001: /*
002: jGuard is a security framework based on top of jaas (java authentication and authorization security).
003: it is written for web applications, to resolve simply, access control problems.
004: version $Name$
005: http://sourceforge.net/projects/jguard/
006:
007: Copyright (C) 2004 Charles GAY
008:
009: This library is free software; you can redistribute it and/or
010: modify it under the terms of the GNU Lesser General Public
011: License as published by the Free Software Foundation; either
012: version 2.1 of the License, or (at your option) any later version.
013:
014: This library is distributed in the hope that it will be useful,
015: but WITHOUT ANY WARRANTY; without even the implied warranty of
016: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
017: Lesser General Public License for more details.
018:
019: You should have received a copy of the GNU Lesser General Public
020: License along with this library; if not, write to the Free Software
021: Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
022:
023:
024: jGuard project home page:
025: http://sourceforge.net/projects/jguard/
026:
027: */
028: package net.sf.jguard.core.principals;
029:
030: import java.security.Principal;
031: import java.util.Collection;
032: import java.util.HashMap;
033: import java.util.HashSet;
034: import java.util.Iterator;
035: import java.util.Map;
036: import java.util.Set;
037: import java.util.logging.Logger;
038:
039: import javax.security.auth.Subject;
040:
041: import net.sf.jguard.core.authentication.credentials.JGuardCredential;
042:
043: /**
044: * UserPrincipal is used to resolve ABAC permissions.
045: * @author <a href="mailto:vberetti@users.sourceforge.net">Vincent Beretti</a>
046: * @author <a href="mailto:diabolo512@users.sourceforge.net">Charles Gay</a>
047: */
048: public class UserPrincipal implements BasePrincipal {
049:
050: private static final String NO_NAME_FOUND = "NO NAME FOUND";
051: private static final long serialVersionUID = 9075426017744650798L;
052: private Logger logger = Logger.getLogger(UserPrincipal.class
053: .getName());
054: private String name = "NO NAME DEFINED";
055: private Subject subject;
056:
057: public UserPrincipal(Subject subject) {
058: this .subject = subject;
059: }
060:
061: public void setName(String name) {
062: this .name = name;
063:
064: }
065:
066: public Map getPrivateCredentials() {
067:
068: Set privateCredentials = subject.getPrivateCredentials();
069: Map pCredentials = transformCredentialSetIntoMap(privateCredentials);
070: return pCredentials;
071: }
072:
073: private Map transformCredentialSetIntoMap(Set credentials) {
074: Map pCredentials = new HashMap();
075: Iterator privateCIterator = credentials.iterator();
076: while (privateCIterator.hasNext()) {
077: Object credential = privateCIterator.next();
078: if (credential instanceof JGuardCredential) {
079: JGuardCredential jcred = (JGuardCredential) credential;
080: if (!pCredentials.containsKey(jcred.getId())) {
081: Collection values = new HashSet();
082: values.add(jcred.getValue());
083: pCredentials.put(jcred.getId(), values);
084: } else {
085: Collection valuesStored = (Collection) pCredentials
086: .get(jcred.getId());
087: valuesStored.add(jcred.getValue());
088: }
089:
090: }
091: }
092: return pCredentials;
093: }
094:
095: public Map getPublicCredentials() {
096: Set publicCredentials = subject.getPublicCredentials();
097: Map pCredentials = transformCredentialSetIntoMap(publicCredentials);
098: return pCredentials;
099: }
100:
101: /**
102: * @return the value of a credential present in the public credentials ' set
103: * of the Subject, if its 'id' is <i>"name"</i>.
104: * @see net.sf.jguard.core.authentication.credentials.JGuardCredential
105: */
106: public String getName() {
107: //we cannot add a more significatn method to avoid infinite loop
108: return NO_NAME_FOUND;
109: }
110:
111: /**
112: * compare two SubjectAsPrincipal objects(compare their Subject).
113: * @param subjAsPrincipal
114: * @return true if the contained Subject is equals to the one contained
115: * in the SubjectAsPrincipal instance as parameter;otherwise, false.
116: */
117: public boolean equals(Object object) {
118: UserPrincipal userPrincipal;
119: if (object instanceof UserPrincipal) {
120: userPrincipal = (UserPrincipal) object;
121: if (getPrincipals().equals(userPrincipal.getPrincipals())) {
122: return true;
123: }
124: // we cannot include credentials in this method to avoid class circularity error
125: }
126: return false;
127:
128: }
129:
130: /**
131: * return principals present in the subject except userPrincipals
132: * to avoid infinite loop if we look into principals recursively.
133: * @return
134: */
135: protected Map getPrincipals() {
136:
137: //we filter userprincipal
138: Set principals = subject.getPrincipals();
139: Set filteredSet = new HashSet();
140: Iterator it = principals.iterator();
141: while (it.hasNext()) {
142: Principal principal = (Principal) it.next();
143: if (!(principal instanceof UserPrincipal)) {
144: filteredSet.add(principal);
145: }
146: }
147:
148: //we transform set into map for jexl
149: Map ppals = new HashMap();
150:
151: Iterator itFiletedPrincipals = filteredSet.iterator();
152: while (itFiletedPrincipals.hasNext()) {
153: Principal principal = (Principal) itFiletedPrincipals
154: .next();
155: ppals.put(principal.getName(), principal);
156: }
157:
158: return ppals;
159: }
160:
161: /**
162: * return {@link RolePrincipal} present in subject.
163: * @return
164: */
165: public Map getRoles() {
166: return getSpecificPrincipals(RolePrincipal.class);
167: }
168:
169: /**
170: *
171: * return {@link GroupPrincipal} present in subject.
172: * @return
173: */
174: public Map getGroups() {
175: return getSpecificPrincipals(GroupPrincipal.class);
176: }
177:
178: private Map getSpecificPrincipals(Class principalSubclass) {
179: Set principals = subject.getPrincipals(principalSubclass);
180:
181: //we transform set into map for jexl
182: Map ppals = new HashMap();
183:
184: Iterator itPrincipals = principals.iterator();
185: while (itPrincipals.hasNext()) {
186: Principal principal = (Principal) itPrincipals.next();
187: ppals.put(principal.getName(), principal);
188: }
189: return ppals;
190: }
191:
192: public int compareTo(Object o) {
193: UserPrincipal principal = (UserPrincipal) o;
194: if (this .equals(o)) {
195: return 0;
196: }
197:
198: return this .getName().compareTo(principal.getName());
199:
200: }
201:
202: public String toString() {
203: StringBuffer sb = new StringBuffer();
204: sb.append("UserPrincipal ");
205: sb.append(name);
206: sb.append(this .hashcode());
207: return sb.toString();
208: }
209:
210: public int hashcode() {
211: return getRoles().hashCode()
212: + getPublicCredentials().hashCode()
213: + getPrivateCredentials().hashCode() + 45;
214: }
215: }
|