Main Page | Packages | Class Hierarchy | Class List | File List | Class Members | Related Pages | Search for 
src / org / objectweb / jonas / security / realm / web / jetty50

Standard.java

00001 
00028 package org.objectweb.jonas.security.realm.web.jetty50;
00029 
00030 import java.security.Principal;
00031 import java.util.ArrayList;
00032 import java.util.HashMap;
00033 import java.util.Map;
00034 
00035 import org.mortbay.http.HttpRequest;
00036 import org.mortbay.http.UserRealm;
00037 
00038 import org.objectweb.jonas.common.Log;
00039 import org.objectweb.jonas.security.SecurityService;
00040 import org.objectweb.jonas.security.realm.factory.JResource;
00041 import org.objectweb.jonas.security.realm.principals.User;
00042 import org.objectweb.jonas.service.ServiceManager;
00043 
00044 import org.objectweb.security.context.SecurityContext;
00045 import org.objectweb.security.context.SecurityCurrent;
00046 
00047 import org.objectweb.util.monolog.api.BasicLevel;
00048 import org.objectweb.util.monolog.api.Logger;
00049 
00057 public class Standard implements UserRealm {
00058 
00062     private static Logger logger = null;
00063 
00067     private String name;
00068 
00073     private JResource jResource = null;
00074 
00078     private SecurityService securityService = null;
00079 
00083     private Map users = null;
00084 
00088     protected Standard() {
00089         users = new HashMap();
00090 
00091         if (logger == null) {
00092             logger = Log.getLogger(Log.JONAS_SECURITY_PREFIX);
00093         }
00094     }
00095 
00101     public Standard(String resourceName) throws Exception {
00102         this();
00103 
00104         // Get the Security Service
00105         try {
00106             securityService = (SecurityService) ServiceManager.getInstance().getSecurityService();
00107         } catch (Exception e) {
00108             // Can't retrieve Security service
00109             throw new Exception("can't retrieve Security service", e);
00110         }
00111 
00112         // Get the resource from the security service
00113         jResource = securityService.getJResource(resourceName);
00114         if (jResource == null) {
00115             throw new Exception("Can't retrieve resource " + resourceName + "from the security service");
00116         }
00117     }
00118 
00125     public Standard(String name, String resourceName) throws Exception {
00126         this(resourceName);
00127         this.name = name;
00128     }
00129 
00133     public String getName() {
00134         return name;
00135     }
00136 
00144     public Principal authenticate(String username, Object credentials, HttpRequest request) {
00145 
00146         // No authentication can be made with a null username
00147         if (username == null) {
00148             return null;
00149         }
00150 
00151         Principal jettyPrincipal = (Principal) users.get(username);
00152         // User previously authenticated --> remove from the cache
00153         if (jettyPrincipal != null) {
00154             users.remove(username);
00155         }
00156 
00157         // Does a user with this username exist?
00158         User user = null;
00159         try {
00160             user = jResource.findUser(username);
00161         } catch (Exception jre) {
00162             // could not retrieve user
00163             logger.log(BasicLevel.INFO, jre.getMessage());
00164             return null;
00165         }
00166 
00167         // User was not found
00168         if (user == null) {
00169             logger.log(BasicLevel.DEBUG, "User " + username + " not found.");
00170             return null;
00171         }
00172 
00173         if (!(credentials instanceof String)) {
00174             logger.log(BasicLevel.ERROR, "Allow only string type as credentials");
00175             return null;
00176         }
00177 
00178         boolean validated = jResource.isValidUser(user, (String) credentials);
00179 
00180         if (!validated) {
00181             logger.log(BasicLevel.INFO, "The password for the user " + username + " is not valid");
00182             return null;
00183         }
00184 
00185         ArrayList combinedRoles = null;
00186         try {
00187             combinedRoles = jResource.getArrayListCombinedRoles(user);
00188         } catch (Exception jre) {
00189             logger.log(BasicLevel.ERROR, jre.getMessage());
00190             return null;
00191         }
00192 
00193         Principal principal = new JettyPrincipal(user.getName(), combinedRoles);
00194         SecurityContext ctx = new SecurityContext(principal.getName(), combinedRoles);
00195         SecurityCurrent current = SecurityCurrent.getCurrent();
00196         current.setSecurityContext(ctx);
00197 
00198         // Add to cache
00199         users.put(username, principal);
00200 
00201         return principal;
00202     }
00203 
00210     public synchronized boolean isUserInRole(Principal user, String roleName) {
00211         if (user == null) {
00212             return false;
00213         }
00214 
00215         if (user instanceof JettyPrincipal) {
00216             return ((JettyPrincipal) user).isUserInRole(roleName);
00217         } else {
00218             logger.log(BasicLevel.ERROR, "The user '" + user + "' is not instance of JettyPrincipal");
00219             return false;
00220         }
00221     }
00222 
00228     public boolean isAuthenticated(Principal user) {
00229         if (user == null) {
00230             return false;
00231         }
00232 
00233         if (user instanceof JettyPrincipal) {
00234             return ((JettyPrincipal) user).isAuthenticated();
00235         } else {
00236             logger.log(BasicLevel.ERROR, "The user '" + user + "' is not instance of JettyPrincipal");
00237             return false;
00238         }
00239     }
00240 
00246     public Principal getPrincipal(String username) {
00247         logger.log(BasicLevel.DEBUG, "Get principal with username '" + username + "'.");
00248 
00249         JettyPrincipal principal = (JettyPrincipal) users.get(username);
00250         SecurityContext ctx = new SecurityContext(principal.getName(), principal.getRoles());
00251         SecurityCurrent current = SecurityCurrent.getCurrent();
00252         current.setSecurityContext(ctx);
00253         return principal;
00254     }
00255 
00260     public void disassociate(Principal user) {
00261     }
00262 
00269     public Principal pushRole(Principal user, String role) {
00270         return user;
00271     }
00272 
00278     public Principal popRole(Principal user) {
00279         return user;
00280     }
00281 
00286     public void logout(Principal user) {
00287     }
00288 
00294     public boolean reauthenticate(Principal user) {
00295         if (user instanceof JettyPrincipal) {
00296             return ((JettyPrincipal) user).isAuthenticated();
00297         } else {
00298             return false;
00299         }
00300     }
00301 
00305     protected static Logger getLogger() {
00306         return logger;
00307     }
00308 
00312     protected Map getUsers() {
00313         return users;
00314     }
00315 
00320     protected void removeUser(String username) {
00321         users.remove(username);
00322     }
00323 
00329     protected void addUser(String username, Principal principal) {
00330         users.put(username, principal);
00331     }
00332 
00337     protected void setName(String name) {
00338         this.name = name;
00339     }
00340 }
Generated on Tue Feb 15 15:05:24 2005 for JOnAS by  doxygen 1.3.9.1