1 10 package org.mmbase.security; 11 12 import org.mmbase.util.ResourceLoader; 13 import org.mmbase.util.ResourceWatcher; 14 15 import org.mmbase.util.logging.Logger; 16 import org.mmbase.util.logging.Logging; 17 import org.mmbase.util.xml.DocumentReader; 18 19 26 public class MMBaseCopConfig { 27 private static final Logger log = Logging.getLoggerInstance(MMBaseCopConfig.class); 28 29 public static final ResourceLoader securityLoader = ResourceLoader.getConfigurationRoot().getChildResourceLoader("security"); 30 31 32 protected ResourceWatcher watcher; 33 34 35 private Authentication authentication; 36 37 38 private Authorization authorization; 39 40 41 private boolean active = false; 42 43 44 private String sharedSecret = null; 45 46 47 48 private MMBaseCop cop; 49 50 51 private class SecurityConfigWatcher extends ResourceWatcher { 52 private MMBaseCop cop; 53 54 public SecurityConfigWatcher(MMBaseCop cop) { 55 super(securityLoader); 56 if(cop == null) throw new RuntimeException ("MMBase cop was null"); 57 this.cop = cop; 59 } 60 61 public void onChange(String s) { 62 try { 63 cop.reload(); 64 } catch(Exception e) { 65 log.error(e); 66 log.error(Logging.stackTrace(e)); 67 } 68 } 69 } 70 71 72 public static final String PUBLIC_ID_SECURITY_1_0 = "-//MMBase//DTD security config 1.0//EN"; 73 private static final String PUBLIC_ID_SECURITY_1_0_FAULT = "//MMBase - security//"; 74 75 76 public static final String DTD_SECURITY_1_0 = "security_1_0.dtd"; 77 78 static { 79 org.mmbase.util.XMLEntityResolver.registerPublicID(PUBLIC_ID_SECURITY_1_0, DTD_SECURITY_1_0, MMBaseCopConfig.class); 80 org.mmbase.util.XMLEntityResolver.registerPublicID(PUBLIC_ID_SECURITY_1_0_FAULT, DTD_SECURITY_1_0, MMBaseCopConfig.class); 81 } 82 83 92 MMBaseCopConfig(MMBaseCop mmbaseCop) throws java.io.IOException , NoSuchMethodException , SecurityException { 93 94 java.net.URL config = securityLoader.getResource("security.xml"); 95 log.info("using: '" + config + "' as configuration file for security"); 96 97 watcher = new SecurityConfigWatcher(mmbaseCop); 98 watcher.add("security.xml"); 99 watcher.start(); 100 101 cop = mmbaseCop; 102 103 104 } 105 106 109 void load() throws java.io.IOException { 110 DocumentReader reader = new DocumentReader(securityLoader.getInputSource("security.xml"), this.getClass()); 111 112 String sActive = reader.getElementAttributeValue(reader.getElementByPath("security"),"active"); 114 if(sActive.equalsIgnoreCase("true")) { 115 log.debug("SecurityManager will be active"); 116 active = true; 117 } else if(sActive.equalsIgnoreCase("false")) { 118 log.debug("SecurityManager will NOT be active"); 119 active = false; 120 } else { 121 throw new SecurityException ("security attribute 'active' must have the value 'true' or 'false'"); 122 } 123 124 sharedSecret = reader.getElementValue(reader.getElementByPath("security.sharedsecret")); 126 127 128 if(active) { 129 130 132 org.w3c.dom.Element entry = reader.getElementByPath("security.authentication"); 133 String authenticationClass = reader.getElementAttributeValue(entry,"class"); 134 String authenticationUrl = reader.getElementAttributeValue(entry, "url"); 135 authentication = getAuthentication(authenticationClass); 136 137 String key = reader.getElementValue(reader.getElementByPath("security.key")); 139 if (key != null && ! key.equals("")) { 140 try { 141 long k = Long.parseLong(key); 142 authentication.key = k; 143 } catch (NumberFormatException nfe) { 144 log.error("Could not format '" + key + "', defaulting to " + authentication.key); 145 } 146 } 147 148 entry = reader.getElementByPath("security.authorization"); 149 String authorizationClass = reader.getElementAttributeValue(entry,"class"); 150 String authorizationUrl = reader.getElementAttributeValue(entry,"url"); 151 authorization = getAuthorization(authorizationClass); 152 153 154 if (log.isDebugEnabled()) { 155 log.debug("Loading class:" + authentication.getClass().getName() + " with config:" + authenticationUrl + " for Authentication"); 156 } 157 authentication.load(cop, watcher, authenticationUrl); 158 159 if (log.isDebugEnabled()) { 160 log.debug("Using class:" + authorization.getClass().getName() + " with config:" + authorizationUrl + " for Authorization"); 161 } 162 authorization.load(cop, watcher, authorizationUrl); 163 164 165 } else { 166 authentication = new NoAuthentication(); 168 authentication.load(cop, watcher, null); 169 authorization = new NoAuthorization(); 170 authorization.load(cop, watcher, null); 171 log.debug("Retrieved dummy security classes"); 172 } 173 } 174 175 179 public Authentication getAuthentication() { 180 return authentication; 181 } 182 183 187 public Authorization getAuthorization() { 188 return authorization; 189 } 190 191 197 public boolean getActive() { 198 return active; 199 } 200 201 207 public boolean checkSharedSecret(String received) { 208 if (sharedSecret != null) { 209 if(sharedSecret.equals(received)) { 210 return true; 211 } else { 212 log.error("the shared " + sharedSecret + "!=" + received + " secrets don't match."); 213 } 214 } 215 return false; 216 } 217 218 219 223 public String getSharedSecret() { 224 return sharedSecret; 225 } 226 227 private Authentication getAuthentication(String className) throws SecurityException { 228 Authentication result; 229 try { 230 Class classType = Class.forName(className); 231 Object o = classType.newInstance(); 232 result = (Authentication) o; 233 log.debug("Setting manager of " + result + " to " + cop); 234 result.manager = cop; 235 } catch(ClassNotFoundException cnfe) { 236 throw new SecurityException (cnfe); 237 } catch(IllegalAccessException iae) { 238 throw new SecurityException (iae); 239 } catch(InstantiationException ie) { 240 throw new SecurityException (ie); 241 } 242 return result; 243 } 244 245 private Authorization getAuthorization(String className) throws SecurityException { 246 247 Authorization result; 248 try { 249 Class classType = Class.forName(className); 250 Object o = classType.newInstance(); 251 result = (Authorization) o; 252 log.debug("Setting manager of " + result + " to " + cop); 253 result.manager = cop; 254 } 255 catch(java.lang.ClassNotFoundException cnfe) { 256 log.debug("", cnfe); 257 throw new SecurityException (cnfe.toString()); 258 } 259 catch(java.lang.IllegalAccessException iae) { 260 log.debug("", iae); 261 throw new SecurityException (iae.toString()); 262 } 263 catch(java.lang.InstantiationException ie) { 264 log.debug("", ie); 265 throw new SecurityException (ie.toString()); 266 } 267 return result; 268 } 269 } 270 | Popular Tags |