1 7 package winstone.realm; 8 9 import java.io.File ; 10 import java.io.FileInputStream ; 11 import java.io.InputStream ; 12 import java.util.ArrayList ; 13 import java.util.Arrays ; 14 import java.util.Hashtable ; 15 import java.util.List ; 16 import java.util.Map ; 17 import java.util.Set ; 18 import java.util.StringTokenizer ; 19 20 import javax.xml.parsers.DocumentBuilder ; 21 import javax.xml.parsers.DocumentBuilderFactory ; 22 23 import org.w3c.dom.Document ; 24 import org.w3c.dom.Node ; 25 26 import winstone.AuthenticationPrincipal; 27 import winstone.AuthenticationRealm; 28 import winstone.Logger; 29 import winstone.WinstoneException; 30 import winstone.WinstoneResourceBundle; 31 32 36 public class FileRealm implements AuthenticationRealm { 37 private static final WinstoneResourceBundle REALM_RESOURCES = new WinstoneResourceBundle("winstone.realm.LocalStrings"); 38 39 final String FILE_NAME_ARGUMENT = "fileRealm.configFile"; 40 final String DEFAULT_FILE_NAME = "users.xml"; 41 final String ELEM_USER = "user"; 42 final String ATT_USERNAME = "username"; 43 final String ATT_PASSWORD = "password"; 44 final String ATT_ROLELIST = "roles"; 45 private Map passwords; 46 private Map roles; 47 48 52 public FileRealm(Set rolesAllowed, Map args) { 53 this.passwords = new Hashtable (); 54 this.roles = new Hashtable (); 55 56 String realmFileName = args.get(FILE_NAME_ARGUMENT) == null ? DEFAULT_FILE_NAME 58 : (String ) args.get(FILE_NAME_ARGUMENT); 59 File realmFile = new File (realmFileName); 60 if (!realmFile.exists()) 61 throw new WinstoneException(REALM_RESOURCES.getString( 62 "FileRealm.FileNotFound", realmFile.getPath())); 63 try { 64 InputStream inFile = new FileInputStream (realmFile); 65 Document doc = this.parseStreamToXML(inFile); 66 inFile.close(); 67 Node rootElm = doc.getDocumentElement(); 68 for (int n = 0; n < rootElm.getChildNodes().getLength(); n++) { 69 Node child = rootElm.getChildNodes().item(n); 70 71 if ((child.getNodeType() == Node.ELEMENT_NODE) 72 && (child.getNodeName().equals(ELEM_USER))) { 73 String userName = null; 74 String password = null; 75 String roleList = null; 76 for (int j = 0; j < child.getAttributes().getLength(); j++) { 78 Node thisAtt = child.getAttributes().item(j); 79 if (thisAtt.getNodeName().equals(ATT_USERNAME)) 80 userName = thisAtt.getNodeValue(); 81 else if (thisAtt.getNodeName().equals(ATT_PASSWORD)) 82 password = thisAtt.getNodeValue(); 83 else if (thisAtt.getNodeName().equals(ATT_ROLELIST)) 84 roleList = thisAtt.getNodeValue(); 85 } 86 87 if ((userName == null) || (password == null) 88 || (roleList == null)) 89 Logger.log(Logger.FULL_DEBUG, REALM_RESOURCES, 90 "FileRealm.SkippingUser", userName); 91 else { 92 StringTokenizer st = new StringTokenizer (roleList, ","); 94 List rl = new ArrayList (); 95 for (; st.hasMoreTokens();) { 96 String currentRole = st.nextToken(); 97 if (rolesAllowed.contains(currentRole)) 98 rl.add(currentRole); 99 } 100 Object roleArray[] = rl.toArray(); 101 Arrays.sort(roleArray); 102 this.passwords.put(userName, password); 103 this.roles.put(userName, Arrays.asList(roleArray)); 104 } 105 } 106 } 107 Logger.log(Logger.DEBUG, REALM_RESOURCES, "FileRealm.Initialised", 108 "" + this.passwords.size()); 109 } catch (java.io.IOException err) { 110 throw new WinstoneException(REALM_RESOURCES 111 .getString("FileRealm.ErrorLoading"), err); 112 } 113 } 114 115 119 private Document parseStreamToXML(InputStream in) { 120 try { 121 DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); 123 factory.setExpandEntityReferences(false); 124 factory.setValidating(false); 125 factory.setNamespaceAware(false); 126 factory.setIgnoringComments(true); 127 factory.setCoalescing(true); 128 factory.setIgnoringElementContentWhitespace(true); 129 DocumentBuilder builder = factory.newDocumentBuilder(); 130 return builder.parse(in); 131 } catch (Throwable errParser) { 132 throw new WinstoneException(REALM_RESOURCES 133 .getString("FileRealm.XMLParseError"), errParser); 134 } 135 } 136 137 141 public AuthenticationPrincipal authenticateByUsernamePassword( 142 String userName, String password) { 143 if ((userName == null) || (password == null)) 144 return null; 145 146 String realPassword = (String ) this.passwords.get(userName); 147 if (realPassword == null) 148 return null; 149 else if (!realPassword.equals(password)) 150 return null; 151 else 152 return new AuthenticationPrincipal(userName, password, 153 (List ) this.roles.get(userName)); 154 } 155 156 159 public AuthenticationPrincipal retrieveUser(String userName) { 160 return new AuthenticationPrincipal(userName, (String ) this.passwords 161 .get(userName), (List ) this.roles.get(userName)); 162 } 163 } 164 | Popular Tags |