 log.debug( Messages.getMessage("user00", username) );
112             }
113
114             // in order to authenticate, the user must exist
115 if ( username == null ||
116                  username.equals("") ||
117                  !users.containsKey(username) )
118                 return null;
119
120             String JavaDoc valid = (String JavaDoc) users.get(username);
121
122             if (log.isDebugEnabled()) {
123                 log.debug( Messages.getMessage("password00", password) );
124             }
125
126             // if a password is defined, then it must match
127 if ( valid.length()>0 && !valid.equals(password) )
128                 return null;
129
130             if (log.isDebugEnabled()) {
131                 log.debug( Messages.getMessage("auth00", username) );
132             }
133
134             return new SimpleAuthenticatedUser(username);
135         }
136
137         return null;
138     }
139
140     /** See if a user matches a principal name. The name might be a user
141      * or a group.
142      *
143      * @return true if the user matches the passed name
144      */
145     public boolean userMatches(AuthenticatedUser user, String JavaDoc principal) {
146         if (user == null) return principal == null;
147         return user.getName().compareToIgnoreCase(principal) == 0;
148     }
149 }
150
Popular Tags