KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > axis > handlers > SimpleAuthenticationHandler


1 /*
2  * The Apache Software License, Version 1.1
3  *
4  *
5  * Copyright (c) 2001-2003 The Apache Software Foundation. All rights
6  * reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  * notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  * notice, this list of conditions and the following disclaimer in
17  * the documentation and/or other materials provided with the
18  * distribution.
19  *
20  * 3. The end-user documentation included with the redistribution,
21  * if any, must include the following acknowledgment:
22  * "This product includes software developed by the
23  * Apache Software Foundation (http://www.apache.org/)."
24  * Alternately, this acknowledgment may appear in the software itself,
25  * if and wherever such third-party acknowledgments normally appear.
26  *
27  * 4. The names "Axis" and "Apache Software Foundation" must
28  * not be used to endorse or promote products derived from this
29  * software without prior written permission. For written
30  * permission, please contact apache@apache.org.
31  *
32  * 5. Products derived from this software may not be called "Apache",
33  * nor may "Apache" appear in their name, without prior written
34  * permission of the Apache Software Foundation.
35  *
36  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
37  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
38  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
39  * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
40  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
42  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
43  * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
44  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
45  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
46  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
47  * SUCH DAMAGE.
48  * ====================================================================
49  *
50  * This software consists of voluntary contributions made by many
51  * individuals on behalf of the Apache Software Foundation. For more
52  * information on the Apache Software Foundation, please see
53  * <http://www.apache.org/>.
54  */
55
56 package org.jboss.axis.handlers;
57
58 import org.jboss.axis.AxisFault;
59 import org.jboss.axis.MessageContext;
60 import org.jboss.axis.security.AuthenticatedUser;
61 import org.jboss.axis.security.SecurityProvider;
62 import org.jboss.axis.security.simple.SimpleSecurityProvider;
63 import org.jboss.axis.utils.Messages;
64 import org.jboss.logging.Logger;
65
66
67 /**
68  * Just a simple Authentication Handler to see if the user
69  * specified in the Bag in the MessageContext is allowed to continue.
70  * <p/>
71  * Just look for 'user' and 'password' in a file called 'users.lst'.
72  * <p/>
73  * Replace this with your 'real' authenication code.
74  *
75  * @author Doug Davis (dug@us.ibm.com)
76  * @author Sam Ruby (rubys@us.ibm.com)
77  */
78 public class SimpleAuthenticationHandler extends BasicHandler
79 {
80    private static Logger log = Logger.getLogger(SimpleAuthenticationHandler.class.getName());
81
82    /**
83     * Authenticate the user and password from the msgContext
84     */
85    public void invoke(MessageContext msgContext) throws AxisFault
86    {
87       if (log.isDebugEnabled())
88       {
89          log.debug("Enter: SimpleAuthenticationHandler::invoke");
90       }
91
92       SecurityProvider provider = (SecurityProvider)msgContext.getProperty(MessageContext.SECURITY_PROVIDER);
93       if (provider == null)
94       {
95          provider = new SimpleSecurityProvider();
96          msgContext.setProperty(MessageContext.SECURITY_PROVIDER, provider);
97       }
98
99       if (provider != null)
100       {
101          String JavaDoc userID = msgContext.getUsername();
102          if (log.isDebugEnabled())
103          {
104             log.debug(Messages.getMessage("user00", userID));
105          }
106
107          // in order to authenticate, the user must exist
108 if (userID == null || userID.equals(""))
109             throw new AxisFault("Server.Unauthenticated",
110                     Messages.getMessage("cantAuth00", userID),
111                     null, null);
112
113          String JavaDoc passwd = msgContext.getPassword();
114          if (log.isDebugEnabled())
115          {
116             log.debug(Messages.getMessage("password00", passwd));
117          }
118
119          AuthenticatedUser authUser = provider.authenticate(msgContext);
120
121          // if a password is defined, then it must match
122 if (authUser == null)
123             throw new AxisFault("Server.Unauthenticated",
124                     Messages.getMessage("cantAuth01", userID),
125                     null, null);
126
127          if (log.isDebugEnabled())
128          {
129             log.debug(Messages.getMessage("auth00", userID));
130          }
131
132          msgContext.setProperty(MessageContext.AUTHUSER, authUser);
133       }
134
135       if (log.isDebugEnabled())
136       {
137          log.debug("Exit: SimpleAuthenticationHandler::invoke");
138       }
139    }
140 }
141
142 ;
143
Popular Tags