KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > jetspeed > services > security > nosecurity > NoUserManagement


1 /*
2  * Copyright 2000-2001,2004 The Apache Software Foundation.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */

16
17 package org.apache.jetspeed.services.security.nosecurity;
18
19 import java.util.Vector JavaDoc;
20 import java.util.Iterator JavaDoc;
21 import java.security.Principal JavaDoc;
22
23 // Turbine
24
import org.apache.turbine.services.TurbineBaseService;
25
26
27 // Jetspeed Security
28
import org.apache.jetspeed.om.security.JetspeedUser;
29
30 import org.apache.jetspeed.services.security.UserManagement;
31 import org.apache.jetspeed.services.security.nosecurity.FakeJetspeedUser;
32
33 import org.apache.jetspeed.services.security.CredentialsManagement;
34 import org.apache.jetspeed.services.security.JetspeedSecurityException;
35
36 /**
37  * <p> The <code>NoUserManagement</code> class is a Jetspeed
38  * security provider, implementing the <code>UserManagement</code> and <code>CredentialsManagement</code>
39  * interfaces. It does not manage any users - no users are listed, no users are saved, any
40  * request for a user is satisfied with a temp. User object.
41  *
42  * @author <a HREF="mailto:ggolden@apache.org">Glenn R. Golden</a>
43  * @version $Id: NoUserManagement.java,v 1.2 2004/02/23 03:53:24 jford Exp $
44  */

45 public class NoUserManagement
46     extends TurbineBaseService
47    implements UserManagement, CredentialsManagement
48 {
49     /**
50      * Retrieves a <code>JetspeedUser</code> given the primary principle.
51      * The principal can be any valid Jetspeed Security Principal:
52      * <code>org.apache.jetspeed.om.security.UserNamePrincipal</code>
53      * <code>org.apache.jetspeed.om.security.UserIdPrincipal</code>
54      *
55      * The security service may optionally check the current user context
56      * to determine if the requestor has permission to perform this action.
57      *
58      * @param principal a principal identity to be retrieved.
59      * @return a <code>JetspeedUser</code> associated to the principal identity.
60      * @exception UserException when the security provider has a general failure retrieving a user.
61      * @exception UnknownUserException when the security provider cannot match
62      * the principal identity to a user.
63      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
64      */

65     public JetspeedUser getUser(Principal JavaDoc principal)
66         throws JetspeedSecurityException
67     {
68         // create a user object with this username for Jetspeed use
69
FakeJetspeedUser user = new FakeJetspeedUser(principal.getName(), false);
70         return user;
71     }
72
73     /**
74      * Retrieves a collection of all <code>JetspeedUser</code>s.
75      * The security service may optionally check the current user context
76      * to determine if the requestor has permission to perform this action.
77      *
78      * @return a collection of <code>JetspeedUser</code> entities.
79      * @exception UserException when the security provider has a general failure retrieving users.
80      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
81      */

82     public Iterator JavaDoc getUsers()
83         throws JetspeedSecurityException
84     {
85         return new Vector JavaDoc().iterator();
86     }
87
88     /**
89      * Retrieves a collection of <code>JetspeedUser</code>s filtered by a security
90      * provider-specific query string. For example SQL, OQL, JDOQL.
91      * The security service may optionally check the current user context
92      * to determine if the requestor has permission to perform this action.
93      *
94      * @return a collection of <code>JetspeedUser</code> entities.
95      * @exception UserException when the security provider has a general failure retrieving users.
96      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
97      */

98     public Iterator JavaDoc getUsers(String JavaDoc filter)
99         throws JetspeedSecurityException
100     {
101         return new Vector JavaDoc().iterator();
102     }
103
104     /**
105      * Saves a <code>JetspeedUser</code>'s attributes into permanent storage.
106      * The user's account is required to exist in the storage.
107      * The security service may optionally check the current user context
108      * to determine if the requestor has permission to perform this action.
109      *
110      * @exception UserException when the security provider has a general failure retrieving users.
111      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
112      */

113     public void saveUser(JetspeedUser user)
114         throws JetspeedSecurityException
115     {
116     }
117
118     /**
119      * Adds a <code>JetspeedUser</code> into permanent storage.
120      * The security service can throw a <code>NotUniqueUserException</code> when the public
121      * credentials fail to meet the security provider-specific unique constraints.
122      * The security service may optionally check the current user context
123      * to determine if the requestor has permission to perform this action.
124      *
125      * @exception UserException when the security provider has a general failure retrieving users.
126      * @exception NotUniqueUserException when the public credentials fail to meet
127      * the security provider-specific unique constraints.
128      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
129      */

130     public void addUser(JetspeedUser user)
131         throws JetspeedSecurityException
132     {
133     }
134
135     /**
136      * Removes a <code>JetspeedUser</code> from the permanent store.
137      * The security service may optionally check the current user context
138      * to determine if the requestor has permission to perform this action.
139      *
140      * @param principal the principal identity to be retrieved.
141      * @exception UserException when the security provider has a general failure retrieving a user.
142      * @exception UnknownUserException when the security provider cannot match
143      * the principal identity to a user.
144      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
145      */

146     public void removeUser(Principal JavaDoc principal)
147         throws JetspeedSecurityException
148     {
149     }
150
151     /**
152      * Allows for a user to change their own password.
153      *
154      * @param user the user to change the password for.
155      * @param oldPassword the current password supplied by the user.
156      * @param newPassword the current password requested by the user.
157      * @exception UserException when the security provider has a general failure retrieving a user.
158      * @exception UnknownUserException when the security provider cannot match
159      * the principal identity to a user.
160      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
161      */

162     public void changePassword( JetspeedUser user,
163                          String JavaDoc oldPassword,
164                          String JavaDoc newPassword )
165         throws JetspeedSecurityException
166     {
167     }
168
169     /**
170      * Forcibly sets new password for a User.
171      *
172      * Provides an administrator the ability to change the forgotten or
173      * compromised passwords. Certain implementatations of this feature
174      * would require administrative level access to the authenticating
175      * server / program.
176      *
177      * @param user the user to change the password for.
178      * @param password the new password.
179      * @exception UserException when the security provider has a general failure retrieving a user.
180      * @exception UnknownUserException when the security provider cannot match
181      * the principal identity to a user.
182      * @exception InsufficientPrivilegeException when the requestor is denied due to insufficient privilege
183      */

184     public void forcePassword( JetspeedUser user, String JavaDoc password )
185         throws JetspeedSecurityException
186     {
187     }
188
189     /**
190      * This method provides client-side encryption of passwords.
191      *
192      * If <code>secure.passwords</code> are enabled in JetspeedSecurity properties,
193      * the password will be encrypted, if not, it will be returned unchanged.
194      * The <code>secure.passwords.algorithm</code> property can be used
195      * to chose which digest algorithm should be used for performing the
196      * encryption. <code>SHA</code> is used by default.
197      *
198      * @param password the password to process
199      * @return processed password
200      */

201     public String JavaDoc encryptPassword( String JavaDoc password )
202         throws JetspeedSecurityException
203     {
204         return password;
205     }
206 }
207
208
Popular Tags