KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > web > tomcat > tc5 > sso > SingleSignOnEntry


1 /*
2  * JBoss, the OpenSource WebOS
3  *
4  * Distributable under LGPL license.
5  * See terms of license at gnu.org.
6  */

7 package org.jboss.web.tomcat.tc5.sso;
8
9 import java.security.Principal JavaDoc;
10
11 import org.apache.catalina.Session;
12 import org.apache.catalina.authenticator.Constants;
13 import org.apache.catalina.authenticator.SingleSignOn;
14
15 /**
16  * A class that represents entries in the cache of authenticated users.
17  *
18  * @author Brian E. Stansberry, based on work by Craig R. McClanahan
19  * @version $Revision: 1.3 $ $Date: 2004/09/13 00:08:30 $
20  * @see SingleSignOn
21  */

22 class SingleSignOnEntry
23 {
24    // ------------------------------------------------------ Instance Fields
25

26    private String JavaDoc authType = null;
27
28    private String JavaDoc password = null;
29
30    private Principal JavaDoc principal = null;
31
32    private Session sessions[] = new Session[0];
33
34    private String JavaDoc username = null;
35
36    private boolean canReauthenticate = false;
37
38    // --------------------------------------------------------- Constructors
39

40    /**
41     * Creates a new SingleSignOnEntry
42     *
43     * @param principal the <code>Principal</code> returned by the latest
44     * call to <code>Realm.authenticate</code>.
45     * @param authType the type of authenticator used (BASIC, CLIENT-CERT,
46     * DIGEST or FORM)
47     * @param username the username (if any) used for the authentication
48     * @param password the password (if any) used for the authentication
49     */

50    SingleSignOnEntry(Principal JavaDoc principal, String JavaDoc authType,
51       String JavaDoc username, String JavaDoc password)
52    {
53       updateCredentials(principal, authType, username, password);
54    }
55
56    // ------------------------------------------------------- Package Methods
57

58    /**
59     * Adds a <code>Session</code> to the list of those associated with
60     * this SSO.
61     *
62     * @param sso The <code>SingleSignOn</code> valve that is managing
63     * the SSO session.
64     * @param session The <code>Session</code> being associated with the SSO.
65     * @return <code>true</code> if the given Session was a new addition (i.e.
66     * was not previously associated with this entry);
67     * <code>false</code> otherwise.
68     */

69    synchronized boolean addSession(SingleSignOn sso, Session session)
70    {
71       for (int i = 0; i < sessions.length; i++)
72       {
73          if (session == sessions[i])
74             return false;
75       }
76       Session results[] = new Session[sessions.length + 1];
77       System.arraycopy(sessions, 0, results, 0, sessions.length);
78       results[sessions.length] = session;
79       sessions = results;
80       session.addSessionListener(sso);
81       return true;
82    }
83
84    /**
85     * Removes the given <code>Session</code> from the list of those
86     * associated with this SSO.
87     *
88     * @param session the <code>Session</code> to remove.
89     * @return <code>true</code> if the given Session needed to be removed
90     * (i.e. was in fact previously associated with this entry);
91     * <code>false</code> otherwise.
92     */

93    synchronized boolean removeSession(Session session)
94    {
95       if (sessions.length == 0)
96          return false;
97
98       boolean removed = false;
99       Session[] nsessions = new Session[sessions.length - 1];
100       for (int i = 0, j = 0; i < sessions.length; i++)
101       {
102          if (session == sessions[i])
103          {
104             removed = true;
105             continue;
106          }
107          else if (!removed && i == nsessions.length)
108          {
109             // We have tested all our sessions, and have not had to
110
// remove any; break loop now so we don't cause an
111
// ArrayIndexOutOfBounds on nsessions
112
break;
113          }
114          nsessions[j++] = sessions[i];
115       }
116       sessions = nsessions;
117       // Only if we removed a session, do we replace our session list
118
if (removed)
119          sessions = nsessions;
120       return removed;
121    }
122
123    /**
124     * Returns the <code>Session</code>s associated with this SSO.
125     */

126    synchronized Session[] findSessions()
127    {
128       return (this.sessions);
129    }
130
131    /**
132     * Gets the name of the authentication type originally used to authenticate
133     * the user associated with the SSO.
134     *
135     * @return "BASIC", "CLIENT-CERT", "DIGEST", "FORM" or "NONE"
136     */

137    String JavaDoc getAuthType()
138    {
139       return (this.authType);
140    }
141
142    /**
143     * Gets whether the authentication type associated with the original
144     * authentication supports reauthentication.
145     *
146     * @return <code>true</code> if <code>getAuthType</code> returns
147     * "BASIC" or "FORM", <code>false</code> otherwise.
148     */

149    boolean getCanReauthenticate()
150    {
151       return (this.canReauthenticate);
152    }
153
154    /**
155     * Gets the password credential (if any) associated with the SSO.
156     *
157     * @return the password credential associated with the SSO, or
158     * <code>null</code> if the original authentication type
159     * does not involve a password.
160     */

161    String JavaDoc getPassword()
162    {
163       return (this.password);
164    }
165
166    /**
167     * Gets the <code>Principal</code> that has been authenticated by
168     * the SSO.
169     * <p/>
170     * <b>NOTE: </b> May return <code>null</code> if this object was
171     * retrieved via a lookup from another node in a cluster. Interface
172     * <code>Principal</code> does not extend <code>Serializable</code>,
173     * so a <code>SingleSignOnEntry</code>'s principal member cannot be
174     * serialized as part of SSO management in a cluster. A
175     * <code>Principal</code> cannot be bound to a
176     * <code>SingleSignOnEntry</code> until the SSO has been authenticated
177     * by the local node.
178     *
179     * @return The <code>Principal</code> that has been authenticated by
180     * the local SSO, or <code>null</code> if no authentication
181     * has been performed yet in this cluster node.
182     */

183    Principal JavaDoc getPrincipal()
184    {
185       return (this.principal);
186    }
187
188    /**
189     * Sets the <code>Principal</code> that has been authenticated by
190     * the SSO.
191     */

192    void setPrincipal(Principal JavaDoc principal)
193    {
194       this.principal = principal;
195    }
196
197    /**
198     * Returns the number of sessions associated with this SSO, either
199     * locally or remotely.
200     */

201    int getSessionCount()
202    {
203       return (sessions.length);
204    }
205
206    /**
207     * Gets the username provided by the user as part of the authentication
208     * process.
209     */

210    String JavaDoc getUsername()
211    {
212       return (this.username);
213    }
214
215
216    /**
217     * Updates the SingleSignOnEntry to reflect the latest security
218     * information associated with the caller.
219     *
220     * @param principal the <code>Principal</code> returned by the latest
221     * call to <code>Realm.authenticate</code>.
222     * @param authType the type of authenticator used (BASIC, CLIENT-CERT,
223     * DIGEST or FORM)
224     * @param username the username (if any) used for the authentication
225     * @param password the password (if any) used for the authentication
226     */

227    synchronized boolean updateCredentials(Principal JavaDoc principal, String JavaDoc authType,
228       String JavaDoc username, String JavaDoc password)
229    {
230
231       boolean changed =
232          (safeEquals(this.principal, principal)
233          || safeEquals(this.authType, authType)
234          || safeEquals(this.username, username)
235          || safeEquals(this.password, password));
236
237       this.principal = principal;
238       this.authType = authType;
239       this.username = username;
240       this.password = password;
241       this.canReauthenticate =
242          (Constants.BASIC_METHOD.equals(authType)
243          || Constants.FORM_METHOD.equals(authType));
244       return changed;
245    }
246
247    // ------------------------------------------------------- Private Methods
248

249    private boolean safeEquals(Object JavaDoc a, Object JavaDoc b)
250    {
251       return ((a == b)
252          || (a != null && a.equals(b))
253          || (b != null && b.equals(a)));
254    }
255 }
Popular Tags