Authentication


1   /*
2   
3   This software is OSI Certified Open Source Software.
4   OSI Certified is a certification mark of the Open Source Initiative.
5   
6   The license (Mozilla version 1.0) can be read at the MMBase site.
7   See http://www.MMBase.org/license
8   
9   */
10  package org.mmbase.security;
11  
12  import java.util.Map  ;
13  
14  import org.mmbase.util.functions.*;
15  
16  import org.mmbase.util.logging.Logger;
17  import org.mmbase.util.logging.Logging;
18  
19  /**
20   *  This class is a abstract implementation of the Authentication.
21   *
22   *  To make your own implementation of authentication, you have to extend this class.
23   *
24   * @author Eduard Witteveen
25   * @author Michiel Meeuwissen (javadocs)
26   * @version $Id: Authentication.java,v 1.34 2006/01/17 21:25:28 michiel Exp $
27   */
28  public abstract class Authentication extends Configurable implements AuthenticationData {
29      private static final Logger log = Logging.getLoggerInstance(Authentication.class);
30  
31      static {
32          try {
33              PARAMETER_USERNAME.getLocalizedDescription().setBundle(STRINGS);
34              PARAMETER_PASSWORD.getLocalizedDescription().setBundle(STRINGS);
35              PARAMETER_USERNAMES.getLocalizedDescription().setBundle(STRINGS);
36              PARAMETER_RANK.getLocalizedDescription().setBundle(STRINGS);
37              PARAMETER_SESSIONNAME.getLocalizedDescription().setBundle(STRINGS);
38              PARAMETER_LOGOUT.getLocalizedDescription().setBundle(STRINGS);
39              PARAMETER_AUTHENTICATE.getLocalizedDescription().setBundle(STRINGS);
40          } catch (Exception   e) {
41              log.error(e);
42          }
43      }
44  
45  
46      /**
47       *  This method will verify the login, and give a UserContext back if the login procedure was successful.
48       *  @param application A String that further specifies the login method (one implementation could handle more then one methods)
49       *                     A typical value might be 'username/password'.
50       *
51       *  @param loginInfo   A Map containing the credentials or other objects which might be used to obtain them (e.g. request/response objects).
52       *                     It might also be 'null', in which case your implementation normally should return the 'anonymous' user (or null, if
53       *                     no such user can be defined).
54       *
55       *  @param parameters  A list of optional parameters, may also (and will often) be null.
56       *
57       *  @return <code>null</code if no valid credentials were supplied,  a (perhaps new) UserContext if login succeeded.
58       *
59       *  @exception SecurityException When something strang happened
60       */
61      public abstract UserContext login(String   application, Map   loginInfo, Object  [] parameters) throws SecurityException  ;
62  
63      /**
64       * @since MMBase-1.8
65       */
66      public int getMethod(String   m) {
67          if (m == null || m.equals("")) {
68              return METHOD_UNSET;
69          }
70          m = m.toLowerCase();
71          if ("http".equals(m)) {
72              return METHOD_HTTP;
73          } else if ("asis".equals(m)) {
74              return METHOD_ASIS;
75          } else if ("anonymous".equals(m)) {
76              return METHOD_ANONYMOUS;
77          } else if ("logout".equals(m)) {
78              return METHOD_LOGOUT;
79          } else if ("loginpage".equals(m)) {
80              return METHOD_LOGINPAGE;
81          } else if ("delegate".equals(m)) {
82              return METHOD_DELEGATE;
83          } else if ("sessiondelegate".equals(m)) {
84              return METHOD_SESSIONDELEGATE;
85          } else if ("pagelogon".equals(m)) {
86              return METHOD_PAGELOGON;
87          } else if ("sessionlogon".equals(m)) {
88              return METHOD_SESSIONLOGON;
89          } else if ("default".equals(m)) {
90              return METHOD_DEFAULT;
91              //} else if ("given_or_anonymous".equals(m)) {
92              //    return METHOD_GIVEN_OR_ANONYMOUS;
93          } else {
94              throw new RuntimeException  ("Unknown value for 'method'  attribute (" + m + ")");
95          }
96      }
97  
98      /**
99       * {@inheritDoc}
100      * @since MMBase-1.8
101      */
102     public int getDefaultMethod(String   protocol) {
103         if (protocol == null || protocol.substring(0, 4).equalsIgnoreCase("HTTP")) {
104             return METHOD_HTTP;
105         } else {
106             return METHOD_DELEGATE; // leave it completely to the implementation. (using the 'class' application or the request object or so)
107         }
108     }
109 
110     /**
111      * {@inheritDoc}
112      * @since MMBase-1.8
113      */
114     public String  [] getTypes() {
115         return getTypes(METHOD_UNSET);
116     }
117     /**
118      * {@inheritDoc}
119      * @since MMBase-1.8
120      */
121     public String  [] getTypes(int method) {
122         if (method == METHOD_ASIS) {
123             return new String  [] {"anonymous", "name/password", "class"};
124         } else {
125             return new String  [] {"name/password", "class"};
126         }
127     }
128 
129     protected static final Parameter[] PARAMETERS_USERS         = new Parameter[] { PARAMETER_USERNAMES, PARAMETER_RANK };
130     protected static final Parameter[] PARAMETERS_ANONYMOUS     = new Parameter[] { PARAMETER_LOGOUT, PARAMETER_AUTHENTICATE};
131     protected static final Parameter[] PARAMETERS_NAME_PASSWORD = new Parameter[] { PARAMETER_USERNAME, PARAMETER_PASSWORD, new Parameter.Wrapper(PARAMETERS_USERS) };
132 
133     public Parameters createParameters(String   application) {
134         application = application.toLowerCase();
135         if ("anonymous".equals(application)) {
136             return new Parameters(PARAMETERS_ANONYMOUS);
137         } else if ("class".equals(application)) {
138             return Parameters.VOID;
139         } else if ("name/password".equals(application)) {
140             return new Parameters(PARAMETERS_NAME_PASSWORD);
141         } else {
142             return new AutodefiningParameters();
143         }
144     }
145 
146     long key = System.currentTimeMillis();
147 
148     /**
149      * Some unique key associated with this security configuration. It can be explicitely set with
150      * the 'key' entry in security.xml. It falls back to the current time in millis at the time of
151      * initialization of authentication.
152      *
153      * @since MMBase-1.8
154      */
155     public long getKey() {
156         return key;
157     }
158 }
159
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags