KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > web > tomcat > tc6 > sso > SingleSignOnEntry


1 /*
2  * Copyright 1999-2001,2004 The Apache Software Foundation.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */

16 package org.jboss.web.tomcat.tc6.sso;
17
18 import java.security.Principal JavaDoc;
19
20 import org.apache.catalina.Session;
21 import org.apache.catalina.authenticator.Constants;
22 import org.apache.catalina.authenticator.SingleSignOn;
23
24 /**
25  * A class that represents entries in the cache of authenticated users.
26  *
27  * @author Brian E. Stansberry, based on work by Craig R. McClanahan
28  * @version $Revision: 45726 $ $Date: 2006-06-21 15:50:00 -0400 (Wed, 21 Jun 2006) $
29  * @see SingleSignOn
30  */

31 class SingleSignOnEntry
32 {
33    // ------------------------------------------------------ Instance Fields
34

35    private String JavaDoc authType = null;
36
37    private String JavaDoc password = null;
38
39    private Principal JavaDoc principal = null;
40
41    private Session sessions[] = new Session[0];
42
43    private String JavaDoc username = null;
44
45    private boolean canReauthenticate = false;
46
47    // --------------------------------------------------------- Constructors
48

49    /**
50     * Creates a new SingleSignOnEntry
51     *
52     * @param principal the <code>Principal</code> returned by the latest
53     * call to <code>Realm.authenticate</code>.
54     * @param authType the type of authenticator used (BASIC, CLIENT-CERT,
55     * DIGEST or FORM)
56     * @param username the username (if any) used for the authentication
57     * @param password the password (if any) used for the authentication
58     */

59    SingleSignOnEntry(Principal JavaDoc principal, String JavaDoc authType,
60       String JavaDoc username, String JavaDoc password)
61    {
62       updateCredentials(principal, authType, username, password);
63    }
64
65    // ------------------------------------------------------- Package Methods
66

67    /**
68     * Adds a <code>Session</code> to the list of those associated with
69     * this SSO.
70     *
71     * @param sso The <code>SingleSignOn</code> valve that is managing
72     * the SSO session.
73     * @param session The <code>Session</code> being associated with the SSO.
74     * @return <code>true</code> if the given Session was a new addition (i.e.
75     * was not previously associated with this entry);
76     * <code>false</code> otherwise.
77     */

78    synchronized boolean addSession(SingleSignOn sso, Session session)
79    {
80       for (int i = 0; i < sessions.length; i++)
81       {
82          if (session == sessions[i])
83             return false;
84       }
85       Session results[] = new Session[sessions.length + 1];
86       System.arraycopy(sessions, 0, results, 0, sessions.length);
87       results[sessions.length] = session;
88       sessions = results;
89       session.addSessionListener(sso);
90       return true;
91    }
92
93    /**
94     * Removes the given <code>Session</code> from the list of those
95     * associated with this SSO.
96     *
97     * @param session the <code>Session</code> to remove.
98     * @return <code>true</code> if the given Session needed to be removed
99     * (i.e. was in fact previously associated with this entry);
100     * <code>false</code> otherwise.
101     */

102    synchronized boolean removeSession(Session session)
103    {
104       if (sessions.length == 0)
105          return false;
106
107       boolean removed = false;
108       Session[] nsessions = new Session[sessions.length - 1];
109       for (int i = 0, j = 0; i < sessions.length; i++)
110       {
111          if (session == sessions[i])
112          {
113             removed = true;
114             continue;
115          }
116          else if (!removed && i == nsessions.length)
117          {
118             // We have tested all our sessions, and have not had to
119
// remove any; break loop now so we don't cause an
120
// ArrayIndexOutOfBounds on nsessions
121
break;
122          }
123          nsessions[j++] = sessions[i];
124       }
125       sessions = nsessions;
126       // Only if we removed a session, do we replace our session list
127
if (removed)
128          sessions = nsessions;
129       return removed;
130    }
131
132    /**
133     * Returns the <code>Session</code>s associated with this SSO.
134     */

135    synchronized Session[] findSessions()
136    {
137       return (this.sessions);
138    }
139
140    /**
141     * Gets the name of the authentication type originally used to authenticate
142     * the user associated with the SSO.
143     *
144     * @return "BASIC", "CLIENT-CERT", "DIGEST", "FORM" or "NONE"
145     */

146    String JavaDoc getAuthType()
147    {
148       return (this.authType);
149    }
150
151    /**
152     * Gets whether the authentication type associated with the original
153     * authentication supports reauthentication.
154     *
155     * @return <code>true</code> if <code>getAuthType</code> returns
156     * "BASIC" or "FORM", <code>false</code> otherwise.
157     */

158    boolean getCanReauthenticate()
159    {
160       return (this.canReauthenticate);
161    }
162
163    /**
164     * Gets the password credential (if any) associated with the SSO.
165     *
166     * @return the password credential associated with the SSO, or
167     * <code>null</code> if the original authentication type
168     * does not involve a password.
169     */

170    String JavaDoc getPassword()
171    {
172       return (this.password);
173    }
174
175    /**
176     * Gets the <code>Principal</code> that has been authenticated by
177     * the SSO.
178     * <p/>
179     * <b>NOTE: </b> May return <code>null</code> if this object was
180     * retrieved via a lookup from another node in a cluster. Interface
181     * <code>Principal</code> does not extend <code>Serializable</code>,
182     * so a <code>SingleSignOnEntry</code>'s principal member cannot be
183     * serialized as part of SSO management in a cluster. A
184     * <code>Principal</code> cannot be bound to a
185     * <code>SingleSignOnEntry</code> until the SSO has been authenticated
186     * by the local node.
187     *
188     * @return The <code>Principal</code> that has been authenticated by
189     * the local SSO, or <code>null</code> if no authentication
190     * has been performed yet in this cluster node.
191     */

192    Principal JavaDoc getPrincipal()
193    {
194       return (this.principal);
195    }
196
197    /**
198     * Sets the <code>Principal</code> that has been authenticated by
199     * the SSO.
200     */

201    void setPrincipal(Principal JavaDoc principal)
202    {
203       this.principal = principal;
204    }
205
206    /**
207     * Returns the number of sessions associated with this SSO, either
208     * locally or remotely.
209     */

210    int getSessionCount()
211    {
212       return (sessions.length);
213    }
214
215    /**
216     * Gets the username provided by the user as part of the authentication
217     * process.
218     */

219    String JavaDoc getUsername()
220    {
221       return (this.username);
222    }
223
224
225    /**
226     * Updates the SingleSignOnEntry to reflect the latest security
227     * information associated with the caller.
228     *
229     * @param principal the <code>Principal</code> returned by the latest
230     * call to <code>Realm.authenticate</code>.
231     * @param authType the type of authenticator used (BASIC, CLIENT-CERT,
232     * DIGEST or FORM)
233     * @param username the username (if any) used for the authentication
234     * @param password the password (if any) used for the authentication
235     */

236    synchronized boolean updateCredentials(Principal JavaDoc principal, String JavaDoc authType,
237       String JavaDoc username, String JavaDoc password)
238    {
239
240       boolean changed =
241          (safeEquals(this.principal, principal)
242          || safeEquals(this.authType, authType)
243          || safeEquals(this.username, username)
244          || safeEquals(this.password, password));
245
246       this.principal = principal;
247       this.authType = authType;
248       this.username = username;
249       this.password = password;
250       this.canReauthenticate =
251          (Constants.BASIC_METHOD.equals(authType)
252          || Constants.FORM_METHOD.equals(authType));
253       return changed;
254    }
255
256    // ------------------------------------------------------- Private Methods
257

258    private boolean safeEquals(Object JavaDoc a, Object JavaDoc b)
259    {
260       return ((a == b)
261          || (a != null && a.equals(b))
262          || (b != null && b.equals(a)));
263    }
264 }
265
Popular Tags