|
1
5
6 package org.exoplatform.services.security.impl;
7
8 import java.security.Principal;
9 import java.security.acl.Group;
10 import java.util.*;
11 import javax.security.auth.Subject;
12 import org.apache.commons.lang.StringUtils;
13 import org.apache.commons.logging.Log;
14 import org.exoplatform.services.exception.ExoServiceException;
15 import org.exoplatform.services.log.LogService;
16 import org.exoplatform.services.organization.OrganizationService;
17 import org.exoplatform.services.security.SecurityService;
18 import org.exoplatform.services.security.SubjectEventListener;
19 import org.exoplatform.services.security.jaas.JAASGroup;
20
21
26 public class SecurityServiceImpl implements SecurityService {
27
28 private Map subjects;
29 private Log log_;
30 private OrganizationService orgService_;
31
32 public SecurityServiceImpl(LogService logService,
33 OrganizationService organizationService) {
34 log_ = logService.getLog("org.exoplatform.services.security");
35 orgService_ = organizationService;
36 subjects = new HashMap();
37 }
38
39 public boolean authenticate(String login, String password) throws Exception {
40 if (password == null || "".equals(password)) {
41 log_.debug("password must not be null or empty");
42 throw new ExoServiceException("password must not be null or empty");
43 }
44 return orgService_.authenticate(login, password) ;
45 }
46
47 public void setUpAndCacheSubject(String userName, Subject value) throws ExoServiceException {
48 log_.debug("setUpAndCacheSubject for user " + userName);
49 Set principals = value.getPrincipals();
50 principals.add(new UserPrincipalImpl(userName));
51 Collection groups = null;
52 try {
53 groups = orgService_.findGroupsOfUser(userName);
54 } catch (Exception e) {
55 log_.error("error occured in findUserRoles of OrganizationService",e);
56 throw new ExoServiceException(e);
57 }
58 Set roles = new HashSet(5);
59 for (Iterator iter = groups.iterator(); iter.hasNext();) {
60 org.exoplatform.services.organization.Group group =
61 (org.exoplatform.services.organization.Group) iter.next();
62 String groupId = group.getId();
63 String[] splittedGroupName = StringUtils.split(groupId, "/");
64 roles.add(splittedGroupName[0]);
65 }
66 Group roleGroup = new JAASGroup(JAASGroup.ROLES);
67 for (Iterator iterator = roles.iterator(); iterator.hasNext();) {
68 String role = (String) iterator.next();
69 roleGroup.addMember(new RolePrincipalImpl(role));
70 log_.debug("add role : " + role);
71 }
72 value.getPrincipals().add(roleGroup);
73 subjects.put(userName, value);
74 }
75
76 public boolean isUserInRole(String userName, String role){
77 Subject subject = (Subject) subjects.get(userName);
78 if(subject == null){
79 return false;
80 }
81 Set roleGroups = subject.getPrincipals(Group.class);
82 for (Iterator iter = roleGroups.iterator(); iter.hasNext();) {
83 Group roleGroup = (Group) iter.next();
84 Enumeration enum = roleGroup.members();
85 while (enum.hasMoreElements()) {
86 Principal rolePrincipal = (Principal) enum.nextElement();
87 if(rolePrincipal.getName().equals(role))
88 return true;
89 }
90 }
91 return false;
92 }
93
94 public Subject getSubject(String userName) {
95 log_.debug("get subject for user " + userName);
96 return (Subject) subjects.get(userName);
97 }
98
99 public void removeSubject(String userName) {
100 log_.debug("remove subject for user " + userName);
101 subjects.remove(userName);
102 }
103
104 public void addSubjectEvenetListener(SubjectEventListener subjectEventListener) {
105 }
107
108 public Log getLog() { return log_ ; }
109 } |
Popular Tags |
Java API By Example, From Geeks To Geeks.