00001
00027 package org.objectweb.jonas.security.realm.factory;
00028
00029 import java.security.NoSuchAlgorithmException;
00030 import java.util.Enumeration;
00031 import java.util.Hashtable;
00032 import java.util.ArrayList;
00033
00034 import javax.naming.BinaryRefAddr;
00035 import javax.naming.NamingException;
00036 import javax.naming.Reference;
00037 import javax.naming.StringRefAddr;
00038
00039 import org.objectweb.util.monolog.api.BasicLevel;
00040 import org.objectweb.jonas.common.JNDIUtils;
00041 import org.objectweb.jonas.jmx.JonasObjectName;
00042 import org.objectweb.jonas.security.realm.lib.XML;
00043 import org.objectweb.jonas.security.realm.principals.User;
00044 import org.objectweb.jonas.security.realm.principals.Group;
00045 import org.objectweb.jonas.security.realm.principals.Role;
00046 import org.objectweb.jonas.security.realm.lib.HashHelper;
00047
00052 public class JResourceMemory extends JResource implements JResourceMemoryMBean {
00053
00057 private Hashtable groups = new Hashtable();
00058
00062 private Hashtable roles = new Hashtable();
00063
00067 private static final String FACTORY_TYPE = "org.objectweb.jonas.security.realm.factory.JResourceMemory";
00068
00072 private static final String FACTORY_NAME = "org.objectweb.jonas.security.realm.factory.JResourceMemoryFactory";
00073
00078 public JResourceMemory() throws Exception {
00079 super();
00080 }
00081
00087 public void addUser(User user) throws Exception {
00088
00089 if (getUsers().get(user.getName()) != null) {
00090 throw new Exception("User " + user.getName() + " already exists.");
00091 }
00092
00093
00094 String[] userGroups = user.getArrayGroups();
00095 String groupName = null;
00096 for (int g = 0; g < userGroups.length; g++) {
00097 groupName = userGroups[g];
00098 if (!groups.containsKey(groupName)) {
00099 addGroup(new Group(groupName));
00100 }
00101 }
00102
00103
00104 String[] userRoles = user.getArrayRoles();
00105 String roleName = null;
00106 for (int g = 0; g < userRoles.length; g++) {
00107 roleName = userRoles[g];
00108 if (!roles.containsKey(roleName)) {
00109 addRole(new Role(roleName));
00110 }
00111 }
00112
00113
00114 getUsers().put(user.getName(), user);
00115
00116
00117 String userName = user.getName();
00118 try {
00119
00120 getMBeanServer().registerMBean(user, JonasObjectName.user(getName(), userName));
00121 } catch (Exception e) {
00122 getLogger().log(BasicLevel.ERROR, "Cannot register user '" + userName + "' in JMX server : " + e.getMessage());
00123 }
00124 }
00125
00131 public void addGroup(Group group) throws Exception {
00132
00133 if (groups.get(group.getName()) != null) {
00134 throw new Exception("Group " + group.getName() + " already exists.");
00135 }
00136
00137
00138 String[] groupRoles = group.getArrayRoles();
00139 String roleName = null;
00140 for (int g = 0; g < groupRoles.length; g++) {
00141 roleName = groupRoles[g];
00142 if (!roles.containsKey(roleName)) {
00143 addRole(new Role(roleName));
00144 }
00145 }
00146
00147
00148 groups.put(group.getName(), group);
00149
00150
00151 String groupName = group.getName();
00152 try {
00153
00154 getMBeanServer().registerMBean(group, JonasObjectName.group(getName(), groupName));
00155 } catch (Exception e) {
00156 getLogger().log(BasicLevel.ERROR, "Cannot register group '" + groupName + "' in JMX server : " + e.getMessage());
00157 }
00158 }
00159
00165 public void addRole(Role role) throws Exception {
00166
00167 if (roles.get(role.getName()) != null) {
00168 throw new Exception("Role " + role.getName() + " already exists.");
00169 }
00170
00171
00172 roles.put(role.getName(), role);
00173
00174
00175 String roleName = role.getName();
00176 try {
00177
00178 getMBeanServer().registerMBean(role, JonasObjectName.role(getName(), roleName));
00179 } catch (Exception e) {
00180 getLogger().log(BasicLevel.ERROR, "Cannot register role '" + roleName + "' in JMX server : " + e.getMessage());
00181 }
00182 }
00183
00190 public User findUser(String name) throws JResourceException {
00191 if (name == null) {
00192 return null;
00193 }
00194 return ((User) getUsers().get(name));
00195 }
00196
00203 public boolean isValidUser(User user, String credentials) {
00204
00205 boolean validated = false;
00206
00207
00208 String pass = user.getHashPassword().getPassword();
00209 String algo = user.getHashPassword().getAlgorithm();
00210
00211
00212 if (algo != null) {
00213 try {
00214 validated = HashHelper.hashPassword(credentials, algo).equalsIgnoreCase(pass);
00215 } catch (NoSuchAlgorithmException nsae) {
00216 getLogger().log(BasicLevel.ERROR, "Can't make a password with the algorithm " + algo + ". "
00217 + nsae.getMessage());
00218 }
00219 } else {
00220
00221 validated = credentials.equals(pass);
00222 }
00223 return validated;
00224 }
00225
00230 public Hashtable getGroups() {
00231 return groups;
00232 }
00233
00238 public Hashtable getRoles() {
00239 return roles;
00240 }
00241
00248 public ArrayList getArrayListCombinedRoles(User user) throws JResourceException {
00249 ArrayList allCombinedRoles = new ArrayList();
00250
00251
00252 if (user == null) {
00253 return allCombinedRoles;
00254 }
00255
00256
00257 String[] userRoles = user.getArrayRoles();
00258 for (int r = 0; r < userRoles.length; r++) {
00259 String roleName = userRoles[r];
00260 if (!allCombinedRoles.contains(roleName)) {
00261 allCombinedRoles.add(roleName);
00262 }
00263 }
00264
00265
00266 String[] userGroups = user.getArrayGroups();
00267 for (int g = 0; g < userGroups.length; g++) {
00268 String groupName = userGroups[g];
00269
00270
00271 Group group = (Group) groups.get(groupName);
00272 if (group == null) {
00273 continue;
00274 }
00275
00276 String[] groupRoles = group.getArrayRoles();
00277 for (int gr = 0; gr < groupRoles.length; gr++) {
00278 String roleName = groupRoles[gr];
00279 if (!allCombinedRoles.contains(roleName)) {
00280 allCombinedRoles.add(roleName);
00281 }
00282 }
00283 }
00284
00285 return allCombinedRoles;
00286 }
00287
00292 public void setGroups(Hashtable groups) {
00293 this.groups = groups;
00294 }
00295
00300 public void setRoles(Hashtable roles) {
00301 this.roles = roles;
00302 }
00303
00310 public void addUser(String username, String password) throws Exception {
00311 addUser(new User(username, password));
00312 }
00313
00319 public void addGroup(String groupname) throws Exception {
00320 addGroup(new Group(groupname));
00321 }
00322
00328 public void addRole(String rolename) throws Exception {
00329 addRole(new Role(rolename));
00330 }
00331
00337 public void removeUser(String username) throws Exception {
00338 if (getUsers().get(username) == null) {
00339 throw new Exception("Can not remove user " + username + ". This user doesn't exist");
00340 }
00341 getUsers().remove(username);
00342
00343
00344 try {
00345
00346 getMBeanServer().unregisterMBean(JonasObjectName.user(getName(), username));
00347 } catch (Exception e) {
00348 getLogger().log(BasicLevel.ERROR, "Cannot unregister user '" + username + "' in JMX server : " + e.getMessage());
00349 }
00350
00351 }
00352
00358 public void removeGroup(String groupname) throws Exception {
00359 if (groups.get(groupname) == null) {
00360 throw new Exception("Can not remove group " + groupname + ". This group doesn't exist");
00361 }
00362 groups.remove(groupname);
00363
00364 try {
00365
00366 getMBeanServer().unregisterMBean(JonasObjectName.group(getName(), groupname));
00367 } catch (Exception e) {
00368 getLogger().log(BasicLevel.ERROR, "Cannot unregister group '" + groupname + "' in JMX server : "
00369 + e.getMessage());
00370 }
00371 }
00372
00378 public void removeRole(String rolename) throws Exception {
00379 if (roles.get(rolename) == null) {
00380 throw new Exception("Can not remove role " + rolename + ". This role doesn't exist");
00381 }
00382 roles.remove(rolename);
00383
00384
00385 try {
00386
00387 getMBeanServer().unregisterMBean(JonasObjectName.role(getName(), rolename));
00388 } catch (Exception e) {
00389 getLogger().log(BasicLevel.ERROR, "Cannot unregister role '" + rolename + "' in JMX server : " + e.getMessage());
00390 }
00391 }
00392
00397 public String toXML() {
00398 StringBuffer xml = new StringBuffer(" <memoryrealm name=\"");
00399 xml.append(getName());
00400 xml.append("\">\n");
00401
00402
00403 xml.append(" <roles>\n");
00404 XML.xmlHashtable(xml, getRoles(), " ");
00405 xml.append(" </roles>\n");
00406
00407
00408 xml.append(" <groups>\n");
00409 XML.xmlHashtable(xml, getGroups(), " ");
00410 xml.append(" </groups>\n");
00411
00412
00413 xml.append(" <users>\n");
00414 XML.xmlHashtable(xml, getUsers(), " ");
00415 xml.append(" </users>\n");
00416
00417 xml.append(" </memoryrealm>");
00418 return xml.toString();
00419 }
00420
00425 public String toString() {
00426 return this.toXML();
00427 }
00428
00437 public Reference getReference() throws NamingException {
00438
00439
00440 Reference reference = new Reference(FACTORY_TYPE, FACTORY_NAME, null);
00441
00442
00443 reference.add(new StringRefAddr("name", getName()));
00444
00445
00446 byte[] bytes = JNDIUtils.getBytesFromObject(getUsers(), getLogger());
00447 if (bytes != null) {
00448 reference.add(new BinaryRefAddr("users", bytes));
00449 }
00450
00451
00452 bytes = JNDIUtils.getBytesFromObject(groups, getLogger());
00453 if (bytes != null) {
00454 reference.add(new BinaryRefAddr("groups", bytes));
00455 }
00456
00457
00458 bytes = JNDIUtils.getBytesFromObject(roles, getLogger());
00459 if (bytes != null) {
00460 reference.add(new BinaryRefAddr("roles", bytes));
00461 }
00462
00463 return reference;
00464
00465 }
00466
00471 public String[] listRoles() {
00472 String[] s = new String[roles.size()];
00473 int i = 0;
00474 for (Enumeration e = roles.keys(); e.hasMoreElements(); i++) {
00475 s[i] = (String) e.nextElement();
00476 }
00477 return s;
00478 }
00479
00484 public String[] listGroups() {
00485 String[] s = new String[groups.size()];
00486 int i = 0;
00487 for (Enumeration e = groups.keys(); e.hasMoreElements(); i++) {
00488 s[i] = (String) e.nextElement();
00489 }
00490 return s;
00491 }
00492
00497 public void removeMBeans() throws JResourceException {
00498
00499 boolean error = false;
00500
00501 for (Enumeration e = getUsers().elements(); e.hasMoreElements();) {
00502 User u = (User) e.nextElement();
00503 try {
00504
00505 getMBeanServer().unregisterMBean(JonasObjectName.user(getName(), u.getName()));
00506 } catch (Exception ex) {
00507 error = true;
00508 getLogger().log(BasicLevel.ERROR, "Cannot unregister mbean user '" + u.getName() + "' in JMX server : "
00509 + ex.getMessage());
00510 }
00511 }
00512
00513
00514 for (Enumeration e = roles.elements(); e.hasMoreElements();) {
00515 Role r = (Role) e.nextElement();
00516 try {
00517
00518 getMBeanServer().unregisterMBean(JonasObjectName.role(getName(), r.getName()));
00519 } catch (Exception ex) {
00520 error = true;
00521 getLogger().log(BasicLevel.ERROR, "Cannot unregister mbean role '" + r.getName() + "' in JMX server : "
00522 + ex.getMessage());
00523 }
00524 }
00525
00526
00527 for (Enumeration e = groups.elements(); e.hasMoreElements();) {
00528 Group g = (Group) e.nextElement();
00529 try {
00530
00531 getMBeanServer().unregisterMBean(JonasObjectName.group(getName(), g.getName()));
00532 } catch (Exception ex) {
00533 error = true;
00534 getLogger().log(BasicLevel.ERROR, "Cannot unregister mbean group '" + g.getName() + "' in JMX server : "
00535 + ex.getMessage());
00536 }
00537 }
00538
00539 if (error) {
00540 throw new JResourceException(
00541 "There was errors during the remove of the MBeans of this resource. See the traces.");
00542 }
00543
00544 }
00545
00546 }