1 19 20 package org.openharmonise.dav.server.managers; 21 22 import java.util.logging.*; 23 24 import org.openharmonise.commons.cache.CacheException; 25 import org.openharmonise.commons.dsi.*; 26 import org.openharmonise.rm.DataAccessException; 27 import org.openharmonise.rm.dsi.DataStoreInterfaceFactory; 28 import org.openharmonise.rm.metadata.InvalidPropertyInstanceException; 29 import org.openharmonise.rm.resources.users.User; 30 import org.openharmonise.rm.security.authentication.*; 31 import org.openharmonise.rm.security.authorization.*; 32 import org.openharmonise.rm.sessions.*; 33 34 import com.ibm.webdav.*; 35 import com.ibm.webdav.impl.*; 36 import com.ibm.webdav.impl.UserAuthenticator; 37 38 46 public class HarmoniseSessionManager implements UserAuthenticator { 47 private AbstractDataStoreInterface m_dsi = null; 48 49 52 private static final Logger m_logger = Logger.getLogger(HarmoniseSessionManager.class.getName()); 53 54 public HarmoniseSessionManager() { 55 try { 56 m_dsi = DataStoreInterfaceFactory.getDataStoreInterface(); 57 } catch (DataStoreException e) { 58 m_logger.log(Level.WARNING, e.getLocalizedMessage(), e); 59 } 60 } 61 62 65 public boolean authenticate(String user, String pwd) 66 throws WebDAVException { 67 boolean bIsValid = false; 68 69 try { 70 if ((user != null) & (pwd != null)) { 71 org.openharmonise.rm.security.authentication.UserAuthenticator auth = 72 UserAuthenticatorFactory.getAuthenticator(); 73 74 User usr = auth.getUser(user); 75 76 if (auth.authenticate(usr, pwd) == true 79 && (AuthorizationValidator.isSuperUser(usr) 80 || (AuthorizationValidator.getUserRoles(usr).size() > 0 81 && AuthorizationValidator.isBrowser(usr) == false))) { 82 83 84 String session_key = getSessionCacheKey(user, pwd); 85 86 Session session = 87 SessionCache.getInstance(this.m_dsi).getSession( 88 session_key); 89 90 if (session == null) { 91 if (m_logger.isLoggable(Level.FINE)) { 92 m_logger.logp(Level.FINE,this.getClass().getName(), "authenticate","Looking for user - " + user + "(" + pwd + ")"); 93 } 94 95 session = 96 new Session(m_dsi, usr, session_key, 99999999); 97 98 SessionCache.getInstance(this.m_dsi).addToCache( 99 session_key, 100 session); 101 102 } 103 104 bIsValid = true; 105 106 } 107 } 108 } catch (SessionException e) { 109 m_logger.log(Level.WARNING, e.getMessage(), e); 110 throw new WebDAVException( 111 WebDAVStatus.SC_INTERNAL_SERVER_ERROR, 112 e.getLocalizedMessage()); 113 } catch (CacheException e) { 114 throw new WebDAVException( 115 WebDAVStatus.SC_INTERNAL_SERVER_ERROR, 116 e.getLocalizedMessage()); 117 } catch (PasswordExpiredException e) { 118 bIsValid = false; 119 } catch(LoginRetryLimitException e) { 120 bIsValid = false; 121 } catch (UserAuthenticationException e) { 122 throw new WebDAVException( 123 WebDAVStatus.SC_INTERNAL_SERVER_ERROR, 124 e.getLocalizedMessage()); 125 } catch (AuthorizationException e) { 126 throw new WebDAVException( 127 WebDAVStatus.SC_INTERNAL_SERVER_ERROR, 128 e.getLocalizedMessage()); 129 } catch (InvalidPropertyInstanceException e) { 130 throw new WebDAVException( 131 WebDAVStatus.SC_INTERNAL_SERVER_ERROR, 132 e.getLocalizedMessage()); 133 } catch (DataAccessException e) { 134 m_logger.log(Level.WARNING, e.getMessage(), e); 135 throw new WebDAVException( 136 WebDAVStatus.SC_INTERNAL_SERVER_ERROR, 137 e.getLocalizedMessage()); 138 } 139 140 if(m_logger.isLoggable(Level.FINE)) { 141 m_logger.logp(Level.FINE, this.getClass().getName(), "authenticate", "User " + user + " authenticated - " + bIsValid); 142 } 143 144 return bIsValid; 145 } 146 147 155 private String getSessionCacheKey(String user, String pwd) { 156 String session_key = 157 "dav_" + user.hashCode() + pwd.hashCode(); 158 return session_key; 159 } 160 161 167 public User getUser(ResourceImpl resource) throws WebDAVException { 168 User usr = null; 169 170 try { 171 HTTPHeaders requestContext = 172 resource.getContext().getRequestContext(); 173 174 String user = requestContext.getAuthorizationId(); 175 String password = requestContext.getPassword(); 176 String session_key = getSessionCacheKey(user, password); 177 178 Session session = 179 SessionCache.getInstance(this.m_dsi).getSession( 180 session_key); 181 182 183 if (session != null) { 184 try { 185 usr = session.getUser(); 186 } catch (DataAccessException e) { 187 throw new WebDAVException( 188 WebDAVStatus.SC_INTERNAL_SERVER_ERROR, 189 e.getLocalizedMessage()); 190 } 191 } 192 } catch (CacheException e) { 193 throw new WebDAVException( 194 WebDAVStatus.SC_INTERNAL_SERVER_ERROR, 195 e.getLocalizedMessage()); 196 } 197 198 return usr; 199 } 200 201 204 public boolean isSuperUser(ResourceImpl resource) throws WebDAVException { 205 boolean bIsSuper = false; 206 207 try { 208 bIsSuper = AuthorizationValidator.isSuperUser(getUser(resource)); 209 } catch (AuthorizationException e) { 210 throw new WebDAVException( 211 WebDAVStatus.SC_INTERNAL_SERVER_ERROR, 212 e.getLocalizedMessage()); 213 } 214 215 return bIsSuper; 216 } 217 } | Popular Tags |