Java > Open Source Codes > org > apache > jetspeed > services > security > turbine > TurbineAuthentication


1 /*
2  * Copyright 2000-2004 The Apache Software Foundation.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16
17 package org.apache.jetspeed.services.security.turbine;
18
19 import javax.servlet.ServletConfig ;
20
21 import java.util.Date ;
22 import java.util.GregorianCalendar ;
23
24 import org.apache.turbine.services.TurbineBaseService;
25 import org.apache.turbine.services.TurbineServices;
26 import org.apache.turbine.services.InitializationException;
27 import org.apache.turbine.services.resources.ResourceService;
28
29 import org.apache.jetspeed.services.security.PortalAuthentication;
30 import org.apache.jetspeed.services.security.LoginException;
31 import org.apache.jetspeed.services.logging.JetspeedLogFactoryService;
32 import org.apache.jetspeed.services.logging.JetspeedLogger;
33 import org.apache.jetspeed.services.JetspeedSecurity;
34 import org.apache.jetspeed.om.security.JetspeedUser;
35 import org.apache.jetspeed.om.security.UserNamePrincipal;
36 import org.apache.jetspeed.services.JetspeedUserManagement;
37 import org.apache.jetspeed.services.security.JetspeedSecurityService;
38 import org.apache.jetspeed.services.security.FailedLoginException;
39 import org.apache.jetspeed.services.security.CredentialExpiredException;
40 import org.apache.jetspeed.services.security.UnknownUserException;
41 import org.apache.jetspeed.services.security.JetspeedSecurityException;
42 import org.apache.jetspeed.services.security.JetspeedSecurityCache;
43 import org.apache.jetspeed.services.rundata.JetspeedRunDataService;
44 import org.apache.jetspeed.services.rundata.JetspeedRunData;
45 import org.apache.turbine.services.rundata.RunDataService;
46
47 /**
48  * <p> The <code>TurbineAuthentication</code> class is a default Jetspeed
49  * security provider, implementing the <code>PortalAuthentication</code> interface.
50  * It provides authentication services using a User database table mimicking the
51  * legacy Turbine-2 user table.
52  *
53  * This service does not use any of the Turbine security or user management classes.
54  *
55  * @author <a HREF="mailto:david@bluesunrise.com">David Sean Taylor</a>
56  * @author <a HREF="mailto:morciuch@apache.org">Mark Orciuch</a>
57  * @version $Id: TurbineAuthentication.java,v 1.9 2004/02/23 03:54:49 jford Exp $
58  */
59                                                              
60 public class TurbineAuthentication extends TurbineBaseService
61                                     implements PortalAuthentication
62 {
63     /**
64      * Static initialization of the logger for this class
65      */
66     private static final JetspeedLogger logger = JetspeedLogFactoryService.getLogger(TurbineAuthentication.class.getName());
67     
68     /** The JetspeedRunData Service. */
69     private JetspeedRunDataService runDataService = null;
70
71     private final static String CONFIG_ANONYMOUS_USER = "user.anonymous";
72     String anonymousUser = "anon";
73     private final static String CACHING_ENABLE = "caching.enable";
74     private boolean cachingEnable = true;
75
76     private final static String CONFIG_PASSWORD_EXPIRATION_PERIOD = "password.expiration.period";
77
78     private int expirationPeriod = 0;
79
80     /**
81      * Given a public credential(username) and private credential(password),
82      * perform authentication. If authentication succeeds, a <code>JetspeedUser</code>
83      * is returned representing the authenticated subject.
84      *
85      * @param username a public credential of the subject to be authenticated.
86      * @param password a private credentialof the subject to be authenticated.
87      * @return a <code>JetspeedUser</code> object representing the authenticated subject.
88      * @exception LoginException when general security provider failure.
89      * @exception FailedLoginException when the authentication failed.
90      * @exception AccountExpiredException when the subject's account is expired.
91      * @exception CredentialExpiredException when the subject's credential is expired.
92      */
93     public JetspeedUser login(String username, String password)
94         throws LoginException
95     {
96
97         if (username.equals(this.anonymousUser))
98         {
99             throw new LoginException("Anonymous user cannot login");
100         }
101
102         JetspeedUser user = null;
103
104         username = JetspeedSecurity.convertUserName(username);
105         password = JetspeedSecurity.convertPassword(password);
106        
107         try
108         {
109             user = JetspeedUserManagement.getUser(new UserNamePrincipal(username));
110             password = JetspeedSecurity.encryptPassword(password);
111         }
112         catch (UnknownUserException e)
113         {
114             logger.warn("Unknown user attempted access: " + username, e);
115             throw new FailedLoginException(e.toString());
116         }
117         catch (JetspeedSecurityException e)
118         {
119             logger.warn("User denied authentication: " + username, e);
120             throw new LoginException(e.toString());
121         }
122
123         if(!user.getPassword().equals(password))
124         {
125             logger.error("Invalid password for user: " + username);
126             throw new FailedLoginException("Credential authentication failure");
127         }
128
129         // Check for password expiration
130 if (this.expirationPeriod > 0)
131         {
132             Date passwordLastChangedDate = user.getPasswordChanged();
133             Date passwordExpireDate = null;
134             if (passwordLastChangedDate != null) {
135                 GregorianCalendar gcal = (GregorianCalendar ) GregorianCalendar.getInstance();
136                 gcal.setTime(passwordLastChangedDate);
137                 gcal.add(GregorianCalendar.DATE, this.expirationPeriod);
138                 passwordExpireDate = gcal.getTime();
139                 if (logger.isDebugEnabled())
140                 {
141                     logger.debug("TurbineAuthentication: password last changed = " + passwordLastChangedDate.toString() +
142                               ", password expires = " + passwordExpireDate.toString());
143                 }
144             }
145
146             if (passwordExpireDate == null || (new Date ().getTime() > passwordExpireDate.getTime())) {
147                 throw new CredentialExpiredException("Password expired");
148             }
149
150         }
151
152         // Mark the user as being logged in.
153 user.setHasLoggedIn(new Boolean (true));
154
155         // Set the last_login date in the database.
156 try
157         {
158             user.updateLastLogin();
159             putUserIntoContext(user);
160             if (cachingEnable)
161             {
162                 JetspeedSecurityCache.load(username);
163             }
164         }
165         catch (Exception e)
166         {
167             logger.error( "Failed to update last login ", e);
168             putUserIntoContext(JetspeedSecurity.getAnonymousUser());
169             throw new LoginException("Failed to update last login ", e);
170         }
171
172         return user;
173         
174     }
175
176     /**
177      * Automatically authenticates and retrieves the portal anonymous user.
178      *
179      * @return a <code>JetspeedUser</code> object representing the authenticated subject.
180      * @exception LoginException if the authentication fails.
181      */
182     public JetspeedUser getAnonymousUser()
183         throws LoginException
184     {
185         JetspeedUser user = null;
186         try
187         {
188             user = JetspeedUserManagement.getUser(new UserNamePrincipal(anonymousUser));
189             user.setHasLoggedIn(new Boolean (false));
190             putUserIntoContext(user);
191             if (cachingEnable)
192             {
193                 JetspeedSecurityCache.load(user.getUserName());
194             }
195         }
196         catch (JetspeedSecurityException e)
197         {
198             logger.error( "Failed to get anonymous user: ", e );
199             throw new LoginException("Failed to get anonymous user: ", e);
200         }
201         return user;
202     }
203
204     /**
205      * Logout the <code>JetspeedUser</code>.
206      *
207      * The logout procedure my may include removing/destroying
208      * <code>Principal</code> and <code>Credential</code> information
209      * if relevant to the security provider.
210      *
211      * @exception LoginException if the logout fails.
212      */
213     public void logout()
214         throws LoginException
215     {
216         try
217         {
218             //if (cachingEnable)
219 //{
220 // JetspeedSecurityCache.unload(getUserFromContext().getUserName());
221 //}
222 getAnonymousUser();
223         }
224         catch (Exception e)
225         {
226             logger.error( "Exception logging user out ", e );
227             throw new LoginException("Exception logging user out ", e );
228         }
229     }
230
231     /**
232      * This is the early initialization method called by the
233      * Turbine <code>Service</code> framework
234      * @param conf The <code>ServletConfig</code>
235      * @exception throws a <code>InitializationException</code> if the service
236      * fails to initialize
237      */
238     public synchronized void init(ServletConfig conf)
239         throws InitializationException
240     {
241         if (getInit()) return;
242
243         super.init(conf);
244
245         // get configuration parameters from Jetspeed Resources
246 ResourceService serviceConf = ((TurbineServices)TurbineServices.getInstance())
247                                                      .getResources(JetspeedSecurityService.SERVICE_NAME);
248
249         anonymousUser = serviceConf.getString(CONFIG_ANONYMOUS_USER, anonymousUser);
250         cachingEnable = serviceConf.getBoolean( CACHING_ENABLE, cachingEnable );
251         expirationPeriod = serviceConf.getInt( this.CONFIG_PASSWORD_EXPIRATION_PERIOD, 0 );
252
253         this.runDataService =
254             (JetspeedRunDataService)TurbineServices.getInstance()
255                 .getService(RunDataService.SERVICE_NAME);
256
257
258         setInit(true);
259      }
260
261     ////////////////////////////////////////////////////////////////////////////
262
263     protected JetspeedRunData getRunData()
264     {
265         JetspeedRunData rundata = null;
266         if (this.runDataService != null)
267         {
268             rundata = this.runDataService.getCurrentRunData();
269         }
270         return rundata;
271     }
272
273     protected JetspeedUser getUserFromContext()
274     {
275         JetspeedRunData rundata = getRunData();
276         JetspeedUser user = null;
277         if (rundata != null)
278         {
279             user = (JetspeedUser)rundata.getUser();
280         }
281         return user;
282     }
283
284     protected JetspeedRunData putUserIntoContext(JetspeedUser user)
285     {
286         JetspeedRunData rundata = getRunData();
287         if (rundata != null)
288         {
289             rundata.setUser(user);
290             rundata.save();
291         }
292         return rundata;
293     }
294
295
296 }

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags