KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > objectweb > jonas > security > realm > web > jetty50 > Standard


1 /**
2  * JOnAS: Java(TM) Open Application Server
3  * Copyright (C) 1999-2004 Bull S.A.
4  * Contact: jonas-team@objectweb.org
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
19  * USA
20  *
21  * Initial developer(s): Greg Wilkins for the HashUserRealm
22  * Copyright (c) 1996 Mort Bay Consulting Pty. Ltd. All rights reserved.
23  * --------------------------------------------------------------------------
24  * $Id: Standard.java,v 1.5 2005/04/28 08:43:27 benoitf Exp $
25  * --------------------------------------------------------------------------
26  */
27
28 package org.objectweb.jonas.security.realm.web.jetty50;
29
30 import java.security.Principal JavaDoc;
31 import java.util.ArrayList JavaDoc;
32 import java.util.HashMap JavaDoc;
33 import java.util.Map JavaDoc;
34
35 import org.mortbay.http.HttpRequest;
36 import org.mortbay.http.UserRealm;
37
38 import org.objectweb.jonas.common.Log;
39 import org.objectweb.jonas.security.SecurityService;
40 import org.objectweb.jonas.security.realm.factory.JResource;
41 import org.objectweb.jonas.security.realm.principals.User;
42 import org.objectweb.jonas.service.ServiceManager;
43
44 import org.objectweb.security.context.SecurityContext;
45 import org.objectweb.security.context.SecurityCurrent;
46
47 import org.objectweb.util.monolog.api.BasicLevel;
48 import org.objectweb.util.monolog.api.Logger;
49
50 /**
51  * <p>
52  * Implementation of a Realm. Use any JOnAS realm by specifying the resource
53  * name
54  * @author Greg Wilkins for the HashUserRealm
55  * @author Florent Benoit : Jetty 4.2.x / JOnAS 3.1
56  */
57 public class Standard implements UserRealm {
58
59     /**
60      * The logger used in JOnAS
61      */
62     private static Logger logger = null;
63
64     /**
65      * Name of this realm
66      */
67     private String JavaDoc name;
68
69     /**
70      * The resource we will use to authenticate users and identify associated
71      * roles.
72      */
73     private JResource jResource = null;
74
75     /**
76      * Reference to the JOnAS security service
77      */
78     private SecurityService securityService = null;
79
80     /**
81      * List of authenticated users
82      */
83     private Map JavaDoc users = null;
84
85     /**
86      * Default Constructor
87      */
88     protected Standard() {
89         users = new HashMap JavaDoc();
90
91         if (logger == null) {
92             logger = Log.getLogger(Log.JONAS_SECURITY_PREFIX);
93         }
94     }
95
96     /**
97      * Constructor
98      * @param resourceName name of the resource to use
99      * @throws Exception if the resource can't be retrieved
100      */
101     public Standard(String JavaDoc resourceName) throws Exception JavaDoc {
102         this();
103
104         // Get the Security Service
105 try {
106             securityService = (SecurityService) ServiceManager.getInstance().getSecurityService();
107         } catch (Exception JavaDoc e) {
108             // Can't retrieve Security service
109 throw new Exception JavaDoc("can't retrieve Security service", e);
110         }
111
112         // Get the resource from the security service
113 jResource = securityService.getJResource(resourceName);
114         if (jResource == null) {
115             throw new Exception JavaDoc("Can't retrieve resource " + resourceName + "from the security service");
116         }
117     }
118
119     /**
120      * Constructor
121      * @param name name of the realm
122      * @param resourceName name of the resource to use
123      * @throws Exception if the resource can't be retrieved
124      */
125     public Standard(String JavaDoc name, String JavaDoc resourceName) throws Exception JavaDoc {
126         this(resourceName);
127         this.name = name;
128     }
129
130     /**
131      * @return The realm name.
132      */
133     public String JavaDoc getName() {
134         return name;
135     }
136
137     /**
138      * Authenticate a user with a specific username and credentials
139      * @param username name of the user
140      * @param credentials credential of the user
141      * @param request httprequest
142      * @return a Jetty principal
143      */
144     public Principal JavaDoc authenticate(String JavaDoc username, Object JavaDoc credentials, HttpRequest request) {
145
146         // No authentication can be made with a null username
147 if (username == null) {
148             return null;
149         }
150
151         Principal JavaDoc jettyPrincipal = (Principal JavaDoc) users.get(username);
152         // User previously authenticated --> remove from the cache
153 if (jettyPrincipal != null) {
154             users.remove(username);
155         }
156
157         // Does a user with this username exist?
158 User user = null;
159         try {
160             user = jResource.findUser(username);
161         } catch (Exception JavaDoc jre) {
162             // could not retrieve user
163 logger.log(BasicLevel.INFO, jre.getMessage());
164             return null;
165         }
166
167         // User was not found
168 if (user == null) {
169             if (logger.isLoggable(BasicLevel.DEBUG)) {
170                 logger.log(BasicLevel.DEBUG, "User " + username + " not found.");
171             }
172             return null;
173         }
174
175         if (!(credentials instanceof String JavaDoc)) {
176             logger.log(BasicLevel.ERROR, "Allow only string type as credentials");
177             return null;
178         }
179
180         boolean validated = jResource.isValidUser(user, (String JavaDoc) credentials);
181
182         if (!validated) {
183             logger.log(BasicLevel.INFO, "The password for the user " + username + " is not valid");
184             return null;
185         }
186
187         ArrayList JavaDoc combinedRoles = null;
188         try {
189             combinedRoles = jResource.getArrayListCombinedRoles(user);
190         } catch (Exception JavaDoc jre) {
191             logger.log(BasicLevel.ERROR, jre.getMessage());
192             return null;
193         }
194
195         Principal JavaDoc principal = new JettyPrincipal(user.getName(), combinedRoles);
196         SecurityContext ctx = new SecurityContext(principal.getName(), combinedRoles);
197         SecurityCurrent current = SecurityCurrent.getCurrent();
198         current.setSecurityContext(ctx);
199
200         // Add to cache
201 users.put(username, principal);
202
203         return principal;
204     }
205
206     /**
207      * Check if a user is in a role.
208      * @param user The user, which must be from this realm
209      * @param roleName the role to test for the given user
210      * @return True if the user can act in the role.
211      */
212     public synchronized boolean isUserInRole(Principal JavaDoc user, String JavaDoc roleName) {
213         if (user == null) {
214             return false;
215         }
216
217         if (user instanceof JettyPrincipal) {
218             return ((JettyPrincipal) user).isUserInRole(roleName);
219         } else {
220             logger.log(BasicLevel.ERROR, "The user '" + user + "' is not instance of JettyPrincipal");
221             return false;
222         }
223     }
224
225     /**
226      * Check if a user is authenticated
227      * @param user The user, which must be from this realm
228      * @return True if the user is authenticated
229      */
230     public boolean isAuthenticated(Principal JavaDoc user) {
231         if (user == null) {
232             return false;
233         }
234
235         if (user instanceof JettyPrincipal) {
236             return ((JettyPrincipal) user).isAuthenticated();
237         } else {
238             logger.log(BasicLevel.ERROR, "The user '" + user + "' is not instance of JettyPrincipal");
239             return false;
240         }
241     }
242
243     /**
244      * Gets the principal with the given username
245      * @param username the given username
246      * @return the principal with the given username
247      */
248     public Principal JavaDoc getPrincipal(String JavaDoc username) {
249         if (logger.isLoggable(BasicLevel.DEBUG)) {
250             logger.log(BasicLevel.DEBUG, "Get principal with username '" + username + "'.");
251         }
252
253         JettyPrincipal principal = (JettyPrincipal) users.get(username);
254         SecurityContext ctx = new SecurityContext(principal.getName(), principal.getRoles());
255         SecurityCurrent current = SecurityCurrent.getCurrent();
256         current.setSecurityContext(ctx);
257         return principal;
258     }
259
260     /**
261      * Disassociate a user Not implemented
262      * @param user the given user
263      */
264     public void disassociate(Principal JavaDoc user) {
265     }
266
267     /**
268      * Push a role to a user Not implemented
269      * @param user the given user
270      * @param role the role to push
271      * @return the new principal
272      */
273     public Principal JavaDoc pushRole(Principal JavaDoc user, String JavaDoc role) {
274         return user;
275     }
276
277     /**
278      * Pop a role to a user Not implemented
279      * @param user the given user
280      * @return the new principal
281      */
282     public Principal JavaDoc popRole(Principal JavaDoc user) {
283         return user;
284     }
285
286     /**
287      * Log out a specific user
288      * @param user the user to logout
289      */
290     public void logout(Principal JavaDoc user) {
291     }
292
293     /**
294      * Check if the specific user is authenticated
295      * @param user the user to reauthenticate
296      * @return true if the user is authenthicated
297      */
298     public boolean reauthenticate(Principal JavaDoc user) {
299         if (user instanceof JettyPrincipal) {
300             return ((JettyPrincipal) user).isAuthenticated();
301         } else {
302             return false;
303         }
304     }
305
306     /**
307      * @return the logger.
308      */
309     protected static Logger getLogger() {
310         return logger;
311     }
312
313     /**
314      * @return the users.
315      */
316     protected Map JavaDoc getUsers() {
317         return users;
318     }
319
320     /**
321      * Remove a specific user
322      * @param username user to remove
323      */
324     protected void removeUser(String JavaDoc username) {
325         users.remove(username);
326     }
327
328     /**
329      * Add a user to the current map
330      * @param username name of the user
331      * @param principal object
332      */
333     protected void addUser(String JavaDoc username, Principal JavaDoc principal) {
334         users.put(username, principal);
335     }
336
337     /**
338      * Sets the name of the realm
339      * @param name The name to set.
340      */
341     protected void setName(String JavaDoc name) {
342         this.name = name;
343     }
344 }
Popular Tags