KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > objectweb > jonas > security > realm > factory > JResourceRemoteImpl


1 /**
2  * JOnAS: Java(TM) Open Application Server
3  * Copyright (C) 2005 Bull S.A.
4  * Contact: jonas-team@objectweb.org
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
19  * USA
20  *
21  * --------------------------------------------------------------------------
22  * $Id: JResourceRemoteImpl.java,v 1.2 2005/04/19 07:59:00 benoitf Exp $
23  * --------------------------------------------------------------------------
24  */
25 package org.objectweb.jonas.security.realm.factory;
26
27 import java.rmi.AccessException JavaDoc;
28 import java.rmi.RemoteException JavaDoc;
29 import java.util.ArrayList JavaDoc;
30
31 import javax.rmi.PortableRemoteObject JavaDoc;
32
33 import org.objectweb.jonas.security.SecurityService;
34 import org.objectweb.jonas.security.auth.JGroup;
35 import org.objectweb.jonas.security.auth.JPrincipal;
36 import org.objectweb.jonas.security.auth.JRole;
37 import org.objectweb.jonas.security.auth.JSubject;
38 import org.objectweb.jonas.security.realm.principals.User;
39 import org.objectweb.jonas.service.ServiceManager;
40
41 /**
42  * This class allow to make authentication on server side even for Client
43  * container or remote applications
44  * @author Florent Benoit
45  */
46 public class JResourceRemoteImpl extends PortableRemoteObject JavaDoc implements JResourceRemote {
47
48     /**
49      * Security service
50      */
51     private static SecurityService securityService = null;
52
53     /**
54      * Default constructor
55      * @throws RemoteException if super class cannot export object
56      */
57     public JResourceRemoteImpl() throws RemoteException JavaDoc {
58         super();
59     }
60
61     /**
62      * Authenticate a given user
63      * @param principalName name of the user
64      * @param arrayPass password of the user
65      * @param resourceName type of resource to use to register ( memory, jdbc,
66      * ldap)
67      * @throws RemoteException if the authentication failed
68      * @return an authenticated subject if it succeed
69      */
70     public JSubject authenticate(String JavaDoc principalName, char[] arrayPass, String JavaDoc resourceName) throws RemoteException JavaDoc {
71         // Get security service
72 if (securityService == null) {
73             try {
74                 securityService = (SecurityService) ServiceManager.getInstance().getSecurityService();
75             } catch (Exception JavaDoc e) {
76                 throw createChainedAccessException(
77                         "Cannot retrieve security service. Check that the security service is running", e);
78             } catch (Error JavaDoc e) {
79                 throw createChainedAccessException(
80                         "Cannot retrieve security service. Check that the security service is running", e);
81             }
82         }
83
84         if (resourceName == null) {
85             throw new AccessException JavaDoc("The 'resourceName' parameter is required and cannot be null.");
86         }
87
88         // Get resource
89 JResource jResource = null;
90         try {
91             jResource = securityService.getJResource(resourceName);
92         } catch (Exception JavaDoc e) {
93             throw createChainedAccessException("The resource '" + resourceName + "' is not available.", e);
94         }
95
96         if (jResource == null) {
97             throw new AccessException JavaDoc("The resource '" + resourceName + "' is not available.");
98         }
99
100         // Authentication - step 1 (user)
101 User user = null;
102         try {
103             user = jResource.findUser(principalName);
104         } catch (Exception JavaDoc jre) {
105             // could not retrieve user
106 throw createChainedAccessException("Can not find the user", jre);
107         }
108         // User was not found
109 if (user == null) {
110             throw new AccessException JavaDoc("User '" + principalName + "' not found.");
111         }
112
113         // Authentication - step 2 (password)
114 boolean validated = jResource.isValidUser(user, new String JavaDoc(arrayPass));
115         if (!validated) {
116             throw new AccessException JavaDoc("The password for the user '" + principalName + "' is not valid");
117         }
118
119         // Authentication - step 3 (roles)
120 ArrayList JavaDoc principalRoles = null;
121         try {
122             principalRoles = jResource.getArrayListCombinedRoles(user);
123         } catch (JResourceException jre) {
124             throw createChainedAccessException(jre.getMessage(), jre);
125         }
126
127         JGroup group = new JGroup("Roles");
128
129         // Convert list into array
130 String JavaDoc[] roles = new String JavaDoc[principalRoles.size()];
131         roles = (String JavaDoc[]) principalRoles.toArray(roles);
132         int size = principalRoles.size();
133         for (int i = 0; i < size; i++) {
134             group.addMember(new JRole(roles[i]));
135         }
136
137         // build object with name and group
138 return new JSubject(new JPrincipal(principalName), group);
139
140     }
141
142     /**
143      * Create a AccessException with the given message and set the cause to the
144      * given Exception
145      * @param msg Exception message
146      * @param t Root cause
147      * @return AccessException the chained exception
148      */
149     private static AccessException JavaDoc createChainedAccessException(String JavaDoc msg, Throwable JavaDoc t) {
150         AccessException JavaDoc ae = new AccessException JavaDoc(msg);
151         ae.initCause(t);
152         return ae;
153     }
154
155 }
156
Popular Tags