KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > openharmonise > dav > server > managers > HarmoniseSessionManager


1 /*
2  * The contents of this file are subject to the
3  * Mozilla Public License Version 1.1 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at http://www.mozilla.org/MPL/
6  *
7  * Software distributed under the License is distributed on an "AS IS"
8  * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied.
9  * See the License for the specific language governing rights and
10  * limitations under the License.
11  *
12  * The Initial Developer of the Original Code is Simulacra Media Ltd.
13  * Portions created by Simulacra Media Ltd are Copyright (C) Simulacra Media Ltd, 2004.
14  *
15  * All Rights Reserved.
16  *
17  * Contributor(s):
18  */
19
20 package org.openharmonise.dav.server.managers;
21
22 import java.util.logging.*;
23
24 import org.openharmonise.commons.cache.CacheException;
25 import org.openharmonise.commons.dsi.*;
26 import org.openharmonise.rm.DataAccessException;
27 import org.openharmonise.rm.dsi.DataStoreInterfaceFactory;
28 import org.openharmonise.rm.metadata.InvalidPropertyInstanceException;
29 import org.openharmonise.rm.resources.users.User;
30 import org.openharmonise.rm.security.authentication.*;
31 import org.openharmonise.rm.security.authorization.*;
32 import org.openharmonise.rm.sessions.*;
33
34 import com.ibm.webdav.*;
35 import com.ibm.webdav.impl.*;
36 import com.ibm.webdav.impl.UserAuthenticator;
37
38 /**
39  * Harmonise implementation of <code>UserAuthenticator</code> providing
40  * DAV4J with access to user authenticating functionality of Harmonise.
41  *
42  * @author Michael Bell
43  * @version $Revision: 1.2 $
44  *
45  */
46 public class HarmoniseSessionManager implements UserAuthenticator {
47     private AbstractDataStoreInterface m_dsi = null;
48     
49     /**
50      * Logger for this class
51      */
52     private static final Logger m_logger = Logger.getLogger(HarmoniseSessionManager.class.getName());
53
54     public HarmoniseSessionManager() {
55         try {
56             m_dsi = DataStoreInterfaceFactory.getDataStoreInterface();
57         } catch (DataStoreException e) {
58             m_logger.log(Level.WARNING, e.getLocalizedMessage(), e);
59         }
60     }
61
62     /* (non-Javadoc)
63      * @see com.ibm.webdav.impl.UserAuthenticator#authenticate(java.lang.String, java.lang.String)
64      */
65     public boolean authenticate(String JavaDoc user, String JavaDoc pwd)
66         throws WebDAVException {
67         boolean bIsValid = false;
68
69         try {
70             if ((user != null) & (pwd != null)) {
71                 org.openharmonise.rm.security.authentication.UserAuthenticator auth =
72                     UserAuthenticatorFactory.getAuthenticator();
73
74                 User usr = auth.getUser(user);
75                 
76                 //password must be correct, user must have a role
77 //and must not be a browser
78 if (auth.authenticate(usr, pwd) == true
79                         && (AuthorizationValidator.isSuperUser(usr)
80                          || (AuthorizationValidator.getUserRoles(usr).size() > 0
81                                 && AuthorizationValidator.isBrowser(usr) == false))) {
82                     
83
84                     String JavaDoc session_key = getSessionCacheKey(user, pwd);
85
86                     Session session =
87                         SessionCache.getInstance(this.m_dsi).getSession(
88                             session_key);
89
90                     if (session == null) {
91                         if (m_logger.isLoggable(Level.FINE)) {
92                             m_logger.logp(Level.FINE,this.getClass().getName(), "authenticate","Looking for user - " + user + "(" + pwd + ")");
93                         }
94
95                         session =
96                             new Session(m_dsi, usr, session_key, 99999999);
97
98                         SessionCache.getInstance(this.m_dsi).addToCache(
99                             session_key,
100                             session);
101
102                     }
103                     
104                     bIsValid = true;
105
106                 }
107             }
108         } catch (SessionException e) {
109             m_logger.log(Level.WARNING, e.getMessage(), e);
110             throw new WebDAVException(
111                 WebDAVStatus.SC_INTERNAL_SERVER_ERROR,
112                 e.getLocalizedMessage());
113         } catch (CacheException e) {
114             throw new WebDAVException(
115                 WebDAVStatus.SC_INTERNAL_SERVER_ERROR,
116                 e.getLocalizedMessage());
117         } catch (PasswordExpiredException e) {
118             bIsValid = false;
119         } catch(LoginRetryLimitException e) {
120             bIsValid = false;
121         } catch (UserAuthenticationException e) {
122             throw new WebDAVException(
123                 WebDAVStatus.SC_INTERNAL_SERVER_ERROR,
124                 e.getLocalizedMessage());
125         } catch (AuthorizationException e) {
126             throw new WebDAVException(
127                 WebDAVStatus.SC_INTERNAL_SERVER_ERROR,
128                 e.getLocalizedMessage());
129         } catch (InvalidPropertyInstanceException e) {
130             throw new WebDAVException(
131                 WebDAVStatus.SC_INTERNAL_SERVER_ERROR,
132                 e.getLocalizedMessage());
133         } catch (DataAccessException e) {
134             m_logger.log(Level.WARNING, e.getMessage(), e);
135             throw new WebDAVException(
136                 WebDAVStatus.SC_INTERNAL_SERVER_ERROR,
137                 e.getLocalizedMessage());
138         }
139         
140         if(m_logger.isLoggable(Level.FINE)) {
141             m_logger.logp(Level.FINE, this.getClass().getName(), "authenticate", "User " + user + " authenticated - " + bIsValid);
142         }
143
144         return bIsValid;
145     }
146     
147     /**
148      * Returns the appropriate session cache key for the user with
149      * the given username and password.
150      *
151      * @param user the user name
152      * @param pwd the user password
153      * @return the appropriate session cache key
154      */
155     private String JavaDoc getSessionCacheKey(String JavaDoc user, String JavaDoc pwd) {
156         String JavaDoc session_key =
157             "dav_" + user.hashCode() + pwd.hashCode();
158         return session_key;
159     }
160
161     /**
162      * Returns the Harmonise user assocaited to this session.
163      *
164      * @return
165      * @throws WebDAVException
166      */
167     public User getUser(ResourceImpl resource) throws WebDAVException {
168         User usr = null;
169
170         try {
171             HTTPHeaders requestContext =
172             resource.getContext().getRequestContext();
173             
174             String JavaDoc user = requestContext.getAuthorizationId();
175             String JavaDoc password = requestContext.getPassword();
176             String JavaDoc session_key = getSessionCacheKey(user, password);
177             
178             Session session =
179                             SessionCache.getInstance(this.m_dsi).getSession(
180                                 session_key);
181             
182             
183             if (session != null) {
184                 try {
185                     usr = session.getUser();
186                 } catch (DataAccessException e) {
187                     throw new WebDAVException(
188                     WebDAVStatus.SC_INTERNAL_SERVER_ERROR,
189                     e.getLocalizedMessage());
190                 }
191             }
192         } catch (CacheException e) {
193             throw new WebDAVException(
194                     WebDAVStatus.SC_INTERNAL_SERVER_ERROR,
195                     e.getLocalizedMessage());
196         }
197
198         return usr;
199     }
200
201     /* (non-Javadoc)
202      * @see com.ibm.webdav.impl.UserAuthenticator#isSuperUser()
203      */
204     public boolean isSuperUser(ResourceImpl resource) throws WebDAVException {
205         boolean bIsSuper = false;
206
207         try {
208             bIsSuper = AuthorizationValidator.isSuperUser(getUser(resource));
209         } catch (AuthorizationException e) {
210             throw new WebDAVException(
211                 WebDAVStatus.SC_INTERNAL_SERVER_ERROR,
212                 e.getLocalizedMessage());
213         }
214         
215         return bIsSuper;
216     }
217 }
Popular Tags