NoUserManagement


1   /*
2    * Copyright 2000-2001,2004 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.apache.jetspeed.services.security.nosecurity;
18  
19  import java.util.Vector  ;
20  import java.util.Iterator  ;
21  import java.security.Principal  ;
22  
23  // Turbine 
24  import org.apache.turbine.services.TurbineBaseService;
25  
26  
27  // Jetspeed Security
28  import org.apache.jetspeed.om.security.JetspeedUser;
29  
30  import org.apache.jetspeed.services.security.UserManagement;
31  import org.apache.jetspeed.services.security.nosecurity.FakeJetspeedUser;
32  
33  import org.apache.jetspeed.services.security.CredentialsManagement;
34  import org.apache.jetspeed.services.security.JetspeedSecurityException;
35  
36  /**
37   * <p> The <code>NoUserManagement</code> class is a Jetspeed
38   * security provider, implementing the <code>UserManagement</code> and <code>CredentialsManagement</code>
39   * interfaces.  It does not manage any users - no users are listed, no users are saved, any
40   * request for a user is satisfied with a temp. User object.
41   *
42   * @author <a HREF="mailto:ggolden@apache.org">Glenn R. Golden</a>
43   * @version $Id: NoUserManagement.java,v 1.2 2004/02/23 03:53:24 jford Exp $
44   */
45  public class NoUserManagement
46      extends TurbineBaseService
47     implements UserManagement, CredentialsManagement
48  {
49      /**
50       * Retrieves a <code>JetspeedUser</code> given the primary principle.
51       * The principal can be any valid Jetspeed Security Principal:
52       *   <code>org.apache.jetspeed.om.security.UserNamePrincipal</code>
53       *   <code>org.apache.jetspeed.om.security.UserIdPrincipal</code>
54       *   
55       * The security service may optionally check the current user context
56       * to determine if the requestor has permission to perform this action.
57       *
58       * @param principal a principal identity to be retrieved.
59       * @return a <code>JetspeedUser</code> associated to the principal identity.
60       * @exception UserException when the security provider has a general failure retrieving a user.
61       * @exception UnknownUserException when the security provider cannot match
62       *            the principal identity to a user.
63       * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
64       */
65      public JetspeedUser getUser(Principal   principal)
66          throws JetspeedSecurityException
67      {
68          // create a user object with this username for Jetspeed use
69          FakeJetspeedUser user = new FakeJetspeedUser(principal.getName(), false);
70          return user;
71      }
72  
73      /**
74       * Retrieves a collection of all <code>JetspeedUser</code>s.
75       * The security service may optionally check the current user context
76       * to determine if the requestor has permission to perform this action.
77       *
78       * @return a collection of <code>JetspeedUser</code> entities.
79       * @exception UserException when the security provider has a general failure retrieving users.
80       * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
81       */
82      public Iterator   getUsers()
83          throws JetspeedSecurityException
84      {
85          return new Vector  ().iterator();
86      }
87  
88      /**
89       * Retrieves a collection of <code>JetspeedUser</code>s filtered by a security 
90       * provider-specific query string. For example SQL, OQL, JDOQL.
91       * The security service may optionally check the current user context
92       * to determine if the requestor has permission to perform this action.
93       *
94       * @return a collection of <code>JetspeedUser</code> entities.
95       * @exception UserException when the security provider has a general failure retrieving users.
96       * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
97       */
98      public Iterator   getUsers(String   filter)
99          throws JetspeedSecurityException
100     {
101         return new Vector  ().iterator();
102     }
103 
104     /**
105      * Saves a <code>JetspeedUser</code>'s attributes into permanent storage. 
106      * The user's account is required to exist in the storage.
107      * The security service may optionally check the current user context
108      * to determine if the requestor has permission to perform this action.
109      *
110      * @exception UserException when the security provider has a general failure retrieving users.
111      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
112      */
113     public void saveUser(JetspeedUser user)
114         throws JetspeedSecurityException
115     {
116     }
117 
118     /**
119      * Adds a <code>JetspeedUser</code> into permanent storage. 
120      * The security service can throw a <code>NotUniqueUserException</code> when the public
121      * credentials fail to meet the security provider-specific unique constraints.
122      * The security service may optionally check the current user context
123      * to determine if the requestor has permission to perform this action.
124      *
125      * @exception UserException when the security provider has a general failure retrieving users.
126      * @exception NotUniqueUserException when the public credentials fail to meet 
127      *                                   the security provider-specific unique constraints.
128      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
129      */
130     public void addUser(JetspeedUser user)
131         throws JetspeedSecurityException
132     {
133     }
134 
135     /**
136      * Removes a <code>JetspeedUser</code> from the permanent store.
137      * The security service may optionally check the current user context
138      * to determine if the requestor has permission to perform this action.
139      *
140      * @param principal the principal identity to be retrieved.
141      * @exception UserException when the security provider has a general failure retrieving a user.
142      * @exception UnknownUserException when the security provider cannot match
143      *            the principal identity to a user.
144      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
145      */
146     public void removeUser(Principal   principal)
147         throws JetspeedSecurityException
148     {
149     }
150 
151     /**
152      * Allows for a user to change their own password.
153      *
154      * @param user the user to change the password for.
155      * @param oldPassword the current password supplied by the user.
156      * @param newPassword the current password requested by the user.
157      * @exception UserException when the security provider has a general failure retrieving a user.
158      * @exception UnknownUserException when the security provider cannot match
159      *            the principal identity to a user.
160      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
161      */
162     public void changePassword( JetspeedUser user,
163                          String   oldPassword, 
164                          String   newPassword )
165         throws JetspeedSecurityException
166     {
167     }
168 
169     /**
170      * Forcibly sets new password for a User.
171      *
172      * Provides an administrator the ability to change the forgotten or
173      * compromised passwords. Certain implementatations of this feature
174      * would require administrative level access to the authenticating
175      * server / program.
176      *     
177      * @param user the user to change the password for.
178      * @param password the new password.   
179      * @exception UserException when the security provider has a general failure retrieving a user.
180      * @exception UnknownUserException when the security provider cannot match
181      *            the principal identity to a user.
182      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege 
183      */
184     public void forcePassword( JetspeedUser user, String   password )
185         throws JetspeedSecurityException
186     {
187     }
188 
189     /**
190      * This method provides client-side encryption of passwords.
191      *
192      * If <code>secure.passwords</code> are enabled in JetspeedSecurity properties,
193      * the password will be encrypted, if not, it will be returned unchanged.
194      * The <code>secure.passwords.algorithm</code> property can be used
195      * to chose which digest algorithm should be used for performing the
196      * encryption. <code>SHA</code> is used by default.
197      *
198      * @param password the password to process
199      * @return processed password
200      */
201     public String   encryptPassword( String   password )
202         throws JetspeedSecurityException
203     {
204         return password;
205     }
206 }
207 
208
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags