1 17 package org.sape.carbon.services.security.management.jndi; 18 19 import java.security.Principal ; 20 import java.security.acl.Group ; 21 import java.util.HashSet ; 22 import java.util.Iterator ; 23 import java.util.Map ; 24 import java.util.Set ; 25 26 import javax.naming.Context ; 27 import javax.naming.NameAlreadyBoundException ; 28 import javax.naming.NameNotFoundException ; 29 import javax.naming.NamingEnumeration ; 30 import javax.naming.NamingException ; 31 import javax.naming.directory.Attribute ; 32 import javax.naming.directory.Attributes ; 33 import javax.naming.directory.BasicAttribute ; 34 import javax.naming.directory.BasicAttributes ; 35 import javax.naming.directory.DirContext ; 36 import javax.naming.directory.SearchResult ; 37 38 import org.sape.carbon.core.component.Component; 39 import org.sape.carbon.core.component.ComponentConfiguration; 40 import org.sape.carbon.core.component.lifecycle.Configurable; 41 import org.sape.carbon.core.component.lifecycle.Initializable; 42 import org.sape.carbon.core.config.InvalidConfigurationException; 43 import org.sape.carbon.services.security.management.DefaultGroupImpl; 44 import org.sape.carbon.services.security.management.DefaultUserImpl; 45 import org.sape.carbon.services.security.management.DuplicateGroupException; 46 import org.sape.carbon.services.security.management.DuplicatePrincipalException; 47 import org.sape.carbon.services.security.management.RuntimeSecurityManagementException; 48 import org.sape.carbon.services.security.management.UnknownGroupException; 49 import org.sape.carbon.services.security.management.UnknownPrincipalException; 50 import org.sape.carbon.services.security.management.UserManager; 51 52 60 public class JNDIUserManagerImpl implements UserManager, Initializable, Configurable { 61 62 protected String serviceName; 63 protected JNDIUserManagerConfiguration config; 64 65 68 public Principal createUser(String userName, Map userInfo) 69 throws DuplicatePrincipalException { 70 71 Principal newPrincipal = new DefaultUserImpl(userName); 72 73 try { 74 Attributes userAttributes = new BasicAttributes (); 75 76 userAttributes.put(new BasicAttribute ( 77 this.config.getUserNameAttribute(), 78 userName)); 79 80 Iterator userInfoIterator = userInfo.entrySet().iterator(); 81 while (userInfoIterator.hasNext()) { 82 Map.Entry attribute = (Map.Entry ) userInfoIterator.next(); 83 84 userAttributes.put(new BasicAttribute ( 85 attribute.getKey().toString(), 86 attribute.getValue())); 87 } 88 89 getUserParentContext().createSubcontext( 90 getUserContextName(userName), 91 userAttributes); 92 93 } catch (NameAlreadyBoundException nabe) { 94 throw new DuplicatePrincipalException( 95 this.getClass(), 96 newPrincipal, 97 nabe); 98 99 } catch (NamingException ne) { 100 throw new RuntimeSecurityManagementException( 101 this.getClass(), 102 "Caught NamingException adding Principal to directory", 103 ne); 104 } 105 106 return newPrincipal; 107 } 108 109 112 public boolean authenticate(String userName, Object credential) { 113 try { 114 Attributes userAttributes = new BasicAttributes (); 115 userAttributes.put(this.config.getUserNameAttribute(), userName); 116 userAttributes.put(this.config.getCredentialAttribute(), credential); 117 118 return getUserParentContext().search("", userAttributes).hasMore(); 123 124 } catch (NamingException ne) { 125 throw new RuntimeSecurityManagementException( 126 this.getClass(), 127 "Caught NamingException authenticating user", 128 ne); 129 } 130 } 131 132 135 public void removeUser(Principal user) throws UnknownPrincipalException { 136 try { 137 getUserParentContext().unbind(getUserContextName(user.getName())); 139 140 removeUserFromGroups(user); 142 143 } catch (NameNotFoundException nfe) { 144 throw new UnknownPrincipalException( 145 this.getClass(), 146 user, 147 nfe); 148 } catch (NamingException ne) { 149 throw new RuntimeSecurityManagementException( 150 this.getClass(), 151 "Caught NamingException removing Principal", 152 ne); 153 } 154 } 155 156 protected void removeUserFromGroups(Principal user) throws NamingException { 157 Attributes searchCriteria = new BasicAttributes ( 158 this.config.getUserNameAttribute(), 159 user.getName()); 160 161 NamingEnumeration groups = 162 getGroupParentContext().search("", searchCriteria); 163 164 while (groups.hasMore()) { 165 SearchResult group = (SearchResult ) groups.next(); 166 167 Attribute members = 168 group.getAttributes().get(this.config.getMembersAttribute()); 169 170 members.remove(user.getName()); 171 172 this.getGroupParentContext().modifyAttributes( 173 group.getName(), 174 DirContext.REPLACE_ATTRIBUTE, 175 group.getAttributes()); 176 } 177 } 178 179 182 public void updateCredential(Principal user, Object credential) 183 throws UnknownPrincipalException { 184 185 try { 186 Attributes newCredential = new BasicAttributes ( 187 this.config.getCredentialAttribute(), 188 credential); 189 190 getUserParentContext().modifyAttributes( 191 getUserContextName(user.getName()), 192 DirContext.REPLACE_ATTRIBUTE, 193 newCredential); 194 195 } catch (NameNotFoundException nfe) { 196 throw new UnknownPrincipalException( 197 this.getClass(), 198 user, 199 nfe); 200 201 } catch (NamingException ne) { 202 throw new RuntimeSecurityManagementException( 203 this.getClass(), 204 "Caught NamingException updating credentials", 205 ne); 206 } 207 } 208 209 212 public Group createGroup(String groupName) throws DuplicateGroupException { 213 214 Group newGroup = constructGroup(groupName); 215 216 try { 217 Attributes groupAttributes = new BasicAttributes ( 218 this.config.getGroupNameAttribute(), 219 groupName); 220 221 getGroupParentContext().createSubcontext( 222 getGroupContextName(groupName), 223 groupAttributes); 224 225 } catch (NameAlreadyBoundException nabe) { 226 throw new DuplicateGroupException( 227 this.getClass(), 228 newGroup, 229 nabe); 230 231 } catch (NamingException ne) { 232 throw new RuntimeSecurityManagementException( 233 this.getClass(), 234 "Caught NamingException adding Group to directory", 235 ne); 236 } 237 238 return newGroup; 239 } 240 241 244 public void removeGroup(Group group) throws UnknownGroupException { 245 try { 246 getGroupParentContext().unbind(getGroupContextName(group.getName())); 247 248 } catch (NameNotFoundException nfe) { 249 throw new UnknownGroupException( 250 this.getClass(), 251 group.getName(), 252 nfe); 253 } catch (NamingException ne) { 254 throw new RuntimeSecurityManagementException( 255 this.getClass(), 256 "Caught NamingException removing Group, group name [" + 257 group.getName() + "]", 258 ne); 259 } 260 } 261 262 265 public Principal retreiveUser(String userName) { 266 try { 267 getUserParentContext().lookup(getUserContextName(userName)); 268 return constructUser(userName); 271 } catch (NameNotFoundException nfe) { 272 return null; 274 } catch (NamingException ne) { 275 throw new RuntimeSecurityManagementException( 276 this.getClass(), 277 "Caught NamingException looking up user context, userName [" + 278 userName + "]", 279 ne); 280 } 281 } 282 283 286 public Group retreiveGroup(String groupName) { 287 try { 288 getGroupParentContext().lookup(getGroupContextName(groupName)); 289 return constructGroup(groupName); 292 } catch (NameNotFoundException nfe) { 293 return null; 295 } catch (NamingException ne) { 296 throw new RuntimeSecurityManagementException( 297 this.getClass(), 298 "Caught NamingException looking up group context, groupName [" + 299 groupName + "]", 300 ne); 301 } 302 } 303 304 307 public Set retreiveGroups(Principal principal) 308 throws UnknownPrincipalException { 309 310 try { 311 Set groups = new HashSet (); 312 313 Attributes searchCriteria = new BasicAttributes ( 314 this.config.getMembersAttribute(), 315 principal.getName()); 316 317 NamingEnumeration groupResults = 318 getGroupParentContext().search("", searchCriteria); 319 320 while (groupResults.hasMore()) { 321 SearchResult group = (SearchResult ) groupResults.next(); 322 String groupName = group.getAttributes().get( 323 this.config.getGroupNameAttribute()).get().toString(); 324 groups.add(constructGroup(groupName)); 325 } 326 327 return groups; 328 329 } catch (NamingException ne) { 330 throw new RuntimeSecurityManagementException( 331 this.getClass(), 332 "Caught NamingException looking up groups for principal [" + 333 principal.getName() + "]", 334 ne); 335 } 336 } 337 338 341 public boolean addPrincipalToGroup(Principal principal, Group group) 342 throws UnknownPrincipalException, UnknownGroupException { 343 344 try { 345 Context principalContext = lookupPrincipalContext(principal); 346 347 Attributes groupAttributes = getGroupParentContext().getAttributes( 348 getGroupContextName(group.getName()), 349 new String [] { this.config.getGroupNameAttribute() }); 350 351 Attribute members = 352 groupAttributes.get(this.config.getGroupNameAttribute()); 353 354 boolean memberAdded = 356 members.add(principalContext.getNameInNamespace()); 357 358 if (memberAdded) { 359 getGroupParentContext().modifyAttributes( 360 getGroupContextName(group.getName()), 361 DirContext.REPLACE_ATTRIBUTE, 362 groupAttributes); 363 } 364 365 return memberAdded; 366 367 } catch (NameNotFoundException nfe) { 368 throw new UnknownGroupException( 369 this.getClass(), 370 group.getName(), 371 nfe); 372 } catch (NamingException ne) { 373 throw new RuntimeSecurityManagementException( 374 this.getClass(), 375 "Caught NamingException adding Principal to group", 376 ne); 377 } 378 } 379 380 383 public boolean removePrincipalFromGroup(Principal principal, Group group) 384 throws UnknownPrincipalException, UnknownGroupException { 385 386 try { 387 Context principalContext = lookupPrincipalContext(principal); 388 389 Attributes groupAttributes = getGroupParentContext().getAttributes( 390 getGroupContextName(group.getName()), 391 new String [] { this.config.getGroupNameAttribute() }); 392 393 Attribute members = 394 groupAttributes.get(this.config.getGroupNameAttribute()); 395 396 boolean memberRemoved = 398 members.remove(principalContext.getNameInNamespace()); 399 400 if (memberRemoved) { 401 getGroupParentContext().modifyAttributes( 402 getGroupContextName(group.getName()), 403 DirContext.REPLACE_ATTRIBUTE, 404 groupAttributes); 405 } 406 407 return memberRemoved; 408 409 } catch (NameNotFoundException nfe) { 410 throw new UnknownGroupException( 411 this.getClass(), 412 group.getName(), 413 nfe); 414 } catch (NamingException ne) { 415 throw new RuntimeSecurityManagementException( 416 this.getClass(), 417 "Caught NamingException adding Principal to group", 418 ne); 419 } 420 } 421 422 private Context lookupPrincipalContext(Principal principal) 423 throws UnknownPrincipalException, NamingException { 424 425 Context principalContext; 426 try { 428 principalContext = (Context ) getUserParentContext(). 430 lookup(getUserContextName(principal.getName())); 431 } catch (NameNotFoundException nfe) { 432 try { 433 principalContext = (Context ) getGroupParentContext(). 435 lookup(getGroupContextName(principal.getName())); 436 } catch (NameNotFoundException nfe2) { 437 throw new UnknownPrincipalException( 439 this.getClass(), 440 principal, 441 nfe2); 442 } 443 } 444 445 return principalContext; 446 } 447 448 451 public Set retreiveAllUserNames() { 452 try { 453 NamingEnumeration allUserContexts = 454 getUserParentContext().search("", null); 455 456 Set allUserNames = new HashSet (); 457 while (allUserContexts.hasMore()) { 458 SearchResult user = (SearchResult ) allUserContexts.next(); 459 460 allUserNames.add(user.getAttributes().get( 461 this.config.getUserNameAttribute()).get()); 462 } 463 464 return allUserNames; 465 } catch (NamingException ne) { 466 throw new RuntimeSecurityManagementException( 467 this.getClass(), 468 "Caught NamingException retrieving all user names", 469 ne); 470 } 471 } 472 473 476 public Set retreiveAllGroupNames() { 477 try { 478 NamingEnumeration allGroupContexts = 479 getGroupParentContext().search("", null); 480 481 Set allGroupNames = new HashSet (); 482 while (allGroupContexts.hasMore()) { 483 SearchResult group = (SearchResult ) allGroupContexts.next(); 484 485 allGroupNames.add(group.getAttributes().get( 486 this.config.getGroupNameAttribute()).get()); 487 } 488 489 return allGroupNames; 490 } catch (NamingException ne) { 491 throw new RuntimeSecurityManagementException( 492 this.getClass(), 493 "Caught NamingException retrieving all group names", 494 ne); 495 } 496 } 497 498 501 public void configure(ComponentConfiguration configuration) 502 throws Exception { 503 504 try { 506 this.config = (JNDIUserManagerConfiguration) configuration; 507 } catch (ClassCastException cce) { 508 throw new InvalidConfigurationException( 509 this.getClass(), 510 configuration.getConfigurationName(), 511 "ConfigurationInterface", 512 "Configuration object was not of type " + 513 JNDIUserManagerConfiguration.class.getName(), 514 cce); 515 } 516 } 517 518 521 protected DirContext getInitialContext() throws NamingException { 522 return (DirContext ) this.config.getInitialContextFactory().getContext(); 523 } 524 525 protected DirContext getUserParentContext() throws NamingException { 526 return (DirContext ) getInitialContext().lookup( 527 this.config.getUserParentContextName()); 528 } 529 530 protected DirContext getGroupParentContext() throws NamingException { 531 return (DirContext ) getInitialContext().lookup( 532 this.config.getGroupParentContextName()); 533 } 534 535 protected String getUserContextName(String userName) throws NamingException { 536 return this.config.getUserNameAttribute() + 537 this.config.getAttributeNameValueSeparator() + 538 userName; 539 } 540 541 protected String getGroupContextName(String groupName) throws NamingException { 542 return this.config.getGroupNameAttribute() + 543 this.config.getAttributeNameValueSeparator() + 544 groupName; 545 } 546 547 protected Principal constructUser(String userName) { 548 return new DefaultUserImpl(userName); 549 } 550 551 protected Group constructGroup(String groupName) { 552 return new DefaultGroupImpl(groupName, null, this.serviceName); 553 } 554 555 public void initialize(Component thisComponent) throws Exception { 556 this.serviceName = thisComponent.getComponentName(); 557 } 558 559 } 560 | Popular Tags |