1 package org.apache.beehive.wsm.axis.security.model; 2 3 22 23 import java.util.Collection ; 24 import java.util.Iterator ; 25 import java.io.File ; 26 27 import org.apache.beehive.wsm.axis.security.User; 28 import org.apache.beehive.wsm.axis.security.Group; 29 import org.apache.beehive.wsm.axis.security.UserList; 30 import org.apache.beehive.wsm.axis.security.Role; 31 32 import org.apache.beehive.wsm.axis.security.xmlbeans.BeehiveRoleDocument; 33 import org.apache.beehive.wsm.axis.security.xmlbeans.BeehiveRoleDocument.BeehiveRole; 34 import org.apache.beehive.wsm.axis.security.SecurityModel; 35 36 import org.apache.axis.Constants; 37 import org.apache.axis.MessageContext; 38 import org.apache.axis.components.logger.LogFactory; 39 import org.apache.axis.security.AuthenticatedUser; 40 import org.apache.axis.security.SecurityProvider; 41 import org.apache.axis.security.simple.SimpleSecurityProvider; 42 import org.apache.log4j.Logger; 43 44 public class BeehiveMemorySecurityModel implements SecurityModel { 45 46 protected static Logger logger = Logger.getLogger(BeehiveMemorySecurityModel.class); 47 48 private static final String BEEHIVE_ROLE_FILE = "beehive-role.xml"; 49 50 private static UserList userList = null; 52 53 public void init ( MessageContext msgContext ) 54 { 55 56 if (logger.isDebugEnabled()) { 57 logger.debug("Enter: BeehiveMemorySecurityModel::init"); 58 } 59 60 if ( userList != null ) 61 { 62 return; 64 } 65 66 synchronized ( BeehiveMemorySecurityModel.class ) 67 { 68 69 if ( userList == null ) 70 { 71 72 String configPath = msgContext.getStrProp(Constants.MC_CONFIGPATH); 73 if ( configPath == null ) 74 { 75 configPath = ""; 76 } 77 else 78 { 79 configPath += File.separator; 80 } 81 82 if (logger.isDebugEnabled()) { 83 logger.debug("BEEHIVE_ROLE_FILE : " + configPath + BEEHIVE_ROLE_FILE ); 84 } 85 86 BeehiveRoleDocument brd = null; 87 88 try{ 89 brd = BeehiveRoleDocument.Factory.parse( new File ( configPath + BEEHIVE_ROLE_FILE ) ); 90 }catch(Exception e){ 91 logger.error("BeehiveRoleDocument couldn't parse the file ("+ configPath + BEEHIVE_ROLE_FILE +") : " + e.getMessage(), e); 92 return; 93 } 94 95 userList = createUserList ( brd ); 96 97 } 98 99 } 101 if (logger.isDebugEnabled()) { 102 logger.debug("Exit : BeehiveMemorySecurityModel::init"); 103 } 104 } 105 106 private UserList createUserList ( BeehiveRoleDocument brd ) 107 { 108 BeehiveRole beehiveRole = brd.getBeehiveRole(); 109 110 UserList userList = new MemoryUserListImpl(); 111 112 for ( org.apache.beehive.wsm.axis.security.xmlbeans.Role role : beehiveRole.getRoleArray() ) 114 { 115 MemoryRoleImpl memoryRole = new MemoryRoleImpl(); 116 memoryRole.setName ( role.getName() ); 117 118 userList.addRole( memoryRole ); 119 } 120 121 for ( org.apache.beehive.wsm.axis.security.xmlbeans.Group group : beehiveRole.getGroupArray() ) 123 { 124 MemoryGroupImpl memoryGroup = new MemoryGroupImpl(); 125 memoryGroup.setName ( group.getName() ); 126 127 userList.addGroup( memoryGroup ); 128 129 for ( org.apache.beehive.wsm.axis.security.xmlbeans.Role role : beehiveRole.getRoleArray() ) 130 { 131 for ( String groupName : role.getGroupArray() ) 132 { 133 if ( groupName.equals( group.getName() ) ) 134 { 135 Role memoryRole = userList.getRole( role.getName() ); 136 if ( memoryRole != null ) 137 { 138 if (logger.isDebugEnabled()) { 139 logger.debug("GROUP : " + memoryGroup.getName() + " in ROLE : " + memoryRole.getName() ); 140 } 141 memoryGroup.addRole ( memoryRole ); 142 } 143 } 144 } 145 } 146 userList.addGroup ( memoryGroup ); 147 } 148 149 for( org.apache.beehive.wsm.axis.security.xmlbeans.User user : beehiveRole.getUserArray() ) 151 { 152 MemoryUserImpl memoryUser = new MemoryUserImpl(); 153 memoryUser.setName ( user.getName() ); 154 memoryUser.setPassword ( user.getPassword() ); 155 memoryUser.setMd5 ( user.getMd5() ); 156 157 for ( org.apache.beehive.wsm.axis.security.xmlbeans.Group group : beehiveRole.getGroupArray() ) 158 { 159 for ( String userName : group.getUserArray() ) 160 { 161 if ( userName.equals( user.getName() ) ) 162 { 163 Group memoryGroup = userList.getGroup( group.getName() ); 164 if ( memoryGroup != null ) 165 { 166 if (logger.isDebugEnabled()) { 167 logger.debug("USER : " + memoryUser.getName() + " in GROUP : " + memoryGroup.getName() ); 168 } 169 170 memoryGroup.addUser( memoryUser ); 172 memoryUser.addGroup( memoryGroup ); 173 174 for ( Role memoryRole : memoryGroup.getRoles() ) 176 { 177 memoryUser.addRole ( memoryRole ); 178 } 179 180 } 181 } 182 } 183 } 184 185 186 for ( org.apache.beehive.wsm.axis.security.xmlbeans.Role role : beehiveRole.getRoleArray() ) 187 { 188 for ( String userName : role.getUserArray() ) 189 { 190 if ( userName.equals( user.getName() ) ) 191 { 192 Role memoryRole = userList.getRole( role.getName() ); 193 if ( memoryRole != null ) 194 { 195 if (logger.isDebugEnabled()) { 196 logger.debug("USER : " + memoryUser.getName() + " in ROLE : " + memoryRole.getName() ); 197 } 198 memoryUser.addRole( memoryRole ); 199 } 200 } 201 } 202 } 203 userList.addUser ( memoryUser ); 204 } 205 206 return userList; 207 } 208 209 public boolean isUserInRole ( MessageContext msgContext, Collection <String > rolesAllowed ){ 210 211 if (logger.isDebugEnabled()) { 212 logger.debug("Enter: BeehiveMemorySecurityModel::isUserInRole"); 213 } 214 215 String username = msgContext.getUsername(); 216 217 if (logger.isDebugEnabled()) { 218 logger.debug("username from client : " + username); 219 } 220 221 if ( username == null ){ 222 return false; } 224 225 if (logger.isDebugEnabled()) { 226 logger.debug("username from client : " + username); 227 } 228 229 User user = userList.getUser ( username ); 230 231 232 if ( user == null ) { 233 if (logger.isDebugEnabled()) { 234 logger.debug("user returned from userList is null"); 235 } 236 return false; } 238 239 if ( ! user.authenticate( msgContext.getPassword() ) ) 240 { 241 if (logger.isDebugEnabled()) { 242 logger.debug("authenticate failed"); 243 } 244 return false; } 246 247 if (logger.isDebugEnabled()) { 248 logger.debug("authenticate passed (" + username + ")"); 249 } 250 251 for ( Role role : user.getRoles() ) 252 { 253 254 if (logger.isDebugEnabled()) { 255 logger.debug("user [" + user.getName() + "] role ["+ role.getName() +"]"); 256 } 257 258 for ( String roleAllowed : rolesAllowed ) 259 { 260 if ( role.getName().equals( roleAllowed ) ) 261 { 262 if (logger.isDebugEnabled()) { 263 logger.debug( "auth : " + user.getName()+ " is in role [" + roleAllowed + "]"); 264 } 265 msgContext.setProperty(SecurityModel.BEEHIVE_AUTHUSER, user); 266 return true; 267 } 268 } 269 270 } 271 272 if (logger.isDebugEnabled()) { 273 logger.debug("Exit: BeehiveMemorySecurityModel::isUserInRole"); 274 } 275 276 return false; 277 } 278 279 280 } 281 | Popular Tags |