KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > cocoon > webapps > authentication > components > PipelineAuthenticator


1 /*
2  * Copyright 1999-2004 The Apache Software Foundation.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 package org.apache.cocoon.webapps.authentication.components;
17
18 import java.io.IOException JavaDoc;
19
20 import org.apache.avalon.framework.activity.Disposable;
21 import org.apache.avalon.framework.logger.AbstractLogEnabled;
22 import org.apache.avalon.framework.service.ServiceException;
23 import org.apache.avalon.framework.service.ServiceManager;
24 import org.apache.avalon.framework.service.Serviceable;
25 import org.apache.avalon.framework.thread.ThreadSafe;
26 import org.apache.cocoon.ProcessingException;
27 import org.apache.cocoon.components.source.SourceUtil;
28 import org.apache.cocoon.webapps.authentication.configuration.HandlerConfiguration;
29 import org.apache.cocoon.webapps.authentication.user.UserHandler;
30 import org.apache.cocoon.webapps.session.MediaManager;
31 import org.apache.cocoon.xml.XMLUtils;
32 import org.apache.cocoon.xml.dom.DOMUtil;
33 import org.apache.excalibur.source.Source;
34 import org.apache.excalibur.source.SourceException;
35 import org.apache.excalibur.source.SourceParameters;
36 import org.apache.excalibur.source.SourceResolver;
37 import org.w3c.dom.Document JavaDoc;
38 import org.w3c.dom.Element JavaDoc;
39 import org.w3c.dom.Node JavaDoc;
40 import org.w3c.dom.NodeList JavaDoc;
41 import org.w3c.dom.Text JavaDoc;
42 import org.xml.sax.SAXException JavaDoc;
43
44 /**
45  * Verify if a user can be authenticated.
46  *
47  * @author <a HREF="mailto:cziegeler@apache.org">Carsten Ziegeler</a>
48  * @version CVS $Id: PipelineAuthenticator.java 53739 2004-10-04 19:19:19Z vgritsenko $
49 */
50 public class PipelineAuthenticator
51         extends AbstractLogEnabled
52         implements Serviceable, ThreadSafe, Disposable, Authenticator {
53
54     /** The service manager */
55     protected ServiceManager manager;
56
57     /** The source resolver */
58     protected SourceResolver resolver;
59
60     /**
61      * Check the fragment if it is valid
62      */
63     private boolean isValidAuthenticationFragment(Document JavaDoc authenticationFragment)
64     throws ProcessingException {
65         // calling method is synced
66 if (getLogger().isDebugEnabled() ) {
67             getLogger().debug("BEGIN isValidAuthenticationFragment fragment=" +
68                               XMLUtils.serializeNode(authenticationFragment, XMLUtils.createPropertiesForXML(false)));
69         }
70         boolean isValid = false;
71
72         // authenticationFragment must only have exactly one child with
73 // the name authentication
74 if (authenticationFragment.hasChildNodes() == true
75             && authenticationFragment.getChildNodes().getLength() == 1) {
76             Node JavaDoc child = authenticationFragment.getFirstChild();
77
78             if (child.getNodeType() == Node.ELEMENT_NODE
79                 && child.getNodeName().equals("authentication") == true) {
80
81                 // now authentication must have one child ID
82 if (child.hasChildNodes() == true) {
83                     NodeList JavaDoc children = child.getChildNodes();
84                     boolean found = false;
85                     int i = 0;
86                     int l = children.getLength();
87
88                     while (found == false && i < l) {
89                         child = children.item(i);
90                         if (child.getNodeType() == Node.ELEMENT_NODE
91                             && child.getNodeName().equals("ID") == true) {
92                             found = true;
93                         } else {
94                             i++;
95                         }
96                     }
97
98                     // now the last check: ID must have a TEXT child
99 if (found == true) {
100                         child.normalize(); // join text nodes
101 if (child.hasChildNodes() == true &&
102                             child.getChildNodes().getLength() == 1 &&
103                             child.getChildNodes().item(0).getNodeType() == Node.TEXT_NODE) {
104                             String JavaDoc value = child.getChildNodes().item(0).getNodeValue().trim();
105                             if (value.length() > 0) isValid = true;
106                         }
107                     }
108                 }
109
110             }
111         }
112         if (this.getLogger().isDebugEnabled()) {
113             this.getLogger().debug("END isValidAuthenticationFragment valid=" + isValid);
114         }
115         return isValid;
116     }
117
118     /* (non-Javadoc)
119      * @see org.apache.cocoon.webapps.authentication.components.Authenticator#authenticate(org.apache.cocoon.webapps.authentication.configuration.HandlerConfiguration, org.apache.excalibur.source.SourceParameters)
120      */
121     public AuthenticationResult authenticate(HandlerConfiguration configuration,
122                                              SourceParameters parameters)
123     throws ProcessingException {
124         if (this.getLogger().isDebugEnabled() ) {
125             this.getLogger().debug("start authenticator using handler " + configuration.getName());
126         }
127
128         final String JavaDoc authenticationResourceName = configuration.getAuthenticationResource();
129         final SourceParameters authenticationParameters = configuration.getAuthenticationResourceParameters();
130         if (parameters != null) {
131             parameters.add(authenticationParameters);
132         } else {
133             parameters = authenticationParameters;
134         }
135
136         Document JavaDoc doc = null;
137         String JavaDoc exceptionMsg = null;
138
139         // invoke the source
140 try {
141             Source source = null;
142             try {
143                 source = SourceUtil.getSource(authenticationResourceName, null,
144                                               parameters, this.resolver);
145                 doc = SourceUtil.toDOM(source);
146             } catch (SAXException JavaDoc se) {
147                 throw new ProcessingException(se);
148             } catch (SourceException se) {
149                 throw SourceUtil.handle(se);
150             } catch (IOException JavaDoc e) {
151                 throw new ProcessingException(e);
152             } finally {
153                 this.resolver.release(source);
154             }
155         } catch (ProcessingException local) {
156             this.getLogger().error("authenticator: " + local.getMessage(), local);
157             exceptionMsg = local.getMessage();
158         }
159
160         // test if authentication was successful
161 boolean isValid = false;
162         AuthenticationResult result = null;
163         if (doc != null) {
164             isValid = this.isValidAuthenticationFragment( doc );
165
166             if ( isValid ) {
167                 if (this.getLogger().isInfoEnabled() ) {
168                     this.getLogger().info("Authenticator: User authenticated using handler '"
169                                           + configuration.getName() + "'");
170                 }
171
172                 MediaManager mediaManager = null;
173                 String JavaDoc mediaType;
174                 try {
175                     mediaManager = (MediaManager)this.manager.lookup( MediaManager.ROLE );
176                     mediaType = mediaManager.getMediaType();
177                 } catch (ServiceException se) {
178                     throw new ProcessingException("Unable to lookup media manager.", se);
179                 } finally {
180                     this.manager.release( mediaManager );
181                 }
182                 synchronized (configuration) {
183                     // add special nodes to the authentication block:
184 // useragent, type and media
185 Element JavaDoc specialElement;
186                     Text JavaDoc specialValue;
187                     Element JavaDoc authNode;
188
189                     authNode = (Element JavaDoc)doc.getFirstChild();
190
191                     specialElement = doc.createElementNS(null, "type");
192                     specialValue = doc.createTextNode("cocoon.authentication");
193                     specialElement.appendChild(specialValue);
194                     authNode.appendChild(specialElement);
195
196                     specialElement = doc.createElementNS(null, "media");
197                     specialValue = doc.createTextNode(mediaType);
198                     specialElement.appendChild(specialValue);
199                     authNode.appendChild(specialElement);
200
201                     result = new AuthenticationResult(true, doc);
202
203                 } // end sync
204 }
205         }
206
207         if ( !isValid ) {
208             if (this.getLogger().isInfoEnabled() ) {
209                 this.getLogger().info("Authenticator: Failed authentication using handler '"
210                                       + configuration.getName()+ "'");
211             }
212             // get the /authentication/data Node if available
213 Node JavaDoc data = null;
214
215             if (doc != null) {
216                 data = DOMUtil.getFirstNodeFromPath(doc,
217                                                     new String JavaDoc[] {"authentication","data"},
218                                                     false);
219             }
220             doc = DOMUtil.createDocument();
221
222             // now create the following xml:
223 // <root>
224 // <failed/>
225 // if data is available data is included, otherwise:
226 // <data>No information</data>
227 // If exception message contains info, it is included into failed
228 // </root>
229 final Element JavaDoc root = doc.createElementNS(null, "root");
230             doc.appendChild(root);
231             Element JavaDoc element = doc.createElementNS(null, "failed");
232             root.appendChild(element);
233
234             if (exceptionMsg != null) {
235                 Text JavaDoc text = doc.createTextNode(exceptionMsg);
236                 element.appendChild(text);
237             }
238
239             if (data == null) {
240                 element = doc.createElementNS(null, "data");
241                 root.appendChild(element);
242                 Text JavaDoc text = doc.createTextNode("No information available");
243                 element.appendChild(text);
244             } else {
245                 root.appendChild(doc.importNode(data, true));
246             }
247
248             result = new AuthenticationResult(false, doc);
249         }
250
251         if (this.getLogger().isDebugEnabled() ) {
252             this.getLogger().debug("end authenticator");
253         }
254
255         return result;
256     }
257
258
259     /* (non-Javadoc)
260      * @see org.apache.avalon.framework.service.Serviceable#service(ServiceManager)
261      */
262     public void service(ServiceManager manager) throws ServiceException {
263         this.manager = manager;
264         this.resolver = (SourceResolver) this.manager.lookup(SourceResolver.ROLE);
265     }
266
267     /* (non-Javadoc)
268      * @see org.apache.avalon.framework.activity.Disposable#dispose()
269      */
270     public void dispose() {
271         if ( this.manager != null ){
272             this.manager.release( this.resolver );
273             this.manager = null;
274             this.resolver = null;
275         }
276     }
277
278     /* (non-Javadoc)
279      * @see org.apache.cocoon.webapps.authentication.components.Authenticator#logout(UserHandler)
280      */
281     public void logout(UserHandler handler) {
282         if (this.getLogger().isDebugEnabled() ) {
283             this.getLogger().debug("logout using handler " + handler.getHandlerName());
284         }
285
286         final HandlerConfiguration configuration = handler.getHandlerConfiguration();
287         final String JavaDoc logoutResourceName = configuration.getLogoutResource();
288         if (logoutResourceName != null) {
289             final SourceParameters parameters = configuration.getAuthenticationResourceParameters();
290
291             // invoke the source
292 Source source = null;
293             try {
294                 // This allows arbitrary business logic to be called. Whatever is returned
295 // is ignored.
296 source = SourceUtil.getSource(logoutResourceName, null, parameters, this.resolver);
297                 SourceUtil.toDOM(source);
298             } catch (Exception JavaDoc ignore) {
299                 this.getLogger().error("logout: " + ignore.getMessage(), ignore);
300             } finally {
301                 this.resolver.release(source);
302             }
303         }
304     }
305 }
306
Popular Tags