KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > mr > kernel > security > impl > ldap > LDAPUtilities


1 /*
2  * Copyright 2002 by
3  * <a HREF="http://www.coridan.com">Coridan</a>
4  * <a HREF="mailto: support@coridan.com ">support@coridan.com</a>
5  *
6  * The contents of this file are subject to the Mozilla Public License Version
7  * 1.1 (the "License"); you may not use this file except in compliance with the
8  * License. You may obtain a copy of the License at
9  * http://www.mozilla.org/MPL/
10  *
11  * Software distributed under the License is distributed on an "AS IS" basis,
12  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
13  * for the specific language governing rights and limitations under the
14  * License.
15  *
16  * The Original Code is "MantaRay" (TM).
17  *
18  * The Initial Developer of the Original Code is Shirley Sasson.
19  * Portions created by the Initial Developer are Copyright (C) 2006
20  * Coridan Inc. All Rights Reserved.
21  *
22  * Contributor(s): all the names of the contributors are added in the source
23  * code where applicable.
24  *
25  * Alternatively, the contents of this file may be used under the terms of the
26  * LGPL license (the "GNU LESSER GENERAL PUBLIC LICENSE"), in which case the
27  * provisions of LGPL are applicable instead of those above. If you wish to
28  * allow use of your version of this file only under the terms of the LGPL
29  * License and not to allow others to use your version of this file under
30  * the MPL, indicate your decision by deleting the provisions above and
31  * replace them with the notice and other provisions required by the LGPL.
32  * If you do not delete the provisions above, a recipient may use your version
33  * of this file under either the MPL or the GNU LESSER GENERAL PUBLIC LICENSE.
34
35  *
36  * This library is free software; you can redistribute it and/or modify it
37  * under the terms of the MPL as stated above or under the terms of the GNU
38  * Lesser General Public License as published by the Free Software Foundation;
39  * either version 2.1 of the License, or any later version.
40  *
41  * This library is distributed in the hope that it will be useful, but WITHOUT
42  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
43  * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
44  * License for more details.
45  */
46
47 package org.mr.kernel.security.impl.ldap;
48
49 import org.mr.kernel.security.authorization.permissions.MantaPermissionWithParameter;
50 import org.mr.kernel.security.authorization.permissions.MantaPermission;
51 import org.mr.kernel.security.impl.ldap.management.Crypt;
52 import org.mr.kernel.security.MantaSecurityException;
53 import org.mr.kernel.security.GroupPrincipal;
54 import org.mr.kernel.security.*;
55
56 import java.io.UnsupportedEncodingException JavaDoc;
57
58 /**
59  * This class holds different utility methods that are used while reading
60  * and writing from and to the LDAP server.
61  *
62  * @version 1.0
63  * @since Apr 17, 2006
64  * @author Shirley Sasson
65  *
66  */
67 public class LDAPUtilities implements SecurityConstants {
68
69     /**
70      * This method receives a permission and a principal, and constructs the LDAP path that
71      * this permission will be found. Each permission has a configured path, that contains
72      * placeholders. This method reads this permission path from the configuration, and replaces
73      * the placeholders with real values.
74      *
75      * For example, the permission "create-browser-for-queue" has 2 configuration paths. One for the permission
76      * if it is related with a user, and one for the permission if it is related with a group.
77      * The congifuration parameter for "user" might be something like:
78      * "o=CreateQueueBrowser,o=ActionPermissions,uid=$USERNAME$,dc=Users,dc=Principals,dc=MyDomain,dc=Domains,dc=manta,dc=com".
79      *
80      * This method will replace the $USERNAME$ with the principal name given with the method.
81      *
82      * @param permission the permission to which we need to construct the path
83      * @param principal the perincipal to whom we would like the permissions to relate to
84      * @return an LDAPDN object representing the LDAP path in which the permission resides
85      * @throws MantaSecurityException is en error occured
86      *
87      */
88     public static LDAPDN buildPermissionPath(MantaPermission permission, MantaPrincipal principal) throws MantaSecurityException {
89         String JavaDoc searchBase = null;
90         Object JavaDoc param = null;
91         if (permission instanceof MantaPermissionWithParameter){
92             MantaPermissionWithParameter p = (MantaPermissionWithParameter) permission;
93             param = p.getParam();
94         }
95
96         String JavaDoc strParam = (String JavaDoc) param;
97         if (principal instanceof UserPrincipal){
98             searchBase = (String JavaDoc) permission.getPermissionPathForUser();
99             searchBase = replace(searchBase, USERNAME_PLACEHOLDER, principal.getName());
100         }
101         else if (principal instanceof GroupPrincipal){
102             searchBase = (String JavaDoc) permission.getPermissionPathForGroup();
103             searchBase = replace(searchBase, GROUP_NAME_PLACEHOLDER, principal.getName());
104         }
105         searchBase = replace(searchBase, TOPIC_NAME_PLACEHOLDER, strParam);
106         searchBase = replace(searchBase, QUEUE_NAME_PLACEHOLDER, strParam);
107         searchBase = replace(searchBase, MANAGED_USERNAME_PLACEHOLDER, strParam);
108         searchBase = replace(searchBase, MANAGED_GROUP_NAME_PLACEHOLDER, strParam);
109         return new LDAPDN(searchBase);
110     }
111
112     /**
113      * This method removes instances of a placeholder from a given String.
114      *
115      * @param source the String including the placeholders
116      * @param placeHolder the placeholder character to remove
117      * @return a String without the placeholders
118      * @throws MantaSecurityException is en error occured
119      *
120      */
121     public static String JavaDoc removePlaceHolders(String JavaDoc source, char placeHolder) throws MantaSecurityException {
122         StringBuffer JavaDoc buf = new StringBuffer JavaDoc();
123         try {
124             for (int i=0 ; i<source.length() ; i++){
125                 if (source.charAt(i) != placeHolder)
126                     buf.append(source.charAt(i));
127             }
128         }
129         catch (Exception JavaDoc e){
130             throw new MantaSecurityException("Error removing placeholders");
131         }
132         return new String JavaDoc(buf);
133     }
134
135     /**
136      * This method encypts a given String with the libc crypt(3) function.
137      * It also adds the string "{crypt} before the encrypted string.
138      * It is used for encryptin LDAP password.
139      * The JndiLoginModule used for authentication, expects the password to
140      * be in that format.
141      *
142      * @param str the String to encrypt
143      * @return an encrypted string
144      * @see com.sun.security.auth.module.JndiLoginModule
145      */
146     public static String JavaDoc crypt(String JavaDoc str){
147         Crypt c = new Crypt();
148         byte[] encypted;
149         String JavaDoc ret = null;
150         try {
151             encypted = c.crypt(str.getBytes(UTF_8_CHARSET), str.getBytes(UTF_8_CHARSET));
152             ret = new String JavaDoc(encypted, UTF_8_CHARSET);
153         } catch (UnsupportedEncodingException JavaDoc e) {}
154         return CRYPT + ret;
155     }
156
157     private static String JavaDoc replace(String JavaDoc source, String JavaDoc key, String JavaDoc value) throws MantaSecurityException {
158         String JavaDoc ret;
159         try {
160             int start = source.indexOf(key);
161             int keyLength = key.length();
162             if (start == -1)
163                 return source;
164             if (start == 0)
165                 return value + source.substring(keyLength);
166             ret = source.substring(0, start) + value + source.substring(start+keyLength);
167         }
168         catch (Exception JavaDoc e){
169             throw new MantaSecurityException("Error building permission LDAP search string");
170         }
171         return ret;
172     }
173 }
174
Popular Tags