KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > mmbase > security > Authentication


1 /*
2
3 This software is OSI Certified Open Source Software.
4 OSI Certified is a certification mark of the Open Source Initiative.
5
6 The license (Mozilla version 1.0) can be read at the MMBase site.
7 See http://www.MMBase.org/license
8
9 */

10 package org.mmbase.security;
11
12 import java.util.Map JavaDoc;
13
14 import org.mmbase.util.functions.*;
15
16 import org.mmbase.util.logging.Logger;
17 import org.mmbase.util.logging.Logging;
18
19 /**
20  * This class is a abstract implementation of the Authentication.
21  *
22  * To make your own implementation of authentication, you have to extend this class.
23  *
24  * @author Eduard Witteveen
25  * @author Michiel Meeuwissen (javadocs)
26  * @version $Id: Authentication.java,v 1.34 2006/01/17 21:25:28 michiel Exp $
27  */

28 public abstract class Authentication extends Configurable implements AuthenticationData {
29     private static final Logger log = Logging.getLoggerInstance(Authentication.class);
30
31     static {
32         try {
33             PARAMETER_USERNAME.getLocalizedDescription().setBundle(STRINGS);
34             PARAMETER_PASSWORD.getLocalizedDescription().setBundle(STRINGS);
35             PARAMETER_USERNAMES.getLocalizedDescription().setBundle(STRINGS);
36             PARAMETER_RANK.getLocalizedDescription().setBundle(STRINGS);
37             PARAMETER_SESSIONNAME.getLocalizedDescription().setBundle(STRINGS);
38             PARAMETER_LOGOUT.getLocalizedDescription().setBundle(STRINGS);
39             PARAMETER_AUTHENTICATE.getLocalizedDescription().setBundle(STRINGS);
40         } catch (Exception JavaDoc e) {
41             log.error(e);
42         }
43     }
44
45
46     /**
47      * This method will verify the login, and give a UserContext back if the login procedure was successful.
48      * @param application A String that further specifies the login method (one implementation could handle more then one methods)
49      * A typical value might be 'username/password'.
50      *
51      * @param loginInfo A Map containing the credentials or other objects which might be used to obtain them (e.g. request/response objects).
52      * It might also be 'null', in which case your implementation normally should return the 'anonymous' user (or null, if
53      * no such user can be defined).
54      *
55      * @param parameters A list of optional parameters, may also (and will often) be null.
56      *
57      * @return <code>null</code if no valid credentials were supplied, a (perhaps new) UserContext if login succeeded.
58      *
59      * @exception SecurityException When something strang happened
60      */

61     public abstract UserContext login(String JavaDoc application, Map JavaDoc loginInfo, Object JavaDoc[] parameters) throws SecurityException JavaDoc;
62
63     /**
64      * @since MMBase-1.8
65      */

66     public int getMethod(String JavaDoc m) {
67         if (m == null || m.equals("")) {
68             return METHOD_UNSET;
69         }
70         m = m.toLowerCase();
71         if ("http".equals(m)) {
72             return METHOD_HTTP;
73         } else if ("asis".equals(m)) {
74             return METHOD_ASIS;
75         } else if ("anonymous".equals(m)) {
76             return METHOD_ANONYMOUS;
77         } else if ("logout".equals(m)) {
78             return METHOD_LOGOUT;
79         } else if ("loginpage".equals(m)) {
80             return METHOD_LOGINPAGE;
81         } else if ("delegate".equals(m)) {
82             return METHOD_DELEGATE;
83         } else if ("sessiondelegate".equals(m)) {
84             return METHOD_SESSIONDELEGATE;
85         } else if ("pagelogon".equals(m)) {
86             return METHOD_PAGELOGON;
87         } else if ("sessionlogon".equals(m)) {
88             return METHOD_SESSIONLOGON;
89         } else if ("default".equals(m)) {
90             return METHOD_DEFAULT;
91             //} else if ("given_or_anonymous".equals(m)) {
92
// return METHOD_GIVEN_OR_ANONYMOUS;
93
} else {
94             throw new RuntimeException JavaDoc("Unknown value for 'method' attribute (" + m + ")");
95         }
96     }
97
98     /**
99      * {@inheritDoc}
100      * @since MMBase-1.8
101      */

102     public int getDefaultMethod(String JavaDoc protocol) {
103         if (protocol == null || protocol.substring(0, 4).equalsIgnoreCase("HTTP")) {
104             return METHOD_HTTP;
105         } else {
106             return METHOD_DELEGATE; // leave it completely to the implementation. (using the 'class' application or the request object or so)
107
}
108     }
109
110     /**
111      * {@inheritDoc}
112      * @since MMBase-1.8
113      */

114     public String JavaDoc[] getTypes() {
115         return getTypes(METHOD_UNSET);
116     }
117     /**
118      * {@inheritDoc}
119      * @since MMBase-1.8
120      */

121     public String JavaDoc[] getTypes(int method) {
122         if (method == METHOD_ASIS) {
123             return new String JavaDoc[] {"anonymous", "name/password", "class"};
124         } else {
125             return new String JavaDoc[] {"name/password", "class"};
126         }
127     }
128
129     protected static final Parameter[] PARAMETERS_USERS = new Parameter[] { PARAMETER_USERNAMES, PARAMETER_RANK };
130     protected static final Parameter[] PARAMETERS_ANONYMOUS = new Parameter[] { PARAMETER_LOGOUT, PARAMETER_AUTHENTICATE};
131     protected static final Parameter[] PARAMETERS_NAME_PASSWORD = new Parameter[] { PARAMETER_USERNAME, PARAMETER_PASSWORD, new Parameter.Wrapper(PARAMETERS_USERS) };
132
133     public Parameters createParameters(String JavaDoc application) {
134         application = application.toLowerCase();
135         if ("anonymous".equals(application)) {
136             return new Parameters(PARAMETERS_ANONYMOUS);
137         } else if ("class".equals(application)) {
138             return Parameters.VOID;
139         } else if ("name/password".equals(application)) {
140             return new Parameters(PARAMETERS_NAME_PASSWORD);
141         } else {
142             return new AutodefiningParameters();
143         }
144     }
145
146     long key = System.currentTimeMillis();
147
148     /**
149      * Some unique key associated with this security configuration. It can be explicitely set with
150      * the 'key' entry in security.xml. It falls back to the current time in millis at the time of
151      * initialization of authentication.
152      *
153      * @since MMBase-1.8
154      */

155     public long getKey() {
156         return key;
157     }
158 }
159
Popular Tags