CombinedJNDIBasicAuthorizationModule


1   /* ===============================================================================
2    *
3    * Part of the InfoGlue Content Management Platform (www.infoglue.org)
4    *
5    * ===============================================================================
6    *
7    *  Copyright (C)
8    * 
9    * This program is free software; you can redistribute it and/or modify it under
10   * the terms of the GNU General Public License version 2, as published by the
11   * Free Software Foundation. See the file LICENSE.html for more information.
12   * 
13   * This program is distributed in the hope that it will be useful, but WITHOUT
14   * ANY WARRANTY, including the implied warranty of MERCHANTABILITY or FITNESS
15   * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
16   * 
17   * You should have received a copy of the GNU General Public License along with
18   * this program; if not, write to the Free Software Foundation, Inc. / 59 Temple
19   * Place, Suite 330 / Boston, MA 02111-1307 / USA.
20   *
21   * ===============================================================================
22   */
23  
24  package org.infoglue.cms.security;
25  
26  import java.io.Serializable  ;
27  import java.util.ArrayList  ;
28  import java.util.Collection  ;
29  import java.util.Collections  ;
30  import java.util.Hashtable  ;
31  import java.util.Iterator  ;
32  import java.util.List  ;
33  import java.util.Properties  ;
34  
35  import javax.naming.Context  ;
36  import javax.naming.NamingEnumeration  ;
37  import javax.naming.NamingException  ;
38  import javax.naming.directory.Attribute  ;
39  import javax.naming.directory.Attributes  ;
40  import javax.naming.directory.DirContext  ;
41  import javax.naming.directory.InitialDirContext  ;
42  import javax.naming.directory.SearchControls  ;
43  import javax.naming.directory.SearchResult  ;
44  
45  import org.apache.log4j.Logger;
46  import org.exolab.castor.jdo.Database;
47  import org.infoglue.cms.controllers.kernel.impl.simple.CastorDatabaseService;
48  import org.infoglue.cms.controllers.kernel.impl.simple.GroupController;
49  import org.infoglue.cms.controllers.kernel.impl.simple.RoleController;
50  import org.infoglue.cms.controllers.kernel.impl.simple.SystemUserController;
51  import org.infoglue.cms.entities.kernel.BaseEntityVO;
52  import org.infoglue.cms.entities.management.Group;
53  import org.infoglue.cms.entities.management.GroupVO;
54  import org.infoglue.cms.entities.management.Role;
55  import org.infoglue.cms.entities.management.RoleVO;
56  import org.infoglue.cms.entities.management.SystemUser;
57  import org.infoglue.cms.entities.management.SystemUserVO;
58  import org.infoglue.cms.exception.SystemException;
59  import org.infoglue.cms.util.CmsPropertyHandler;
60  import org.infoglue.cms.util.sorters.ReflectionComparator;
61  
62  /**
63   * @author Mattias Bogeblad
64   *
65   * This authorization module works firstly against an JNDI source and second against the ordinary infoglue database.
66   */
67  
68  public class CombinedJNDIBasicAuthorizationModule implements AuthorizationModule, Serializable  
69  {
70      private final static Logger logger = Logger.getLogger(CombinedJNDIBasicAuthorizationModule.class.getName());
71  
72      protected Properties   extraProperties = null;
73      private Database transactionObject  = null;
74  
75      private AuthorizationModule mainAuthorizationModule = null;
76      private AuthorizationModule authorizationModule = null;
77  
78      private AuthorizationModule getMainAuthorizationModule() throws SystemException
79      {
80          try
81          {
82              logger.info("InfoGlueAuthenticationFilter.authorizerClass:" + JNDIBasicAuthorizationModule.class.getName());
83              authorizationModule = (AuthorizationModule)Class.forName(JNDIBasicAuthorizationModule.class.getName()).newInstance();
84              logger.info("authorizationModule:" + authorizationModule);
85              authorizationModule.setExtraProperties(this.extraProperties);
86              authorizationModule.setTransactionObject(this.getTransactionObject());
87              //logger.info("InfoGlueAuthenticationFilter.extraProperties:" + this.extraProperties);
88          }
89          catch(Exception   e)
90          {
91              logger.error("There was an error initializing the authorizerClass:" + e.getMessage(), e);
92              throw new SystemException("There was an error initializing the authorizerClass:" + e.getMessage(), e);
93          }
94         
95          return authorizationModule;
96      }
97  
98      private AuthorizationModule getFallbackAuthorizationModule() throws SystemException
99      {
100         try
101         {
102             logger.info("InfoGlueAuthenticationFilter.authorizerClass:" + InfoGlueBasicAuthorizationModule.class.getName());
103             authorizationModule = (AuthorizationModule)Class.forName(InfoGlueBasicAuthorizationModule.class.getName()).newInstance();
104             logger.info("authorizationModule:" + authorizationModule);
105             authorizationModule.setExtraProperties(this.extraProperties);
106             authorizationModule.setTransactionObject(this.getTransactionObject());
107             //logger.info("InfoGlueAuthenticationFilter.extraProperties:" + this.extraProperties);
108         }
109         catch(Exception   e)
110         {
111             logger.error("There was an error initializing the authorizerClass:" + e.getMessage(), e);
112             throw new SystemException("There was an error initializing the authorizerClass:" + e.getMessage(), e);
113         }
114        
115         return authorizationModule;
116     }
117 
118     /**
119      * Gets an authorized InfoGluePrincipal. If the user has logged in with the root-account
120      * we immediately return - otherwise we populate it.
121      */
122     
123     public InfoGluePrincipal getAuthorizedInfoGluePrincipal(String   userName) throws Exception  
124     {
125         InfoGluePrincipal infogluePrincipal = null;
126         
127         try
128         {
129             infogluePrincipal = getMainAuthorizationModule().getAuthorizedInfoGluePrincipal(userName);
130         }
131         catch(Exception   e)
132         {
133         }
134 
135         if(infogluePrincipal == null)
136             infogluePrincipal = getFallbackAuthorizationModule().getAuthorizedInfoGluePrincipal(userName);
137 
138         return infogluePrincipal;
139     }
140 
141     /**
142      * Gets an authorized InfoGlueRole.
143      */
144 
145     public InfoGlueRole getAuthorizedInfoGlueRole(String   roleName) throws Exception  
146     {
147         InfoGlueRole role = null;
148         
149         try
150         {
151             role = getMainAuthorizationModule().getAuthorizedInfoGlueRole(roleName);
152         }
153         catch(Exception   e)
154         {
155         }
156 
157         if(role == null)
158             role = getFallbackAuthorizationModule().getAuthorizedInfoGlueRole(roleName);
159         
160         return role;
161     }
162 
163     /**
164      * Gets an authorized InfoGlueGroup.
165      */
166 
167     public InfoGlueGroup getAuthorizedInfoGlueGroup(String   groupName) throws Exception  
168     {
169         InfoGlueGroup group = null;
170 
171         try
172         {
173             group = getMainAuthorizationModule().getAuthorizedInfoGlueGroup(groupName);
174         }
175         catch(Exception   e)
176         {
177         }
178 
179         if(group == null)
180             group = getFallbackAuthorizationModule().getAuthorizedInfoGlueGroup(groupName);
181 
182         return group;
183     }
184 
185     
186     /**
187      * This method gets a users roles
188      */
189 
190     public List   authorizeUser(String   userName) throws Exception  
191     {
192         List   roles = new ArrayList  ();
193         
194         try
195         {
196             roles.addAll(getMainAuthorizationModule().authorizeUser(userName));
197         }       
198         catch(Exception   e)
199         {
200         }
201 
202         try
203         {
204             roles.addAll(getFallbackAuthorizationModule().authorizeUser(userName));
205         }       
206         catch(Exception   e)
207         {
208         }
209 
210         return roles;
211     }
212 
213     
214     /**
215      * This method gets a list of roles
216      */
217     
218     public List   getRoles() throws Exception  
219     {
220         List   roles = new ArrayList  ();
221 
222         try
223         {
224             roles.addAll(getMainAuthorizationModule().getRoles());
225         }       
226         catch(Exception   e)
227         {
228         }
229 
230         try
231         {
232             roles.addAll(getFallbackAuthorizationModule().getRoles());
233         }       
234         catch(Exception   e)
235         {
236         }
237         
238         Collections.sort(roles, new ReflectionComparator("name"));
239 
240         return roles;
241     }
242 
243     /**
244      * This method gets a list of groups
245      */
246 
247     public List   getGroups() throws Exception  
248     {
249         List   groups = new ArrayList  ();
250 
251         try
252         {
253             groups.addAll(getMainAuthorizationModule().getGroups());
254         }       
255         catch(Exception   e)
256         {
257         }
258 
259         try
260         {
261             groups.addAll(getFallbackAuthorizationModule().getGroups());
262         }       
263         catch(Exception   e)
264         {
265         }
266         
267         Collections.sort(groups, new ReflectionComparator("name"));
268 
269         return groups;
270     }
271     
272     /**
273      * This method gets a list of users
274      */
275 
276     public List   getUsers() throws Exception  
277     {
278         List   users = new ArrayList  ();
279         
280         try
281         {
282             users.addAll(getMainAuthorizationModule().getUsers());
283         }       
284         catch(Exception   e)
285         {
286         }
287 
288         try
289         {
290             users.addAll(getFallbackAuthorizationModule().getUsers());
291         }       
292         catch(Exception   e)
293         {
294         }
295         
296         Collections.sort(users, new ReflectionComparator("name"));
297 
298         return users;
299     }
300 /*
301     public List getFilteredUsers(String firstName, String lastName, String userName, String email, String[] roleIds) throws Exception
302     {
303         throw new Exception("Unsupported operation");
304         //return null;
305     }
306 */
307     
308     public List   getUsers(String   roleName) throws Exception  
309     {
310         return getRoleUsers(roleName);
311     }
312 
313     public List   getRoleUsers(String   roleName) throws Exception  
314     {
315         List   users = new ArrayList  ();
316         
317         InfoGlueRole role = getAuthorizedInfoGlueRole(roleName);
318         
319         users.addAll(role.getAutorizationModule().getRoleUsers(roleName));
320         
321         return users;
322     }
323 
324     public List   getGroupUsers(String   groupName) throws Exception  
325     {
326         List   users = new ArrayList  ();
327         
328         InfoGlueGroup group = getAuthorizedInfoGlueGroup(groupName);
329 
330         users.addAll(group.getAutorizationModule().getGroupUsers(groupName));
331         
332         return users;
333     }
334 
335     
336     public void createInfoGluePrincipal(SystemUserVO systemUserVO) throws Exception  
337     {       
338         getFallbackAuthorizationModule().createInfoGluePrincipal(systemUserVO);
339     }
340 
341     public void updateInfoGluePrincipal(SystemUserVO systemUserVO, String  [] roleNames, String  [] groupNames) throws Exception  
342     {
343         InfoGluePrincipal principal = getAuthorizedInfoGluePrincipal(systemUserVO.getUserName());
344         
345         principal.getAutorizationModule().updateInfoGluePrincipal(systemUserVO, roleNames, groupNames);
346     }
347 
348     /**
349      * This method is used to send out a newpassword to an existing users.  
350      */
351 
352     public void updateInfoGluePrincipalPassword(String   userName) throws Exception  
353     {
354         InfoGluePrincipal principal = getAuthorizedInfoGluePrincipal(userName);
355         
356         principal.getAutorizationModule().updateInfoGluePrincipalPassword(userName);
357     }
358     
359     /**
360      * This method is used to let a user update his password by giving his/her old one first.  
361      */
362 
363     public void updateInfoGluePrincipalPassword(String   userName, String   oldPassword, String   newPassword) throws Exception  
364     {
365         InfoGluePrincipal principal = getAuthorizedInfoGluePrincipal(userName);
366         
367         principal.getAutorizationModule().updateInfoGluePrincipalPassword(userName, oldPassword, newPassword);
368     }
369     
370     public void deleteInfoGluePrincipal(String   userName) throws Exception  
371     {
372         InfoGluePrincipal principal = getAuthorizedInfoGluePrincipal(userName);
373         
374         principal.getAutorizationModule().deleteInfoGluePrincipal(userName);
375     }
376 
377     public void createInfoGlueRole(RoleVO roleVO) throws Exception  
378     {
379         getFallbackAuthorizationModule().createInfoGlueRole(roleVO);
380     }
381 
382     public void deleteInfoGlueRole(String   roleName) throws Exception  
383     {
384         InfoGlueRole role = getAuthorizedInfoGlueRole(roleName);
385 
386         role.getAutorizationModule().deleteInfoGlueRole(roleName);
387     }
388 
389     public void updateInfoGlueRole(RoleVO roleVO, String  [] userNames) throws Exception  
390     {
391         InfoGlueRole role = getAuthorizedInfoGlueRole(roleVO.getRoleName());
392         
393         role.getAutorizationModule().updateInfoGlueRole(roleVO, userNames);
394     }
395 
396     public void createInfoGlueGroup(GroupVO groupVO) throws Exception  
397     {
398         getFallbackAuthorizationModule().createInfoGlueGroup(groupVO);
399     }
400 
401     public void deleteInfoGlueGroup(String   groupName) throws Exception  
402     {
403         InfoGlueGroup group = getAuthorizedInfoGlueGroup(groupName);
404 
405         group.getAutorizationModule().deleteInfoGlueGroup(groupName);
406     }
407 
408     public void updateInfoGlueGroup(GroupVO groupVO, String  [] userNames) throws Exception  
409     {
410         InfoGlueGroup group = getAuthorizedInfoGlueGroup(groupVO.getGroupName());
411         
412         group.getAutorizationModule().updateInfoGlueGroup(groupVO, userNames);
413     }
414 
415     public boolean getSupportUpdate()
416     {
417         return true;
418     }
419 
420     public boolean getSupportDelete()
421     {
422         return true;
423     }
424 
425     public boolean getSupportCreate()
426     {
427         return true;
428     }
429 
430     public List   getFilteredUsers(String   firstName, String   lastName, String   userName, String   email, String  [] roleIds) throws Exception  
431     {
432         return null;
433     }
434 
435     public Properties   getExtraProperties()
436     {
437         return this.extraProperties;
438     }
439 
440     public void setExtraProperties(Properties   properties)
441     {
442         this.extraProperties = properties;
443     }
444 
445     public void setTransactionObject(Object   transactionObject)
446     {
447         this.transactionObject = (Database)transactionObject;
448     }
449 
450     public Object   getTransactionObject()
451     {
452         return this.transactionObject;
453     }
454 
455 }
456
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags