AdminAuthHandler


1   /**
2    * Copyright (C) 2003-2005 Funambol
3    *
4    * This program is free software; you can redistribute it and/or modify
5    * it under the terms of the GNU General Public License as published by
6    * the Free Software Foundation; either version 2 of the License, or
7    * (at your option) any later version.
8    *
9    * This program is distributed in the hope that it will be useful,
10   * but WITHOUT ANY WARRANTY; without even the implied warranty of
11   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12   * GNU General Public License for more details.
13   *
14   * You should have received a copy of the GNU General Public License
15   * along with this program; if not, write to the Free Software
16   * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
17   */
18  package sync4j.server.admin.ws.axis;
19  
20  import java.util.logging.Level  ;
21  import java.util.logging.Logger  ;
22  
23  import org.apache.axis.AxisFault;
24  import org.apache.axis.MessageContext;
25  import org.apache.axis.handlers.BasicHandler;
26  import org.apache.axis.transport.http.HTTPConstants;
27  import org.apache.axis.utils.Messages;
28  
29  import sync4j.framework.logging.Sync4jLogger;
30  import sync4j.framework.config.ConfigurationConstants;
31  import sync4j.framework.server.Sync4jUser;
32  import sync4j.framework.server.store.NotFoundException;
33  import sync4j.framework.server.store.PersistentStoreException;
34  
35  import sync4j.server.admin.UserManager;
36  
37  import sync4j.server.config.Configuration;
38  
39  /**
40   * This is an Axis authentication handler used to authenticate the user trying
41   * to perform administration tasks on the Admin web service. Authentication is
42   * currently performed with the Basic scheme.
43   *
44   * @author  Stefano Fornari @ Funambol
45   * @version $Id: AdminAuthHandler.java,v 1.6 2005/07/19 12:40:50 nichele Exp $
46   */
47  public class AdminAuthHandler
48  extends BasicHandler
49  implements ConfigurationConstants {
50  
51      // --------------------------------------------------------------- Constants
52      public static final String   LOG_NAME   = "admin";
53      public static final String   ROLE_ADMIN = "sync_administrator";
54  
55      public static final String   FAULT_UNAUTHORIZED = "Server.Unauthenticated";
56  
57      private static final String   AUTH_ERROR_MESSAGE =
58          "Authentication failed, because the server is unable to access to the datastore. Please see server log for the causes.";
59  
60      // ------------------------------------------------------------ Private data
61      private Logger   log = Sync4jLogger.getLogger(LOG_NAME);
62      private UserManager userManager;
63  
64      // ------------------------------------------------------------ Constructors
65      public AdminAuthHandler() {
66          try {
67              Configuration c = Configuration.getConfiguration();
68              userManager = (UserManager)c.getUserManager();
69          } catch (Exception   e) {
70              if (log.isLoggable(Level.SEVERE)) {
71                  log.severe("Error retrieving the user manager: " + e.getMessage());
72              }
73              log.throwing(AdminAuthHandler.class.getName(), "AdminAuthHandler", e);
74          }
75      }
76  
77      // ---------------------------------------------------------- Public methods
78  
79      /**
80       * Redefines the BasicHandler's invoke method.
81       *
82       * @param msgContext the Axis message context
83       *
84       * @throws AxisFault if authentication fails.
85       */
86      public void invoke(MessageContext msgContext) throws AxisFault {
87          if (log.isLoggable(Level.FINEST)) {
88              log.finest("Authenticating admin action.");
89          }
90  
91          String   username = msgContext.getUsername();
92          if (username == null) {
93              //
94              // Hey! no auth here!
95              // This will make axis return a 401
96              //
97              if (log.isLoggable(Level.FINEST)) {
98                  log.finest("Credentials not provided.");
99              }
100             AxisFault f = new AxisFault();
101             f.setFaultCodeAsString("Server.Unauthenticated");
102             throw f;
103         }
104 
105         String   password = msgContext.getPassword();
106         if (password == null) {
107             password = "";
108         }
109 
110         try {
111             //
112             // First of all: is the user authenticated?
113             //
114             Sync4jUser user = new Sync4jUser();
115             user.setUsername(username);
116 
117             userManager.getUser(user);
118 
119             if (!password.equals(user.getPassword())) {
120                 //
121                 // Authentication failed!
122                 //
123                 notAuthorized();
124             }
125 
126             //
127             // Is the user a sync admin user?
128             //
129             userManager.getUserRoles(user);
130 
131             if (!user.hasRole(ROLE_ADMIN)) {
132                 //
133                 // The user is not an administrator
134                 //
135                 if (log.isLoggable(Level.INFO)) {
136                     log.info( "Authorization denied: user "
137                             + user
138                             + " is not an administrator."
139                             );
140                 }
141                 notAuthorized();
142             }
143         } catch (NotFoundException e) {
144 
145             if (log.isLoggable(Level.SEVERE)) {
146                 log.severe("User not found: " + e.getMessage());
147             }
148             notAuthorized();
149 
150         } catch (Exception   e) {
151 
152             log.throwing(AdminAuthHandler.class.getName(), "invoke", e);
153 
154             if (log.isLoggable(Level.SEVERE)) {
155                 log.severe("Error retrieving the user : " + e.getMessage());
156             }
157 
158             AxisFault f = new AxisFault();
159             f.setFaultString("The server is unable to authenticate the user. Check the server log for details.");
160             throw f;
161         }
162 
163     }
164 
165     // --------------------------------------------------------- Private methods
166 
167     /**
168      * Throws the AxisFault representing "not authorized".
169      *
170      * @throws AxisFault
171      */
172     private void notAuthorized()
173     throws AxisFault {
174         AxisFault f = new AxisFault();
175         f.setFaultCodeAsString(FAULT_UNAUTHORIZED);
176         throw f;
177     }
178 }
179
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags